Accepted graphicsmagick 1.4~hg15916-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 28 Feb 2019 17:50:19 +0000
Source: graphicsmagick
Architecture: source
Version: 1.4~hg15916-1
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changes:
graphicsmagick (1.4~hg15916-1) unstable; urgency=high
.
* Mercurial snapshot, fixing the following security issues:
- ReadTIFFImage(): Only disassociate alpha channel for images where
photometic is PHOTOMETRIC_RGB,
- DrawDashPolygon(): Heap buffer overflow when parsing SVG images,
- DrawPrimitive(): Add arithmetic overflow checks when converting
computed coordinates from 'double' to 'long',
- DrawImage(): Don't destroy draw_info in graphic_context when draw_info
has not been allocated yet,
- RenderFreetype(): Eliminate memory leak of GlyphInfo.image,
- DrawDashPolygon(): Heap-buffer-overflow via read beyond end of dash
pattern array,
- ReadMIFFImage(): Tally directory length to avoid death by strlen(),
- ReadMPCImage(): Tally directory length to avoid death by strlen(),
- ReallocColormap(): Make sure that there is not a heap overwrite if the
number of colors has been reduced.
* Update library symbols for this release.
Checksums-Sha1:
95db1c8a6863afc032d70a8848f80dcd4488c247 2855 graphicsmagick_1.4~hg15916-1.dsc
7cbdcd057d146efa0830bc50a2e829e1f8fc31f8 8658092 graphicsmagick_1.4~hg15916.orig.tar.xz
da2df1fd79ba2856a7cbbd04aa74e5f8e4cd7f3b 143424 graphicsmagick_1.4~hg15916-1.debian.tar.xz
6d1c2b48a3f7dbff27276aa7cd1031f8ad296d02 11900 graphicsmagick_1.4~hg15916-1_amd64.buildinfo
Checksums-Sha256:
d53819f9ca5758fd4ba8420175d4ab20a62cdc0725a3ba2eef0462b3b5063ead 2855 graphicsmagick_1.4~hg15916-1.dsc
4fe0a4e6ec2598300f0ca4ebb8b63733ae56f58dbff13e2c634173370fceda37 8658092 graphicsmagick_1.4~hg15916.orig.tar.xz
6aa8ca659042542b380ff791c1474bfe7d3563a592d39f07421444e365735266 143424 graphicsmagick_1.4~hg15916-1.debian.tar.xz
9119595c84e98a177ed2f0c5d289c4b678ae056ea8bca289232fd9e0a2ff9899 11900 graphicsmagick_1.4~hg15916-1_amd64.buildinfo
Files:
56baa7eba70bab3cfd88a77187ed06b7 2855 graphics optional graphicsmagick_1.4~hg15916-1.dsc
4e9e2aff2435ef18d8ae7e768dd13250 8658092 graphics optional graphicsmagick_1.4~hg15916.orig.tar.xz
ff480ccaff96c5a5297fa16e1dcd24f3 143424 graphics optional graphicsmagick_1.4~hg15916-1.debian.tar.xz
87178be8c8ad9de8bad4e05443625d22 11900 graphics optional graphicsmagick_1.4~hg15916-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlx4Qw4ACgkQ3OMQ54ZM
yL8vBw//Shez8pVQrW4as/yjgjXUId+PnBg7iAkU1fQlq2jKNxGTwNH3niREpoXo
Qp65QwXkHD13AeAVSSu7CWSJjdC18w2IcWrWJo8+4CHVO2M0Wc1sm7o9Q5unnT4c
3iofD9kRaG+IoMys4VsYdkUFE61IbPlmV648yidOu6UX18Bs6WrlWvM8lJevQUVX
WGOMa1Kt099h+jRcPWdSanGC25HX7BLNV6HAbVy7F9Qvs4L35qtPx6v03h9Kv3uj
sNE+zIK/jBbVR3h9fhWAGfySAWvgA4Y2GpvL4Ok4FX20k8qEaCm8RCYFJnriPKI0
2D5xWZuLXi7YQBKeKW8D/tuVugfA65Vm7LEs7xc5VSpBxWfKL2lxPnly1zZtDtBg
maXn7dbPF/+xScVsga7molhDWZVA7WmBrWC209fKxGoCgXr3fbt7tccjBglQz1yi
xJDqIn6PFdoQ32x9zDiuaE8gwTqGGmR7hbPdVdjukn2U291Sq0Gkb/YIcY/PCoR6
Vr5EIN5JB6+TGyNfrzi0zGX9WxbWjcxT/6dYPW0tDmI2baDM/iFjuomxnSxzyPNr
GTrfuDC9wlBanWV8yTThB34MS3gEIoF5FftIvqdkMx79G0Pf8ONHZKUoiez96hCr
X22pNyaJo9+Nmz2s/0oPj9MkBUn0dPX16+BOeiIq2q4sYl+4iug=
=NkXo
-----END PGP SIGNATURE-----