Back to graphicsmagick PTS page

Accepted graphicsmagick 1.3.20-3+deb8u6 (source amd64 all) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted graphicsmagick 1.3.20-3+deb8u6 (source amd64 all) into oldstable
From: Markus Koschany <apo@debian.org>
Date: Sat, 13 Apr 2019 21:50:17 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1hFQXR-0005Zs-Ud@seger.debian.org>
Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 13 Apr 2019 23:25:51 +0200
Source: graphicsmagick
Binary: graphicsmagick libgraphicsmagick3 libgraphicsmagick1-dev libgraphicsmagick++3 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg
Architecture: source amd64 all
Version: 1.3.20-3+deb8u6
Distribution: jessie-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 graphicsmagick - collection of image processing tools
 graphicsmagick-dbg - format-independent image processing - debugging symbols
 graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface
 graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface
 libgraphics-magick-perl - format-independent image processing - perl interface
 libgraphicsmagick++1-dev - format-independent image processing - C++ development files
 libgraphicsmagick++3 - format-independent image processing - C++ shared library
 libgraphicsmagick1-dev - format-independent image processing - C development files
 libgraphicsmagick3 - format-independent image processing - C shared library
Changes:
 graphicsmagick (1.3.20-3+deb8u6) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * CVE-2017-10799:
     When GraphicsMagick processes a DPX image (with metadata indicating a large
     width), a denial of service (OOM) can occur in ReadDPXImage().
   * CVE-2019-11006:
     In GraphicsMagick exists a heap-based buffer over-read in the function
     ReadMIFFImage which allows attackers to cause a denial of service or
     information disclosure via an RLE packet.
   * CVE-2019-11007:
     In GraphicsMagick there is a heap-based buffer over-read in the
     ReadMNGImage function which allows attackers to cause a denial of service
     or information disclosure via an image colormap.
   * CVE-2019-11008:
     In GraphicsMagick there is a heap-based buffer overflow in the function
     WriteXWDImage which allows remote attackers to cause a denial of service
     (application crash) or possibly have unspecified other impact via a crafted
     image file.
   * CVE-2019-11009:
     In GraphicsMagick there is a heap-based buffer over-read in the function
     ReadXWDImage which allows attackers to cause a denial of service or
     information disclosure via a crafted image file.
   * CVE-2019-11010:
     In GraphicsMagick there is a memory leak in the function ReadMPCImage which
     allows attackers to cause a denial of service via a crafted image file.
Checksums-Sha1:
 4045df98b71cfc8795fbc35d4a119cda29f35219 2985 graphicsmagick_1.3.20-3+deb8u6.dsc
 9e81850b3c7a56ddff4a007f61aebf9e8f398718 215852 graphicsmagick_1.3.20-3+deb8u6.debian.tar.xz
 23a27de02707dadbcd316cc222358f2b1e659d93 796868 graphicsmagick_1.3.20-3+deb8u6_amd64.deb
 70ac4618418292a2c22ad95d955d3f3a8df13577 1108746 libgraphicsmagick3_1.3.20-3+deb8u6_amd64.deb
 3f61b44d7feba893ed74c7c5826510f14884c167 1295518 libgraphicsmagick1-dev_1.3.20-3+deb8u6_amd64.deb
 28fb3f5782c6b940c2ed3de6e110e9a7e5e7e153 119590 libgraphicsmagick++3_1.3.20-3+deb8u6_amd64.deb
 7e35d833fa772c914c4c8424faf12b2fdebb6243 302090 libgraphicsmagick++1-dev_1.3.20-3+deb8u6_amd64.deb
 badf73e85eef99b0714d61f40cd5f86a4e70b111 77458 libgraphics-magick-perl_1.3.20-3+deb8u6_amd64.deb
 1de9fa4444c831083f7bee4fe1d721cd17dbf881 2224266 graphicsmagick-dbg_1.3.20-3+deb8u6_amd64.deb
 60304117bc6285ed1cee3f35ab4f6aae8cabed30 29606 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u6_all.deb
 f7336ae41719396af7a957ecee2cabb36efec31f 33056 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u6_all.deb
Checksums-Sha256:
 195a0d7c4d0e21d0d2e8f556af06403217698bab08e0c00d7c63de0d4cad1d52 2985 graphicsmagick_1.3.20-3+deb8u6.dsc
 299065d2f01dd3547f4e7202df13079daa33cba0ab6c570a56b6cc538d9d4372 215852 graphicsmagick_1.3.20-3+deb8u6.debian.tar.xz
 29b0ccb014cc023722686e1bb6d639a51421ecb56a9711265effd0dd5b509891 796868 graphicsmagick_1.3.20-3+deb8u6_amd64.deb
 794dcbb227cff2b7b5e56c30a5c14fb417b7daea403dccb57f3e43a7a0c8664e 1108746 libgraphicsmagick3_1.3.20-3+deb8u6_amd64.deb
 1bba03b2cc2b1557f3cf74667b2df8a952dceb29df665229de1909a444cd2260 1295518 libgraphicsmagick1-dev_1.3.20-3+deb8u6_amd64.deb
 6f686829a3b9a5137865e04132467d3709914447fdfa108c0e003744e359b904 119590 libgraphicsmagick++3_1.3.20-3+deb8u6_amd64.deb
 f1b2a1e0ecfd7605bd42d9b60d14c7cdf6f8623d9698cd0f696354fe0e1eb442 302090 libgraphicsmagick++1-dev_1.3.20-3+deb8u6_amd64.deb
 b50279d6cadbef90fe67430a86736b14daaa03f3b5877f0a241caf5b32b07542 77458 libgraphics-magick-perl_1.3.20-3+deb8u6_amd64.deb
 8bf419c06c9cc13df3c889c42d0e24347259e23f4884f9e4ff622e295a425b41 2224266 graphicsmagick-dbg_1.3.20-3+deb8u6_amd64.deb
 2eb131de490bf9807b6579228c3609f099fbd09f93cafdaefa5abb2bed55772b 29606 graphicsmagick-imagemagick-compat_1.3.20-3+deb8u6_all.deb
 5c1f16c6de6c7d616d192b72236b40689f48920cf792b24eb2b4a9ed0d4777b8 33056 graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u6_all.deb
Files:
 c44f7a36c7c6cfda44a426acb5243730 2985 graphics optional graphicsmagick_1.3.20-3+deb8u6.dsc
 f536b12736f7a78edea71a121a94975d 215852 graphics optional graphicsmagick_1.3.20-3+deb8u6.debian.tar.xz
 df7139ec569cb8b7a49b311dbf0e465c 796868 graphics optional graphicsmagick_1.3.20-3+deb8u6_amd64.deb
 5fef3d62e86dee95cd04c0f254bd2fa6 1108746 libs optional libgraphicsmagick3_1.3.20-3+deb8u6_amd64.deb
 812b89b2d2ad0a7b480eb451d2048178 1295518 libdevel optional libgraphicsmagick1-dev_1.3.20-3+deb8u6_amd64.deb
 135480073a334cd5bb95c139af564fa8 119590 libs optional libgraphicsmagick++3_1.3.20-3+deb8u6_amd64.deb
 ab77d0924c2b0209a54ff80ad0c2acd1 302090 libdevel optional libgraphicsmagick++1-dev_1.3.20-3+deb8u6_amd64.deb
 e22588eddf2a9fcfefa1472262dabfa1 77458 perl optional libgraphics-magick-perl_1.3.20-3+deb8u6_amd64.deb
 9dcf4c288e6c75ae6c6407999f83690f 2224266 debug extra graphicsmagick-dbg_1.3.20-3+deb8u6_amd64.deb
 1c8e653a647966ef79fcad14af4cf416 29606 graphics extra graphicsmagick-imagemagick-compat_1.3.20-3+deb8u6_all.deb
 b74de558c79166e243fbf3edc98f14ad 33056 graphics extra graphicsmagick-libmagick-dev-compat_1.3.20-3+deb8u6_all.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlyyVihfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk30EP/R6lcDhSawmqIdKdhtIQJh2OTimXQdAjZJJD
awl87DG41UWbnUbgp20MYBmyqlJv7+YpoK7WJ2BxmuC0Y/r3OX7I9atE3HNPB2Vi
0EtBSQO0txAfp7g2LpwHNYSUsy4W4byjJPVIzd5ofG5LLSDgI8uJm/VxwmWLRJwh
Fwx6GcF116lSVxAUNuLNbukZs4USol90moZrEU6HN8gY+o2Bjgcjb31rUxbu+9PQ
UEUoy+RK04ZjLjiEAP7kj+XhDH6gEuZhvVcOMCP4mrZUrUurhhkV6JtnMmGUvQ7S
pBYe150RQ6vhhAcSRYtNUD99QM+TkWneFexFVO4R6JwS8dtFQQvxM2odcKr7l+N/
LHKR7G9CGpLr45Kx24qpwuLpk85MhY73H2lck5h7ysZyKHLoKPz6kRRV90jwPOJ+
o11hJjeSrB9RuY2EuvsRya+oo1vdEHzp/vmdLVhpOTVnGpgHZR7LpdYOCmTcKO3n
VP/1WNwN0qRknhCmaEu/+yOWlZDbkI7Xl4878B5H2eFaEtJV1YWso7kM7YBVkY3E
725hIx4A/Z4c8eNxL2Zek0OTPfZ/72ddOvTrLdPMno+iwdz9+dlbWzscrxHS4Nkv
yfgSMfl7OJnM3e2Vd6+p2oprIIz0eNBw/C47oPLh31kBZnunmSGH8D4D7R/f2LLC
IZzgPel0
=qwV+
-----END PGP SIGNATURE-----