Back to graphicsmagick PTS page

Accepted graphicsmagick 1.3.30+hg15796-1~deb9u3 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 29 Jan 2020 19:03:02 +0100
Source: graphicsmagick
Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg
Architecture: source amd64 all
Version: 1.3.30+hg15796-1~deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
 graphicsmagick - collection of image processing tools
 graphicsmagick-dbg - format-independent image processing - debugging symbols
 graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface
 graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface
 libgraphics-magick-perl - format-independent image processing - perl interface
 libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library
 libgraphicsmagick++1-dev - format-independent image processing - C++ development files
 libgraphicsmagick-q16-3 - format-independent image processing - C shared library
 libgraphicsmagick1-dev - format-independent image processing - C development files
Changes:
 graphicsmagick (1.3.30+hg15796-1~deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2019-19953
     heap-based buffer over-read in the function EncodeImage
   * CVE-2019-19951
     heap-based buffer overflow in the function ImportRLEPixels
   * CVE-2019-19950
     use-after-free in ThrowException and ThrowLoggedException
   * CVE-2019-11474: floating-point exception in coders/xwd.c when processing
     crafted XWD images.
   * CVE-2019-11473: out-of-bounds read in coders/xwd.c when processing crafted
     XWD images.
   * CVE-2019-11506: missing error handling primitives causes heap-based
     buffer overflow in WriteMATLABImage (coders/mat.c) when processing crafted
     Matlab matrix data.
   * CVE-2019-11505: heap-based buffer overflow in WritePDBImage (coders/pdb.c)
     when processing crafted PDB images.
   * CVE-2019-11010:
     In GraphicsMagick there is a memory leak in the function ReadMPCImage which
     allows attackers to cause a denial of service via a crafted image file.
   * CVE-2019-11009:
     In GraphicsMagick there is a heap-based buffer over-read in the function
     ReadXWDImage which allows attackers to cause a denial of service or
     information disclosure via a crafted image file.
   * CVE-2019-11008:
     In GraphicsMagick there is a heap-based buffer overflow in the function
     WriteXWDImage which allows remote attackers to cause a denial of service
     (application crash) or possibly have unspecified other impact via a crafted
     image file.
   * CVE-2019-11007:
     In GraphicsMagick there is a heap-based buffer over-read in the
     ReadMNGImage function which allows attackers to cause a denial of service
     or information disclosure via an image colormap.
   * CVE-2019-11006:
     In GraphicsMagick exists a heap-based buffer over-read in the function
     ReadMIFFImage which allows attackers to cause a denial of service or
     information disclosure via an RLE packet.
   * CVE-2019-11005
     stack buffer overflow while parsing quoted font family value
   * CVE-2018-20189
     assertion failure in ReadDIBImage
   * CVE-2018-20185
     heap-based buffer over-read in the ReadBMPImage
   * CVE-2018-20184
     heap-based buffer overflow in the WriteTGAImage
Checksums-Sha1:
 f809ca515ac2a8ad82e8e699e419828f1d730929 3029 graphicsmagick_1.3.30+hg15796-1~deb9u3.dsc
 e2a3a50bb3c609f4625b6a2a38de46357b881fe6 27390756 graphicsmagick_1.3.30+hg15796.orig.tar.xz
 b143eb3aa3df9cb59f2e0a147d95426cac7dff84 157384 graphicsmagick_1.3.30+hg15796-1~deb9u3.debian.tar.xz
 d49a1e1e895385dc9db565c75b7754367d34617f 3421820 graphicsmagick-dbg_1.3.30+hg15796-1~deb9u3_amd64.deb
 7dc0d2418c5edbbe2b9ba621006c13be2e582f02 51096 graphicsmagick-imagemagick-compat_1.3.30+hg15796-1~deb9u3_all.deb
 3a343b894e9e35e3a31a48b6d4fbc3375236ac46 54532 graphicsmagick-libmagick-dev-compat_1.3.30+hg15796-1~deb9u3_all.deb
 23085e241040795a414d9966d14919644da2fa6c 11989 graphicsmagick_1.3.30+hg15796-1~deb9u3_amd64.buildinfo
 dbe0cb9d973793c7c7f3ee7e75501b9b23864a69 954098 graphicsmagick_1.3.30+hg15796-1~deb9u3_amd64.deb
 60e6437310c1e6b11e6a94af25100b8b16042bc8 97866 libgraphics-magick-perl_1.3.30+hg15796-1~deb9u3_amd64.deb
 a457ae70e470e4e26688ec5f137105c9395e65bc 145506 libgraphicsmagick++-q16-12_1.3.30+hg15796-1~deb9u3_amd64.deb
 6494ab9beff2c5135fb19fd9aedf39497b0c02f0 332130 libgraphicsmagick++1-dev_1.3.30+hg15796-1~deb9u3_amd64.deb
 e8f98280f41bd11509028291d9664dc6672e2d26 1178578 libgraphicsmagick-q16-3_1.3.30+hg15796-1~deb9u3_amd64.deb
 c831c20b21d572432d8ca20d9bd8f7bc33de1c21 1411878 libgraphicsmagick1-dev_1.3.30+hg15796-1~deb9u3_amd64.deb
Checksums-Sha256:
 59cf50337354c9c590161ec071ae1bcb1540200fb524edc317b0e66c7a9351e1 3029 graphicsmagick_1.3.30+hg15796-1~deb9u3.dsc
 b6748d7368f686c346c90b9077699568d1b60a25e820b7fe2d68168bad4c80b7 27390756 graphicsmagick_1.3.30+hg15796.orig.tar.xz
 13f957e8f538aaa7a9dd86b12889cfbb0275eeb3a21d408acc77067a2c2256a0 157384 graphicsmagick_1.3.30+hg15796-1~deb9u3.debian.tar.xz
 ab22363b7f2131d55a7696dbef13488157c5d0da5571576802f25fd7bab168ea 3421820 graphicsmagick-dbg_1.3.30+hg15796-1~deb9u3_amd64.deb
 d39ebaa5450dd25f0651c82e5ead0d1c1fdac54fb3e3ff21802a8576573f1f43 51096 graphicsmagick-imagemagick-compat_1.3.30+hg15796-1~deb9u3_all.deb
 2daaefc03f9c4369978b383200e69e387274139f84e0fde67a779d6f71ae1fdc 54532 graphicsmagick-libmagick-dev-compat_1.3.30+hg15796-1~deb9u3_all.deb
 069edb7d8426f919940722fa241159af9b2710e6025169dcccebd1e798a8b325 11989 graphicsmagick_1.3.30+hg15796-1~deb9u3_amd64.buildinfo
 c5ec3f9822fe539b31e1474437340b128a78571de0f4d5c817f58b1e2bc6fe0d 954098 graphicsmagick_1.3.30+hg15796-1~deb9u3_amd64.deb
 56d373d09eab76b6afd8cb92fc8d1f6d4a4bb0a8eb0ed91363ba87cae17649c8 97866 libgraphics-magick-perl_1.3.30+hg15796-1~deb9u3_amd64.deb
 1e805eb6d7d792b714694834ad980ff68d339ef8476f4af01531f1d9faab8eb3 145506 libgraphicsmagick++-q16-12_1.3.30+hg15796-1~deb9u3_amd64.deb
 ccb34cf339d7465392112444c91867509571e7afa8ae64e42d08dfbe49301628 332130 libgraphicsmagick++1-dev_1.3.30+hg15796-1~deb9u3_amd64.deb
 46c93371aa69e80fe88f163144b07e80a77763a446d433872dbb6f9aaa1fc2d4 1178578 libgraphicsmagick-q16-3_1.3.30+hg15796-1~deb9u3_amd64.deb
 c7e141a56acf0aa8759b2fc2521ee8ee9764a8bb53be1ede897f1a635d45aeee 1411878 libgraphicsmagick1-dev_1.3.30+hg15796-1~deb9u3_amd64.deb
Files:
 32b1d457fd5bcd3aa01dfa47bde33105 3029 graphics optional graphicsmagick_1.3.30+hg15796-1~deb9u3.dsc
 a03ab1fdd46b33ad7d45a56289ec7ba2 27390756 graphics optional graphicsmagick_1.3.30+hg15796.orig.tar.xz
 0422fa81759b3b8b7bd7a72e25494b4b 157384 graphics optional graphicsmagick_1.3.30+hg15796-1~deb9u3.debian.tar.xz
 cd6dfcd1b030fe3fdfdc84283f92008b 3421820 debug optional graphicsmagick-dbg_1.3.30+hg15796-1~deb9u3_amd64.deb
 46df9768d48ed9bb259ebfd248346694 51096 graphics optional graphicsmagick-imagemagick-compat_1.3.30+hg15796-1~deb9u3_all.deb
 fdd0761bdac365ecf54b83c7f650450a 54532 graphics optional graphicsmagick-libmagick-dev-compat_1.3.30+hg15796-1~deb9u3_all.deb
 d4702bce3eab1bce4fe78f0b4f285955 11989 graphics optional graphicsmagick_1.3.30+hg15796-1~deb9u3_amd64.buildinfo
 9bd9737712144084a63d4a91a0835115 954098 graphics optional graphicsmagick_1.3.30+hg15796-1~deb9u3_amd64.deb
 f0490aa687d6e53ca276a22e7effec56 97866 perl optional libgraphics-magick-perl_1.3.30+hg15796-1~deb9u3_amd64.deb
 eeae7c092b8be73825b39da2720236d0 145506 libs optional libgraphicsmagick++-q16-12_1.3.30+hg15796-1~deb9u3_amd64.deb
 5894be0e6f4386092bb23bdf2a1530f4 332130 libdevel optional libgraphicsmagick++1-dev_1.3.30+hg15796-1~deb9u3_amd64.deb
 3b9047fb6fdde2ed3a200d19febc3442 1178578 libs optional libgraphicsmagick-q16-3_1.3.30+hg15796-1~deb9u3_amd64.deb
 4fc4d4d7d7180bc04925f20c5dfd725d 1411878 libdevel optional libgraphicsmagick1-dev_1.3.30+hg15796-1~deb9u3_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl5mWUhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh
bHRlaG9sei5kZQAKCRCW/KwNOHtYR5kzEACd2E7LfBXpRnFSxYbHPAmJ8l0pgCGv
tl/iFZ0SeZviGFi6dKvc5zCUOpPOfJ8Dn8aamNnwIkt39dg9Ocl9Nc6zUnpwHRh8
hxJ7gSrT3uMrCkt2BlG7uYcDw24b8JSzJ/fphqT7siWvsUlEP+sjf/CW+YZZZ4qB
ADYl8nXdKLQ7r5JU7G8JEYTL20BqhWTeFV4x1EtNXVNZbJqK8cR2lknJqFZ1GsDa
wMzG3NK5NvAiYiJUFV2JFqmnCs6hRli6GVtbvtexrX1Pscz/pZJ7VQHi9nYFZAsE
gXSSL2szFHO1EbMdQoAFr86tyTdJ1MxQsYhhFSx6cNTrQi3BdMtPFN1ypWDqEnKN
pelVvGcFAZW9Okvy3ZOUB6AzsHjKv6SpZcxhimKAk4N2D2aqZ19ep7Rh7L1XeMPp
IYciGhbCgDwsXDQmYcyH9VPEjReG56OCdEGqxK2wvCdtlDVO1TSZKQbqTpl2959E
mJ2u9VjIj8XqA2RwRUHA4j2GmrS84JcSPvyxhijxn45QRkNiPhMgDamZjqkPXfNg
jQYGSB+VBI0cXl6GFNtUW8L8mR/LznCtUN85keEpp7xpgmaxffXQSraOX2Du47hH
A3gU6F+1mRU/9IZ0twWb/hn0rNkIvRbx9oFJsQheLJod4/M3WLdua4vJY3ME6U3j
sSPpgj4ThLrO0g==
=AG9L
-----END PGP SIGNATURE-----