Accepted graphicsmagick 1.4+really1.3.37+hg16662-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 11 Feb 2022 18:39:16 +0100
Source: graphicsmagick
Architecture: source
Version: 1.4+really1.3.37+hg16662-1
Distribution: unstable
Urgency: medium
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changes:
graphicsmagick (1.4+really1.3.37+hg16662-1) unstable; urgency=medium
.
* Mercurial snapshot, fixing the following security issues:
- ReadMATImageV4(): change 'ldblk' to size_t and check related
calculations for overflow and to avoid possible negative seek offsets,
- ReadMATImage(): change 'ldblk' to size_t and check related calculations
for overflow and to avoid possible negative seek offsets,
- added a ReadResource limit via the MAGICK_LIMIT_READ environment
variable on how many uncompressed file bytes may be read while decoding
an input file,
- DecodeImage(): assure that the claimed scanline length is within the
bounds of the scanline allocation to avoid possible heap overflow,
- ReadBlob(): fix EOF logic, an use-of-uninitialized-value in
SyncImageCallBack,
- ReadBlobStream(): fix EOF logic, an use-of-uninitialized-value in
WritePNMImage.
* Build with HEIF image format support.
* Update library symbols for this release.
Checksums-Sha1:
34c02a8e49baffe7a937ec5ae776c9c0cb222dff 3251 graphicsmagick_1.4+really1.3.37+hg16662-1.dsc
e72013d5d3ad67c213db91d29eae01e5a40cca56 5954196 graphicsmagick_1.4+really1.3.37+hg16662.orig.tar.xz
db3915db9ce2c27d7cc3f94e88cf78b60ba8c04c 234 graphicsmagick_1.4+really1.3.37+hg16662.orig.tar.xz.asc
dec7b23ccb620be84596d9dc3aba133c276a85a6 156240 graphicsmagick_1.4+really1.3.37+hg16662-1.debian.tar.xz
Checksums-Sha256:
fbf44a295365c81b167bb9ef09175a5a4c9cdd57a3e5a2aaf77ef1f0a89c294e 3251 graphicsmagick_1.4+really1.3.37+hg16662-1.dsc
76565045695ebb46ed53651fd52eea8b3310442062c7cde2cb240f5a448d516e 5954196 graphicsmagick_1.4+really1.3.37+hg16662.orig.tar.xz
3414cf8f0df40eba50d750f9eb179362b0bfbd01cca4df53a3193df7b3acb6fb 234 graphicsmagick_1.4+really1.3.37+hg16662.orig.tar.xz.asc
df095056e1e7dac910ef07aacb08895d195a1cc67d2d69810624e47b58173144 156240 graphicsmagick_1.4+really1.3.37+hg16662-1.debian.tar.xz
Files:
f69bfdac94da03620d8c76e4356f18ad 3251 graphics optional graphicsmagick_1.4+really1.3.37+hg16662-1.dsc
fdaad4cdeedc6a7658da5767be31c433 5954196 graphics optional graphicsmagick_1.4+really1.3.37+hg16662.orig.tar.xz
e989fdc4344fd0ec287caa6723da03f3 234 graphics optional graphicsmagick_1.4+really1.3.37+hg16662.orig.tar.xz.asc
6a78f9d1904a6dea3b0d094ebea4077f 156240 graphics optional graphicsmagick_1.4+really1.3.37+hg16662-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAmIHfm8ACgkQ3OMQ54ZM
yL9B3w//ZlFuPckotQ7X3whEYFQlYPG1eQ+Xw+FQ4TF8fdIKLo9+pxLT/+nS7LyE
7u3y/+nLno85xMI0RMT4q+HuETpg90DadtZCVtrbiU2XzDppPX21tq95OdBoiakR
cqW2Xo49Sdpu2ZubStNkdWtDoU2KmS1541WPVer/zQLjByfgTlWG8DZURAzuNR1O
zaviMXOLMVt8QYeMEQ1ZRqllaJ9Sdu91UgjYaiRFpxnH3xFcr53tE0XnoYnEQZ+w
1jQAKjNJb6aSKY9U9Bpkua9itFSExz63aQ4RWuqUGEgqhmBs+VvO47gzKSSNVDgX
taxsV/6zbuj7QVK7+JQe7JPeheJ4Kst5Wx46Qbg8zCLoOtASn9NTeiOf7qTPv2nZ
1MkWjsf31KJHoZqiL4fcnu6sQ+QZ9n4NDMt7xxc2bnKAnQDMqD+uqztedroOoCI3
qZ+Z+cuOj6XBmuJnNNna8Vz8xFiMlu6zkwLCR7WxjBZIXjAMrpe6KSEY4N90bTJZ
7q33mGOJnZJBlW+3n2U77loCtQ5+foylc5oSO0PHfKLvxcImfefUAI4AqLPKdfbk
CLd0MSy3sjPa1dmzK8os6PFS2BzsRVOzFs4g1QFbd/NG7YdFwsshadbDZz8oy/Pa
d0ys+jpIDFjNCXf9EwI43SL/p1k3S29RQwtFkOh9j0b5a9rzieA=
=EsnR
-----END PGP SIGNATURE-----