Format: 1.8 Date: Tue, 21 Jan 2020 14:15:33 -0300 Source: graphicsmagick Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg Architecture: ppc64el Version: 1.3.23-1ubuntu0.5 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Eduardo Barretto Description: graphicsmagick - collection of image processing tools graphicsmagick-dbg - format-independent image processing - debugging symbols graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface libgraphics-magick-perl - format-independent image processing - perl interface libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library libgraphicsmagick++1-dev - format-independent image processing - C++ development files libgraphicsmagick-q16-3 - format-independent image processing - C shared library libgraphicsmagick1-dev - format-independent image processing - C development files Changes: graphicsmagick (1.3.23-1ubuntu0.5) xenial-security; urgency=medium . * SECURITY UPDATE: DoS in ReadWPGImage() - debian/patches/CVE-2017-16545.patch: Assure that colormapped image is a PseudoClass type with valid colormapped indexes. - CVE-2017-16545 * SECURITY UPDATE: DoS (negative strncpy) in DrawImage() - debian/patches/CVE-2017-16547.patch: Fix pointer computation which leads to large strncpy size request and bad array index. - CVE-2017-16547 * SECURITY UPDATE: Heap-based buffer overflow in coders/wpg.c - debian/patches/CVE-2017-16669-1.patch: Do not call SyncImagePixels() when something fails. - debian/patches/CVE-2017-16669-2.patch: Wrong row count checking. - debian/patches/CVE-2017-16669-3.patch: Detect pending use of null indexes pointer due to programming error and report it. - debian/patches/CVE-2017-16669-4.patch: Fix crash which image fails to produce expected PseudoClass indexes. - debian/patches/CVE-2017-16669-5.patch: Check for InsertRow() return value. - debian/patches/CVE-2017-16669-6.patch: Check InsertRow() return value for all calls. - CVE-2017-16669 * SECURITY UPDATE: Heap-based buffer overflow in WritePNMImage() - debian/patches/CVE-2017-17498.patch: Fix buffer overflow when writing gray+alpha 1-bit/sample. - CVE-2017-17498 * SECURITY UPDATE: Heap-based buffer over-read in ReadRGBImage() - debian/patches/CVE-2017-17500.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17500 * SECURITY UPDATE: Heap-based buffer over-read in WriteOnePNGImage() - debian/patches/CVE-2017-17501.patch: Fix heap read overrun while testing pixels for opacity. - CVE-2017-17501 * SECURITY UPDATE: Heap-based buffer over-read in ReadCMYKImage() - debian/patches/CVE-2017-17502.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17502 * SECURITY UPDATE: Heap-based buffer over-read in ReadGRAYImage() - debian/patches/CVE-2017-17503.patch: Fix heap-overflow due to tile outside image bounds. - CVE-2017-17503 * SECURITY UPDATE: Heap-based buffer over-read in ReadOneJNGImage() - debian/patches/CVE-2017-17782.patch: Fix wrong offset into oFFs chunk which caused heap read overflow. - CVE-2017-17782 * SECURITY UPDATE: Buffer over-read in ReadPALMImage() - debian/patches/CVE-2017-17783.patch: Fix heap buffer overflow in Q8 build while initializing color palette. - CVE-2017-17783 Checksums-Sha1: 1cbc8d70df937086e7431bed16e59333afb5f0d5 3100860 graphicsmagick-dbg_1.3.23-1ubuntu0.5_ppc64el.deb c9c55996f7e035b799a251ac9488ebda7e36f837 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb ada6479bda4a0ee7878fc11b541e8e713f6575d9 589822 graphicsmagick_1.3.23-1ubuntu0.5_ppc64el.deb a52cbb67dcaf5b8aaf81c57acb68547f3951cedf 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 45a10d38a0c2a1e119b3088cfb478536e8f98469 49378 libgraphics-magick-perl_1.3.23-1ubuntu0.5_ppc64el.deb 83b50ca5f4002dab6cd2fb26d615e264abe9cd0c 1258 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb b7d27de140c70af3aa566a872ef4e1a5ebe8ad82 104802 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.5_ppc64el.deb 62f222d12787f034e55d5265854b6c2a4c38a440 1266 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb f983a067b8e29a24fe284bdc91c48b8c8218b594 274722 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.5_ppc64el.deb 46b70125d9706dd6fc7add82dffe3998f5b7f377 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 761a5dc9a0fccbde81393bd08a5580a68ee51672 960596 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.5_ppc64el.deb 983acdb9b363fa7408c8c2d859a72e67adbe6fda 1256 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb aeb93ed899063bfa7d6e80f432eddd360d0b0c2f 1241344 libgraphicsmagick1-dev_1.3.23-1ubuntu0.5_ppc64el.deb Checksums-Sha256: 90d4500bb95bb8c6b9285f29c6ae03c2e49331d5cbcd51eead1d32ae415f0d3f 3100860 graphicsmagick-dbg_1.3.23-1ubuntu0.5_ppc64el.deb 9cc8ffb46a70ee09da920eb43515aeea9eafa508c531397b56953a1da2dcdb56 1292 graphicsmagick-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 50fbadd7d0ac97ac625136f0c77903028ca905d6a44c7ffb277c99fd6477ab43 589822 graphicsmagick_1.3.23-1ubuntu0.5_ppc64el.deb 9f150c2f961a8c61cf2730ae4902845293888669f518da59c9902f2705fb64d6 1288 libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 67e454d1beea56ed4f92c46a26fd0a3f81f163bd915fb0aa1957461b4dd5edef 49378 libgraphics-magick-perl_1.3.23-1ubuntu0.5_ppc64el.deb 9cb3789a6408acab631786b3ea5d3bbb851f34fefd5c2166d8f42f79c8b90827 1258 libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 5bd40222153eeb8f2983862359550b7a7a3e269084759f418e4ce9a7f7a7055b 104802 libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.5_ppc64el.deb 1e14659efd38bfc82bf5063c8acefd1b35998d33a0ed2b6a659d6e4b7baa737d 1266 libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 2048f4e1b9037c4e28123b356bd2d6ffa7c1b2ee59bb6457e128dde9ffa6bcf9 274722 libgraphicsmagick++1-dev_1.3.23-1ubuntu0.5_ppc64el.deb e60d270fbbd95535d570524c5f74c1e2371e2f58f4e564544c1fa30bb7705d9c 1248 libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 64bb9568c7a74be8ca92902b989d3054ce45c620358ffebb56d6033565e4c5eb 960596 libgraphicsmagick-q16-3_1.3.23-1ubuntu0.5_ppc64el.deb f6a0732503ce7d10355b8bd6f59c4d797a8f7c7a6cd7c489091a19b711757145 1256 libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 5c8c942654ec9a4508e4a0983778ccdbcd5fed1c13f858527c2f7f34a6ccffd1 1241344 libgraphicsmagick1-dev_1.3.23-1ubuntu0.5_ppc64el.deb Files: 9433a61918aedaa8c46f0a62a74b816b 3100860 debug extra graphicsmagick-dbg_1.3.23-1ubuntu0.5_ppc64el.deb 838a6f67772ce119d60c1beaab4c14c6 1292 graphics extra graphicsmagick-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb b7909347a74c5ac078e744633a9ce0d6 589822 graphics optional graphicsmagick_1.3.23-1ubuntu0.5_ppc64el.deb 063b75dad2d9d018b67a5dbebda5813f 1288 perl extra libgraphics-magick-perl-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 6f898abc2aae1e423c9b224252da9875 49378 perl optional libgraphics-magick-perl_1.3.23-1ubuntu0.5_ppc64el.deb 8ea3a42b8fe74f8ecfb2391276139fe1 1258 libs extra libgraphicsmagick++-q16-12-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb d27a68e3ab175f6f59b62bbfd5e485c7 104802 libs optional libgraphicsmagick++-q16-12_1.3.23-1ubuntu0.5_ppc64el.deb 9e308e6a577ae17bf3f07991ac810713 1266 libdevel extra libgraphicsmagick++1-dev-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 02ef6091393ba98decafc2d3d0d9d786 274722 libdevel optional libgraphicsmagick++1-dev_1.3.23-1ubuntu0.5_ppc64el.deb 02cf37b6b52037be1e8e9e3ce725c494 1248 libs extra libgraphicsmagick-q16-3-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb 07f3f13a55c00539807ea4ccdf938dc7 960596 libs optional libgraphicsmagick-q16-3_1.3.23-1ubuntu0.5_ppc64el.deb 262af060a693c2706a160999a00e2077 1256 libdevel extra libgraphicsmagick1-dev-dbgsym_1.3.23-1ubuntu0.5_ppc64el.ddeb a0e11f00fd3b0ce0444fb40c3fec0d27 1241344 libdevel optional libgraphicsmagick1-dev_1.3.23-1ubuntu0.5_ppc64el.deb Original-Maintainer: Laszlo Boszormenyi (GCS)