Accepted imagemagick 7:6.2.4.5.dfsg1-2 (source i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 29 Sep 2007 21:31:51 +0200
Source: imagemagick
Binary: perlmagick libmagick9 libmagick9-dev imagemagick libmagick++9-dev libmagick++9c2a
Architecture: source i386
Version: 7:6.2.4.5.dfsg1-2
Distribution: unstable
Urgency: high
Maintainer: Daniel Kobras <kobras@debian.org>
Changed-By: Daniel Kobras <kobras@debian.org>
Description:
imagemagick - Image manipulation programs
libmagick++9-dev - The object-oriented C++ API to the ImageMagick library--developme
libmagick++9c2a - The object-oriented C++ API to the ImageMagick library
libmagick9 - Image manipulation library
libmagick9-dev - Image manipulation library -- development
perlmagick - A perl interface to the libMagick graphics routines
Closes: 444267
Changes:
imagemagick (7:6.2.4.5.dfsg1-2) unstable; urgency=high
.
* Fix multiple vulnerabilities in imagemagick. Closes: #444267
+ magick/memory.c,magick/memory_.h,magick/methods.h: Add new allocator
wrapper AcquireQuantumMemory() to prevent potential integer overflows.
Backport from upstream version 6.3.5.9.
+ magick/image.c: Backport new implementation of SetImageExtent() from
upstream version 6.3.5.9.
+ coders/dcm.c,coders/xcf.c: Fix integer overflow in DCM and XCF coders.
(CVE-2007-4985) Backport of upstream patch from version 6.3.5.9.
+ coders/dcm.c,coders/dib.c,coders/xbm.c,coders/xcf.c,coders/xwd.c:
Fix multiple integer overflows in DCM, DIB, XBM, XCF, and XWD coders.
(CVE-2007-4986 and CVE-2007-4988) Based on upstream patch from
version 6.3.5.9.
+ magick/blob.c: Fix fencepost error in ReadBlobString()
(CVE-2007-4987) Backport of upstream patch from version 6.3.5.9.
+ coders/dib.c: Ensure positive value for image rows and columns.
Based on upstream patch from version 6.3.5.9.
+ All of the above patches have been derived from backports supplied by
Jonathan Smith.
Files:
dcb15f28a52d7259ebed31d0158e110b 1048 graphics optional imagemagick_6.2.4.5.dfsg1-2.dsc
873d0fb11b02dd91150f67ebb7d95725 101847 graphics optional imagemagick_6.2.4.5.dfsg1-2.diff.gz
b8a1df4b77b76e387dce60220f8e94b9 739622 graphics optional imagemagick_6.2.4.5.dfsg1-2_i386.deb
dca3f6f52a533848bc64d4343a152d04 1278936 libs optional libmagick9_6.2.4.5.dfsg1-2_i386.deb
24f4ba5ebf245dd0d7b1b6c2233f7dc9 1577754 libdevel optional libmagick9-dev_6.2.4.5.dfsg1-2_i386.deb
945a869a5a04ce36678c64f92779f3db 191852 libs optional libmagick++9c2a_6.2.4.5.dfsg1-2_i386.deb
d9f3226bafcaab219f12c8f937c7f816 227446 libdevel optional libmagick++9-dev_6.2.4.5.dfsg1-2_i386.deb
b6f4fa58af23fcb9e1461ad907d5b59a 170404 perl optional perlmagick_6.2.4.5.dfsg1-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFG/5jepOKIA4m/fisRApcNAJ4srFk0vF1OoHBldi0VMcS7q79sKgCfZ1y3
7FYLT8HkhKzWHEGw2cYvst0=
=4295
-----END PGP SIGNATURE-----
Accepted:
imagemagick_6.2.4.5.dfsg1-2.diff.gz
to pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-2.diff.gz
imagemagick_6.2.4.5.dfsg1-2.dsc
to pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-2.dsc
imagemagick_6.2.4.5.dfsg1-2_i386.deb
to pool/main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-2_i386.deb
libmagick++9-dev_6.2.4.5.dfsg1-2_i386.deb
to pool/main/i/imagemagick/libmagick++9-dev_6.2.4.5.dfsg1-2_i386.deb
libmagick++9c2a_6.2.4.5.dfsg1-2_i386.deb
to pool/main/i/imagemagick/libmagick++9c2a_6.2.4.5.dfsg1-2_i386.deb
libmagick9-dev_6.2.4.5.dfsg1-2_i386.deb
to pool/main/i/imagemagick/libmagick9-dev_6.2.4.5.dfsg1-2_i386.deb
libmagick9_6.2.4.5.dfsg1-2_i386.deb
to pool/main/i/imagemagick/libmagick9_6.2.4.5.dfsg1-2_i386.deb
perlmagick_6.2.4.5.dfsg1-2_i386.deb
to pool/main/i/imagemagick/perlmagick_6.2.4.5.dfsg1-2_i386.deb
Reply to: