Accepted graphicsmagick 1.3.26-8 (source amd64 all) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted graphicsmagick 1.3.26-8 (source amd64 all) into unstable
From: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Date: Tue, 05 Sep 2017 16:05:31 +0000
Message-id: <[🔎] E1dpGLz-000DFx-FF@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 04 Sep 2017 18:50:34 +0000
Source: graphicsmagick
Binary: graphicsmagick libgraphicsmagick-q16-3 libgraphicsmagick1-dev libgraphicsmagick++-q16-12 libgraphicsmagick++1-dev libgraphics-magick-perl graphicsmagick-imagemagick-compat graphicsmagick-libmagick-dev-compat graphicsmagick-dbg
Architecture: source amd64 all
Version: 1.3.26-8
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 graphicsmagick - collection of image processing tools
 graphicsmagick-dbg - format-independent image processing - debugging symbols
 graphicsmagick-imagemagick-compat - image processing tools providing ImageMagick interface
 graphicsmagick-libmagick-dev-compat - image processing libraries providing ImageMagick interface
 libgraphics-magick-perl - format-independent image processing - perl interface
 libgraphicsmagick++-q16-12 - format-independent image processing - C++ shared library
 libgraphicsmagick++1-dev - format-independent image processing - C++ development files
 libgraphicsmagick-q16-3 - format-independent image processing - C shared library
 libgraphicsmagick1-dev - format-independent image processing - C development files
Changes:
 graphicsmagick (1.3.26-8) unstable; urgency=high
 .
   * Fix CVE-2017-13775: denial of service issue in ReadJNXImage() .
   * Fix CVE-2017-13776 and CVE-2017-13777: denial of service issue in
     ReadXBMImage() .
   * Fix memory leak vulnerability in ReadJNGImage() which allow attackers to
     cause a denial of service via a crafted file.
   * Fix double-free after reading a malformed JNG.
   * Fix CVE-2017-14103: the ReadJNGImage() and ReadOneJNGImage() functions do
     not properly manage image pointers after certain error conditions, which
     allows remote use-after-free attacks via a crafted file, related to a
     ReadMNGImage() out-of-order CloseBlob() call. This vulnerability exists
     because of an incomplete fix for CVE-2017-11403 .
   * Fix CVE-2017-8350: crash while reading a malformed JNG file.
Checksums-Sha1:
 50fb5a48128f5c41ff9a9d6f93c5f3c93aa58ccd 2794 graphicsmagick_1.3.26-8.dsc
 a6f5ca28b1308b2991e8e34c2053cdaa089a860a 153676 graphicsmagick_1.3.26-8.debian.tar.xz
 b0ef35742a039935184404d363b60fc07629ff88 3175350 graphicsmagick-dbg_1.3.26-8_amd64.deb
 a25fbeaff3c1dbec3504fb7a80efd71e8226f4e2 24312 graphicsmagick-imagemagick-compat_1.3.26-8_all.deb
 bff6e0d295ad054c0a3863440638ede182083be8 27750 graphicsmagick-libmagick-dev-compat_1.3.26-8_all.deb
 bbea5dd061b978a7273841fbdca443a8dd191f9a 11562 graphicsmagick_1.3.26-8_amd64.buildinfo
 9e8f84406697f0d12a89b9da352b9131b331a324 865976 graphicsmagick_1.3.26-8_amd64.deb
 5842045201f7c423617d344140aa398d5be8384c 70992 libgraphics-magick-perl_1.3.26-8_amd64.deb
 f3971f328fb3583ffa3b0c1e8c4a4a9303a31d36 118560 libgraphicsmagick++-q16-12_1.3.26-8_amd64.deb
 aa98868a7503b352dfe68356a0e1254d06bf5ac4 303658 libgraphicsmagick++1-dev_1.3.26-8_amd64.deb
 a42e118f718f1728698ee9a71297371e531599f5 1114086 libgraphicsmagick-q16-3_1.3.26-8_amd64.deb
 bcf22b27075f34dbe961155533b30617591c0f1f 1336562 libgraphicsmagick1-dev_1.3.26-8_amd64.deb
Checksums-Sha256:
 3c8b6f9896fc10ccc03a52accf4a940034d968f7efe032f4e17c3adab974ca5a 2794 graphicsmagick_1.3.26-8.dsc
 98165994725228f0e2d97f3d6afb697cdd6df7db1de4dd00836340bb82fcecd2 153676 graphicsmagick_1.3.26-8.debian.tar.xz
 07a6ab572efdf08d6b0401f3b6e8e144b9e53cc15a9b0df53dedd7f8ae9eb634 3175350 graphicsmagick-dbg_1.3.26-8_amd64.deb
 d4fc3b28c3a5a4060be2a3b1c75f76b0aeeb21295fe68bcae522580b9566b0af 24312 graphicsmagick-imagemagick-compat_1.3.26-8_all.deb
 ba59aa2049a57809e5f1a5365a1c77680b34abf3936cd95cc0ab365ca2fa824a 27750 graphicsmagick-libmagick-dev-compat_1.3.26-8_all.deb
 d907f2e4f4f9d91f7c30e618cab14a550d8c720b639cefdcc59bf86f9c4b980b 11562 graphicsmagick_1.3.26-8_amd64.buildinfo
 e91f3c441ccb045db2488340b2dbe7a2dab060a4ee82c6e76318b3f92acc4872 865976 graphicsmagick_1.3.26-8_amd64.deb
 27f296707720a1a5292b80fa5f862c0dbda5b533057172442ebbfda8340066e5 70992 libgraphics-magick-perl_1.3.26-8_amd64.deb
 56183d2bcd2c81640d70aab713d38b0406692ef97525d1fa67bcdb73be724529 118560 libgraphicsmagick++-q16-12_1.3.26-8_amd64.deb
 65a08271dd5618ffe634fba247301224838457bc1e5fc8d3fe2399ef745bf1cc 303658 libgraphicsmagick++1-dev_1.3.26-8_amd64.deb
 0e5116f6bf32c17fb5960724a39af3cbab8e271040fbba448df093bf2eedde8c 1114086 libgraphicsmagick-q16-3_1.3.26-8_amd64.deb
 20f4cd952fb496ebf847caf3fc876b96720a8f358c8c8e5ee1be2369bf24bfa6 1336562 libgraphicsmagick1-dev_1.3.26-8_amd64.deb
Files:
 262f5c6e137c1df298da2a9134cf5583 2794 graphics optional graphicsmagick_1.3.26-8.dsc
 7289a258f38219858a0d29955f0fc478 153676 graphics optional graphicsmagick_1.3.26-8.debian.tar.xz
 b3809b24cd67c18eff29138703b0f158 3175350 debug extra graphicsmagick-dbg_1.3.26-8_amd64.deb
 7023758a64ed322c6a52f60c8681dca7 24312 graphics optional graphicsmagick-imagemagick-compat_1.3.26-8_all.deb
 d27206d6498e73eb991cc96ef2724660 27750 graphics optional graphicsmagick-libmagick-dev-compat_1.3.26-8_all.deb
 daa8a2e1cb6a66e861b22d0341476bba 11562 graphics optional graphicsmagick_1.3.26-8_amd64.buildinfo
 c8dbf7b73f8381eb59d49ca097610a6e 865976 graphics optional graphicsmagick_1.3.26-8_amd64.deb
 150e50922b908f3ec222b431e28c3bad 70992 perl optional libgraphics-magick-perl_1.3.26-8_amd64.deb
 fef2eadf6747108745b23d12fee2a430 118560 libs optional libgraphicsmagick++-q16-12_1.3.26-8_amd64.deb
 0c178632f43aabe0eb61f176b970d2cf 303658 libdevel optional libgraphicsmagick++1-dev_1.3.26-8_amd64.deb
 b3471b155031b9aadbb99a14f4d4fdc4 1114086 libs optional libgraphicsmagick-q16-3_1.3.26-8_amd64.deb
 83209f0a96c72d73a17b7bd48353bcd6 1336562 libdevel optional libgraphicsmagick1-dev_1.3.26-8_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlmuxWEACgkQ3OMQ54ZM
yL+E4g//dX/Xwbmif95ozHeLUekIxI7BBoTBSbm71Ww5ukfRAk6blg+T+B6J0WNx
NDIoyNmR0qebueyFAq88Ufd1yJD8NJ2kIIQhgwcLaPJuSyGzfgdInw9t7XwptA36
yyQ95hQz5YQFrL7vsQ+Hh9kt2Ro3SLnClxjrxzJkB/xHIFCUWterDwivM62AAKY8
9MiODJwc90XpAW88AgSAsGtmg+qr3vsUIr/uUc3zdRk9/A2fQGdRpHNT7LCGKY3c
p+NDHe13dyyIRjNDlNleJHCoanWhV1S9t6COQui58irw4E4mrLxY5N8z/5YjGQq5
FvBXX7aYd0REb/eIDNO6lXCNW79LjTxrs5tR+7t17KL03Us3/MYrzsCJeo+JVCvg
9Gq1pUE6QqJODf24yDuuz0ei+UfimsV6OUiaBYVGEb01rG99WTTQm8PjFtR/KgFc
zs7wmOqzUt+/46T4a3GWaoEP+VL0QxaXSJg/crxOG0jspwzXX9hGwUEIebzjymxX
LsGQMuJJ78H5CKk9izramnfEtiISSs0nT6a3JoE1OTsRSo5bpjNBvdboFH3RxL22
O48GlCBQy2Wf1mfVdvjBSgOR6SrCM97YqCTZ/UDRpkmanmVlAeJkODd01CJ2bNgG
AWae30atDcVixz1ylZNFMqXn3E7BznC4/LCf6UyMatt6BHbruQQ=
=asU6
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted fuse-emulator-utils 1.3.4-1 (source) into unstable
Next by Date: Accepted gtkhash 1.1-1 (source amd64) into unstable
Previous by thread: Accepted fuse-emulator-utils 1.3.4-1 (source) into unstable
Next by thread: Accepted gtkhash 1.1-1 (source amd64) into unstable
Index(es):
- Date
- Thread