-
imagemagick (7:6.2.4.5.dfsg1-2ubuntu1.1) gutsy-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
out-of-bounds heap write in the XCF coder
- coders/xcf.c: add a couple of extra image sanity checks (patch taken
from Red Hat - ImageMagick-6.2.8.0-4.el5_1.1.src.rpm)
- CVE-2008-1096
-- Marc Deslauriers <email address hidden> Tue, 25 Nov 2008 10:27:23 -0500
-
imagemagick (7:6.2.4.5.dfsg1-2ubuntu1) gutsy; urgency=low
* Merge with Debian unstable for CVE fixes. Remaining changes:
- Magick++/lib/Geometry.cpp: build fix for g++-4.3.
- debian/control: Ubuntu maintainer address.
imagemagick (7:6.2.4.5.dfsg1-2) unstable; urgency=high
* Fix multiple vulnerabilities in imagemagick. Closes: #444267
+ magick/memory.c,magick/memory_.h,magick/methods.h: Add new allocator
wrapper AcquireQuantumMemory() to prevent potential integer overflows.
Backport from upstream version 6.3.5.9.
+ magick/image.c: Backport new implementation of SetImageExtent() from
upstream version 6.3.5.9.
+ coders/dcm.c,coders/xcf.c: Fix integer overflow in DCM and XCF coders.
(CVE-2007-4985) Backport of upstream patch from version 6.3.5.9.
+ coders/dcm.c,coders/dib.c,coders/xbm.c,coders/xcf.c,coders/xwd.c:
Fix multiple integer overflows in DCM, DIB, XBM, XCF, and XWD coders.
(CVE-2007-4986 and CVE-2007-4988) Based on upstream patch from
version 6.3.5.9.
+ magick/blob.c: Fix fencepost error in ReadBlobString()
(CVE-2007-4987) Backport of upstream patch from version 6.3.5.9.
+ coders/dib.c: Ensure positive value for image rows and columns.
Based on upstream patch from version 6.3.5.9.
+ All of the above patches have been derived from backports supplied by
Jonathan Smith.
-- Kees Cook <email address hidden> Tue, 02 Oct 2007 14:15:13 -0700
-
imagemagick (7:6.2.4.5.dfsg1-1ubuntu1) gutsy; urgency=low
* Fix build failure with g++-4.3.
* Set Ubuntu maintainer address.
-- Matthias Klose <email address hidden> Mon, 10 Sep 2007 10:28:33 +0000
-
imagemagick (7:6.2.4.5.dfsg1-1) unstable; urgency=high
* New maintainers.
* debian/compat: Splice debhelper version out of debian/rules into
separate file (but don't bump version).
* debian/control: Adjust jasper dependencies to current package names.
Closes: #419274, #420353
* Documentation minors improvements:
- Manpages says SEE ALSO, not SEE-ALSO. Closes: #333616
- Escaped specials chars in manpages. Closes: #381831
- External reference in convert(1). Closes: #398183
- "isplay", "perferred", "similiar" and "morify.html" typos fixed.
Closes: #386964, #351498, #395830
- ImageMagick(1) indentation. Closes: #335111
- "convert -help" duplicated line fixes. Closes: #339548
- Typo in description of --resize command fixed. Closes: #364826
* Magick++/lib/Image.cpp: Include cstdlib header to fix build failure
with gcc 4.3. Patch thanks to Martin Michlmayr. Closes: #417237
* coders/dcm.c: Fix integer overflow in DCM coder. (CVE-2007-1797)
Closes: #418057
* coders/icon.c: Fix segfault in ICON coder.
* coders/pcx.c: Fix heap overflow in PCX coder.
* coders/pict.c: Fix multiple segfaults in PICT coder.
* coders/png.c: Fix segfault in PNG coder.
* coders/pnm.c: Fix segfault in PNM coder.
* coders/sgi.c: Fix segfault in SGI coder.
* coders/sun.c: Fix segfault during conversion in SUN coder.
* coders/viff.c: Prevent heap corruption in VIFF coder.
* coders/xwd.c: Fix segfault during conversion in XWD coder.
* coders/xwd.c: Fix multiple integer overflows in XWD coder.
(CVE-2007-1667, CVE-2007-1797)
* The above fixes collectively address the following bug report:
Closes: #412945
* config/delegates.xml.in: Lose obsolete option -3 to dcraw delegate
to unbreak support for raw digital images. Closes: #404477
-- Ubuntu Archive Auto-Sync <email address hidden> Tue, 01 May 2007 10:43:32 +0100
-
imagemagick (7:6.2.4.5.dfsg1-0.14) unstable; urgency=high
* Non-maintainer upload.
* coders/palm.c: Fix regression introduced in patch for CVE-2006-5456.
Avoid bogus second read in macro call. Patch thanks to Vladimir
Nadvornik. (CVE-2007-0770) Closes: #410435
-- Kees Cook <email address hidden> Fri, 16 Feb 2007 09:52:27 +0000