[ubuntu/disco-proposed] graphicsmagick 1.4~hg15916-1 (Accepted)
Jeremy Bicha
jeremy at bicha.net
Sat Mar 2 14:22:49 UTC 2019
graphicsmagick (1.4~hg15916-1) unstable; urgency=high
* Mercurial snapshot, fixing the following security issues:
- ReadTIFFImage(): Only disassociate alpha channel for images where
photometic is PHOTOMETRIC_RGB,
- DrawDashPolygon(): Heap buffer overflow when parsing SVG images,
- DrawPrimitive(): Add arithmetic overflow checks when converting
computed coordinates from 'double' to 'long',
- DrawImage(): Don't destroy draw_info in graphic_context when draw_info
has not been allocated yet,
- RenderFreetype(): Eliminate memory leak of GlyphInfo.image,
- DrawDashPolygon(): Heap-buffer-overflow via read beyond end of dash
pattern array,
- ReadMIFFImage(): Tally directory length to avoid death by strlen(),
- ReadMPCImage(): Tally directory length to avoid death by strlen(),
- ReallocColormap(): Make sure that there is not a heap overwrite if the
number of colors has been reduced.
* Update library symbols for this release.
Date: 2019-03-01 04:37:15.578529+00:00
Changed-By: Laszlo Boszormenyi <gcs at debian.org>
Signed-By: Jeremy Bicha <jeremy at bicha.net>
https://launchpad.net/ubuntu/+source/graphicsmagick/1.4~hg15916-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Disco-changes
mailing list