Accepted graphicsmagick 1.1.7-8 (source)

Ubuntu Installer archive at ubuntu.com
Wed Sep 13 20:49:41 BST 2006 

Accepted:
 OK: graphicsmagick_1.1.7-8.dsc
     -> Component: universe Section: graphics
 OK: graphicsmagick_1.1.7-8.diff.gz

Origin: Debian/unstable
Format: 1.7
Date: Wed,  13 Sep 2006 20:21:39 +0100
Source: graphicsmagick
Binary: graphicsmagick-imagemagick-compat, libgraphicsmagick++1, graphicsmagick-libmagick-dev-compat, libgraphics-magick-perl, libgraphicsmagick1-dev, libgraphicsmagick++1-dev, graphicsmagick, libgraphicsmagick1, graphicsmagick-dbg
Architecture: source
Version: 1.1.7-8
Distribution: edgy
Urgency: high
Maintainer: Daniel Kobras <kobras at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description: 
 graphicsmagick - collection of image processing tools
Closes: 383333
Changes: 
 graphicsmagick (1.1.7-8) unstable; urgency=high
 .
   * coders/xcf.c: Fix buffer overflow in XCF coder (CVE-2006-3743).
   * It seems I've fixed the vulnerabilities described in CVE-2006-3744
     (coders/sgi.c) independently in the previous upload already while
     the original report had been embargoed.
 .
 graphicsmagick (1.1.7-7) unstable; urgency=high
 .
   * coders/sgi.c: Fix multiple heap overflow vulnerabilities in SGI coder
     due to
     + missing boundary checks in SGIDecode();
     + missing validation of pixel depth field;
     + integer overflow via large columns and rows fields (CVE-2006-4144)
       Closes: #383333
     + missing validation of chunk size fields (variable 'runlength') in
       run-length encoded images.
   * coders/sgi.c: Check for bogus values of 'bytes_per_pixel' and 'depth'.
   * coders/sgi.c: Fix calculation of internal depth value.
 .
 graphicsmagick (1.1.7-6) unstable; urgency=low
 .
   * debian/compat: Bump debhelper compatibility level to 5.
   * debian/control: Build-depend on debhelper version 5 and up.
   * debian/control: Remove redundant Build-Depends-Indep.
   * debian/control: Add new package graphicsmagick-dbg containing debugging
     symbols for all language bindings and the main executable.
   * debian/control: Suggest debugging package where appropriate.
   * debian/control: Build-depend on sharutils for uudecode.
   * debian/control: Version build-dependency on libwmf-dev. Earlier versions
     will fail the testsuite.
   * debian/libgraphicsmagick++1.install: There is no libGraphicsMagickWand++,
     so don't try to install it.
   * debian/libgraphicsmagick{,++}1-dev.install: Remove .la files as long as
     nobody's using them.
   * debian/rules: Give in and disable strict aliasing for the moment until
     we get fixes for all instances that currently break the rules.
   * debian/rules: Place all debugging symbols into graphicsmagick-dbg.
   * debian/rules: New libwmf yields better image quality than old reference
     image in regression test. We cannot patch the binary image directly in
     the Debian diff, so add uudecode magic to check and clean targets.
   * debian/ski.miff.uu: Updated version of reference image in WMF regression
     test. Uuencoded to fit into the Debian diff.
   * magick/cache.c: Include definition of HAVE_PREAD before checking its
     value. Now really pulls in proper declarations of pread() and pwrite().
Files: 
 a25f76386e2c76753fd6496e5d17d5e2 1063 graphics optional graphicsmagick_1.1.7-8.dsc
 e3c22511a3be8d4d559a447bee15e5ed 42064 graphics optional graphicsmagick_1.1.7-8.diff.gz

More information about the edgy-changes mailing list