Accepted imagemagick 7:6.2.4.5.dfsg1-0.14ubuntu0.2 (source)

Ubuntu Installer archive at ubuntu.com
Wed Oct 3 18:55:47 BST 2007 

Accepted:
 OK: imagemagick_6.2.4.5.dfsg1.orig.tar.gz
 OK: imagemagick_6.2.4.5.dfsg1-0.14ubuntu0.2.diff.gz
 OK: imagemagick_6.2.4.5.dfsg1-0.14ubuntu0.2.dsc
     -> Component: main Section: graphics

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 02 Oct 2007 14:19:08 -0700
Source: imagemagick
Binary: perlmagick libmagick9 libmagick9-dev imagemagick libmagick++9-dev libmagick++9c2a
Architecture: source
Version: 7:6.2.4.5.dfsg1-0.14ubuntu0.2
Distribution: feisty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description: 
 imagemagick - Image manipulation programs
 libmagick++9-dev - The object-oriented C++ API to the ImageMagick library--developme
 libmagick++9c2a - The object-oriented C++ API to the ImageMagick library
 libmagick9 - Image manipulation library
 libmagick9-dev - Image manipulation library -- development
 perlmagick - A perl interface to the libMagick graphics routines
Changes: 
 imagemagick (7:6.2.4.5.dfsg1-0.14ubuntu0.2) feisty-security; urgency=low
 .
   * SECURITY UPDATE: multiple heap overflow vulnerabilities could lead
     to remote code execution.
   * Thanks to Jonathan Smith and Daniel Kobras for backported patches:
     - magick/memory.c,magick/memory_.h,magick/methods.h: Add new allocator
       wrapper AcquireQuantumMemory() to prevent potential integer overflows.
       Backport from upstream version 6.3.5.9.
     - magick/image.c: Backport new implementation of SetImageExtent() from
       upstream version 6.3.5.9.
     - coders/dcm.c,coders/xcf.c: Fix integer overflow in DCM and XCF coders.
       (CVE-2007-4985) Backport of upstream patch from version 6.3.5.9.
     - coders/dcm.c,coders/dib.c,coders/xbm.c,coders/xcf.c,coders/xwd.c:
       Fix multiple integer overflows in DCM, DIB, XBM, XCF, and XWD coders.
       (CVE-2007-4986 and CVE-2007-4988) Based on upstream patch from
       version 6.3.5.9.
     - magick/blob.c: Fix fencepost error in ReadBlobString()
       (CVE-2007-4987) Backport of upstream patch from version 6.3.5.9.
     - coders/dib.c: Ensure positive value for image rows and columns.
       Based on upstream patch from version 6.3.5.9.
Files: 
 d40113bf0a051e434d614fca74c37af3 1119 graphics optional imagemagick_6.2.4.5.dfsg1-0.14ubuntu0.2.dsc
 38a3c71f92a8bcefae28e870d7772e15 96096 graphics optional imagemagick_6.2.4.5.dfsg1-0.14ubuntu0.2.diff.gz
Original-Maintainer: Ryuichi Arafune <arafune at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHAsCmH/9LqRcGPm0RAqQYAJ9a6QTZKAtJJd3q/A0JfeusFZQ1iQCeNRhD
5aVDw+TvE3PwwHaFHgYPTZI=
=M2eY
-----END PGP SIGNATURE-----

More information about the feisty-changes mailing list