Accepted imagemagick 7:6.2.4.5.dfsg1-2ubuntu1 (source)

Kees Cook kees at ubuntu.com
Tue Oct 2 23:00:28 BST 2007 

Accepted:
 OK: imagemagick_6.2.4.5.dfsg1.orig.tar.gz
 OK: imagemagick_6.2.4.5.dfsg1-2ubuntu1.diff.gz
 OK: imagemagick_6.2.4.5.dfsg1-2ubuntu1.dsc
     -> Component: main Section: graphics

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 02 Oct 2007 14:15:13 -0700
Source: imagemagick
Binary: perlmagick libmagick9 libmagick9-dev imagemagick libmagick++9-dev libmagick++9c2a
Architecture: source
Version: 7:6.2.4.5.dfsg1-2ubuntu1
Distribution: gutsy
Urgency: high
Maintainer: Ubuntu Core developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Kees Cook <kees at ubuntu.com>
Description: 
 imagemagick - Image manipulation programs
 libmagick++9-dev - The object-oriented C++ API to the ImageMagick library--developme
 libmagick++9c2a - The object-oriented C++ API to the ImageMagick library
 libmagick9 - Image manipulation library
 libmagick9-dev - Image manipulation library -- development
 perlmagick - A perl interface to the libMagick graphics routines
Closes: 444267
Changes: 
 imagemagick (7:6.2.4.5.dfsg1-2ubuntu1) gutsy; urgency=low
 .
   * Merge with Debian unstable for CVE fixes.  Remaining changes:
     - Magick++/lib/Geometry.cpp: build fix for g++-4.3.
     - debian/control: Ubuntu maintainer address.
 .
 imagemagick (7:6.2.4.5.dfsg1-2) unstable; urgency=high
 .
   * Fix multiple vulnerabilities in imagemagick. Closes: #444267
     + magick/memory.c,magick/memory_.h,magick/methods.h: Add new allocator
       wrapper AcquireQuantumMemory() to prevent potential integer overflows.
       Backport from upstream version 6.3.5.9.
     + magick/image.c: Backport new implementation of SetImageExtent() from
       upstream version 6.3.5.9.
     + coders/dcm.c,coders/xcf.c: Fix integer overflow in DCM and XCF coders.
       (CVE-2007-4985) Backport of upstream patch from version 6.3.5.9.
     + coders/dcm.c,coders/dib.c,coders/xbm.c,coders/xcf.c,coders/xwd.c:
       Fix multiple integer overflows in DCM, DIB, XBM, XCF, and XWD coders.
       (CVE-2007-4986 and CVE-2007-4988) Based on upstream patch from
       version 6.3.5.9.
     + magick/blob.c: Fix fencepost error in ReadBlobString()
       (CVE-2007-4987) Backport of upstream patch from version 6.3.5.9.
     + coders/dib.c: Ensure positive value for image rows and columns.
       Based on upstream patch from version 6.3.5.9.
     + All of the above patches have been derived from backports supplied by
       Jonathan Smith.
Files: 
 aa275acc73eb9be2bedc9c79240f17ac 1149 graphics optional imagemagick_6.2.4.5.dfsg1-2ubuntu1.dsc
 1db9a63854c4b589581997715337cee7 103157 graphics optional imagemagick_6.2.4.5.dfsg1-2ubuntu1.diff.gz
Original-Maintainer: Luciano Bello <luciano at linux.org.ar>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHAr2UH/9LqRcGPm0RArmxAJ0bzJthca92EoUSI37lMhJhrjJc2QCcCXL8
siZmVGvy0Jjfjyefe5lrJJg=
=6Zks
-----END PGP SIGNATURE-----

More information about the gutsy-changes mailing list