[ubuntu/precise-security] imagemagick 8:6.6.9.7-5ubuntu3.1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Tue May 1 15:03:38 UTC 2012
imagemagick (8:6.6.9.7-5ubuntu3.1) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
malformed ResolutionUnit or IOP tags.
- debian/patches/CVE-2012-0247.patch: properly calculate
lengths and sizes in magick/{profile,property}.c.
- CVE-2012-0247
- CVE-2012-0248
- CVE-2012-1185
- CVE-2012-1186
* SECURITY UPDATE: denial of service and possible code execution via
EXIF tags.
- debian/patches/CVE-2012-0259.patch: don't copy invalid memory in
coders/tiff.c, properly initialize buffers in magick/property.c.
- CVE-2012-0259
- CVE-2012-1798
* SECURITY UPDATE: denial of service and possible code execution via
JPEG EXIF integer overflow.
- debian/patches/CVE-2012-1610.patch: check number of bytes in
magick/{profile,property}.c.
- CVE-2012-1610
Date: Wed, 25 Apr 2012 10:22:49 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/imagemagick/8:6.6.9.7-5ubuntu3.1
-------------- next part --------------
Format: 1.8
Date: Wed, 25 Apr 2012 10:22:49 -0400
Source: imagemagick
Binary: imagemagick imagemagick-dbg imagemagick-common imagemagick-doc libmagickcore4 libmagickcore4-extra libmagickcore-dev libmagickwand4 libmagickwand-dev libmagick++4 libmagick++-dev perlmagick
Architecture: source
Version: 8:6.6.9.7-5ubuntu3.1
Distribution: precise-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
imagemagick - image manipulation programs
imagemagick-common - image manipulation programs -- infrastructure
imagemagick-dbg - debugging symbols for ImageMagick
imagemagick-doc - document files of ImageMagick
libmagick++-dev - object-oriented C++ interface to ImageMagick - development files
libmagick++4 - object-oriented C++ interface to ImageMagick
libmagickcore-dev - low-level image manipulation library - development files
libmagickcore4 - low-level image manipulation library
libmagickcore4-extra - low-level image manipulation library - extra codecs
libmagickwand-dev - image manipulation library - development files
libmagickwand4 - image manipulation library
perlmagick - Perl interface to the ImageMagick graphics routines
Changes:
imagemagick (8:6.6.9.7-5ubuntu3.1) precise-security; urgency=low
.
* SECURITY UPDATE: denial of service and possible code execution via
malformed ResolutionUnit or IOP tags.
- debian/patches/CVE-2012-0247.patch: properly calculate
lengths and sizes in magick/{profile,property}.c.
- CVE-2012-0247
- CVE-2012-0248
- CVE-2012-1185
- CVE-2012-1186
* SECURITY UPDATE: denial of service and possible code execution via
EXIF tags.
- debian/patches/CVE-2012-0259.patch: don't copy invalid memory in
coders/tiff.c, properly initialize buffers in magick/property.c.
- CVE-2012-0259
- CVE-2012-1798
* SECURITY UPDATE: denial of service and possible code execution via
JPEG EXIF integer overflow.
- debian/patches/CVE-2012-1610.patch: check number of bytes in
magick/{profile,property}.c.
- CVE-2012-1610
Checksums-Sha1:
61a0affcb7f7a9d5d1b879f105c0963929c79dbb 3173 imagemagick_6.6.9.7-5ubuntu3.1.dsc
d5a6a4151e6238fcb6900ecfcf4ac9ca4215700a 45213 imagemagick_6.6.9.7-5ubuntu3.1.debian.tar.bz2
Checksums-Sha256:
0428fab2b73a36567ee3e2cb071dc241843a07ddb66fce19a8da6a1c86a17b68 3173 imagemagick_6.6.9.7-5ubuntu3.1.dsc
ba6d73c7fba840e7583eb85b6e88475bf1b5e3c53d61f5d68372a1530b19b44d 45213 imagemagick_6.6.9.7-5ubuntu3.1.debian.tar.bz2
Files:
fd0d64367a3ddc8872dd1658ec6a91e4 3173 graphics optional imagemagick_6.6.9.7-5ubuntu3.1.dsc
c59e805cbdf4ab979343ab83c2866565 45213 graphics optional imagemagick_6.6.9.7-5ubuntu3.1.debian.tar.bz2
Original-Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team at lists.alioth.debian.org>
More information about the Precise-changes
mailing list