[ubuntu/quantal] imagemagick 8:6.6.9.7-5ubuntu3.1 (Accepted)
Stéphane Graber
stgraber at stgraber.org
Mon Jun 4 01:12:13 UTC 2012
imagemagick (8:6.6.9.7-5ubuntu3.1) precise-security; urgency=low
* SECURITY UPDATE: denial of service and possible code execution via
malformed ResolutionUnit or IOP tags.
- debian/patches/CVE-2012-0247.patch: properly calculate
lengths and sizes in magick/{profile,property}.c.
- CVE-2012-0247
- CVE-2012-0248
- CVE-2012-1185
- CVE-2012-1186
* SECURITY UPDATE: denial of service and possible code execution via
EXIF tags.
- debian/patches/CVE-2012-0259.patch: don't copy invalid memory in
coders/tiff.c, properly initialize buffers in magick/property.c.
- CVE-2012-0259
- CVE-2012-1798
* SECURITY UPDATE: denial of service and possible code execution via
JPEG EXIF integer overflow.
- debian/patches/CVE-2012-1610.patch: check number of bytes in
magick/{profile,property}.c.
- CVE-2012-1610
Date: 2012-04-30 15:41:02.537363+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: =?utf-8?q?St=C3=A9phane_Graber?= <stgraber at stgraber.org>
https://launchpad.net/ubuntu/quantal/+source/imagemagick/8:6.6.9.7-5ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Quantal-changes
mailing list