[ubuntu/trusty-proposed] imagemagick 8:6.7.7.10-6ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Thu Mar 6 18:58:16 UTC 2014
imagemagick (8:6.7.7.10-6ubuntu3) trusty; urgency=medium
* SECURITY UPDATE: denial of service and possible code execution via psd
images processing rle decoding buffer overflow
- debian/patches/CVE-2014-1958.patch: check lengths in coders/psd.c.
- CVE-2014-1958
* SECURITY UPDATE: denial of service via jpeg images with specially-
crafted restart markers
- debian/patches/CVE-2014-2030.patch: don't overflow layer_name in
coders/psd.c.
- CVE-2014-2030
Date: Thu, 06 Mar 2014 11:12:57 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/trusty/+source/imagemagick/8:6.7.7.10-6ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 06 Mar 2014 11:12:57 -0500
Source: imagemagick
Binary: imagemagick imagemagick-dbg imagemagick-common imagemagick-doc libmagickcore5 libmagickcore5-extra libmagickcore-dev libmagickwand5 libmagickwand-dev libmagick++5 libmagick++-dev perlmagick
Architecture: source
Version: 8:6.7.7.10-6ubuntu3
Distribution: trusty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
imagemagick - image manipulation programs
imagemagick-common - image manipulation programs -- infrastructure
imagemagick-dbg - debugging symbols for ImageMagick
imagemagick-doc - document files of ImageMagick
libmagick++-dev - object-oriented C++ interface to ImageMagick - development files
libmagick++5 - object-oriented C++ interface to ImageMagick
libmagickcore-dev - low-level image manipulation library - development files
libmagickcore5 - low-level image manipulation library
libmagickcore5-extra - low-level image manipulation library - extra codecs
libmagickwand-dev - image manipulation library - development files
libmagickwand5 - image manipulation library
perlmagick - Perl interface to the ImageMagick graphics routines
Changes:
imagemagick (8:6.7.7.10-6ubuntu3) trusty; urgency=medium
.
* SECURITY UPDATE: denial of service and possible code execution via psd
images processing rle decoding buffer overflow
- debian/patches/CVE-2014-1958.patch: check lengths in coders/psd.c.
- CVE-2014-1958
* SECURITY UPDATE: denial of service via jpeg images with specially-
crafted restart markers
- debian/patches/CVE-2014-2030.patch: don't overflow layer_name in
coders/psd.c.
- CVE-2014-2030
Checksums-Sha1:
0b2231dabae9bad5cf180810fc41a9a48442ffa6 3231 imagemagick_6.7.7.10-6ubuntu3.dsc
f40a5f04e3a68c4241ab73bfbef48035ee8c7773 142805 imagemagick_6.7.7.10-6ubuntu3.debian.tar.bz2
Checksums-Sha256:
a6752ae64491acd08330043acfeca1eb169fada55041f360a59596afad832fee 3231 imagemagick_6.7.7.10-6ubuntu3.dsc
11f0ae1522a1f12f24a75add8604617380faec477670bada5535c9b410a3502d 142805 imagemagick_6.7.7.10-6ubuntu3.debian.tar.bz2
Files:
7dbce3c5df78fe0152eb237b27bad937 3231 graphics optional imagemagick_6.7.7.10-6ubuntu3.dsc
7f0a04e9e78e9d7434842b96d4ca6bc7 142805 graphics optional imagemagick_6.7.7.10-6ubuntu3.debian.tar.bz2
Original-Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJTGLLWAAoJEGVp2FWnRL6T1AwQAIPzn/vmnhkACB4hFJcZH9mD
JZuKJlANUYYfD2ghykfpD2NOkqXmlrdEW38qV7EiEuD+tSsEcZUVDNjAL6h1zANS
hdYNgA2H2IL1PXlmxRwe+9oaCCP+kCZDjb6dMrm8NEdukVxB4x4hxeD1X6gMJrhR
X39gEq/9SuAbLgiKEgoVimI2zlFMxqxHtifFe3kYvrpLfGefexDvvoInjUF7LjUY
gZ8wPyhKoWtH8BKoxq65Ix0wf5KFlyNUPTBI2srlPzU8sDTpK89Pd+8ecDd7trve
c6HhiIsaOdJEPqjXuOXsjY1gxuKDrLfkGCrzVTmWoStgMHRyGGRYUep5BQGt9iyP
enEgflwvSlZchwv7Zw001Ku0l+vEsUJ4TDDKumk9AXXv1FF1Z7kpXAQdwgFbVEuY
JVEg14ZqYoWuVcPzD6fcNhY3+Ir5Oxr02cvTlLuz5UBKXe++fGf0nTEgB50Yl0Bo
GqrERztXbxgd1Q3RXqPHWwXsE7MUbNvFTnIOXtLkjM9sqIqeSAR8z720tXf7o4gj
4Suj7GS/uE4U+3GH/sXfBTygV9jxLAR9mAs04ccESdBraQR+ZVvKmBye5r4ltiVC
uGPB8fXjbqv3XNMc/CIawFNf1PyQ0CLNBFaBVHKqaHOkCa6/WbhUGu3TRFzZInB7
dHZAXwx+diOS53ylXVYb
=Kcyp
-----END PGP SIGNATURE-----
More information about the Trusty-changes
mailing list