[Bug 91278] [Sync request] Sync graphicsmagick (1.1.7-13) from Debian unstable (main)

Michael Bienia michael at vorlon.ping.de
Sun Mar 11 01:10:52 GMT 2007 

Public bug reported:

Binary package hint: graphicsmagick

Please sync graphicsmagick (1.1.7-13) from Debian unstable (main).

The Ubuntu package has no changes.

Thanks.

Changelog:

graphicsmagick (1.1.7-13) unstable; urgency=high

  * The following problems were found thanks to numerous testcases provided
    by Sami Liedes:
    + coders/pcx.c: Fix heap overflow vulnerability of scanline array
      with user-supplied input. Closes: #413034
      Also adds error checks and caps maximum number of colours to prevent
      segfaults with further testcases. Closes: #414058
    + coders/pict.c: Fix integer overflow to prevent overflowing a
      heap buffer with user-supplied input. Closes: #413036
      Validate header information to prevent segfaults with further
      testcases. Closes: #414059
    + coders/xwd.c: Check image data more strictly before passing it on to
      XGetPixel() to circumvent buffer overflow in libX11. Closes: #413040
    + Fix various segfaults with corrupt image data due to insufficient
      validation of return values from SeekBlob(). None of these are
      currently known to allow code injection.
      - coders/bmp.c: Add error checks to SeekBlob() calls. Closes: #413031
      - coders/cineon.c: Likewise. Closes: #413038
      - coders/icon.c: Likewise. Closes: #413032
                       Extend validation checks to prevent segfaults with
                       further testcases. Closes: #414057
      - magick/blob.c: Increase robustness of function ReadBlobStream() to
        mitigate the impact of missing error checks on SeekBlob() calls.
    + coders/png.c: Fix NULL pointer dereference due to insufficient
      validation of image data. Closes: #413035
    + coders/pnm.c: Fix segfault on out-of-bounds read access due to
      insufficient validation of image data. Closes: #413037
    + coders/sun.c: Fix segfaults on out-of-bounds read access due to
      insufficient validation of image data. Closes: #413039
  * utilities/miff.4: Trim name section of man page, and move overlong
    line to description. Closes: #390501
  * debian/graphicsmagick.menu: Show logo on startup from menu, rather
    than quitting immediately. Thanks Justin B. Rye. Closes: #407464

 -- Daniel Kobras <kobras at debian.org>  Sat, 10 Mar 2007 23:52:50 +0100

** Affects: graphicsmagick (Ubuntu)
     Importance: Undecided
         Status: Unconfirmed

-- 
[Sync request] Sync graphicsmagick (1.1.7-13) from Debian unstable (main)
https://launchpad.net/bugs/91278

More information about the ubuntu-archive mailing list