Branches for Dapper

Author: Daniel Kobras
Revision Date: 2006-01-17 18:33:58 UTC

* Non-maintainer upload.
* magick/display.c: In DisplayImageCommand(), expand command line before
  allocating ressources based on argc. Patch and analysis thanks to
  Eero Häkkinen. Closes: #345595
* magick/{animate.c,blob.c,display.c,image.c,log.c,montage.c,string.c,
  string_.h}: Implement new utility function FormatMagickStringNumeric()
  to securely expand a user-supplied format string with a single numeric
  argument. Adjust code to use this function where appropriate.
  (CVE-2006-0082) Closes: #345876
* coders/pdf.c,coders/ps.c,magick/delegate.c,magick/delegate.h,
  magick/methods.h: Do not call external delegates with user-supplied
  filename, but with securely named symlinks only to prevent shell command
  injection (CVE-2005-4601). Closes: #345238
* debian/rules: Make sure to include trailing spaces in multi-line
  commands to keep recent make happy. Cures problems with ghostscript
  font path. Fix thanks to Jeff Lessem. Closes: #347486
* debian/imagemagick.mime: Rather than autodetect the type of an image,
  derive it from the mime type. As a side effect, this change allows to
  use arbitrary filenames with the 'see' command, even if they have
  special meaning to imagemagick internally. Also clean up some typos
  and superfluous entries once we're at it. Closes: #344997

Author: Jamie Strandboge
Revision Date: 2009-06-04 13:47:24 UTC

* SECURITY UPDATE: integer overflow via crafted TIFF image
  - adjust xwindow.c, display.c and animate.c to verify width and length
  - based on upstream svn commit r513 (minus irrelevant changes)
  - CVE-2009-1882

Author: Jamie Strandboge
Revision Date: 2009-06-04 13:47:24 UTC

* SECURITY UPDATE: integer overflow via crafted TIFF image
  - adjust xwindow.c, display.c and animate.c to verify width and length
  - based on upstream svn commit r513 (minus irrelevant changes)
  - CVE-2009-1882