Publishing details
Changelog
graphicsmagick (1.3.25-8~ubuntu14.04.1+deb.sury.org+2) trusty; urgency=medium
* No-change backport to trusty
graphicsmagick (1.3.25-8) unstable; urgency=high
* Backport security fix for out of bounds access when reading CMYKA tiff.
graphicsmagick (1.3.25-7) unstable; urgency=medium
* Add hack to build self-tests on mips* architectures.
graphicsmagick (1.3.25-6) unstable; urgency=high
* Fix CVE-2016-9830: memory allocation failure in MagickRealloc
(closes: #847072).
graphicsmagick (1.3.25-5) unstable; urgency=high
* Fix CVE-2016-8682: stack-based buffer overflow in ReadSCTImage (sct.c).
* Fix CVE-2016-8683: memory allocation failure in ReadPCXImage (pcx.c).
* Fix CVE-2016-8684: memory allocation failure in MagickMalloc (memory.c).
graphicsmagick (1.3.25-4) unstable; urgency=high
* Fix CVE-2016-7997: correctly flip image->blob and rotated_image->blob.
graphicsmagick (1.3.25-3) unstable; urgency=high
* Fix CVE-2016-7800: unsigned underflow leading to heap overflow when
parsing 8BIM chunk.
graphicsmagick (1.3.25-2) unstable; urgency=medium
* Compile magick/semaphore.c without optimization on ppc64el to prevent
Perl self-test segfaults (closes: #837719).
graphicsmagick (1.3.25-1) unstable; urgency=high
* New upstream release, with the following security updates:
- fix heap overflow in EscapeParenthesis() used in the text annotation
code,
- Utah RLE: Reject truncated/absurd files which caused huge memory
allocations and/or consumed huge CPU,
- SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
the MVG rendering code (also impacts SVG),
- TIFF: Fix heap buffer read overflow while copying sized TIFF attributes.
graphicsmagick (1.3.24+hg20160808-1) unstable; urgency=low
* New upstream, Mercurial snapshot release.
* Fixes DrawPrimitive() issue (closes: #829063).
graphicsmagick (1.3.24-2) unstable; urgency=low
* Backport upstream fix for DrawPrimitive() (closes: #829063).
graphicsmagick (1.3.24-1) unstable; urgency=high
* New upstream release, focusing on security fixes for the following image
formats:
- DIB: fix out of bound reads and add more header validations,
- JNG: file size limits are enforced,
- MATLAB: fix DoS and hang on corrupt deflate stream,
- META (Embedded Image Profiles): fix out of bounds reads and writes,
- MIFF (Magick): fix thrown assertion,
- CVE-2016-3716: Magick Scripting Language file processing is not done by
default but need to be prefixed with 'msl:',
- Magick Vector Graphics file processing is not done by default but need
to be prefixed with 'mvg:' and prevent head overflow problems,
- PCX: fix unreasonable memory allocation due to intentionally corrupt
file,
- PDB: fix heap buffer overflow and out of bounds read,
- PICT: fix out of bounds write,
- CVE-2016-3717: for PostScript files always run Ghostscript with -dSAFER
for safer execution,
- PSD: fix segmentation violations, heap buffer overflows and out of
bound writes,
- RLE: fix out of bounds reads and writes,
- ReadImages(): fix possible infinite recursion due to a crafted input
file,
- RotateImage(): fix thrown assertion,
- SGI: fix out of bounds writes,
- SUN: fix out of bounds reads and writes,
- SVG: fix CVE-2016-2317 and CVE-2016-2318, heap and stack buffer
overflows, as well as segmentation violations (closes: #814732);
also fix endless loop, unexpectedly large memory allocation, divide by
zero and recursion issues,
- TIFF: fix assertion while reading and fix benign heap overflow,
- VIFF: fix excessive memory allocation with intentonally corrupted
input file,
- XCF: fix heap buffer overflow,
- XPM: fix several heap buffer overflows and out of bound reads/writes;
also fix a case of excessive memory allocation,
- CVE-2016-5118: popen() shell vulnerability via filename that contains
'|', remove pipe support entirely (closes: #825800);
file names starting with a '|' character are no longer interpreted as
shell commands to be executed as input or output,
- default.mgk file has been pared down in order to reduce security
exposure,
- CVE-2016-3714: Gnuplot ('gplt' delegate) support for rendering these
files is removed since the format is inherently insecure,
- CVE-2016-3715: adding a 'tmp:' prefix to a filename no longer removes
the file since this seems dangerous,
- CVE-2016-3718: sanity check the image file path or URL before passing
it to ReadImage(),
- fix several Coverity issues like dereference after null check, multiple
resource leaks and logically dead code.
* Update library symbols for this release.
graphicsmagick (1.3.23-3) unstable; urgency=low
* Remove JasPer JPEG-2000 codec support build dependency and remove its
symbols from the libgraphicsmagick-q16-3 library (closes: #818199).
* Update Standards-Version to 3.9.8 .
graphicsmagick (1.3.23-2) unstable; urgency=low
* Add previously transient gsfonts build dependency (closes: #815736).
graphicsmagick (1.3.23-1) unstable; urgency=medium
* New upstream release.
graphicsmagick (1.3.22-2) unstable; urgency=low
* Transition libgraphicsmagick++-q16-11 to libgraphicsmagick++-q16-12
(closes: #803958).
* Conflict and replace version 1.3.22-1 of libgraphicsmagick++-q16-11 .
graphicsmagick (1.3.22-1) unstable; urgency=low
* New upstream release.
* Update libgraphicsmagick-q16-3 symbols file.
* Update watch file.
graphicsmagick (1.3.21-4) unstable; urgency=low
* Change C library name to ending with -q16 for QuantumDepth=16 ABI change
and compile shared library to include the QuantumDepth value
(closes: #796310).
* Remove breaks on pdf2djvu.
* Make rebuildable (closes: #796307).
[ Jakub Wilk <email address hidden> ]
* Remove obsolete conflicts/replaces on libgraphicsmagick.
* Version conflicts/replaces on libgraphicsmagick3.
* No longer need to pass -l and -L switches to dh_shlibdeps.
graphicsmagick (1.3.21-3) unstable; urgency=medium
* libgraphicsmagick++3 and libgraphicsmagick++11 are co-installable
(closes: #795099).
* libgraphicsmagick1-dev needs recent libgraphicsmagick++1-dev
(closes: #795102).
* Fix images symlink for development packages (closes: #795172).
* libgraphicsmagick3 breaks old versions of pdf2djvu .
graphicsmagick (1.3.21-2) unstable; urgency=medium
* Upload to unstable for GCC 5 transition.
* Enable WebP support (closes: #789745).
* Make rebuildable.
graphicsmagick (1.3.21-1) experimental; urgency=high
* New upstream release, including many security fixes.
* Start transition from libgraphicsmagick++3 to libgraphicsmagick++11 .
* Update libgraphicsmagick3 symbols.
graphicsmagick (1.3.20-4) experimental; urgency=low
* Test build with QuantumDepth 16 (closes: #557879).
* Update Standards-Version to 3.9.6 .
graphicsmagick (1.3.20-3) unstable; urgency=medium
* Use upstream fix for AnnotateImage() return value (closes: #759956).
graphicsmagick (1.3.20-2) unstable; urgency=medium
* Change binary libtiff4-dev dependency to libtiff-dev as well
(closes: #759595).
* Version perl build dependency to 5.20 or later.
graphicsmagick (1.3.20-1) unstable; urgency=medium
* New upstream release (closes: #710716).
* Use GraphicsMagick-1.3.20-CVE-2014-1947.patch from Fedora to fix
CVE-2014-1947.
* Add homepage field.
* Disable update_freetype.h_location.patch , upstream solved freetype
detection.
* Sync with Ubuntu.
[ Matthias Klose <email address hidden> ]
* Build-depend/depend on libtiff-dev rather than libtiff4-dev.
* Build-depend/depend on lcms2.
* Build using dh-autoreconf.
* Fix link error building the demo and test files.
[ Bart Martens <email address hidden> ]
* Add watch file.
-- Ondřej Surý <email address hidden> Wed, 21 Jun 2017 13:02:37 +0200
Builds
Built packages
-
graphicsmagick
collection of image processing tools
-
graphicsmagick-dbg
format-independent image processing - debugging symbols
-
graphicsmagick-imagemagick-compat
image processing tools providing ImageMagick interface
-
graphicsmagick-libmagick-dev-compat
image processing libraries providing ImageMagick interface
-
libgraphics-magick-perl
format-independent image processing - perl interface
-
libgraphicsmagick++-q16-12
format-independent image processing - C++ shared library
-
libgraphicsmagick++1-dev
format-independent image processing - C++ development files
-
libgraphicsmagick-q16-3
format-independent image processing - C shared library
-
libgraphicsmagick1-dev
format-independent image processing - C development files
Package files