lp:debian/jessie/imagemagick
- Get this branch:
- bzr branch lp:debian/jessie/imagemagick
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 46. By Bastien Roucariès <email address hidden>
-
* Fix incorrect fix for xpm security problem.
This patch fixed the buffer overflow but
xpm coder output garbage, thanks to Adam Sjøgren
(Closes: #773980).
* Workarround "Imagemagick FTBFS on mips on mips-aql-* not on ball".
Do not execute testsuite if FPU is not present. Security team
want this bug fixed in order to ease it work, thanks
to Ivo De Decker (Closes: #770009). - 45. By Bastien Roucariès <email address hidden>
-
* Fix a few security bugs (Closes: #773834):
- Avoid a DOS in vision.c due to an infinite loop.
- Avoid a SEGV due to a corrupted pnm file.
- Do not leak fd due to corrupted file.
- Fix a double free in pdb coder.
- Fix a SEGV due to corrupted dpc and xwd images.
- Fix a SEGV in dpx file handler.
- Fix a SEGV in malformed xwd file handler.
- Avoid a NULL pointer dereference in ps file handling.
- Fix a crash with corrupted viff file.
- Fix a NULL pointer dereference in wpg file handling.
- Do not continue on corrupted wpg file.
- Avoid an out of bound access in viff image.
- Avoid a heap buffer overflow in pdb file handling.
- Avoid an out of bound acess on malformed sun file.
- Avoid heap overflow in palm, pnm and xpm files.
- Fix heap overflow in quantum, palm and psd file.
- Fix handling of corrupted of psd, sun and xpm file.
- Fix corrupted (too many colors) psd file.
- Fix an out of bound acess in sun file.
- Fix handling of corrupted sun and wpg file.
- Fix heap overflow in pcx file, psd, pict and wpf files
and DOS in xpm files.
- Add additional PNM sanity checks.
- Avoid a crash to out of memory in magick/cache.c
- Fix a theorical out of bound access in magick/colormap- private. h
- Fix an out of bound access in palm file.
- Fixed throwing of exceptions in psd handling and fix a memory leak.
- Fixed boundary checks in DecodePSDPixels.
- Fix another out of bound problem in rle file.
- Fix crash due to corrupted dib file.
- Added checks to prevent overflow in rle file.
- Impose a limit of 10 million columns or rows in an input PNG
- Don't try to handle a "previous" image in the JNG decoder.
- Avoid a memory leak in quantum management.
- Avoid a crash in png coder.
- Thread limit should be at least 1 in order to be efficient.
- In psd file handling fixed parsing resource block and
avoid a crash.
- In cache fix usage of object after it has been destroyed.
- Avoid a memory leak in rle file handling.
- During identification of image do not fill memory - 44. By Bastien Roucariès <email address hidden>
-
Fix a security bug (DOS). Some special crafted JPEG
files could create a dos due to missing check in
embeded EXIF properties (EXIF directory offsets
must be greater than 0). Fix CVE-2014-8716
(Closes: #768494). - 42. By Bastien Roucariès <email address hidden>
-
* New upstream version, fixing four security problems:
- Remotely DOS: "convert +profile regression enters
infinite loop exhausting memory", thanks to
Yuri D'Elia (Closes: #764872).
- Fixed buffer overflow in PCX and DCM coder.
- Don't clone a 0x0 image breaking some assumption
in client code.
- Off-by-one count when parsing an 8BIM profile.
* Fix identify -quiet has non zero exit code on warnings
(Closes: #763686).
* Fix "convert -crop" doesn't just crop,
but makes the output darker than the input (Closes: #731157).
* Fix identify warning is now an error (Closes: #761918).
* Fix unrecognized color in xpm image (Closes: #754107).
* Fix display exits with non-zero return code (Closes: #763794).
* Fix imagemagick changes contrast of b/w images.
(Closes: #712493).
* Fix desktop file icons are not displayed due to wrong icon names.
(Closes: #765416, #758276).
* Tighten up the depends between imagemagick-common and other components.
(Closes: #753770).
* Add obsolete config scripts (not multiarch safe) to
/usr/lib/$DEB_ HOST_MULTIARCH/ ImageMagick- 6/bin-$ QUANTUMDEPTH/
where $DEB_HOST_MULTIARCH is the multiarch triplet and
$QUANTUMDEPTH is the current quantum depth.
(Closes: #764899). Document it under NEWS (Closes: #761927).
* Bump policy version. No changes. - 40. By Vincent Fourmond
-
* Apply patch courtesy of Hilko Bengen <email address hidden> to fix FTBS on ppc64le
(closes: #760079)
* Now running dh-autoreconf to ensure smooth builds on newer arches
* Disable silent rules in configure, they are a real pain when one needs to debug
failed builds from build logs - 39. By Bastien Roucariès <email address hidden>
-
Prepare perl transition (/usr/lib/perl5 move to
/usr/lib/$ARCH_TRIPLET/ perl5/) and avoid FTBFS (closes: #750095). - 37. By Vincent Fourmond
-
Drop build dependency on graphicsmagick, but use built imagemagick
(closes: #747822)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:debian/imagemagick