Debian
imagemagick package

lp:debian/jessie/imagemagick

  1. Jessie (8.0)
  2. jessie
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:debian/jessie/imagemagick
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Development

Recent revisions

46. By Bastien Roucariès <email address hidden>

* Fix incorrect fix for xpm security problem.
  This patch fixed the buffer overflow but
  xpm coder output garbage, thanks to Adam Sjøgren
  (Closes: #773980).
* Workarround "Imagemagick FTBFS on mips on mips-aql-* not on ball".
  Do not execute testsuite if FPU is not present. Security team
  want this bug fixed in order to ease it work, thanks
  to Ivo De Decker (Closes: #770009).

45. By Bastien Roucariès <email address hidden>

* Fix a few security bugs (Closes: #773834):
- Avoid a DOS in vision.c due to an infinite loop.
- Avoid a SEGV due to a corrupted pnm file.
- Do not leak fd due to corrupted file.
- Fix a double free in pdb coder.
- Fix a SEGV due to corrupted dpc and xwd images.
- Fix a SEGV in dpx file handler.
- Fix a SEGV in malformed xwd file handler.
- Avoid a NULL pointer dereference in ps file handling.
- Fix a crash with corrupted viff file.
- Fix a NULL pointer dereference in wpg file handling.
- Do not continue on corrupted wpg file.
- Avoid an out of bound access in viff image.
- Avoid a heap buffer overflow in pdb file handling.
- Avoid an out of bound acess on malformed sun file.
- Avoid heap overflow in palm, pnm and xpm files.
- Fix heap overflow in quantum, palm and psd file.
- Fix handling of corrupted of psd, sun and xpm file.
- Fix corrupted (too many colors) psd file.
- Fix an out of bound acess in sun file.
- Fix handling of corrupted sun and wpg file.
- Fix heap overflow in pcx file, psd, pict and wpf files
  and DOS in xpm files.
- Add additional PNM sanity checks.
- Avoid a crash to out of memory in magick/cache.c
- Fix a theorical out of bound access in magick/colormap-private.h
- Fix an out of bound access in palm file.
- Fixed throwing of exceptions in psd handling and fix a memory leak.
- Fixed boundary checks in DecodePSDPixels.
- Fix another out of bound problem in rle file.
- Fix crash due to corrupted dib file.
- Added checks to prevent overflow in rle file.
- Impose a limit of 10 million columns or rows in an input PNG
- Don't try to handle a "previous" image in the JNG decoder.
- Avoid a memory leak in quantum management.
- Avoid a crash in png coder.
- Thread limit should be at least 1 in order to be efficient.
- In psd file handling fixed parsing resource block and
  avoid a crash.
- In cache fix usage of object after it has been destroyed.
- Avoid a memory leak in rle file handling.
- During identification of image do not fill memory

44. By Bastien Roucariès <email address hidden>

Fix a security bug (DOS). Some special crafted JPEG
files could create a dos due to missing check in
embeded EXIF properties (EXIF directory offsets
must be greater than 0). Fix CVE-2014-8716
(Closes: #768494).

43. By Bastien Roucariès <email address hidden>

Remove build-dep loop. Remove inkscape.

42. By Bastien Roucariès <email address hidden>

* New upstream version, fixing four security problems:
  - Remotely DOS: "convert +profile regression enters
    infinite loop exhausting memory", thanks to
    Yuri D'Elia (Closes: #764872).
  - Fixed buffer overflow in PCX and DCM coder.
  - Don't clone a 0x0 image breaking some assumption
    in client code.
  - Off-by-one count when parsing an 8BIM profile.
* Fix identify -quiet has non zero exit code on warnings
  (Closes: #763686).
* Fix "convert -crop" doesn't just crop,
  but makes the output darker than the input (Closes: #731157).
* Fix identify warning is now an error (Closes: #761918).
* Fix unrecognized color in xpm image (Closes: #754107).
* Fix display exits with non-zero return code (Closes: #763794).
* Fix imagemagick changes contrast of b/w images.
  (Closes: #712493).
* Fix desktop file icons are not displayed due to wrong icon names.
  (Closes: #765416, #758276).
* Tighten up the depends between imagemagick-common and other components.
  (Closes: #753770).
* Add obsolete config scripts (not multiarch safe) to
  /usr/lib/$DEB_HOST_MULTIARCH/ImageMagick-6/bin-$QUANTUMDEPTH/
  where $DEB_HOST_MULTIARCH is the multiarch triplet and
  $QUANTUMDEPTH is the current quantum depth.
  (Closes: #764899). Document it under NEWS (Closes: #761927).
* Bump policy version. No changes.

41. By Bastien Roucariès <email address hidden>

Upload to unstable

40. By Vincent Fourmond

* Apply patch courtesy of Hilko Bengen <email address hidden> to fix FTBS on ppc64le
  (closes: #760079)
* Now running dh-autoreconf to ensure smooth builds on newer arches
* Disable silent rules in configure, they are a real pain when one needs to debug
  failed builds from build logs

39. By Bastien Roucariès <email address hidden>

Prepare perl transition (/usr/lib/perl5 move to
/usr/lib/$ARCH_TRIPLET/perl5/) and avoid FTBFS (closes: #750095).

38. By Vincent Fourmond

Deactivate parallel build to avoid spurious FTBSes (damn #704225)

37. By Vincent Fourmond

Drop build dependency on graphicsmagick, but use built imagemagick
(closes: #747822)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:debian/imagemagick
This branch contains Public information 
Everyone can see this information.

Subscribers