lp://qastaging/~noskcaj/ubuntu/saucy/imagemagick/lp1218248
- Get this branch:
- bzr branch lp://qastaging/~noskcaj/ubuntu/saucy/imagemagick/lp1218248
Branch merges
- Ubuntu branches: Pending requested
-
Diff: 2014 lines (+1959/-1)6 files modified.pc/0008-memory-corruption-while-processing-GIF-comments.patch/coders/gif.c (+1917/-0)
.pc/applied-patches (+1/-0)
coders/gif.c (+4/-1)
debian/changelog (+7/-0)
debian/patches/0008-memory-corruption-while-processing-GIF-comments.patch (+29/-0)
debian/patches/series (+1/-0)
Related bugs
Bug #1218248: DoS: memory corruption while processing GIF comments. | High | Fix Released |
|
Related blueprints
Branch information
- Owner:
- Jackson Doak
- Status:
- Development
Recent revisions
- 41. By Jackson Doak
-
Add 0008-memory-
corruption- while-processin g-GIF-comments. patch from debian experiemental and imagemagick upstream - 40. By Philip Muškovac
-
libmagickcore-dev should depend on liblcms2-dev not liblcms-dev
(LP: #1132506) - 39. By Micah Gersten
-
* Merge from Debian unstable. (LP: #1079209) Remaining changes:
- Make ufraw-batch (universe) a suggestion instead of a recommendation.
- Don't set MAKEFLAGS in debian/rules; just pass it to the build.
- Build-Depend on libtiff5-dev instead of libtiff-dev
- Depend on fftw3-dev as it's in main, not fftw-dev.
- Don't build depend on graphicsmagick-imagemagick- compat (universe)
- Don't use graphicmagick's convert executable just to convert our
svg into a menu xpm. Instead, run the convert we build.
* Mark Vcs-* as XS-Debian-Vcs-*
- update debian/control - 38. By Jamie Strandboge
-
* SECURITY UPDATE: denial of service via large resource consumption
- debian/patches/ CVE-2012- 3437.patch: always use correct size argument
with libpng memory allocation
- CVE-2012-3437 - 37. By Michael Terry
-
* debian/control, debian/rules:
- Don't use graphicmagick's convert executable just to convert our
svg into a menu xpm. Instead, run the convert we build. - 36. By Michael Terry
-
* debian/control:
- Depend on fftw3-dev, not fftw-dev. fftw-dev is very old and not in
main, like fftw3-dev is. Plus, imagemagick doesn't even check for
fftw2, it only can use fftw3. - 35. By Michael Terry
-
* Merge from Debian unstable. Remaining changes:
- Make ufraw-batch (universe) a suggestion instead of a recommendation.
- Don't set MAKEFLAGS in debian/rules; just pass it to the build.
* debian/control:
- Build-Depend on libtiff5-dev instead of libtiff-dev - 34. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
malformed ResolutionUnit or IOP tags.
- debian/patches/ CVE-2012- 0247.patch: properly calculate
lengths and sizes in magick/{profile, property} .c.
- CVE-2012-0247
- CVE-2012-0248
- CVE-2012-1185
- CVE-2012-1186
* SECURITY UPDATE: denial of service and possible code execution via
EXIF tags.
- debian/patches/ CVE-2012- 0259.patch: don't copy invalid memory in
coders/tiff.c, properly initialize buffers in magick/property.c.
- CVE-2012-0259
- CVE-2012-1798
* SECURITY UPDATE: denial of service and possible code execution via
JPEG EXIF integer overflow.
- debian/patches/ CVE-2012- 1610.patch: check number of bytes in
magick/{profile, property} .c.
- CVE-2012-1610 - 33. By Scott Howard
-
0006-rsvg-
convert. patch: upstream removed the rsvg command from
librsvg2-bin, use rsvg-convert instead (LP: #929573) - 32. By Michael Terry
-
* debian/rules:
- Build PerlMagick Makefile after building main library, so that
MakeMaker can find the library instead of stripping it from the
link line. LP: #897380
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://qastaging/ubuntu/saucy/imagemagick