UbuntuUpdates.org

Package "libmagickwand-dev"

Name: libmagickwand-dev

Description:

image manipulation library - development files

Latest version: 8:6.6.9.7-5ubuntu3.9
Release: precise (12.04)
Level: updates
Repository: main
Head package: imagemagick
Homepage: http://www.imagemagick.org/

Links


Download "libmagickwand-dev"


Other versions of "libmagickwand-dev" in Precise

Repository Area Version
base main 8:6.6.9.7-5ubuntu3
security main 8:6.6.9.7-5ubuntu3.9

Changelog

Version: 8:6.6.9.7-5ubuntu3.9 2017-03-14 19:06:46 UTC

  imagemagick (8:6.6.9.7-5ubuntu3.9) precise-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u8 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2017-6498, CVE-2017-6500

 -- Marc Deslauriers <email address hidden> Tue, 14 Mar 2017 09:55:55 -0400

Source diff to previous version
CVE-2017-6498 An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS.
CVE-2017-6500 An issue was discovered in ImageMagick 6.9.7. A specially crafted sun file triggers a heap-based buffer over-read.

Version: 8:6.6.9.7-5ubuntu3.8 2017-03-08 15:06:55 UTC

  imagemagick (8:6.6.9.7-5ubuntu3.8) precise-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: synchronize security fixes with Debian's
      8:6.8.9.9-5+deb8u7 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2016-8707, CVE-2016-10062, CVE-2016-10144, CVE-2016-10145,
      CVE-2017-5506, CVE-2017-5507, CVE-2017-5508, CVE-2017-5510,
      CVE-2017-5511

 -- Marc Deslauriers <email address hidden> Thu, 02 Mar 2017 15:19:35 -0500

Source diff to previous version
CVE-2016-8707 An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks's convert utility. A crafted TIFF document can le
CVE-2016-1006 Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to
CVE-2016-1014 Untrusted search path vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11
CVE-2017-5506 double free in profile
CVE-2017-5507 memory leak in MPC file handling
CVE-2017-5508 Crash - PushQuantumPixel - Heap-Buffer-Overflow (TIFF)
CVE-2017-5510 memory corruption heap overflow, psb file related, another one
CVE-2017-5511 memory corruption heap overflow, psb file related

Version: 8:6.6.9.7-5ubuntu3.7 2017-02-22 22:07:03 UTC

  imagemagick (8:6.6.9.7-5ubuntu3.7) precise-security; urgency=medium

  * SECURITY REGRESSION: test label regression (LP: #1646485)
    - debian/patches/0161-Do-not-ignore-SetImageBias-bias-value.patch:
      updated to fix bad backport.
    - debian/patches/0162-Suspend-exception-processing-if-there-are-too-many-e.patch:
      updated to apply cleanly.
  * SECURITY REGRESSION: text coder issue (LP: #1589580)
    - debian/patches/fix_text_coder.patch: add extra check to coders/mvg.c,
      fix logic in coders/txt.c.

 -- Marc Deslauriers <email address hidden> Wed, 22 Feb 2017 10:08:13 -0500

Source diff to previous version
1646485 security update regression in 'convert' tool when creating an image containing a text label
1589580 Security improvements to TEXT coder broke it

Version: 8:6.6.9.7-5ubuntu3.6 2016-11-30 19:07:00 UTC

  imagemagick (8:6.6.9.7-5ubuntu3.6) precise-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: backport security fixes from Debian's
      8:6.8.9.9-5+deb8u6 release. Once again, thanks to Bastien Roucariès
      for the excellent work this update is based on!
    - CVE-2016-7799, CVE-2016-8677, CVE-2016-8862, CVE-2016-9556

 -- Marc Deslauriers <email address hidden> Tue, 29 Nov 2016 14:11:54 -0500

Source diff to previous version
CVE-2016-7799 mogrify global buffer overflow
CVE-2016-8677 memory allocate failure in AcquireQuantumPixels
CVE-2016-8862 imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)
CVE-2016-9556 Heap buffer overflow in heap-buffer-overflow in IsPixelGray

Version: 8:6.6.9.7-5ubuntu3.5 2016-11-21 16:06:43 UTC

  imagemagick (8:6.6.9.7-5ubuntu3.5) precise-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/*: backport large quantity of security fixes,
      including fixes from Debian's 8:6.8.9.9-5+deb8u5 release. Thanks to
      Bastien Roucariès for the excellent work this update is based on!
    - CVE-2014-8354, CVE-2014-8355, CVE-2014-8562, CVE-2014-8716,
      CVE-2014-9805, CVE-2014-9806, CVE-2014-9807, CVE-2014-9808,
      CVE-2014-9809, CVE-2014-9810, CVE-2014-9811, CVE-2014-9812,
      CVE-2014-9813, CVE-2014-9814, CVE-2014-9815, CVE-2014-9816,
      CVE-2014-9817, CVE-2014-9818, CVE-2014-9819, CVE-2014-9820,
      CVE-2014-9821, CVE-2014-9822, CVE-2014-9823, CVE-2014-9826,
      CVE-2014-9828, CVE-2014-9829, CVE-2014-9830, CVE-2014-9831,
      CVE-2014-9833, CVE-2014-9834, CVE-2014-9835, CVE-2014-9836,
      CVE-2014-9837, CVE-2014-9838, CVE-2014-9839, CVE-2014-9840,
      CVE-2014-9841, CVE-2014-9843, CVE-2014-9844, CVE-2014-9845,
      CVE-2014-9846, CVE-2014-9847, CVE-2014-9848, CVE-2014-9850,
      CVE-2014-9851, CVE-2014-9853, CVE-2014-9854, CVE-2014-9907,
      CVE-2015-8894, CVE-2015-8895, CVE-2015-8896, CVE-2015-8897,
      CVE-2015-8898, CVE-2015-8900, CVE-2015-8901, CVE-2015-8902,
      CVE-2015-8903, CVE-2015-8957, CVE-2015-8958, CVE-2015-8959,
      CVE-2016-4562, CVE-2016-4563, CVE-2016-4564, CVE-2016-5010,
      CVE-2016-5687, CVE-2016-5688, CVE-2016-5689, CVE-2016-5690,
      CVE-2016-5691, CVE-2016-5841, CVE-2016-5842, CVE-2016-6491,
      CVE-2016-6823, CVE-2016-7101, CVE-2016-7514, CVE-2016-7515,
      CVE-2016-7516, CVE-2016-7517, CVE-2016-7518, CVE-2016-7519,
      CVE-2016-7520, CVE-2016-7521, CVE-2016-7522, CVE-2016-7523,
      CVE-2016-7524, CVE-2016-7525, CVE-2016-7526, CVE-2016-7527,
      CVE-2016-7528, CVE-2016-7529, CVE-2016-7530, CVE-2016-7531,
      CVE-2016-7532, CVE-2016-7533, CVE-2016-7534, CVE-2016-7535,
      CVE-2016-7537, CVE-2016-7538, CVE-2016-7539

 -- Marc Deslauriers <email address hidden> Tue, 15 Nov 2016 15:59:53 -0500

CVE-2014-8354 out-of-bounds memory access in resize code
CVE-2014-8355 buffer overflow in PCX parser
CVE-2014-8562 buffer overflow in DCM parser
CVE-2014-8716 crafted jpeg file could lead to DOS
CVE-2014-9805 Avoid a SEGV due to a corrupted pnm file
CVE-2014-9806 Do not leak fd due to corrupted file
CVE-2014-9807 Fix a double free in pdb coder
CVE-2014-9808 Fix a SEGV due to corrupted dpc images
CVE-2014-9809 Fix a SEGV due to corrupted xwd images
CVE-2014-9810 Fix a SEGV in dpx file handler
CVE-2014-9811 Fix a SEGV in malformed xwd file handler
CVE-2014-9812 Avoid a NULL pointer dereference in ps file handling
CVE-2014-9813 Fix a crash with corrupted viff file
CVE-2014-9814 Fix a NULL pointer dereference in wpg file handling
CVE-2014-9815 Do not continue on corrupted wpg file
CVE-2014-9816 Avoid an out of bound access in viff image
CVE-2014-9817 Avoid a heap buffer overflow in pdb file handling
CVE-2014-9818 Avoid an out of bound access on malformed sun file
CVE-2014-9819 Avoid heap overflow in palm files
CVE-2014-9820 Avoid heap overflow in pnm files
CVE-2014-9821 Avoid heap overflow in xpm files
CVE-2014-9822 Fix heap overflow in quantum file
CVE-2014-9823 Fix heap overflow in palm file
CVE-2014-9826 Fix handling of corrupted of sun file
CVE-2014-9828 Fix corrupted (too many colors) psd file
CVE-2014-9829 Fix an out of bound access in sun file
CVE-2014-9830 Fix handling of corrupted sun file
CVE-2014-9831 Fix handling of corrupted wpg file
CVE-2014-9833 Fix heap overflow in psd files
CVE-2014-9834 Fix heap overflow in pict files
CVE-2014-9835 Fix heap overflow in wpf files
CVE-2014-9836 DOS in xpm files
CVE-2014-9837 Add additional PNM sanity checks
CVE-2014-9838 Avoid a crash to out of memory in magick/cache.c
CVE-2014-9839 Fix a theoretical out of bound access in magick/colormap-private.h
CVE-2014-9840 Fix an out of bound access in palm file
CVE-2014-9841 Fixed throwing of exceptions in psd handling
CVE-2014-9843 Fixed boundary checks in DecodePSDPixels
CVE-2014-9844 Fix another out of bound problem in rle file
CVE-2014-9845 Fix crash due to corrupted dib file
CVE-2014-9846 Added checks to prevent overflow in rle file
CVE-2014-9847 Don't try to handle a "previous" image in the JNG decoder
CVE-2014-9848 Avoid a memory leak in quantum management
CVE-2014-9850 incorrect handling of thread limit 0
CVE-2014-9851 In psd file handling fixed parsing resource block and avoid a crash
CVE-2014-9853 Avoid a memory leak in rle file handling
CVE-2014-9854 DoS in image identification
CVE-2014-9907 DOS due to corrupted DDS files
CVE-2015-8894 tga processing issue: double free in coders/tga.c:221
CVE-2015-8895 pict/icon processing issues: Integer and Buffer overflow in coders/icon.c
CVE-2015-8896 integer truncation issue
CVE-2015-8897 Out of bounds error in SpliceImage
CVE-2015-8898 Prevent null pointer access in magick/constitute.c
CVE-2015-8900 denial of service flaw in HDR file processing
CVE-2015-8901 denial of service flaw in MIFF file processing
CVE-2015-8902 denial of service flaw in PDB file processing
CVE-2015-8903 denial of service flaw in VICAR file processing
CVE-2015-8957 buffer overflow in sun file handling
CVE-2015-8958 potential DOS in sun file handling due to malformed files
CVE-2015-8959 DOS due to corrupted DDS files
CVE-2016-4562 The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices in
CVE-2016-4563 The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the Bez
CVE-2016-4564 The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to lo
CVE-2016-5010 Out-of-bounds read when processing crafted tiff file
CVE-2016-5687 out of bounds memory read
CVE-2016-5688 issues in WPG parser
CVE-2016-5689 lack of required NULL pointer checks
CVE-2016-5690 error in the for statement in the "Compute pixel scaling table" part of the ReadDCMImage function
CVE-2016-5691 lack of validation of pixel.red, pixel.green, and pixel.blue
CVE-2016-6491 Buffer overflow
CVE-2016-6823 Buffer overflow in bmp file reader
CVE-2016-7101 SGI security bug
CVE-2016-7514 out-of-bounds read in coders/psd.c
CVE-2016-7515 rle file handling for corrupted file
CVE-2016-7516 out of bunds problem in rle, pict, viff and sun files
CVE-2016-7520 heap overflow in hdr file handling
CVE-2016-7521 heap buffer overflow in psd file handling
CVE-2016-7522 out of bound access for malformed psd file
CVE-2016-7523 meta file out of bound access
CVE-2016-7525 heap buffer overflow in psd file coder
CVE-2016-7526 out of bound access in wpg file coder
CVE-2016-7528 out of bound access for viff file coder
CVE-2016-7529 out of bound access in xcf file coder
CVE-2016-7530 out of bound in quantum handling
CVE-2016-7531 pbd file out of bound access
CVE-2016-7532 Fix handling of corrupted psd file
CVE-2016-7533 wpg file out of bound for corrupted file
CVE-2016-7534 out of bound access in generic decoder
CVE-2016-7535 out of bound access for corrupted psd file
CVE-2016-7537 out of bound access for corrupted pdb file
CVE-2016-7538 SIGABRT for corrupted pdb file
CVE-2016-7539 potential DOS by not releasing memory



About   -   Send Feedback to @ubuntu_updates