-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2012-04-25 10:22:49 UTC
-
Revision ID:
package-import@ubuntu.com-20120425102249-h90oao4ng7lbd8cw
Tags: 8:6.6.9.7-5ubuntu3.1
* SECURITY UPDATE: denial of service and possible code execution via
malformed ResolutionUnit or IOP tags.
- debian/patches/CVE-2012-0247.patch: properly calculate
lengths and sizes in magick/{profile,property}.c.
- CVE-2012-0247
- CVE-2012-0248
- CVE-2012-1185
- CVE-2012-1186
* SECURITY UPDATE: denial of service and possible code execution via
EXIF tags.
- debian/patches/CVE-2012-0259.patch: don't copy invalid memory in
coders/tiff.c, properly initialize buffers in magick/property.c.
- CVE-2012-0259
- CVE-2012-1798
* SECURITY UPDATE: denial of service and possible code execution via
JPEG EXIF integer overflow.
- debian/patches/CVE-2012-1610.patch: check number of bytes in
magick/{profile,property}.c.
- CVE-2012-1610