lp://staging/ubuntu/raring-security/imagemagick
- Get this branch:
- bzr branch lp://staging/ubuntu/raring-security/imagemagick
Branch merges
Branch information
Recent revisions
- 41. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution in GIF
image comment decoding (LP: #1218248)
- debian/patches/ CVE-2013- 4298.patch: properly handle comments in
coders/gif.c.
- CVE-2013-4298 - 40. By Philip Muškovac
-
libmagickcore-dev should depend on liblcms2-dev not liblcms-dev
(LP: #1132506) - 39. By Micah Gersten
-
* Merge from Debian unstable. (LP: #1079209) Remaining changes:
- Make ufraw-batch (universe) a suggestion instead of a recommendation.
- Don't set MAKEFLAGS in debian/rules; just pass it to the build.
- Build-Depend on libtiff5-dev instead of libtiff-dev
- Depend on fftw3-dev as it's in main, not fftw-dev.
- Don't build depend on graphicsmagick-imagemagick- compat (universe)
- Don't use graphicmagick's convert executable just to convert our
svg into a menu xpm. Instead, run the convert we build.
* Mark Vcs-* as XS-Debian-Vcs-*
- update debian/control - 38. By Jamie Strandboge
-
* SECURITY UPDATE: denial of service via large resource consumption
- debian/patches/ CVE-2012- 3437.patch: always use correct size argument
with libpng memory allocation
- CVE-2012-3437 - 37. By Michael Terry
-
* debian/control, debian/rules:
- Don't use graphicmagick's convert executable just to convert our
svg into a menu xpm. Instead, run the convert we build. - 36. By Michael Terry
-
* debian/control:
- Depend on fftw3-dev, not fftw-dev. fftw-dev is very old and not in
main, like fftw3-dev is. Plus, imagemagick doesn't even check for
fftw2, it only can use fftw3. - 35. By Michael Terry
-
* Merge from Debian unstable. Remaining changes:
- Make ufraw-batch (universe) a suggestion instead of a recommendation.
- Don't set MAKEFLAGS in debian/rules; just pass it to the build.
* debian/control:
- Build-Depend on libtiff5-dev instead of libtiff-dev - 34. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
malformed ResolutionUnit or IOP tags.
- debian/patches/ CVE-2012- 0247.patch: properly calculate
lengths and sizes in magick/{profile, property} .c.
- CVE-2012-0247
- CVE-2012-0248
- CVE-2012-1185
- CVE-2012-1186
* SECURITY UPDATE: denial of service and possible code execution via
EXIF tags.
- debian/patches/ CVE-2012- 0259.patch: don't copy invalid memory in
coders/tiff.c, properly initialize buffers in magick/property.c.
- CVE-2012-0259
- CVE-2012-1798
* SECURITY UPDATE: denial of service and possible code execution via
JPEG EXIF integer overflow.
- debian/patches/ CVE-2012- 1610.patch: check number of bytes in
magick/{profile, property} .c.
- CVE-2012-1610 - 33. By Scott Howard
-
0006-rsvg-
convert. patch: upstream removed the rsvg command from
librsvg2-bin, use rsvg-convert instead (LP: #929573) - 32. By Michael Terry
-
* debian/rules:
- Build PerlMagick Makefile after building main library, so that
MakeMaker can find the library instead of stripping it from the
link line. LP: #897380
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/saucy/imagemagick