Package: release.debian.org
Severity: important
User: release.debian....@packages.debian.org
Usertags: unblock
Please unblock package imagemagick
It fix CVE-2014-8716 (a two line change).
I have also updated previous changelog entry with proper CVE.
diff -Nru imagemagick-6.8.9.9/debian/changelog
imagemagick-6.8.9.9/debian/changelog
--- imagemagick-6.8.9.9/debian/changelog 2014-10-28 18:48:23.000000000
+0100
+++ imagemagick-6.8.9.9/debian/changelog 2014-11-12 21:58:20.000000000
+0100
@@ -1,3 +1,13 @@
+imagemagick (8:6.8.9.9-3) unstable; urgency=high
+
+ * Fix a security bug (DOS). Some special crafted JPEG
+ files could create a dos due to missing check in
+ embeded EXIF properties (EXIF directory offsets
+ must be greater than 0). Fix CVE-2014-8716
+ (Closes: #768494).
+
+ -- Bastien Roucariès <roucaries.bastien+deb...@gmail.com> Fri, 07 Nov 2014
21:16:20 +0100
+
imagemagick (8:6.8.9.9-2) unstable; urgency=high
* Remove build-dep loop. Remove inkscape.
@@ -9,10 +19,11 @@
* New upstream version, fixing four security problems:
- Remotely DOS: "convert +profile regression enters
infinite loop exhausting memory", thanks to
- Yuri D'Elia (Closes: #764872).
- - Fixed buffer overflow in PCX and DCM coder.
+ Yuri D'Elia (Closes: #764872). Fix CVE-2014-8561.
+ - Fixed buffer overflow in PCX and DCM coder. Fix
+ CVE-2014-8562 and CVE-2014-8355.
- Don't clone a 0x0 image breaking some assumption
- in client code.
+ in client code. Fix CVE-2014-8354.
- Off-by-one count when parsing an 8BIM profile.
* Fix identify -quiet has non zero exit code on warnings
(Closes: #763686).
diff -Nru
imagemagick-6.8.9.9/debian/patches/0001-Use-svg-instead-of-png-for-generating-class-diagram.patch
imagemagick-6.8.9.9/debian/patches/0001-Use-svg-instead-of-png-for-generating-class-diagram.patch
---
imagemagick-6.8.9.9/debian/patches/0001-Use-svg-instead-of-png-for-generating-class-diagram.patch
2014-10-28 18:50:28.000000000 +0100
+++
imagemagick-6.8.9.9/debian/patches/0001-Use-svg-instead-of-png-for-generating-class-diagram.patch
2014-11-15 14:47:56.000000000 +0100
@@ -82,5 +82,5 @@
# If DOT_IMAGE_FORMAT is set to svg, then this option can be set to YES to
# enable generation of interactive SVG images that allow zooming and panning.
--
-2.1.1
+2.1.3
diff -Nru imagemagick-6.8.9.9/debian/patches/0002-Fix-html-documents.patch
imagemagick-6.8.9.9/debian/patches/0002-Fix-html-documents.patch
--- imagemagick-6.8.9.9/debian/patches/0002-Fix-html-documents.patch
2014-10-28 18:50:29.000000000 +0100
+++ imagemagick-6.8.9.9/debian/patches/0002-Fix-html-documents.patch
2014-11-15 14:47:56.000000000 +0100
@@ -5152,5 +5152,5 @@
+<!-- Magick Cache 25th July 2014 04:06 -->
+
--
-2.1.1
+2.1.3
diff -Nru
imagemagick-6.8.9.9/debian/patches/0003-Fix-meta-tag-damage-in-html-documentation.patch
imagemagick-6.8.9.9/debian/patches/0003-Fix-meta-tag-damage-in-html-documentation.patch
---
imagemagick-6.8.9.9/debian/patches/0003-Fix-meta-tag-damage-in-html-documentation.patch
2014-10-28 18:50:30.000000000 +0100
+++
imagemagick-6.8.9.9/debian/patches/0003-Fix-meta-tag-damage-in-html-documentation.patch
2014-11-15 14:47:57.000000000 +0100
@@ -2290,5 +2290,5 @@
\ No newline at end of file
+<!-- Magick Cache 25th July 2014 05:32 -->
--
-2.1.1
+2.1.3
diff -Nru
imagemagick-6.8.9.9/debian/patches/0004-Fix-remaining-html-error.patch
imagemagick-6.8.9.9/debian/patches/0004-Fix-remaining-html-error.patch
--- imagemagick-6.8.9.9/debian/patches/0004-Fix-remaining-html-error.patch
2014-10-28 18:50:30.000000000 +0100
+++ imagemagick-6.8.9.9/debian/patches/0004-Fix-remaining-html-error.patch
2014-11-15 14:47:57.000000000 +0100
@@ -162,5 +162,5 @@
</div>
--
-2.1.1
+2.1.3
diff -Nru
imagemagick-6.8.9.9/debian/patches/0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch
imagemagick-6.8.9.9/debian/patches/0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch
---
imagemagick-6.8.9.9/debian/patches/0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch
1970-01-01 01:00:00.000000000 +0100
+++
imagemagick-6.8.9.9/debian/patches/0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch
2014-11-15 14:47:57.000000000 +0100
@@ -0,0 +1,33 @@
+From b61b7f4f0e705b6a9a9ba8b8af898a406b0fc87e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bast...@gmail.com>
+Date: Fri, 7 Nov 2014 21:05:07 +0100
+Subject: [PATCH] Avoid crash and DOS with special crafted jpeg file
+
+Some special crafted JPEG file could lead to dos due to missing check in
+embeded EXIF properties (EXIF directory offsets must be greater than 0).
+
+Fix CVE-2014-8716.
+
+Forwarded:
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26456
+Bug-debian: http://bugs.debian.org/768494
+Applied-Upstream: 6.9.9.10
+---
+ magick/property.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/magick/property.c b/magick/property.c
+index 25eb765..c9c81d4 100644
+--- a/magick/property.c
++++ b/magick/property.c
+@@ -1321,6 +1321,8 @@ static MagickBooleanType GetEXIFProperty(const Image
*image,
+ The directory entry contains an offset.
+ */
+ offset=(ssize_t) ((int) ReadPropertyLong(endian,q+8));
++ if ((offset < 0) || (size_t) offset >= length)
++ continue;
+ if ((ssize_t) (offset+number_bytes) < offset)
+ continue; /* prevent overflow */
+ if ((size_t) (offset+number_bytes) > length)
+--
+2.1.3
+
diff -Nru imagemagick-6.8.9.9/debian/patches/series
imagemagick-6.8.9.9/debian/patches/series
--- imagemagick-6.8.9.9/debian/patches/series 2014-10-28 18:50:30.000000000
+0100
+++ imagemagick-6.8.9.9/debian/patches/series 2014-11-15 14:47:57.000000000
+0100
@@ -3,3 +3,4 @@
0002-Fix-html-documents.patch
0003-Fix-meta-tag-damage-in-html-documentation.patch
0004-Fix-remaining-html-error.patch
+0005-Avoid-crash-and-DOS-with-special-crafted-jpeg-file.patch
unblock imagemagick/8:6.8.9.9-3
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (900, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/20141116110401.29337.73770.report...@bastien-debian.roucaries.org
