Your message dated Mon, 06 Nov 2006 18:32:35 -0800 with message-id <[EMAIL PROTECTED]> and subject line Bug#381177: fixed in imlib2 1.3.0.0debian1-3 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: libimlib2 Version: 1.2.1-2 Severity: important Tags: patch *** Please type your report below this line *** imlib2 segfaults trying to load TIFF images on amd64. To reproduce: try opening any normal tiff file using feh. (To be concrete, create a new image in gimp, save as tiff using defaults, for example.) In loader_tiff.c:raster(), the line pixel = rast + (rast_offset * image_width); miscomputes the address of the input pixel when rast_offset (an int variable) becomes negative because image_width is an uint32, and hence the multiplication is promoted to unsigned. --- loader_tiff.c 2004-12-14 05:50:46.000000000 +0200 +++ loader_tiff-2.c 2006-08-02 20:07:16.807357952 +0300 @@ -75,7 +75,7 @@ raster(TIFFRGBAImage_Extra * img, uint32 * rast, uint32 x, uint32 y, uint32 w, uint32 h) { - uint32 image_width, image_height; + int image_width, image_height; uint32 *pixel, pixel_value; int i, j, dy, rast_offset; DATA32 *buffer_pixel, *buffer = img->image->data; -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-2-amd64-k8-smp Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US) Versions of packages libimlib2 depends on: ii libbz2-1.0 1.0.3-3 high-quality block-sorting file co ii libc6 2.3.6-15 GNU C Library: Shared libraries ii libfreetype6 2.2.1-2 FreeType 2 font engine, shared lib ii libjpeg62 6b-13 The Independent JPEG Group's JPEG ii libpng12-0 1.2.8rel-5.1 PNG library - runtime ii libtiff4 3.8.2-5 Tag Image File Format (TIFF) libra ii libungif4g 4.1.4-2 shared library for GIF images (run ii libx11-6 2:1.0.0-7 X11 client-side library ii libxext6 1:1.0.0-4 X11 miscellaneous extension librar ii zlib1g 1:1.2.3-13 compression library - runtime libimlib2 recommends no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: imlib2 Source-Version: 1.3.0.0debian1-3 We believe that the bug you reported is fixed in the latest version of imlib2, which is due to be installed in the Debian FTP archive: imlib2_1.3.0.0debian1-3.diff.gz to pool/main/i/imlib2/imlib2_1.3.0.0debian1-3.diff.gz imlib2_1.3.0.0debian1-3.dsc to pool/main/i/imlib2/imlib2_1.3.0.0debian1-3.dsc libimlib2-dev_1.3.0.0debian1-3_i386.deb to pool/main/i/imlib2/libimlib2-dev_1.3.0.0debian1-3_i386.deb libimlib2_1.3.0.0debian1-3_i386.deb to pool/main/i/imlib2/libimlib2_1.3.0.0debian1-3_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laurence J. Lane <[EMAIL PROTECTED]> (supplier of updated imlib2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 6 Nov 2006 20:42:17 -0500 Source: imlib2 Binary: libimlib2 libimlib2-dev Architecture: source i386 Version: 1.3.0.0debian1-3 Distribution: unstable Urgency: high Maintainer: Laurence J. Lane <[EMAIL PROTECTED]> Changed-By: Laurence J. Lane <[EMAIL PROTECTED]> Description: libimlib2 - powerful image loading and rendering library libimlib2-dev - Imlib2 development files Closes: 381177 381213 381216 397371 Changes: imlib2 (1.3.0.0debian1-3) unstable; urgency=high . * fixes non-loading of TIFF on amd64. Reported and fixed by M Joonas Pihlaja. Thanks. Merged upstream. closes: #381177 * fixes alpha handling inconsistency with TIFF. Reported and fixed by M Joonas Pihlaja. Thanks. Merged upstream. closes: #381213 * fixes segfault when saving TIFF with alpha. Reported and fixed by M Joonas Pihlaja. Thanks. Merged upstream. closes: #381216 (again) * fixes multiple buffer overflow vulnerabilites in width and height checks in src/modules/loaders/*.c. CVE-2006-480[6-9]. Fixed in upstream CVS. Reported by Stefan Fritsch. Thanks. closes: #397371 * build-depend on debhelper 5 Files: a55a14c93b0cdc8792048ac1177598b7 763 libs optional imlib2_1.3.0.0debian1-3.dsc 1919dd9383b2fc3f18ee42401a1bf898 12565 libs optional imlib2_1.3.0.0debian1-3.diff.gz 3b4b58555e12ce3125140fcddd12c466 205610 libs optional libimlib2_1.3.0.0debian1-3_i386.deb 9fb2f2b559c13133911f4dfa2c19f9c7 334498 libdevel optional libimlib2-dev_1.3.0.0debian1-3_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFT+83xJBkNlXToekRApQaAJ9XKpDrqVQIdWvSho130PUKpRlrYQCdHl82 mv6YL9OhqzgtS4+cfehe21Y= =rn4s -----END PGP SIGNATURE-----
--- End Message ---
