graphicsmagick (1.4+really1.3.38-1ubuntu0.1) jammy-security; urgency=medium
* No-change rebuild for jbigkit security update.
-- Camila Camargo de Matos <camila.camargodematos@canonical.com> Thu, 16 Mar 2023 08:14:46 -0300
graphicsmagick (1.4+really1.3.38-1) unstable; urgency=high
* New upstream release, including many security fixes.
* Update watch file.
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sun, 27 Mar 2022 09:47:45 +0200
graphicsmagick (1.4+really1.3.37+hg16670-1) unstable; urgency=medium
* Mercurial snapshot:
- ReadJPEGImage(): Store embedded profiles in image, even if in 'ping'
mode (closes: #1006374).
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sat, 26 Feb 2022 17:55:22 +0100
graphicsmagick (1.4+really1.3.37+hg16662-1) unstable; urgency=medium
* Mercurial snapshot, fixing the following security issues:
- ReadMATImageV4(): change 'ldblk' to size_t and check related
calculations for overflow and to avoid possible negative seek offsets,
- ReadMATImage(): change 'ldblk' to size_t and check related calculations
for overflow and to avoid possible negative seek offsets,
- added a ReadResource limit via the MAGICK_LIMIT_READ environment
variable on how many uncompressed file bytes may be read while decoding
an input file,
- DecodeImage(): assure that the claimed scanline length is within the
bounds of the scanline allocation to avoid possible heap overflow,
- ReadBlob(): fix EOF logic, an use-of-uninitialized-value in
SyncImageCallBack,
- ReadBlobStream(): fix EOF logic, an use-of-uninitialized-value in
WritePNMImage.
* Build with HEIF image format support.
* Update library symbols for this release.
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Fri, 11 Feb 2022 18:39:16 +0100
graphicsmagick (1.4+really1.3.37-1) unstable; urgency=high
* New upstream release, including many security fixes.
* Update library symbols for this release.
[ Vagrant Cascadian <vagrant@reproducible-builds.org> ]
* Pass MVDelegate to configure for fixing reproducible builds on usrmerge
systems (closes: #990084).
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Mon, 13 Dec 2021 17:50:54 +0100
graphicsmagick (1.4+really1.3.36+hg16481-2) unstable; urgency=medium
* Backport fix for use appropriate memory deallocator for memory returned
by StringToList() (closes: #991380).
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sat, 24 Jul 2021 11:42:42 +0200
graphicsmagick (1.4+really1.3.36+hg16481-1) unstable; urgency=high
* Mercurial snapshot, fixing the following security issues:
- ProcessStyleClassDefs(): fix non-terminal loop caused by a
self-referential list which results in huge memory usage,
- MSLCDataBlock(): fix leak of value from xmlNewCDataBlock(),
- ProcessStyleClassDefs(): fix memory leak upon malformed class name list,
- ProcessStyleClassDefs(): fix non-terminal loop and huge memory
allocation caused by self-referential list,
- SVGReference(): fix memory leak when parser node is null,
- MSLStartElement(): fix assertion in TranslateText() when there are no
attributes available.
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sun, 28 Feb 2021 23:26:56 +0100
graphicsmagick (1.4+really1.3.36+hg16472-1) unstable; urgency=high
* Mercurial snapshot, fixing the following security issues:
- ReadJP2Image(): validate that file header is a format we expect Jasper
to decode,
- MSLPushImage(): only clone attributes if not null,
- SVGStartElement(): reject impossibly small bounds and view_box width
or height.
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Mon, 22 Feb 2021 06:54:42 +0100
graphicsmagick (1.4+really1.3.36+hg16469-1) unstable; urgency=medium
* Mercurial snapshot:
- MagickDoubleToLong(): Guard against LONG_MAX not directly representable
as a double,
- handle Ghostscript point versions added after 9.52 .
* Make libgraphicsmagick1-dev depend on pkg-config (closes: #977699).
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sun, 21 Feb 2021 08:24:57 +0100
graphicsmagick (1.4+really1.3.36+hg16462-1) unstable; urgency=medium
* Mercurial snapshot:
- ExecuteModuleProcess(): add error reporting for the case that the
expected symbol is not resolved,
- AnalyzeImage(): add OpenMP speed-ups,
- TranslateTextEx(): fabricate default resolution values if the actual
resolution values are zero.
-- Laszlo Boszormenyi (GCS) <gcs@debian.org> Sun, 07 Feb 2021 15:04:57 +0100
# For older changelog entries, run 'apt-get changelog libgraphicsmagick-q16-3'
Generated by dwww version 1.14 on Mon Jan 27 06:13:16 CET 2025.