tags 683284 + patch tags 683284 + pending thanks Dear maintainer,
I've prepared an NMU for graphicsmagick (versioned as 1.3.16-1.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Regards. -- .''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06 : :' : Debian GNU/Linux user, admin, and developer - http://www.debian.org/ `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: John Lennon
diff -u graphicsmagick-1.3.16/debian/changelog graphicsmagick-1.3.16/debian/changelog --- graphicsmagick-1.3.16/debian/changelog +++ graphicsmagick-1.3.16/debian/changelog @@ -1,3 +1,14 @@ +graphicsmagick (1.3.16-1.1) unstable; urgency=low + + * Non-maintainer upload. + * [SECURITY] Fix "CVE-2012-3438": apply patch from upstream repo: + http://graphicsmagick.hg.sourceforge.net/hgweb/graphicsmagick/graphicsmagick/rev/d6e469d02cd2 + "coders/png.c: Some typecasts were inconsistent with libpng-1.4 and + later." + (Closes: #683284) + + -- gregor herrmann <gre...@debian.org> Sat, 18 Aug 2012 15:08:57 +0200 + graphicsmagick (1.3.16-1) unstable; urgency=low * New upstream version 1.3.16. only in patch2: unchanged: --- graphicsmagick-1.3.16.orig/coders/png.c +++ graphicsmagick-1.3.16/coders/png.c @@ -1360,7 +1360,11 @@ } #ifdef PNG_USER_MEM_SUPPORTED -static png_voidp png_IM_malloc(png_structp png_ptr,png_uint_32 size) +#if PNG_LIBPNG_VER >= 14000 +static png_voidp png_IM_malloc(png_structp png_ptr,png_alloc_size_t size) +#else +static png_voidp png_IM_malloc(png_structp png_ptr,png_size_t size) +#endif { (void) png_ptr; return MagickAllocateMemory(png_voidp,(size_t) size); @@ -6169,12 +6173,22 @@ (void) printf("writing raw profile: type=%.1024s, length=%lu\n", profile_type, (unsigned long)length); } - text=(png_textp) png_malloc(ping,(png_uint_32) sizeof(png_text)); +#if PNG_LIBPNG_VER >= 14000 + text=(png_textp) png_malloc(ping,(png_alloc_size_t) sizeof(png_text)); +#else + text=(png_textp) png_malloc(ping,(png_size_t) sizeof(png_text)); +#endif description_length=strlen((const char *) profile_description); allocated_length=(png_uint_32) (length*2 + (length >> 5) + 20 + description_length); - text[0].text=(png_charp) png_malloc(ping,allocated_length); - text[0].key=(png_charp) png_malloc(ping, (png_uint_32) 80); +#if PNG_LIBPNG_VER >= 14000 + text[0].text=(png_charp) png_malloc(ping, + (png_alloc_size_t) allocated_length); + text[0].key=(png_charp) png_malloc(ping, (png_alloc_size_t) 80); +#else + text[0].text=(png_charp) png_malloc(ping, (png_size_t) allocated_length); + text[0].key=(png_charp) png_malloc(ping, (png_size_t) 80); +#endif text[0].key[0]='\0'; (void) strcat(text[0].key, "Raw profile type "); (void) strncat(text[0].key, (const char *) profile_type, 61); @@ -7620,7 +7634,12 @@ if (*attribute->key == '[') continue; - text=(png_textp) png_malloc(ping,(png_uint_32) sizeof(png_text)); +#if PNG_LIBPNG_VER >= 14000 + text=(png_textp) png_malloc(ping, + (png_alloc_size_t) sizeof(png_text)); +#else + text=(png_textp) png_malloc(ping,(png_size_t) sizeof(png_text)); +#endif text[0].key=attribute->key; text[0].text=attribute->value; text[0].text_length=strlen(attribute->value);
signature.asc
Description: Digital signature
