Bug#836776: marked as done (SGI security bug)
Your message dated Sat, 24 Sep 2016 20:51:14 + with message-id and subject line Bug#836776: fixed in imagemagick 8:6.8.9.9-5+deb8u5 has caused the Debian Bug report #836776, regarding SGI security bug to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 836776: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:imagemagick version: 8:6.7.7.10-4 Severity: grave Tags: patch security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org According to upstream changelog a new bug buffer overflow in SGI coders (bug report from pwchen&rayzhong of tencent Author: Cristy Date: Thu Aug 18 18:24:24 2016 -0400 Prevent buffer overflow in BMP & SGI coders (bug report from pwchen&rayzhong of tencent) diff --git a/ChangeLog b/ChangeLog index 89ea234..b5b3f1e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,5 @@ 2016-08-15 6.9.5-8 Cristy - * Prevent buffer overflow in BMP coder (bug report from + * Prevent buffer overflow in BMP & SGI coders (bug report from pwchen&rayzhong of tencent). 2016-08-14 6.9.5-7 Cristy diff --git a/coders/sgi.c b/coders/sgi.c index 756f7e6..96f18a0 100644 --- a/coders/sgi.c +++ b/coders/sgi.c @@ -355,13 +355,15 @@ static Image *ReadSGIImage(const ImageInfo *image_info,ExceptionInfo *exception) image->rows=iris_info.rows; image->depth=(size_t) MagickMin(iris_info.depth,MAGICKCORE_QUANTUM_DEPTH); if (iris_info.pixel_format == 0) - image->depth=(size_t) MagickMin((size_t) 8* -iris_info.bytes_per_pixel,MAGICKCORE_QUANTUM_DEPTH); + image->depth=(size_t) MagickMin((size_t) 8*iris_info.bytes_per_pixel, +MAGICKCORE_QUANTUM_DEPTH); if (iris_info.depth < 3) { image->storage_class=PseudoClass; image->colors=iris_info.bytes_per_pixel > 1 ? 65535 : 256; } +if (EOFBlob(image) != MagickFalse) + ThrowReaderException(CorruptImageError,"ImproperImageHeader"); if ((image_info->ping != MagickFalse) && (image_info->number_scenes != 0)) if (image->scene >= (image_info->scene+image_info->number_scenes-1)) break; --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.8.9.9-5+deb8u5 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 836...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Wed, 21 Sep 2016 22:24:16 +0200 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u5 Distribution: jessie-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level im
Bug#836776: marked as done (SGI security bug)
Your message dated Mon, 19 Sep 2016 07:00:16 + with message-id and subject line Bug#836776: fixed in imagemagick 8:6.9.5.9+dfsg-1 has caused the Debian Bug report #836776, regarding SGI security bug to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 836776: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836776 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: src:imagemagick version: 8:6.7.7.10-4 Severity: grave Tags: patch security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org According to upstream changelog a new bug buffer overflow in SGI coders (bug report from pwchen&rayzhong of tencent Author: Cristy Date: Thu Aug 18 18:24:24 2016 -0400 Prevent buffer overflow in BMP & SGI coders (bug report from pwchen&rayzhong of tencent) diff --git a/ChangeLog b/ChangeLog index 89ea234..b5b3f1e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,5 @@ 2016-08-15 6.9.5-8 Cristy - * Prevent buffer overflow in BMP coder (bug report from + * Prevent buffer overflow in BMP & SGI coders (bug report from pwchen&rayzhong of tencent). 2016-08-14 6.9.5-7 Cristy diff --git a/coders/sgi.c b/coders/sgi.c index 756f7e6..96f18a0 100644 --- a/coders/sgi.c +++ b/coders/sgi.c @@ -355,13 +355,15 @@ static Image *ReadSGIImage(const ImageInfo *image_info,ExceptionInfo *exception) image->rows=iris_info.rows; image->depth=(size_t) MagickMin(iris_info.depth,MAGICKCORE_QUANTUM_DEPTH); if (iris_info.pixel_format == 0) - image->depth=(size_t) MagickMin((size_t) 8* -iris_info.bytes_per_pixel,MAGICKCORE_QUANTUM_DEPTH); + image->depth=(size_t) MagickMin((size_t) 8*iris_info.bytes_per_pixel, +MAGICKCORE_QUANTUM_DEPTH); if (iris_info.depth < 3) { image->storage_class=PseudoClass; image->colors=iris_info.bytes_per_pixel > 1 ? 65535 : 256; } +if (EOFBlob(image) != MagickFalse) + ThrowReaderException(CorruptImageError,"ImproperImageHeader"); if ((image_info->ping != MagickFalse) && (image_info->number_scenes != 0)) if (image->scene >= (image_info->scene+image_info->number_scenes-1)) break; --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.5.9+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 836...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 17 Sep 2016 21:26:12 +0200 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-6v6 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source all amd64 Version: 8:6.9.5.9+dfsg-1 Distribution: experimental Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-6v6 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - develop