Package: release.debian.org
User: release.debian....@packages.debian.org
Usertags: unblock
Hi Release Team,
Upstream of GraphicsMagick, Bob Friesenhahn reported its vulnerability
when reading (heap buffer overread) CMYKA TIFF files[1].
The fix is small and the debdiff is attached for your convenience.
Please unblock and let it migrate to Stretch.
Thanks,
Laszlo/GCS
[1] http://www.openwall.com/lists/oss-security/2017/02/24/1
diff -Nru graphicsmagick-1.3.25/debian/changelog graphicsmagick-1.3.25/debian/changelog
--- graphicsmagick-1.3.25/debian/changelog 2016-12-25 15:42:18.000000000 +0100
+++ graphicsmagick-1.3.25/debian/changelog 2017-02-24 20:17:41.000000000 +0100
@@ -1,3 +1,9 @@
+graphicsmagick (1.3.25-8) unstable; urgency=high
+
+ * Backport security fix for out of bounds access when reading CMYKA tiff.
+
+ -- Laszlo Boszormenyi (GCS) <g...@debian.org> Fri, 24 Feb 2017 19:17:41 +0000
+
graphicsmagick (1.3.25-7) unstable; urgency=medium
* Add hack to build self-tests on mips* architectures.
diff -Nru graphicsmagick-1.3.25/debian/patches/Fix_out_of_bounds_access_when_reading_CMYKA_tiff.patch graphicsmagick-1.3.25/debian/patches/Fix_out_of_bounds_access_when_reading_CMYKA_tiff.patch
--- graphicsmagick-1.3.25/debian/patches/Fix_out_of_bounds_access_when_reading_CMYKA_tiff.patch 1970-01-01 01:00:00.000000000 +0100
+++ graphicsmagick-1.3.25/debian/patches/Fix_out_of_bounds_access_when_reading_CMYKA_tiff.patch 2017-02-24 20:17:41.000000000 +0100
@@ -0,0 +1,70 @@
+# HG changeset patch
+# User Bob Friesenhahn <bfrie...@graphicsmagick.org>
+# Date 1487905610 21600
+# Thu Feb 23 21:06:50 2017 -0600
+# Node ID 6156b4c2992d855ece6079653b3b93c3229fc4b8
+# Parent 0392c4305a4369984ec8069055acc470c0a73647
+Fix out of bounds access when reading CMYKA tiff which claims wrong samples/pixel.
+
+diff -r 0392c4305a43 -r 6156b4c2992d ChangeLog
+--- a/ChangeLog Sun Jan 29 10:04:57 2017 -0600
++++ b/ChangeLog Thu Feb 23 21:06:50 2017 -0600
+@@ -1,3 +1,10 @@
++2017-02-23 Bob Friesenhahn <bfrie...@simple.dallas.tx.us>
++
++ * coders/tiff.c (QuantumTransferMode): Fix out of bounds
++ read/write when reading CMYKA TIFF which claims to have only 2
++ samples per pixel. Problem was reported via email on February 15,
++ 2017 by Valon Chu.
++
+ 2016-10-21 Glenn Randers-Pehrson <glen...@simple.dallas.tx.us>
+
+ *coders/png.c (ReadOneJNGImage): Enforce spec requirement that the
+diff -r 0392c4305a43 -r 6156b4c2992d coders/tiff.c
+--- a/coders/tiff.c Sun Jan 29 10:04:57 2017 -0600
++++ b/coders/tiff.c Thu Feb 23 21:06:50 2017 -0600
+@@ -1230,8 +1230,8 @@
+ case 0:
+ if (samples_per_pixel == 1)
+ *quantum_type=GrayQuantum;
+- else
+- *quantum_type=RedQuantum;
++ else
++ *quantum_type=RedQuantum;
+ break;
+ case 1:
+ *quantum_type=GreenQuantum;
+@@ -1411,12 +1411,12 @@
+ }
+ else
+ {
+- if (image->matte)
++ if (image->matte && samples_per_pixel >= 5)
+ {
+ *quantum_type=CMYKAQuantum;
+ *quantum_samples=5;
+ }
+- else
++ else if (samples_per_pixel >= 4)
+ {
+ *quantum_type=CMYKQuantum;
+ *quantum_samples=4;
+diff -r 0392c4305a43 -r 6156b4c2992d www/Changelog.html
+--- a/www/Changelog.html Sun Jan 29 10:04:57 2017 -0600
++++ b/www/Changelog.html Thu Feb 23 21:06:50 2017 -0600
+@@ -35,6 +35,15 @@
+ <div class="document">
+
+
++<p>2017-02-23 Bob Friesenhahn <<a class="reference external" href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span>@</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
++<blockquote>
++<ul class="simple">
++<li>coders/tiff.c (QuantumTransferMode): Fix out of bounds
++read/write when reading CMYKA TIFF which claims to have only 2
++samples per pixel. Problem was reported via email on February 15,
++2017 by Valon Chu.</li>
++</ul>
++</blockquote>
+ <p>2016-10-21 Glenn Randers-Pehrson <<a class="reference external" href="mailto:glennrp%40simple.dallas.tx.us">glennrp<span>@</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
+ <blockquote>
+ <p>*coders/png.c (ReadOneJNGImage): Enforce spec requirement that the
diff -Nru graphicsmagick-1.3.25/debian/patches/series graphicsmagick-1.3.25/debian/patches/series
--- graphicsmagick-1.3.25/debian/patches/series 2016-12-25 15:42:18.000000000 +0100
+++ graphicsmagick-1.3.25/debian/patches/series 2017-02-24 20:17:41.000000000 +0100
@@ -8,3 +8,4 @@
CVE-2016-8684.patch
CVE-2016-9830.patch
mips_link_fix.patch
+Fix_out_of_bounds_access_when_reading_CMYKA_tiff.patch