71573 – media-gfx/graphicsmagick 1.1.4 released (Security Fixes)

Bug 71573 - media-gfx/graphicsmagick 1.1.4 released (Security Fixes)

Summary: media-gfx/graphicsmagick 1.1.4 released (Security Fixes)

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://www.graphicsmagick.org/
Whiteboard:	~? [~] jaervosz
Keywords:

Depends on:
Blocks:

Reported:	2004-11-17 11:24 UTC by Steffen Weber
Modified:	2007-05-31 10:52 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Steffen Weber 2004-11-17 11:24:45 UTC

According to http://sourceforge.net/mailarchive/forum.php?thread_id=5962178&forum_id=32142 a few security issues have been fixed in this release.

For me, renaming the 1.1.3 ebuild worked.

Reproducible: Always
Steps to Reproduce:

Comment 1 Carsten Lohrke (RETIRED) gentoo-dev

2004-11-17 14:06:12 UTC

>Security Fixes:
>      * Security fixes for AVI, BMP, DIB, and TIFF formats.
>      * LZW security fix (updated Windows sources to use zlib 1.2.2).

Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2004-11-17 14:24:50 UTC

Graphics please advise and bump as needed.

Comment 3 Bryan Østergaard (RETIRED) gentoo-dev

2004-11-17 19:37:32 UTC

I've added 1.1.4 to portage which fixes several security bugs including a potential memory leak and stack overflow.

Comment 4 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2004-11-17 22:08:41 UTC

ppc please mark graphicsmagick-1.1.4 ~ppc

Comment 5 Daniel Black (RETIRED) gentoo-dev

2004-11-19 19:21:50 UTC

ppc keyword addded.

Comment 6 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2004-11-19 22:42:22 UTC

Closing this witout GLSA (unstable)