Message ID | 20170917091652.18140-1-bernd.kuhls@t-online.de |
---|---|
State | Accepted |
Headers | show |
Series | [1/1] package/imagemagick: security bump to version 7.0.7-1 | expand |
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes: > Quoting CVE-related issues from > https://github.com/ImageMagick/ImageMagick/blob/master/ChangeLog > 2017-07-29 7.0.6-5 Glenn Randers-Pehrson <glennrp@image...> > * Fix improper use of NULL in the JNG decoder (CVE-2017-11750, Reference > https://github.com/ImageMagick/ImageMagick/issues/632). > 2017-07-24 7.0.6-4 Cristy <quetzlzacatenango@image...> > * Fixed numerous memory leaks (reference > https://github.com/ImageMagick/ImageMagick/issues) including > https://github.com/ImageMagick/ImageMagick/issues/618 (CVE-2017-12676). > 2017-07-23 7.0.6-3 Glenn Randers-Pehrson <glennrp@image...> > * Fix memory leaks when reading a malformed JNG image: > https://github.com/ImageMagick/ImageMagick/issues/600 (CVE-2017-13141), > https://github.com/ImageMagick/ImageMagick/issues/602 (CVE-2017-12565). > 2017-07-19 7.0.6-2 Cristy <quetzlzacatenango@image...> > * coders/png.c: fixed memory leak of quantum_info (CVE-2017-11539, reference > https://github.com/ImageMagick/ImageMagick/issues/582 > * coders/png.c: fixed NULL dereference when trying to write an empty MNG > (CVE-2017-11522, reference > https://github.com/ImageMagick/ImageMagick/issues/586). > 2017-06-22 7.0.6-1 Glenn Randers-Pehrson <glennrp@image...> > * Stop a memory leak in read_user_chunk_callback() (reference > https://github.com/ImageMagick/ImageMagick/issues/517, > CVE 2017-11310). > Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Committed to 2017.02.x, thanks.
>>>>> "Bernd" == Bernd Kuhls <bernd.kuhls@t-online.de> writes: > Quoting CVE-related issues from > https://github.com/ImageMagick/ImageMagick/blob/master/ChangeLog > 2017-07-29 7.0.6-5 Glenn Randers-Pehrson <glennrp@image...> > * Fix improper use of NULL in the JNG decoder (CVE-2017-11750, Reference > https://github.com/ImageMagick/ImageMagick/issues/632). > 2017-07-24 7.0.6-4 Cristy <quetzlzacatenango@image...> > * Fixed numerous memory leaks (reference > https://github.com/ImageMagick/ImageMagick/issues) including > https://github.com/ImageMagick/ImageMagick/issues/618 (CVE-2017-12676). > 2017-07-23 7.0.6-3 Glenn Randers-Pehrson <glennrp@image...> > * Fix memory leaks when reading a malformed JNG image: > https://github.com/ImageMagick/ImageMagick/issues/600 (CVE-2017-13141), > https://github.com/ImageMagick/ImageMagick/issues/602 (CVE-2017-12565). > 2017-07-19 7.0.6-2 Cristy <quetzlzacatenango@image...> > * coders/png.c: fixed memory leak of quantum_info (CVE-2017-11539, reference > https://github.com/ImageMagick/ImageMagick/issues/582 > * coders/png.c: fixed NULL dereference when trying to write an empty MNG > (CVE-2017-11522, reference > https://github.com/ImageMagick/ImageMagick/issues/586). > 2017-06-22 7.0.6-1 Glenn Randers-Pehrson <glennrp@image...> > * Stop a memory leak in read_user_chunk_callback() (reference > https://github.com/ImageMagick/ImageMagick/issues/517, > CVE 2017-11310). > Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Committed to 2017.08.x, thanks.
diff --git a/package/imagemagick/imagemagick.hash b/package/imagemagick/imagemagick.hash index d3097f5224..92880a9aec 100644 --- a/package/imagemagick/imagemagick.hash +++ b/package/imagemagick/imagemagick.hash @@ -1,2 +1,2 @@ # Locally computed -sha256 3a6b21352ed0eb984bdbd0943471df8605b978b527125921e97e5b404f2bee3a 7.0.6-0.tar.gz +sha256 5a45e29509dbb23793a9c8db5c47ef1114c1ee82c9ca60053eaf06b3fc243e2c 7.0.7-1.tar.gz diff --git a/package/imagemagick/imagemagick.mk b/package/imagemagick/imagemagick.mk index 22c29d36a0..9043ce8e5e 100644 --- a/package/imagemagick/imagemagick.mk +++ b/package/imagemagick/imagemagick.mk @@ -4,7 +4,7 @@ # ################################################################################ -IMAGEMAGICK_VERSION = 7.0.6-0 +IMAGEMAGICK_VERSION = 7.0.7-1 IMAGEMAGICK_SOURCE = $(IMAGEMAGICK_VERSION).tar.gz IMAGEMAGICK_SITE = https://github.com/ImageMagick/ImageMagick/archive IMAGEMAGICK_LICENSE = Apache-2.0
Quoting CVE-related issues from https://github.com/ImageMagick/ImageMagick/blob/master/ChangeLog 2017-07-29 7.0.6-5 Glenn Randers-Pehrson <glennrp@image...> * Fix improper use of NULL in the JNG decoder (CVE-2017-11750, Reference https://github.com/ImageMagick/ImageMagick/issues/632). 2017-07-24 7.0.6-4 Cristy <quetzlzacatenango@image...> * Fixed numerous memory leaks (reference https://github.com/ImageMagick/ImageMagick/issues) including https://github.com/ImageMagick/ImageMagick/issues/618 (CVE-2017-12676). 2017-07-23 7.0.6-3 Glenn Randers-Pehrson <glennrp@image...> * Fix memory leaks when reading a malformed JNG image: https://github.com/ImageMagick/ImageMagick/issues/600 (CVE-2017-13141), https://github.com/ImageMagick/ImageMagick/issues/602 (CVE-2017-12565). 2017-07-19 7.0.6-2 Cristy <quetzlzacatenango@image...> * coders/png.c: fixed memory leak of quantum_info (CVE-2017-11539, reference https://github.com/ImageMagick/ImageMagick/issues/582 * coders/png.c: fixed NULL dereference when trying to write an empty MNG (CVE-2017-11522, reference https://github.com/ImageMagick/ImageMagick/issues/586). 2017-06-22 7.0.6-1 Glenn Randers-Pehrson <glennrp@image...> * Stop a memory leak in read_user_chunk_callback() (reference https://github.com/ImageMagick/ImageMagick/issues/517, CVE 2017-11310). Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> --- package/imagemagick/imagemagick.hash | 2 +- package/imagemagick/imagemagick.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)