Univention Corporate Server 4.1 erratum 371 (security)

This update addresses the following issues:
* The TraceStrokePolygon function in MagickCore/draw.c mishandles the
  relationship between the BezierQuantum value and certain strokes data,
  which allows remote attackers to cause a denial of service (buffer
  overflow and application crash) or possibly have unspecified other
  impact via a crafted file. (CVE-2016-4563)
* Avoid a SEGV due to a corrupted pnm file (CVE-2014-9805)
* Added missing calls to RelinquishUniqueFileResource (CVE-2014-9806)
* Fix a double free in pdb coder (CVE-2014-9807)
* Fix handling of corrupted dpc and xwd image (CVE-2014-9808, CVE-2014-9809)
* Bail out early in case of malformed dpx file (CVE-2014-9810)
* Avoid SEGV in malformed xwd file (CVE-2014-9811)
* Avoid a NULL dereference in ps handling (CVE-2014-9812)
* Avoid out of bound access in xwd file handling
* Fix a SEGV with corrupted viff image (CVE-2014-9813)
* Fix a null pointer dereference in wpg file handling (CVE-2014-9814)
* Do not continue on corrupted wpg file (CVE-2014-9815)
* Avoid a out of bound access in viff image (CVE-2014-9816)
* Avoid a heap buffer overflow in pdb file handling (CVE-2014-9817)
* Avoid an out of bound access on malformed sun file (CVE-2014-9818)
* Avoid heap overflow in palm and xpm files (CVE-2014-9819, CVE-2014-9821)
* Fix heap overflow in quantum.c, palm image handling and psd image handling
  (CVE-2014-9822, CVE-2014-9823, CVE-2014-9824)
* Do not try to read corrupted sun image (CVE-2014-9826)
* Fix corrupted (too many colors) psd file (CVE-2014-9828)
* Fix out of bound access in sun image handling (CVE-2014-9829)
* Fix handling of corrupted sun and wpg file (CVE-2014-9830, CVE-2014-9831)
* Fix heap overflow in pcx file, psd, pict and wpf files and DOS in xpm file
  (CVE-2014-9832, CVE-2014-9833, CVE-2014-9834, CVE-2014-9835, CVE-2014-9836)
* Additional PNM sanity checks (CVE-2014-9837)
* Robustify xmp and pnm reader
* Detect allocation error earlier (CVE-2014-9838)
* Avoid a crash in coders/rle.c
* Avoid an overflow in ConstrainColormapIndex (CVE-2014-9839)
* Avoid an out of bound access in palm file (CVE-2014-9840)
* Fix another crash in xpm parser (Closes: Debian Bug #773980)
* Fixed boundary checks in DecodePSDPixels (CVE-2014-9843)
* Fix another out of bound problem in rle file (CVE-2014-9844)
* Fix crash due to corrupted dib file (CVE-2014-9845)
* Added checks to prevent overflow in rle file (CVE-2014-9846)
* Impose a limit of 10 million columns or rows in an input PNG
* Avoid heap overflow in rle file
* Don't try to handle a "previous" image in the JNG decoder (CVE-2014-9847)
* Avoid a memory leak in quantum management (CVE-2014-9848)
* Avoid a crash in png coder (CVE-2014-9849)
* Fix mis-applied patch for CVE-2016-3714
* Prevent buffer overflow in PDB, MAP, and CALS coders
  (Closes: Debian Bug #836172)
* Avoid out of bound for malformed jpeg files (Closes: Debian Bug #834501)
* Prevent memory use after free (Closes: Debian Bug #834183)
* RLE check for pixel offset less than 0 (Closes: Debian Bug #833744)
* In psd file handling fixed parsing resource block and
  avoid a crash (CVE-2014-9851)
* Avoid a memory leak in rle file handling (CVE-2014-9853)
* During identification of image do not fill memory (CVE-2014-9854)
* Fix DOS due to corrupted DDS files (CVE-2014-9907)
* Fix a buffer overflow and a SEGV in sun file handling (CVE-2015-8957)
* Avoid a SIGABRT in sun file handling (CVE-2015-8958)
* Fix a DOS for corrupted DDS file (CVE-2015-8959)
* Prevent buffer overflow in magick/draw.c (CVE-2016-4562, CVE-2016-4564)
* Prevent possible buffer overflow when reading TIFF images (CVE-2016-5010)
* Fix out of bounds memory read for DDS files (CVE-2016-5687)
* Fix out of bound access for corrupted WPG file (CVE-2016-5688)
* Add additional checks to DCM reader to prevent data-driven faults
  (CVE-2016-5689, CVE-2016-5690, CVE-2016-5691)
* Improve checking of EXIF profile to prevent integer overflow
  (CVE-2016-5841, CVE-2016-5842)
* Prevent buffer overflow in properties reading (CVE-2016-6491)
* Avoid a buffer overflow in bmp file reader (CVE-2016-6823)
* Fix SGI file buffer overflow (CVE-2016-7101)
* Fix an out-of-bounds read in coders/psd.c (CVE-2016-7514)
* Fix rle file handling for corrupted file (CVE-2016-7515)
* Fix multiple out of bounds problems in rle, pict, viff and sun
  files (CVE-2016-7516, CVE-2016-7517, CVE-2016-7518, CVE-2016-7519)
* Fix a heap overflow in hdr file handling (CVE-2016-7520)
* Fix a heap buffer overflow in psd file handling (CVE-2016-7521)
* Fix an out of bound access for malformed psd file (CVE-2016-7522)
* Fix a meta file out of bounds access (CVE-2016-7523, CVE-2016-7524)
* Fix an out of bound access in wpg file coder
  (CVE-2016-7526, CVE-2016-7527)
* Fix out of bound access for viff file coder (CVE-2016-7528)
* Fix an out of bound access in xcf file coder (CVE-2016-7529)
* Fix out of bound in quantum handling (CVE-2016-7530)
* Fix a pbd file out of bound access (CVE-2016-7531)
* Fix handling of corrupted psd file (CVE-2016-7532)
* Fix a wpg file out of bound for corrupted file (CVE-2016-7533)
* Fix an out of bound access in generic decoder (CVE-2016-7534)
* Fix an out of bound access for corrupted psd file (CVE-2016-7535)
* Fix a SEGV reported in corrupted profile handling (CVE-2016-7536)
* Fix an out of bound access for corrupted pdb file (CVE-2016-7537)
* Fix a SIGABRT for corrupted pdb file (CVE-2016-7538)
* Fix potential DOS by not releasing memory (CVE-2016-7539)
* ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability
  (CVE-2016-8707)
* imagemagick: memory allocation failure in AcquireMagickMemory (memory.c)
  (CVE-2016-8862)
* memory allocation failure in AcquireMagickMemory (memory.c) (incomplete
  fix for CVE-2016-8862) (CVE-2016-8866)
* Heap buffer overflow in heap-buffer-overflow in IsPixelGray
  (CVE-2016-9556)
* mogrify global buffer overflow (CVE-2016-7799)