Accepted imagemagick 8:6.7.7.10-5+deb7u14 (source amd64 all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 21 May 2017 08:43:50 -0400
Source: imagemagick
Binary: imagemagick imagemagick-dbg imagemagick-common imagemagick-doc libmagickcore5 libmagickcore5-extra libmagickcore-dev libmagickwand5 libmagickwand-dev libmagick++5 libmagick++-dev perlmagick
Architecture: source amd64 all
Version: 8:6.7.7.10-5+deb7u14
Distribution: wheezy-security
Urgency: high
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Roberto C. Sanchez <roberto@debian.org>
Description:
imagemagick - image manipulation programs
imagemagick-common - image manipulation programs -- infrastructure
imagemagick-dbg - debugging symbols for ImageMagick
imagemagick-doc - document files of ImageMagick
libmagick++-dev - object-oriented C++ interface to ImageMagick - development files
libmagick++5 - object-oriented C++ interface to ImageMagick
libmagickcore-dev - low-level image manipulation library - development files
libmagickcore5 - low-level image manipulation library
libmagickcore5-extra - low-level image manipulation library - extra codecs
libmagickwand-dev - image manipulation library - development files
libmagickwand5 - image manipulation library
perlmagick - Perl interface to the ImageMagick graphics routines
Closes: 767240 768494 773834 778238 860734 860736 862572 862573 862574 862575 862577 862578 862579 862587 862589 862590 862632 862633 862634 862635 862636 862637 862653 862967 863123 863124 863125 863126
Changes:
imagemagick (8:6.7.7.10-5+deb7u14) wheezy-security; urgency=high
.
* Non-maintainer upload by the LTS Team.
* Fix out-of-bounds read in the resize code (CVE-2014-8354)
(Closes: #767240)
* Fix out-of-bounds read in PCX reader (CVE-2014-8355)
(Closes: #767240, #778238)
* Fix out-of-bounds read in DCM reader (CVE-2014-8562)
* Fix denial of service (out-of-bounds memory access and crash) in
JPEG decoder (CVE-2014-8716) (Closes: #768494)
* Fix throwing of exceptions in psd handling and fix a memory leak
(CVE-2014-9841) (Closes: #773834)
* Fix denial of service (infinite loop) via crafted HDR file (CVE-2015-8900)
* Fix denial of service (infinite loop) via crafted MIFF file
(CVE-2015-8901)
* Fix denial of service (infinite loop) via crafted PDB file (CVE-2015-8902)
* Fix denial of service (infinite loop) via crafted VICAR file
(CVE-2015-8903)
* Fix memory leak in SGI reader (CVE-2017-7941) (Closes: #860734)
* Fix memory leak in SVG reader (CVE-2017-7943) (Closes: #860736)
* Fix the ReadAAIImage function in aai.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8343)
(Closes: #862572)
* Fix DOS in PCX file coders (CVE-2017-8344) (Closes: #862574)
* Fix the ReadMNGImage function in png.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8345)
(Closes: #862573)
* Fix the ReadDCMImage function in dcm.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8346)
(Closes: #862575)
* Fix the ReadEXRImage function in exr.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8347)
(Closes: #862577)
* Fix the ReadMATImage function in mat.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8348)
(Closes: #862578)
* Fix the ReadSFWImage function in sfw.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8349)
(Closes: #862579)
* Fix the ReadJNGImage function in png.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8350)
(Closes: #862587)
* Fix the ReadPCDImage function in pcd.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8351)
(Closes: #862589)
* Fix the ReadXWDImage function in xwd.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8352)
(Closes: #862590)
* Fix the ReadPICTImage function in pict.c allows attackers to cause a
denial of service (memory leak) via a crafted file (CVE-2017-8353)
(Closes: #862632)
* Fix the ReadBMPImage function in bmp.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8354)
(Closes: #862633)
* Fix the ReadMTVImage function in mtv.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8355)
(Closes: #862634)
* Fix the ReadSUNImage function in sun.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8356)
(Closes: #862635)
* Fix the ReadEPTImage function in ept.c allows attackers to cause a denial
of service (memory leak) via a crafted file (CVE-2017-8357)
(Closes: #862636)
* Fix the function ReadICONImage in coders\icon.c has a memory leak
vulnerability which can cause memory exhaustion via a crafted ICON file
(CVE-2017-8765) (Closes: #862653)
* Fix the ReadBMPImage function in bmp.c:1379 allows attackers to cause a
denial of service (memory leak) via a crafted file (CVE-2017-8830)
(Closes: #862637)
* Fix use uninitialized memory in the RLE decoder, allowing an attacker to
leak sensitive information from process memory space (CVE-2017-9098)
(Closes: #862967)
* Fix a crafted file could trigger an assertion failure in the
ResetImageProfileIterator function in MagickCore/profile.c because of
missing checks in the ReadDDSImage function in coders/dds.c
(CVE-2017-9141) (Closes: #863124)
* Fix a crafted file could trigger an assertion failure in the WriteBlob
function in MagickCore/blob.c because of missing checks in the
ReadOneJNGImage function in coders/png.c (CVE-2017-9142)
(Closes: #863125)
* Fix the ReadARTImage function in coders/art.c allows attackers to cause a
denial of service (memory leak) via a crafted .art file (CVE-2017-9143)
(Closes: #863123)
* Fix a crafted RLE image can trigger a crash because of incorrect EOF
handling in coders/rle.c (CVE-2017-9144) (Closes: #863126)
Checksums-Sha1:
f0c78e34453e69557a2c2dee183925915a6a0b19 3160 imagemagick_6.7.7.10-5+deb7u14.dsc
d3c419dc6114a0d7f0ae238dc53bb05c19abcc91 214682 imagemagick_6.7.7.10-5+deb7u14.debian.tar.bz2
d56bd4c52fe41c5acd91ddd3be8e80fd60187daf 290374 imagemagick_6.7.7.10-5+deb7u14_amd64.deb
6fee1e0ac67d562c820a7b944b8025324986f868 6309750 imagemagick-dbg_6.7.7.10-5+deb7u14_amd64.deb
8adb7c7d435a118276576696d8245e955cf0c17c 132586 imagemagick-common_6.7.7.10-5+deb7u14_all.deb
e5e0be21bb87cd8f0f4c9e6bc31bebe321e7e9da 5799630 imagemagick-doc_6.7.7.10-5+deb7u14_all.deb
7c1924f5cd58e8a893273a51da2744d6771b4330 2120980 libmagickcore5_6.7.7.10-5+deb7u14_amd64.deb
d787909b935b2b3f33d81e41da5a05bafffcf52c 167692 libmagickcore5-extra_6.7.7.10-5+deb7u14_amd64.deb
9f3544fee678414ff54c13dc4ed6cc0cbb65450a 1390042 libmagickcore-dev_6.7.7.10-5+deb7u14_amd64.deb
9ea6d47123a6b1b4e908087be509989ef12111fa 465766 libmagickwand5_6.7.7.10-5+deb7u14_amd64.deb
14f05c23b691a619b644092d35ee98d580e8a668 547660 libmagickwand-dev_6.7.7.10-5+deb7u14_amd64.deb
025425eaf8a66da571774b57e817fe08c14b1b40 240986 libmagick++5_6.7.7.10-5+deb7u14_amd64.deb
26e8edda91db4a28f60f845a5554a0c5dff01c18 288044 libmagick++-dev_6.7.7.10-5+deb7u14_amd64.deb
000e06925c8c636f3e56fb9401b68260b27f4634 259986 perlmagick_6.7.7.10-5+deb7u14_amd64.deb
Checksums-Sha256:
b15d86d9b52964a80356075de425b0d109d455f976c5100dce1c2723eeb1a890 3160 imagemagick_6.7.7.10-5+deb7u14.dsc
a19667ec6f76a93b3d50c90f29959fb90c236d2fa199074ab382975ac6903edd 214682 imagemagick_6.7.7.10-5+deb7u14.debian.tar.bz2
30a43a8ce4e26a853e2a3a1cf8b76c449e7a0788f0956696dde9095f99fb95df 290374 imagemagick_6.7.7.10-5+deb7u14_amd64.deb
888c1e30e5bc0168fe4671bc83ff0856bf4b05a05181d92fc84a2f271462aac9 6309750 imagemagick-dbg_6.7.7.10-5+deb7u14_amd64.deb
d1d0d2d1b165767953df78b79bbbc700284be4eb1b3590ef55a3eeb155dcd916 132586 imagemagick-common_6.7.7.10-5+deb7u14_all.deb
87dce6acf0e52ad18863f0d968e542a0586f6da7460ee8c4f095ee923c3955c3 5799630 imagemagick-doc_6.7.7.10-5+deb7u14_all.deb
3368580283f8c651bd870c777a8b9e51982b6d20888b9e8e9e84c520096e637f 2120980 libmagickcore5_6.7.7.10-5+deb7u14_amd64.deb
126d8fdcadaed7c436ff5ca62ed7694524aac078161e9af1707824871c41f8d2 167692 libmagickcore5-extra_6.7.7.10-5+deb7u14_amd64.deb
898402cb02be698990675a1e2ea6a639e026d4919f48dee8cff1cfb9fcd52348 1390042 libmagickcore-dev_6.7.7.10-5+deb7u14_amd64.deb
d9ebff701e05bc859ddad892a3d4358910a977b21eeb8e4aa1031041c71841a9 465766 libmagickwand5_6.7.7.10-5+deb7u14_amd64.deb
7de8018c4abdc77d28476645acf7a102bd4987d482209affcd2c737b1eabf16e 547660 libmagickwand-dev_6.7.7.10-5+deb7u14_amd64.deb
ca07e13afbcdc29aff373cc55afdac7706431c610d95a97c99285df2e39fff90 240986 libmagick++5_6.7.7.10-5+deb7u14_amd64.deb
30c6991cad5853ffaa4658a82cb0c70420fa2337f48a84b4b28cbaf988dfb22a 288044 libmagick++-dev_6.7.7.10-5+deb7u14_amd64.deb
2afdf63f914c82381323c7f557bdf42b1c79410a82082f28bfadba681cbcea0e 259986 perlmagick_6.7.7.10-5+deb7u14_amd64.deb
Files:
ec31fbd58bebd373483da0ab57a238f7 3160 graphics optional imagemagick_6.7.7.10-5+deb7u14.dsc
5b13aa84f0876c6adc03f838b471e176 214682 graphics optional imagemagick_6.7.7.10-5+deb7u14.debian.tar.bz2
6766d0376bd4c57334b6422a77498132 290374 graphics optional imagemagick_6.7.7.10-5+deb7u14_amd64.deb
cf546c58e4a182c243eddaed29d7fb57 6309750 debug extra imagemagick-dbg_6.7.7.10-5+deb7u14_amd64.deb
291f65a70dcae2c2e267c4354d3ffd12 132586 graphics optional imagemagick-common_6.7.7.10-5+deb7u14_all.deb
4cc43208c6085c86266533a40de36de9 5799630 doc optional imagemagick-doc_6.7.7.10-5+deb7u14_all.deb
e6e87c328ad16a765f1c0bc42bdf5127 2120980 libs optional libmagickcore5_6.7.7.10-5+deb7u14_amd64.deb
814947b9104092a42414862791b30783 167692 libs optional libmagickcore5-extra_6.7.7.10-5+deb7u14_amd64.deb
ec166e85aafc4fd3b2f816223358d189 1390042 libdevel optional libmagickcore-dev_6.7.7.10-5+deb7u14_amd64.deb
b8a930191bbb4e2c264beca38ba28280 465766 libs optional libmagickwand5_6.7.7.10-5+deb7u14_amd64.deb
d5c47540731fe0d9adc5b414719d7133 547660 libdevel optional libmagickwand-dev_6.7.7.10-5+deb7u14_amd64.deb
0a3defa55ac4994deb45e1eac9ba9f2f 240986 libs optional libmagick++5_6.7.7.10-5+deb7u14_amd64.deb
37a57f9608aab115f8e7eb98062c16a8 288044 libdevel optional libmagick++-dev_6.7.7.10-5+deb7u14_amd64.deb
94568662720a9df303ef6c7e9c61ab13 259986 perl optional perlmagick_6.7.7.10-5+deb7u14_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJZK4D7AAoJECzXeF7dp7IPR4QQAIXwa4E4a9kQkCSXEylbgehV
b91WRmQCWC9JIOmU++8JBkVFVJSZSANmyGgk76H2/CAsgkQp+6vwT9eCwF3BbSPm
hSYHsViwzHZlux8bOWV3z9G/wD3/ltNJLtcDK4XDkMvGoMKMqF7ThOcCIPBUP8TB
OfD8i7vNIz7XUQ5w0P2b/MubpWEWHY+zKaa73vh7QF6OchhDfaa5ZdEzdYiVLnPP
+6QbWD1+5VakzOJZWB5rRiFVcE6YKD6tI42CdSdmsi65iAabod2MymP9ibqZHvWN
lyDYjeoJ7XS1BbSvqLXep9ghR1ZHgiERBWyiatbainb3aZwv+JgEjsK5js0fwjEp
URV6o3Uz8D+B2zZLp2rStn/82DQsBs1Zv+M25DM7wdUslTeZ1cf47Z/fkvktro1j
jGE9Ae1rBgST99G2ODAquh9106VdSdbbl7CwRB+7Rt/j6L2+Bqs9WdUy7rV6PhYq
T3DRceNTxYp5AszrDsLiWF1yuVFJgNLp3H3BMAOa9q+TQb4Q2qeTpC+iu8AOV2TV
NGI1jUzudMqrgb2gfr2ogkRruFVNPumj6qTWjpMgkiX6eZOa5s5if1GX3S+1mPft
g5xXI7LPkY0QsMFnXogZnUCl85gE77qLIMtlT+N62T3UfkCS/d8OHbPT6CXAK0w0
l1Keu38YjsK+sXs3KU5L
=NDqo
-----END PGP SIGNATURE-----