Accepted imagemagick 8:6.9.9.39+dfsg-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 19 Mar 2018 17:03:39 +0100
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick
Architecture: source
Version: 8:6.9.9.39+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Description:
imagemagick - image manipulation programs -- binaries
imagemagick-6-common - image manipulation programs -- infrastructure
imagemagick-6-doc - document files of ImageMagick
imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI
imagemagick-common - image manipulation programs -- infrastructure dummy package
imagemagick-doc - document files of ImageMagick -- dummy package
libimage-magick-perl - Perl interface to the ImageMagick graphics routines
libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio
libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve
libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files
libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16
libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16)
libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI
libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI)
libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
libmagickcore-6-arch-config - low-level image manipulation library - architecture header files
libmagickcore-6-headers - low-level image manipulation library - header files
libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth Q16
libmagickcore-6.q16-5-extra - low-level image manipulation library - extra codecs (Q16)
libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16)
libmagickcore-6.q16hdri-5 - low-level image manipulation library -- quantum depth Q16HDRI
libmagickcore-6.q16hdri-5-extra - low-level image manipulation library - extra codecs (Q16HDRI)
libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI
libmagickcore-dev - low-level image manipulation library -- dummy package
libmagickwand-6-headers - image manipulation library - headers files
libmagickwand-6.q16-5 - image manipulation library -- quantum depth Q16
libmagickwand-6.q16-dev - image manipulation library - development files (Q16)
libmagickwand-6.q16hdri-5 - image manipulation library -- quantum depth Q16HDRI
libmagickwand-6.q16hdri-dev - image manipulation library - development files (Q16HDRI)
libmagickwand-dev - image manipulation library -- dummy package
perlmagick - Perl interface to ImageMagick -- dummy package
Closes: 890805 891291 891420 893030
Changes:
imagemagick (8:6.9.9.39+dfsg-1) unstable; urgency=medium
.
* Fix security bugs (Closes: #890805):
+ Fix CVE-2018-7443: The ReadTIFFImage function in coders/tiff.c
does not properly validate the amount of image data in a file,
which allows remote attackers to cause a denial of service
(memory allocation failure in the AcquireMagickMemory function
in MagickCore/memory.c). (Closes: #891291)
+ Fix CVE-2018-7470: The IsWEBPImageLossless function in
coders/webp.c allows attackers to cause a denial of service
(segmentation violation) via a crafted file.(Closes: #891420)
+ Fix CVE-2017-17880: there is a stack-based buffer over-read in
WriteWEBPImage in coders/webp.c, related to a
WEBP_DECODER_ABI_VERSION check.
* Provide transitional packages from arch:any packages.
(Closes: #893030)
Checksums-Sha1:
68583368be415929d51d95e1fe948e2d2d1aa806 5122 imagemagick_6.9.9.39+dfsg-1.dsc
39ea5b36128c4cc0cdb6d6fe8db5eaf972893f4e 9058524 imagemagick_6.9.9.39+dfsg.orig.tar.xz
196f488ec4e3fc833228e5dd750cde7757a052b8 218996 imagemagick_6.9.9.39+dfsg-1.debian.tar.xz
42b622fcf7ab2fd0836c51822d64286f97381fcc 13907 imagemagick_6.9.9.39+dfsg-1_source.buildinfo
Checksums-Sha256:
a7f4fc23a31b7b83b0221d0a3bfae7089c4d36efd05d68d68d1cf6d3e4c7615f 5122 imagemagick_6.9.9.39+dfsg-1.dsc
a8c2d67939938b7a45892090e154c84ef06e03f722ee9012f82f8b61c6454100 9058524 imagemagick_6.9.9.39+dfsg.orig.tar.xz
c9a31d2d567cbe93d4daf68d3f6bbe81116432602a18bc4ddb3a13a0d466c61b 218996 imagemagick_6.9.9.39+dfsg-1.debian.tar.xz
273d54cb9b3de62b892b493ff96a5b7f77b86446193fe52a87756475094d461f 13907 imagemagick_6.9.9.39+dfsg-1_source.buildinfo
Files:
e0fa727e15ad1405d60a8fd279611f8e 5122 graphics optional imagemagick_6.9.9.39+dfsg-1.dsc
14e02933ec960a2152be1aa1bb7f593b 9058524 graphics optional imagemagick_6.9.9.39+dfsg.orig.tar.xz
88de16ba9ba01c723976ba0d5f913de3 218996 graphics optional imagemagick_6.9.9.39+dfsg-1.debian.tar.xz
ef04b44105af8fb360546de531484b54 13907 graphics optional imagemagick_6.9.9.39+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAlqw6YsACgkQADoaLapB
CF8hxQ/+PJpC0e9EALtyrmJmNzyQl4y+S+2TnbZcEzniZ+YiEAPuln+212DCTAda
o2KrUPM4jw2YZHaNcWeuaUYkvlcySWOoMkZTsNpXlmx3AgvUEiujNOzqXDkVKL6l
ayRI0Ax0nKHGnPGnrF3OFgdVJz8+XyneVwjQOGA/Wg4p8l+FSRslJgboRJQx8jFl
+IpLS0t/Oj6k9gw+n3WPzegcqHVrISzICE/13Hmo/NBiyQYC5/4QzGTDPZmPx732
Ni9LxCf3T8AEUkwu/IAXvyCWExEKernzeLV9VlIx9+hfq+T9XSpIILjiSsyt4Rp4
cynved8UIS/N9wONTilr40BeHk0Sz8N+GboK0GVLRhTVYbuk8nBW6/xiDMrJ87bu
xOxR+ZPbAdQLVRVO+x2DKEYgG6vSSS6oHr1NJL30rT9h6op4FLVlm7OHYWxBk38t
GYFH13OsdWDGfdFaOl4acvVQ4MGDncYKlh7snf7YNNa7vEB3WGxkV4eLJpt4NCHR
DTfG6YBU5fD6aqT5dyVSMuJHHHjgjjWIZHR6G/3mz8nefOlOhVCKg9oebazQEX0I
oVEcPqqiVBvFnqRp5EkNFk+pvolkIQypMZm+Myh2ZqpASPG+Z4OfDTh0DBkkjuxs
j28JwGDATQK/3wnYAqFydi9+IgpoZ0SDlQ9/moPBPyrbl+kY80E=
=VaKi
-----END PGP SIGNATURE-----