Back to imagemagick PTS page

Accepted imagemagick 8:6.9.11.24+dfsg-1 (source) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 27 Jul 2020 03:13:36 +0200
Source: imagemagick
Architecture: source
Version: 8:6.9.11.24+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Bastien Roucari├Ęs <rouca@debian.org>
Closes: 921594 927828 927830 928206 928207 931189 931190 931191 931196 931447 931448 931449 931452 931453 931454 931455 931457 931633 931740 932079 941670 941671 947308 947309 947983 950282 953279 953741 955025 962110
Changes:
 imagemagick (8:6.9.11.24+dfsg-1) unstable; urgency=medium
 .
   * Acknowledge NMU
   * New upstream version:
     - Fix CVE-2019-11470: Cineon image parsing DOS (Closes: #927830).
     - Fix CVE-2019-11472: XWD image parsing DOS (Closes: #927828).
     - Fix CVE-2020-13902: Heap based overflow in TIFF image decoding.
       (Closes: #928207).
     - Fix CVE-2019-11598: Heap-based buffer over-read in PNM image
       decoding (Closes: #928206).
     - Fix CVE-2019-12974: NULL pointer dereference in pango coder.
       (Closes: #931196).
     - Fix CVE-2019-12977: use of uninitialized value" vulnerability
       in the WriteJP2Image of jp2 coder (Closes: #931191).
     - Fix CVE-2019-12978: use of uninitialized value" vulnerability
       in the pango coder. (Closes: #931190).
     - Fix CVE-2019-12979: use of uninitialized value" vulnerability
       in MagickCore/image.c (Closes: #931189).
     - Fix CVE-2019-13135: use of uninitialized value" vulnerability
       in the cut coder (Closes: #932079).
     - Fix CVE-2019-13295: Heap-based buffer over-read in
       MagickCore/threshold.c (Closes: #931457).
     - Fix CVE-2019-13297: Heap-based buffer over-read in
       MagickCore/threshold.c (Closes: #931455).
     - Fix CVE-2019-13300: heap-based buffer overflow in
       MagickCore/statistic.c (Closes: #931454).
     - Fix CVE-2019-13304: stack-based buffer overflow for
       PNM image (Closes: #931453).
     - Fix CVE-2019-13305: stack-based buffer overflow for
       PNM image (Closes: #931452).
     - Fix CVE-2019-13306: stack-based buffer overflow for
       PNM image (Closes: #931449).
     - Fix CVE-2019-13307: heap-based buffer overflow in
       MagickCore/statistic.c (Closes: #931448).
     - Fix CVE-2019-13308: heap-based buffer overflow in
       MagickCore/fourier.c (Closes: #931447).
     - Fix CVE-2019-13391: heap-based buffer over-read (Closes: #931633).
     - Fix CVE-2019-13454:  Division by Zero in MagickCore/layer.c
       (Closes: #931740).
     - Fix CVE-2019-14981: divide-by-zero in MeanShiftImage
       (Closes: #955025).
     - Fix CVE-2019-15139: DOS for XWD images (Closes: #941670).
     - Fix CVE-2019-15140: DOS for mat images (Closes: #941671).
     - Fix CVE-2019-19948: Heap-based buffer overflow in SGI coder
       (Closes: #947308).
     - Fix CVE-2019-19949: Heap buffer over-read in PNG coder
       (Closes: #947309).
     - Fix CVE-2020-10251: out-of-bounds read vulnerability for HEIC
       coder (Closes: #953741).
     - Fix CVE-2020-13902: heap-based buffer over-read for TIFF coder.
   * Bug fix: "Updating the imagemagick Uploaders list", thanks to Tobias
     Frost (Closes: #962110). Thanks  Nelson A. de Oliveira
   * Add link in api doc dir to assets javascript library
   * Fix a typo in convert man page (Closes: #953279,#947983,#921594).
   * Fix a pkgconfig error that pull q16 instead of q16hdri (Closes: #950282).
Checksums-Sha1:
 e048304c5733775e5329658e3bcec3b0e8c47628 5079 imagemagick_6.9.11.24+dfsg-1.dsc
 0608fc1533aea1fff9c24c8505e7d70a3402fe8b 9037972 imagemagick_6.9.11.24+dfsg.orig.tar.xz
 26c694e9b970580d2eb0e14ea2e3af7899afc652 224972 imagemagick_6.9.11.24+dfsg-1.debian.tar.xz
 2161f16b1c65dd38fad403eb75b12ca0af256f9e 12652 imagemagick_6.9.11.24+dfsg-1_source.buildinfo
Checksums-Sha256:
 3d16073f17e1428a549884e1ee4afbd9255cd9d6c1fb802d8f1575759fda49c5 5079 imagemagick_6.9.11.24+dfsg-1.dsc
 23b737f3391e542c831c785280ea66e267e58ff0d0480b08a4607e90c24e8a16 9037972 imagemagick_6.9.11.24+dfsg.orig.tar.xz
 c8a28a0838e2b7a1aab2257806ad59d18d9859ae264a5adbc085d231e590e5ee 224972 imagemagick_6.9.11.24+dfsg-1.debian.tar.xz
 dd701d7c18301ec903f8130f88b0886118cbad4f224df58dfa40840825741e60 12652 imagemagick_6.9.11.24+dfsg-1_source.buildinfo
Files:
 41f603e5cfe585175769895cdfbfee5d 5079 graphics optional imagemagick_6.9.11.24+dfsg-1.dsc
 d248740e37f7aafeb4fa52923bd0331c 9037972 graphics optional imagemagick_6.9.11.24+dfsg.orig.tar.xz
 5fd51f7ca1b69bee80e0f31f8f122427 224972 graphics optional imagemagick_6.9.11.24+dfsg-1.debian.tar.xz
 d0fb8244f24862150d53b99207bacfae 12652 graphics optional imagemagick_6.9.11.24+dfsg-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAl8eszsACgkQADoaLapB
CF/WDA//X4Q1YecrNovIPkxUiF1mBQ2mQw0ybBZcEddq5UR8RxnAz0dYv1mL6wDy
YncJhMv9l6BkOv0vgw4/XPTtW7rIiYwJ2iCpI17k3yFXxDAZYataM0t4JufqcOWS
0PLBYfBaXmOvW4MdgAER7nII8aQ+lQq5i5+SharLB5f2OHipSMTk65yPKCGzMA3u
LdQPHgLQUV+21ykRaY3GWYxre72dkGvgEDsREA3T5Dyc4koy8lw+Oz6TLCQJs9eW
gdX5AjgsK/yC40RGvXFaTQi5es3Sxb+0RSTU9AKaCNEHhCZxpQZ2C1QyPXFMBu9L
64eGIhlJyI2OdoM7/KnWeK6TviiheY6gh894lP2DOZlfqhtcv55ixqep4Kznzz6D
R5ZfKGldQgY9YCRsD3E0RJCRSMXOT6NIKU0FtY6ysTEaSX5OlP6d2qfYikd7jEjN
f2FNqALim01jShl+ajFeVCCIT/bjAtA9n0vdks7Jv2Q9bLOaUn5dN7KVMPjjS9hj
nr3x+SbGcHOgGmJ0UI8OkEgfmWmSTo2J/OGD7e9/juorm1Yo+84vmlv3QOlhj7E2
HJiqIpnGdAiOob2X5V1tK5//3ts2r80rYXW4iNA7ES2Uaxxe8vclyDyvDZLLxR3d
72tL7ofJXJuDZlIgjvbz21C1tqHZOXTamdhKT18v2UDBN+bKhOU=
=HjO/
-----END PGP SIGNATURE-----