Back to imagemagick PTS page

Accepted imagemagick 8:6.9.10.23+dfsg-2.1+deb10u6 (source) into oldoldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted imagemagick 8:6.9.10.23+dfsg-2.1+deb10u6 (source) into oldoldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 21 Feb 2024 20:10:22 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: imagemagick_6.9.10.23+dfsg-2.1+deb10u6_source.changes
Debian-source: imagemagick
Debian-suite: oldoldstable
Debian-version: 8:6.9.10.23+dfsg-2.1+deb10u6
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id:Content-Type: Subject:MIME-Version:To:Reply-To:From:Cc:Content-Transfer-Encoding:Content-ID :Content-Description:In-Reply-To:References; bh=lMJcYmIu3M4bEUm+YSeSGtJq74fkI81evmx3fln4w5I=; b=Mdhj5G/ZbI/Sk1rQDIVK8K4FRH 7c5QWC2+KrcFXy71UzxyzYWlOqSw1QmlX9LP0mW2LStcMRXvDbRTzMw8S73PdHhzFcghMflIjKZKg 8m1Xx0Ff7VaiyDt/kC9pg4EPuTC71vpLSWnIE969QjbSh5co/Ck6oh6wB6JCO9N+GRum2A6nFIN2P KdOTtQpTn+5FoF1GABuBiVdxmVvsrMOkhCrCmNbmdCO4WF0Vn9S8WQLp0i1u3ak4CX+L8NUThWTdj zAwhSjaYynE8c0P/J31TLEQ7kqAlzam798bdLn3abpIzsc26g7NSJ1gqT7OmaavCxCj+hNgsY9ERK 1l0/1fKA==;
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1rcsv8-00BefA-Qj@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 19 Jan 2024 13:20:50 -0500
Source: imagemagick
Architecture: source
Version: 8:6.9.10.23+dfsg-2.1+deb10u6
Distribution: buster-security
Urgency: medium
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Changes:
 imagemagick (8:6.9.10.23+dfsg-2.1+deb10u6) buster-security; urgency=medium
 .
   [ Bastien Roucariès ]
   * Fix a heap based overflow in TIFF coder.
   * Avoid a DOS with malformed TIFF file.
   * Avoid a memory leak in TIFF file coder.
   * Fix a non initialized value passed to TIFFGetField().
   * Fix buffer overrun in TIFF coder.
   * In case of exception bail out early in TIFF file handling.
   * Fix unintialised value in TIFF coder.
   * Raise exception when image could not be read but no
     exception was raised in TIFF coder.
   * Fix CVE-2023-39978: a memory leak was present in
     Magick::Draw.
   * Mark rmagick test as flaky
   * Fix CVE-2023-1289: A vulnerability was discovered
     in ImageMagick where a specially created SVG file
     loads itself and causes a segmentation fault.
     This flaw allows a remote attacker to pass a
     specially crafted SVG file that leads to a segmentation
     fault, generating many trash files in "/tmp," resulting in
     a denial of service. When ImageMagick crashes, it generates
     a lot of trash files. These trash files can be large if the
     SVG file contains many render actions.
   * Fix CVE-2023-34151: A vulnerability was found in ImageMagick,
     due to undefined behaviors of casting double to size_t in
     svg, mvg and other coders.
   * Fix CVE-2023-5341: A heap use-after-free flaw was found
     in coders/bmp.c
 .
   [ Santiago Ruano Rincón ]
   * Enable ARM builds in salsa-ci.yml
Checksums-Sha1:
 7af5a1e0dd776b1c4a4b9f73ab0cb8e6f3cd17a3 5239 imagemagick_6.9.10.23+dfsg-2.1+deb10u6.dsc
 641b8eb20e2deb2dad12a101293e9905be6134d7 266256 imagemagick_6.9.10.23+dfsg-2.1+deb10u6.debian.tar.xz
 44e5d1ed6445607d239733180714c5169efb4e30 31683 imagemagick_6.9.10.23+dfsg-2.1+deb10u6_amd64.buildinfo
Checksums-Sha256:
 53918c05acea7724571ec97ec111c8fa229eab843c96116854d7920e62360dee 5239 imagemagick_6.9.10.23+dfsg-2.1+deb10u6.dsc
 1da356e74bc3c3f1df08d1a379c8d15400989fcd5ed422dbd74b7c66153d55d6 266256 imagemagick_6.9.10.23+dfsg-2.1+deb10u6.debian.tar.xz
 0803e5caa0253571b089c4dd56acf2d58ec4ee4b56ff6125ad70e8ed2c5c8fed 31683 imagemagick_6.9.10.23+dfsg-2.1+deb10u6_amd64.buildinfo
Files:
 22fee2c63d2be6779ce40b814873a3e2 5239 graphics optional imagemagick_6.9.10.23+dfsg-2.1+deb10u6.dsc
 e49e6b6111835635e0a9f436b774ee0b 266256 graphics optional imagemagick_6.9.10.23+dfsg-2.1+deb10u6.debian.tar.xz
 58c5058b6e550fde8b074ec63aaeffce 31683 graphics optional imagemagick_6.9.10.23+dfsg-2.1+deb10u6_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmXWVQERHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF+w5RAAmnd4qav2hNgnlIfp3eC1mgkHIrOrNUBl
HZNufudpnvKiefYbPsX74w+BtR9h2MKeoav+kGHpXvmlk4RTodO6fh4c/YJPEAPh
A5/2J8zkjF4M7UDBBpzLXE6nUYM6EC64gnJ8rbH+xGnVm3aly17VnCfiatKqfvAc
kc80jqdAM2AhGU9CGFFA2Q7GybSTh0/pWPtu7goBTxQdtj/JXdHV3rY1ZW0haxyk
x2WjG8yF6R76b01pNYkFbPkGJ3jEaBL2ZCyjYwnXK/+nTbCtzsnUmJfJDdzvIIlu
oZp4QTRZGDw5fTw2081r2rgwTiqJ7/IKDKoEO/dAJ8FkgFPwUSPEXlmF3PQj6kCc
8vVtHuocgzP6JF10ZV9+wovdGYOR5B063joCVOBQwzs4dJMD439LzioyD6l03dUL
eVW+PdnGys5+EEmdeQOJrzvKToRYp5LMSUxfOY9js+8RcYwjY8OOvSzr9KW3BWGT
aHDGaVs4eXNeMrS/z+XBfIQcMn/66dpF7rfX1LTFAZnpqaAtvfOFw2y6jA7KWAUo
cqKarA6zPWJAPZLQ2f/iv1GfV12wAF/xTy4pcnMNRVSb/KuC3w+8FLPevRqOBQ3q
x3RuyvNoFERgwCqdzZAavGIAZee9TH2RmmZX/hPrm3y/sJ015oHzDq+Nz7Ar5Nac
ntlUu/yPdrE=
=9ZKr
-----END PGP SIGNATURE-----

Attachment: pgpj0NgRW6DPb.pgp
Description: PGP signature