Your message dated Tue, 23 Dec 2014 22:25:58 +0000 with message-id <e1y3xtu-00017z...@franck.debian.org> and subject line Bug#773834: fixed in imagemagick 8:6.8.9.9-4 has caused the Debian Bug report #773834, regarding [imagemagick] Huge security queue to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 773834: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773834 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: imagemagick Version: 8:6.8.9.9-3 Severity: grave Tags: security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org Thanks to google they are a lot of security fix in imagemagick. Will send a version ASAP. Open this bug for having a bug number.
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---Source: imagemagick Source-Version: 8:6.8.9.9-4 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 773...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès <roucaries.bastien+deb...@gmail.com> (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Tue, 23 Dec 2014 22:02:08 +0100 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-4 Distribution: unstable Urgency: high Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-t...@lists.alioth.debian.org> Changed-By: Bastien Roucariès <roucaries.bastien+deb...@gmail.com> Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 773834 Changes: imagemagick (8:6.8.9.9-4) unstable; urgency=high . * Fix a few security bugs (Closes: #773834): - Avoid a DOS in vision.c due to an infinite loop. - Avoid a SEGV due to a corrupted pnm file. - Do not leak fd due to corrupted file. - Fix a double free in pdb coder. - Fix a SEGV due to corrupted dpc and xwd images. - Fix a SEGV in dpx file handler. - Fix a SEGV in malformed xwd file handler. - Avoid a NULL pointer dereference in ps file handling. - Fix a crash with corrupted viff file. - Fix a NULL pointer dereference in wpg file handling. - Do not continue on corrupted wpg file. - Avoid an out of bound access in viff image. - Avoid a heap buffer overflow in pdb file handling. - Avoid an out of bound acess on malformed sun file. - Avoid heap overflow in palm, pnm and xpm files. - Fix heap overflow in quantum, palm and psd file. - Fix handling of corrupted of psd, sun and xpm file. - Fix corrupted (too many colors) psd file. - Fix an out of bound acess in sun file. - Fix handling of corrupted sun and wpg file. - Fix heap overflow in pcx file, psd, pict and wpf files and DOS in xpm files. - Add additional PNM sanity checks. - Avoid a crash to out of memory in magick/cache.c - Fix a theorical out of bound access in magick/colormap-private.h - Fix an out of bound access in palm file. - Fixed throwing of exceptions in psd handling and fix a memory leak. - Fixed boundary checks in DecodePSDPixels. - Fix another out of bound problem in rle file. - Fix crash due to corrupted dib file. - Added checks to prevent overflow in rle file. - Impose a limit of 10 million columns or rows in an input PNG - Don't try to handle a "previous" image in the JNG decoder. - Avoid a memory leak in quantum management. - Avoid a crash in png coder. - Thread limit should be at least 1 in order to be efficient. - In psd file handling fixed parsing resource block and avoid a crash. - In cache fix usage of object after it has been destroyed. - Avoid a memory leak in rle file handling. - During identification of image do not fill memory Checksums-Sha1: 35c5cb28ac6c0565701ff14559d9bb99bb36d97b 3852 imagemagick_6.8.9.9-4.dsc 3303e5bdfa0d8d4c212b10205ca2bcb5d766c799 202332 imagemagick_6.8.9.9-4.debian.tar.xz 51e395abec6de339e348b8478fc160edec7a8cb9 148042 imagemagick-common_6.8.9.9-4_all.deb f2802eda5817b8cb7ed167572127f6055dd2e22f 7618974 imagemagick-doc_6.8.9.9-4_all.deb 614ea09393a88171194860c278f8f188930a19c7 166564 libmagickcore-6-headers_6.8.9.9-4_all.deb d70ee81c7d2db84c278b71c4c6692a329fab41dd 129772 libmagickwand-6-headers_6.8.9.9-4_all.deb 40ae2757e6563904af202b88a85e47615bf73f8d 165390 libmagick++-6-headers_6.8.9.9-4_all.deb c9c5f8e4d68b428df65fa7bf401c8c7771f6d59c 154634 imagemagick_6.8.9.9-4_amd64.deb 61f31f31260f988ed826f14720d1c3e4942a3171 173102 libimage-magick-perl_6.8.9.9-4_all.deb 4166c3cacc4dfc5568ef7f5c15ba9be5259a57e8 128520 libmagickcore-6-arch-config_6.8.9.9-4_amd64.deb 5761f5e943d00ef8cdfe161feb6d85eaa80e9ac1 511424 imagemagick-6.q16_6.8.9.9-4_amd64.deb a76fc3c7f50649cc5c4671e794d6203c726f2181 1676674 libmagickcore-6.q16-2_6.8.9.9-4_amd64.deb e0b0e5778978c8512c6dc41af07309656968e13c 167660 libmagickcore-6.q16-2-extra_6.8.9.9-4_amd64.deb af53980a20146598f6a3ec844a753b3c1cb6dd7a 1024218 libmagickcore-6.q16-dev_6.8.9.9-4_amd64.deb 8d865e572206b04ecdf893487ca62e4f82a529ca 402716 libmagickwand-6.q16-2_6.8.9.9-4_amd64.deb c426f4003b22250c6cf71d7ab681f9873caf6959 391432 libmagickwand-6.q16-dev_6.8.9.9-4_amd64.deb 48caf88de7fa5217cae6f5ac566a029d44bd24e0 252872 libmagick++-6.q16-5_6.8.9.9-4_amd64.deb d0d7678ecdcc8ddbbd60f18e340653f1dd2e40ea 220354 libmagick++-6.q16-dev_6.8.9.9-4_amd64.deb e46bb29d3757ae60d3e5b840f9edf490a20c971e 4999812 imagemagick-dbg_6.8.9.9-4_amd64.deb 0f9702b00359c406935b0f851be890b163fefee3 218892 libimage-magick-q16-perl_6.8.9.9-4_amd64.deb 4babeeb45c965ce06b51a320844ae2e97632953a 121066 perlmagick_6.8.9.9-4_all.deb d4c4b81799e543b88ea42b1ea60d2d8d2e2e5889 121044 libmagickcore-dev_6.8.9.9-4_all.deb a0aacf5b28b5396f460281a894c3ac2cee41d0b0 121032 libmagickwand-dev_6.8.9.9-4_all.deb 027b5c0dcf51d3d9861d53efebbfdaf8d8534692 121070 libmagick++-dev_6.8.9.9-4_all.deb Checksums-Sha256: dc5dca3bf57f2d0c473e5742fdb038156ae2a02168e19b2897db1863c5bb27fc 3852 imagemagick_6.8.9.9-4.dsc 41f939fe631107d51b8bb086b8ef9c5e0def6ee6a74728e0f8858b3d6cdcfb2a 202332 imagemagick_6.8.9.9-4.debian.tar.xz dd668e27dae045486ae7dcaa1b29ac3c414c043774f4907bd844fe75b628ff5a 148042 imagemagick-common_6.8.9.9-4_all.deb e49b4d2010e8a72489d892ccd1ed132aa74c7b0d396c93afed8fff78eb8a43d2 7618974 imagemagick-doc_6.8.9.9-4_all.deb 2a042e6c2e5f99e29fecc18101dda6b9b013940bb2244814f34beb1785524c9c 166564 libmagickcore-6-headers_6.8.9.9-4_all.deb 0281d31f7e60bbc805128b1f3583bfaa15e887c947c3323a19c99210ecb3a812 129772 libmagickwand-6-headers_6.8.9.9-4_all.deb 5aa7b565a954da2c41ffee6046706b34b130624d066038c51638abf8ee9d2e5e 165390 libmagick++-6-headers_6.8.9.9-4_all.deb 08f068dd0f41ea91a3a6b10a035c67963490bf823cd036378a6a7dca27117022 154634 imagemagick_6.8.9.9-4_amd64.deb a4620fc9ec9b6bd8797ca47f65c8ab2ac2b443859e8bce6421da488fb1fa0cf5 173102 libimage-magick-perl_6.8.9.9-4_all.deb b3b2061caabfe0ced82584d40f55a6158377e708b86abf741212111a7e4570db 128520 libmagickcore-6-arch-config_6.8.9.9-4_amd64.deb 05648b78f6b279bb295fe836380e472b4c20f767ec4fd4ec877560fc777f2f41 511424 imagemagick-6.q16_6.8.9.9-4_amd64.deb 9cba5e618fd06cdc04c71301faab12cb2507f215cda3399b43ad0b5e3a08bd6e 1676674 libmagickcore-6.q16-2_6.8.9.9-4_amd64.deb b0742b6e87c24330b2f990e9eb2c0b3c958ef4de0a7e558e117d47a92228c1c8 167660 libmagickcore-6.q16-2-extra_6.8.9.9-4_amd64.deb 4b0ad3b9e9acd15df4b882ccff95494616e02bfdfcd6112e7ae28b8d05a5378a 1024218 libmagickcore-6.q16-dev_6.8.9.9-4_amd64.deb 2fb4384090e3d199dfeec701f0e1860f9fc77fc2b5732a46d0d8e533826d9daf 402716 libmagickwand-6.q16-2_6.8.9.9-4_amd64.deb 874065a2651432056c69ffe6a735e8da1dae68df04381b8e77efb61598b25217 391432 libmagickwand-6.q16-dev_6.8.9.9-4_amd64.deb 84838c87f11db7cb7d28b59420780f6a2059867e02e3348b74681024dcdff4ed 252872 libmagick++-6.q16-5_6.8.9.9-4_amd64.deb 4c029c72cdfdfd034d1b1ff71ff3436244721aefca3fb038d788ebf704fa4d4e 220354 libmagick++-6.q16-dev_6.8.9.9-4_amd64.deb ee1ec382f7ef71dfea2ac17740c331c0505850aa8914ed60b3424f4cf0516056 4999812 imagemagick-dbg_6.8.9.9-4_amd64.deb 917d9285455d13bc2392a3aa21361e6f64020d29b6a1c773618f32a1ff08cfd1 218892 libimage-magick-q16-perl_6.8.9.9-4_amd64.deb 66cdbb9a3449baf09c0da5816ba5189dbb94a9e4bf9fb925ea6a7022d6dd446b 121066 perlmagick_6.8.9.9-4_all.deb c9487d9edb1aa74b903fd9857fed10e3bdc31fb98053a34317c583069ed21abf 121044 libmagickcore-dev_6.8.9.9-4_all.deb 7415fafd65d8b376e85b226fa7f83044dc011a949f476ce471efc621b1a28c24 121032 libmagickwand-dev_6.8.9.9-4_all.deb c81aa9774cd825c3b05b4d81c917e3c0cf7578886139e9a6d982e1750b797e8c 121070 libmagick++-dev_6.8.9.9-4_all.deb Files: 40497d4f5d0b967fb5284a1fe6bb5121 3852 graphics optional imagemagick_6.8.9.9-4.dsc 238f43c15c4a81757ef3a7702f683448 202332 graphics optional imagemagick_6.8.9.9-4.debian.tar.xz 4ac7decbd46418e9bc64f3ea628d34ac 148042 graphics optional imagemagick-common_6.8.9.9-4_all.deb 2640dc076e2a7591b7a97f43c4049056 7618974 doc optional imagemagick-doc_6.8.9.9-4_all.deb 6c89da3ac50ccb54116b922d3c7ab23e 166564 libdevel optional libmagickcore-6-headers_6.8.9.9-4_all.deb 7799a1db9602e678ba36d14926df23f7 129772 libdevel optional libmagickwand-6-headers_6.8.9.9-4_all.deb d8d19cf255a4919c16ed67b8baac6991 165390 libdevel optional libmagick++-6-headers_6.8.9.9-4_all.deb 983f8921656bb3feb2dfe6a5ff337e09 154634 graphics optional imagemagick_6.8.9.9-4_amd64.deb 0efde87432de93d1e338bc87ac52012f 173102 perl optional libimage-magick-perl_6.8.9.9-4_all.deb bb6a53d9c5319d8a9d551e419958898b 128520 libdevel optional libmagickcore-6-arch-config_6.8.9.9-4_amd64.deb 551d384f42d1e1a4eb1be8177929a16c 511424 graphics optional imagemagick-6.q16_6.8.9.9-4_amd64.deb 1edcbd5ae25215e73b02dd0410472335 1676674 libs optional libmagickcore-6.q16-2_6.8.9.9-4_amd64.deb c2ab2a25ef0bcf1fd7df0cb57f5b94c4 167660 libs optional libmagickcore-6.q16-2-extra_6.8.9.9-4_amd64.deb 70f380b0229f2921177574dcdbe346d8 1024218 libdevel optional libmagickcore-6.q16-dev_6.8.9.9-4_amd64.deb 9348bea573760b7307d64de49fa8cd6d 402716 libs optional libmagickwand-6.q16-2_6.8.9.9-4_amd64.deb f3b90d7fbdd0379d5cc532b9fe6b9120 391432 libdevel optional libmagickwand-6.q16-dev_6.8.9.9-4_amd64.deb a92f3b42df696f7dc3c59c5f812c3021 252872 libs optional libmagick++-6.q16-5_6.8.9.9-4_amd64.deb 2364ebb8446d2023ab46568227fe3ccb 220354 libdevel optional libmagick++-6.q16-dev_6.8.9.9-4_amd64.deb fc5db7d5348ee8235f40f4cca82c875c 4999812 debug extra imagemagick-dbg_6.8.9.9-4_amd64.deb c534bdd7b56cbdf9cbfdbaa57b6a4dc2 218892 perl optional libimage-magick-q16-perl_6.8.9.9-4_amd64.deb 62c93ef3a7ee64620d3364c0414c74be 121066 oldlibs extra perlmagick_6.8.9.9-4_all.deb 61784b5f2de54971165828f954873cb0 121044 oldlibs extra libmagickcore-dev_6.8.9.9-4_all.deb 1ad282b23e62e62c484ac96ede94ad6d 121032 oldlibs extra libmagickwand-dev_6.8.9.9-4_all.deb b64375931a15d8bfee03adc518dbfcb7 121070 oldlibs extra libmagick++-dev_6.8.9.9-4_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJUmeY6AAoJEO3GeJm/E8RXESoH/3LyDx6z/yZjx9tL/uIv22vw I+Hd8td2WQR00JTIAWmGf6rT3B/evT2x7PvH5loRI9c2CJBI5eW9rZidhlzKrUF+ mgQ5X36n2OOAfbB5BbpdJmcifGKjtoY9WZvzWnvs7RVOpruTeTCuJrYfjotXNBbQ Ag0Wcfx4ZnPLtNUdFcr8CohVnrpHw95iiI8NNQHENK/QrZOAsYblxUulb/djEqAp tED8OQSg1ZICFbfNeV3mR166IT4VvrRray8s/kX37D0I08CESMwy8APDS4itqbgg /sWCYQj98L+fy7xxgDc+xMxg4o3rd+AUhiqm1DKRz+GSr3q/8FWK5rj+k1a8Yzk= =cx1s -----END PGP SIGNATURE-----
--- End Message ---
