Your message dated Mon, 06 Mar 2017 12:05:45 +0000 with message-id <e1ckrob-000eix...@fasolo.debian.org> and subject line Bug#856880: fixed in imagemagick 8:6.9.7.4+dfsg-2 has caused the Debian Bug report #856880, regarding CVE-2017-6499: Magick++ memory leak to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 856880: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856880 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: src:imagemagick Version: 8:6.6.0.4-3 Severity: serious Tags: security X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org control: found -1 8:6.7.7.10-5 control: found -1 8:6.8.9.9-5 forwarded: https://www.imagemagick.org/discourse-server/viewtopic.php?f=23&p=142634 Fixed in 3358f060fc182551822576b2c0a8850faab5d543
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---Source: imagemagick Source-Version: 8:6.9.7.4+dfsg-2 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 856...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès <roucaries.bastien+deb...@gmail.com> (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 05 Mar 2017 23:21:36 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.7.4+dfsg-2 Distribution: unstable Urgency: high Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-t...@lists.alioth.debian.org> Changed-By: Bastien Roucariès <roucaries.bastien+deb...@gmail.com> Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-3 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-3-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-3 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-3-extra - low-level image manipulation library - extra codecs (Q16HDRI) libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-3 - image manipulation library -- quantum depth Q16 libmagickwand-6.q16-dev - image manipulation library - development files (Q16) libmagickwand-6.q16hdri-3 - image manipulation library -- quantum depth Q16HDRI libmagickwand-6.q16hdri-dev - image manipulation library - development files (Q16HDRI) libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Closes: 856878 856879 856880 856881 856882 Changes: imagemagick (8:6.9.7.4+dfsg-2) unstable; urgency=high . * Fix a few security bugs: + Assertion failure in TGA coder (Closes: #856878). Fix CVE-2017-6498. + Out of bound in sun file coder (Closes: #856879). Fix CVE-2017-6500. + Memory leak in libmagick++ library (Closes: #856880). Fix CVE-2017-6499. + Missing null pointer check in xcf coder (Closes: #856881) and psd coder (Closes: #856882). Fix CVE-2017-6501 and CVE-2017-6497. Checksums-Sha1: e579cb2fc7b64e51641383988d524c2e11fec752 5151 imagemagick_6.9.7.4+dfsg-2.dsc 982c025dd9024e72aa2d42c5908ff7d320336839 204576 imagemagick_6.9.7.4+dfsg-2.debian.tar.xz bf9d03ceb177e444d6258a966b573a02e178f5ee 27080 imagemagick_6.9.7.4+dfsg-2_amd64.buildinfo Checksums-Sha256: fd2d0533eb7ae3a02166dc0b5e36f7a62edd391c7be1bc0b14c7ff3e3c64d1dc 5151 imagemagick_6.9.7.4+dfsg-2.dsc 91e916e8b5e70339d8b694400582cd104582e8a7da169f280f6c2b5bfa1946ca 204576 imagemagick_6.9.7.4+dfsg-2.debian.tar.xz 80fc59b52260846ea9d78c280cbea6a73e6e5ee01e485758a9f26a1c276ddb06 27080 imagemagick_6.9.7.4+dfsg-2_amd64.buildinfo Files: c1f4da51e8e6332f613c94ae2aa95381 5151 graphics optional imagemagick_6.9.7.4+dfsg-2.dsc 861797f7fa334ff7f5ec52bd1a269de1 204576 graphics optional imagemagick_6.9.7.4+dfsg-2.debian.tar.xz 7ec31d80b26451405b86b4a1a13170e3 27080 graphics optional imagemagick_6.9.7.4+dfsg-2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAli9TFUACgkQADoaLapB CF9/4A//fXCDJXfauhxdNHOdJPUEY619B5G4e+R9paffd+9FCcO/qRd5bxl2lCZ7 1tqgQAeSZpEhgrhZayijTgE6BZLvCFCji9bvG+e4D+ZCpZ1I0r/m/ONR8JDx9qb1 U4aj6jJeeb86hsnBBYEEBMr6DbSQszNBe8+J7ZTLc3JN4SiRUp96nEnSpnkTlOsx E13QIzkO7LKOlOVh1i1woIN1ERzYCBbGqCNzAJ3JqmsWqIZxykRiv5hbMrH6F7uO UC0h6FKxe3p8IJjfu2er9MclLYtmZ1zjo1qW5+D8ZvH1j6aakyQrGdfTAmXccxqJ iXknMHZqvBCzAiWL2flx5YrvM1GcmIUF9gy2PzRMLYcP0YSNOpo3IUGCp8rZP5TH 0hObypET+Bdxc/BwpdThf/Qyedsjj11chMvLGOa1pBEHDWmYwpfTS1Befz9vRXHt 6GLHIWXRW/x4GeQiM5jd9k/Vo/zHOk0MfoZKjFlg7PLzHUJJ/MLxGAHLB2LcFQbB GgtX/dh2mIEUjTjqpfIxkmoXRtgGEnkRDYfC08Qk/52FABj9SbaIBEToAHYxv2HB 2tDFCghnS59cmaYdUVP69RmBF+zjTbTA8e/PQc5kGGkpp7vdWqHhmAob6yAszllH 1ygQZ3peQG5koxVrHN/n64F8pZ6hnu2RXOFHqGkpnwJqH5pFbJM= =nOfZ -----END PGP SIGNATURE-----
--- End Message ---