Your message dated Fri, 05 Feb 2016 08:04:50 +0000 with message-id <[email protected]> and subject line Bug#811308: fixed in imagemagick 8:6.8.9.9-5+deb8u1 has caused the Debian Bug report #811308, regarding Multiple minor security issues to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 811308: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=811308 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: imagemagick Version: 8:6.8.9.9-5 Severity: normal Tags: security This bug is to help track a few relatively minor security problems with the current stable and unstable versions of imagemagick. - Memory Leak while handle psd file http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28791 - IM 6.9.2 crash with some PNG http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28466 - Prevent null pointer access in magick/constitute.c https://github.com/ImageMagick/ImageMagick/pull/34 - PixelColor off by one on i386 https://github.com/ImageMagick/ImageMagick/issues/54 - Fixed memory leak when reading incorrect PSD files Cheers, Vincent
--- End Message ---
--- Begin Message ---Source: imagemagick Source-Version: 8:6.8.9.9-5+deb8u1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès <[email protected]> (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 09 Jan 2016 23:05:59 +0100 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u1 Distribution: stable Urgency: medium Maintainer: ImageMagick Packaging Team <[email protected]> Changed-By: Bastien Roucariès <[email protected]> Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 770009 806441 811308 Changes: imagemagick (8:6.8.9.9-5+deb8u1) stable; urgency=medium . * Fix build on mips by printing progress (Closes: #770009). * Fix a few security bugs: - A DOS on specially crafted MIFF file. - A DOS on specially crafted Vicar file. - A DOS on specially crafted HDR file. - A DOs on specially crafted PDB file. - Fix a Null dereference in coders/png.c (LP: #1492881). - Fix a double free in coders/tga.c (LP: #1490362). - Avoid a DOS for RLE file. - Avoid a bufer overflow by using field limit in sprintf. - Avoid a stack overflow in fx handling. - Fixed size of memory allocation in RLE coder to avoid segfault (LP: #1496649). - Add extra checks to avoid out of bounds error when parsing the 8bim profile. (LP: #1496645). - Fixed memory leak when reading incorrect PSD files (closes: #811308) http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=28791 - Fix PixelColor off by one on i386.(closes: #811308) https://github.com/ImageMagick/ImageMagick/issues/54 - Fix out of bounds error in -splice operator. - Prevent null pointer access in magick/constitute.c (closes: #811308) https://github.com/ImageMagick/ImageMagick/pull/34 - Fix another memory leak in string handling. - Fix an integer overflow that can lead to a buffer overrun in the icon parsing code (LP: #1459747, closes: #806441) - Fix an integer overflow that can lead to a double free in pict parsing (LP: #1448803, closes: #806441). Checksums-Sha1: 86425dac023f208e852ac56e338cc7af6bfa5d7d 3880 imagemagick_6.8.9.9-5+deb8u1.dsc 4fe41325e3ecdeb5f9dce45a4dd0beaac8593cff 213760 imagemagick_6.8.9.9-5+deb8u1.debian.tar.xz f28e9727c5d00567d9b9921af78dabc6579582c9 148710 imagemagick-common_6.8.9.9-5+deb8u1_all.deb 84febc59b1ed31610c6160580fe70160103b168b 7573528 imagemagick-doc_6.8.9.9-5+deb8u1_all.deb b74ff0c6825a3957096aec98b2450ae967e6edd3 167250 libmagickcore-6-headers_6.8.9.9-5+deb8u1_all.deb c57bbea2bfc1804cb99ef143db3824c847bfdca6 130434 libmagickwand-6-headers_6.8.9.9-5+deb8u1_all.deb b3fb7e692d4533099ade747170ca8472f0247004 166072 libmagick++-6-headers_6.8.9.9-5+deb8u1_all.deb a25eb30bb761b38ca57130f9aa3e201988ca06bd 155334 imagemagick_6.8.9.9-5+deb8u1_amd64.deb 93f42ba11019df5f4b53597496843dc952887219 173784 libimage-magick-perl_6.8.9.9-5+deb8u1_all.deb 19a878f26614cc80ec6c537c5bf747497f7269d9 129206 libmagickcore-6-arch-config_6.8.9.9-5+deb8u1_amd64.deb abc11d6ef0d99e685bc1a89e377302ab10d63f0f 512106 imagemagick-6.q16_6.8.9.9-5+deb8u1_amd64.deb c9d7e1433bce6bade5f779f2bba3e3d02776230e 1677634 libmagickcore-6.q16-2_6.8.9.9-5+deb8u1_amd64.deb 1553c2987d92e502e6c0cbbdf64dbe014bf9624d 168296 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u1_amd64.deb c4ddd074ebc1e66c92390a0b30bd0f36368e240d 1025376 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u1_amd64.deb 4f39ade6438009a36d3a7a2e05e6b1d152c6ce68 402776 libmagickwand-6.q16-2_6.8.9.9-5+deb8u1_amd64.deb e679889c9fe20d8cbe4a9489f3f91ac3c316dca3 391640 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u1_amd64.deb 0faab1176e9906dc05b17acedd974260a27dc0b0 253594 libmagick++-6.q16-5_6.8.9.9-5+deb8u1_amd64.deb 2870d8f36036577ff6dc5b070d69492f1243622b 220854 libmagick++-6.q16-dev_6.8.9.9-5+deb8u1_amd64.deb 044b05d04659c96970892d132a76d5c14bb5fd2d 5001062 imagemagick-dbg_6.8.9.9-5+deb8u1_amd64.deb 996560283e78525836251a7b4266cf4a94d132fd 219494 libimage-magick-q16-perl_6.8.9.9-5+deb8u1_amd64.deb eb58309e6acda52f52f3de8f6e12544a9a28b01c 121748 perlmagick_6.8.9.9-5+deb8u1_all.deb 31d0d3e617d9e0ec86552a103b9394afd7f56e17 121728 libmagickcore-dev_6.8.9.9-5+deb8u1_all.deb b5208834a9bf9c495e418b51d2492965834c0d2d 121718 libmagickwand-dev_6.8.9.9-5+deb8u1_all.deb 8d328410b7e2d68437c3b49a3cbb13c95e5f0055 121742 libmagick++-dev_6.8.9.9-5+deb8u1_all.deb Checksums-Sha256: a55f6ab34b787084a69976971a34c679933e62983fb7cff9044368bdd371a8b8 3880 imagemagick_6.8.9.9-5+deb8u1.dsc d247adb1d769a07b7007c670393a59add2d589a0d51788ab8d5b00db9a8d6528 213760 imagemagick_6.8.9.9-5+deb8u1.debian.tar.xz 6df948b3bf6dc68d3999eed67fe87cd224f2d99d6df69cb32dc2c0565922ac7f 148710 imagemagick-common_6.8.9.9-5+deb8u1_all.deb 11508b37b2ea959a04abf975fd5f0ec0d9789e3bb6ab9d66e023f4ced4f4df5a 7573528 imagemagick-doc_6.8.9.9-5+deb8u1_all.deb 986fc2819ad0b29d4c4df0e20b48e26dd975822ae873de4349c23a9d8fcc56d2 167250 libmagickcore-6-headers_6.8.9.9-5+deb8u1_all.deb 6c3814aa346cc5507ab5fd6f7e6beca8201d9518e7bba57160a22c4afaf9d6fb 130434 libmagickwand-6-headers_6.8.9.9-5+deb8u1_all.deb 791e294c37c96ce7fbec3c33e424979bd3db8bb30ef5d11b8f97ac7c4c6d1e6b 166072 libmagick++-6-headers_6.8.9.9-5+deb8u1_all.deb a703b1b82ff554ec8e3ea2021f2205c55d368a2f18505a57584d0a4a6a099912 155334 imagemagick_6.8.9.9-5+deb8u1_amd64.deb e3d231c2ed542fad31005fc2a2d5b24375f16da435a4228794895fd2ab8d3252 173784 libimage-magick-perl_6.8.9.9-5+deb8u1_all.deb 4ecefe0cac6f2688688b192599355fda7fddb08003f2bc85a99bb4d17ad09eb5 129206 libmagickcore-6-arch-config_6.8.9.9-5+deb8u1_amd64.deb 8f7119513933957219d5d43e97c2ff99a640a90af146557e750fb5722bda324a 512106 imagemagick-6.q16_6.8.9.9-5+deb8u1_amd64.deb e9d4a5b1f580d3ac737362dd3488d07bd07b0ba054271376053f394ba3a70ab5 1677634 libmagickcore-6.q16-2_6.8.9.9-5+deb8u1_amd64.deb 42d3d3cc5a972dbab676c9109576e08be7daeb65bad67f8d076cb2b5271aef74 168296 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u1_amd64.deb 52b23a6b776c4236249361374faf6c04758d34895f760d76ed93e29741230e3b 1025376 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u1_amd64.deb 3a80b47b787797aa25f6ff50b13f71843b3f8b4aca451146bf8004d09bfe0e39 402776 libmagickwand-6.q16-2_6.8.9.9-5+deb8u1_amd64.deb 8c04f00e71e50819336e38c50ca5a8a17b1c3906b7a08bf35a79f96dd06dcdc3 391640 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u1_amd64.deb 708a942a3711295f09a9c9dca3b38c8952821d3f9e494ebe46478388072240e5 253594 libmagick++-6.q16-5_6.8.9.9-5+deb8u1_amd64.deb e9995f9435274c68a7da5976a6b350e6c4a5dd32ec91a723e99e848bf1ac55bf 220854 libmagick++-6.q16-dev_6.8.9.9-5+deb8u1_amd64.deb 550cbebddcd2cd4c6b95f4e9cd3b528a7aebc3b6837fb0b2dc893a5f09ba6737 5001062 imagemagick-dbg_6.8.9.9-5+deb8u1_amd64.deb 109eca5702552f3c1751286c64bf759bf16775725f1d89bf7a11c52d97fa676b 219494 libimage-magick-q16-perl_6.8.9.9-5+deb8u1_amd64.deb b877a706e8f9cba6a4d6bc0f2810d98b8efdcf0f874e87de389ba6ae908679a3 121748 perlmagick_6.8.9.9-5+deb8u1_all.deb dd499dd99fd945578aa5a2869186a4f169c364fc69276214c099e20f3659d3b0 121728 libmagickcore-dev_6.8.9.9-5+deb8u1_all.deb f5077162156e52468bebb676e9d9189a12c98029b7f54f917e1c6947dc4f454f 121718 libmagickwand-dev_6.8.9.9-5+deb8u1_all.deb 5045f8a688d8f02631d58cd3614dabfed79e4d4e10e5fff44f24247cbeb776dd 121742 libmagick++-dev_6.8.9.9-5+deb8u1_all.deb Files: 66d980310f3c1628619562bd53e77446 3880 graphics optional imagemagick_6.8.9.9-5+deb8u1.dsc 34c7d9855ad7fa0260090d4c7ea3a980 213760 graphics optional imagemagick_6.8.9.9-5+deb8u1.debian.tar.xz c886e3e11d8883a8517aebb1867de3d1 148710 graphics optional imagemagick-common_6.8.9.9-5+deb8u1_all.deb 87d76a7331e9be3e199cc015a90838ce 7573528 doc optional imagemagick-doc_6.8.9.9-5+deb8u1_all.deb 2cc9d1d310155bb1a9eb6aeb232df361 167250 libdevel optional libmagickcore-6-headers_6.8.9.9-5+deb8u1_all.deb 93e789cb74b1b0360983f9d47bd4d73c 130434 libdevel optional libmagickwand-6-headers_6.8.9.9-5+deb8u1_all.deb 67cc1361852e47f3f3c1804197bd2538 166072 libdevel optional libmagick++-6-headers_6.8.9.9-5+deb8u1_all.deb 63e21877599939ada5f5c1bcfc92c7cd 155334 graphics optional imagemagick_6.8.9.9-5+deb8u1_amd64.deb 8a474569ed2f36f14e6329d736b3a3d4 173784 perl optional libimage-magick-perl_6.8.9.9-5+deb8u1_all.deb 9075516acccbaa5d3267dc2d94871aa3 129206 libdevel optional libmagickcore-6-arch-config_6.8.9.9-5+deb8u1_amd64.deb b621f2940b5335fe65f2bb9fa8461392 512106 graphics optional imagemagick-6.q16_6.8.9.9-5+deb8u1_amd64.deb 4481128ea13e8f1dc2c93364b27a2497 1677634 libs optional libmagickcore-6.q16-2_6.8.9.9-5+deb8u1_amd64.deb ad8957098d090bd2df5dd105c16dc43d 168296 libs optional libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u1_amd64.deb 21e93117e78873d81c0ebce36a54f340 1025376 libdevel optional libmagickcore-6.q16-dev_6.8.9.9-5+deb8u1_amd64.deb 1b0bd2c270a031eaed9861d6f3fc18ea 402776 libs optional libmagickwand-6.q16-2_6.8.9.9-5+deb8u1_amd64.deb 02afb0ec42fcf9f9f0cd4d2440ca758c 391640 libdevel optional libmagickwand-6.q16-dev_6.8.9.9-5+deb8u1_amd64.deb 733f23956f8c28371c0370e295d2b995 253594 libs optional libmagick++-6.q16-5_6.8.9.9-5+deb8u1_amd64.deb 0df912d4d18c0223d27cb4170a6d8be1 220854 libdevel optional libmagick++-6.q16-dev_6.8.9.9-5+deb8u1_amd64.deb 76968eb5265a9596b63cc288e0f8bb28 5001062 debug extra imagemagick-dbg_6.8.9.9-5+deb8u1_amd64.deb 761e04a9d38552b44aab4f751675965d 219494 perl optional libimage-magick-q16-perl_6.8.9.9-5+deb8u1_amd64.deb 04e961e0560e8522ad0545da1b45aa6d 121748 oldlibs extra perlmagick_6.8.9.9-5+deb8u1_all.deb 264bd0df69b18b6e0fa1e79477cfdc3b 121728 oldlibs extra libmagickcore-dev_6.8.9.9-5+deb8u1_all.deb 4f9c321d17d651789270123fe81dafcd 121718 oldlibs extra libmagickwand-dev_6.8.9.9-5+deb8u1_all.deb cd42855a31a481d1b50d19bc67b41b6a 121742 oldlibs extra libmagick++-dev_6.8.9.9-5+deb8u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJWsTSDAAoJEO3GeJm/E8RXG5gH/RNnS+dbQ0+WcGR6hMPOxpVJ hGHZ9MWZBrxpSCYWpj928DApYV+imEDILT1lB91Mz3w95WVzKGQb7D4ibS8nDtp4 LH1c/3YllqnLuxbT0O00H35Y05a8JccxrXV+VqjTp5vtSQ4MbMQDtaS3ZiVJeXs6 mvaIsGqy5Qs2KljiwlKZ6sva51U9uQU925Vf3NpwXJH4INEgUVEtwznEBSqmcrll 6KbcI2pus8L8LeCmLZ1wdSqB8a3wH6krlUZ7Po8TvwAD4Aksh98mFkIm/lz6jLLA YWZkCPLzfaf31qezSoAbkshFN5PyrMTOs8bKOAFZL5zd7yUp2lzgJQ29JxvxsuM= =ZFoZ -----END PGP SIGNATURE-----
--- End Message ---
