Your message dated Mon, 30 Jul 2012 22:03:02 +0000
with message-id <e1svy3k-0002sc...@franck.debian.org>
and subject line Bug#683285: fixed in imagemagick 8:6.7.7.10-3
has caused the Debian Bug report #683285,
regarding CVE-2012-3437
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
683285: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683285
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: imagemagick
Severity: grave
Tags: security
Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3437 for
details.
Please fix this for Wheezy with an isolated fix instead of updating to a new
upstream release (since the freeze is in effect)
This doesn't warrant a DSA, but can be fixed through a stable point update for
Squeeze (adding Jonathan to CC, who's managing this)
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.7.7.10-3
We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 683...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bastien Roucariès <roucaries.bastien+deb...@gmail.com> (supplier of updated
imagemagick package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 30 Jul 2012 22:47:47 +0200
Source: imagemagick
Binary: imagemagick imagemagick-dbg imagemagick-common imagemagick-doc
libmagickcore5 libmagickcore5-extra libmagickcore-dev libmagickwand5
libmagickwand-dev libmagick++5 libmagick++-dev perlmagick
Architecture: source amd64 all
Version: 8:6.7.7.10-3
Distribution: unstable
Urgency: high
Maintainer: ImageMagick Packaging Team
<pkg-gmagick-im-t...@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <roucaries.bastien+deb...@gmail.com>
Description:
imagemagick - image manipulation programs
imagemagick-common - image manipulation programs -- infrastructure
imagemagick-dbg - debugging symbols for ImageMagick
imagemagick-doc - document files of ImageMagick
libmagick++-dev - object-oriented C++ interface to ImageMagick - development
files
libmagick++5 - object-oriented C++ interface to ImageMagick
libmagickcore-dev - low-level image manipulation library - development files
libmagickcore5 - low-level image manipulation library
libmagickcore5-extra - low-level image manipulation library - extra codecs
libmagickwand-dev - image manipulation library - development files
libmagickwand5 - image manipulation library
perlmagick - Perl interface to the ImageMagick graphics routines
Closes: 683285
Changes:
imagemagick (8:6.7.7.10-3) unstable; urgency=high
.
* Bug fix: "CVE-2012-3437", ImageMagick: Magick_png_malloc() size
argument thanks to Moritz Muehlenhoff (Closes: #683285).
Checksums-Sha1:
01ad45561e3c553fb3cfa67207a374b9dc093bfb 2505 imagemagick_6.7.7.10-3.dsc
eb8efe1085466adaa8dc7d6de96cf952a000a637 132184
imagemagick_6.7.7.10-3.debian.tar.bz2
72152171da364578d7ff9d02a280345b4335adad 284526
imagemagick_6.7.7.10-3_amd64.deb
b304c51b1f34607fa54c4728683d1296b8579622 6275018
imagemagick-dbg_6.7.7.10-3_amd64.deb
91619cc2de8135cf80d9ec08c703130cf2f5e9e7 127810
imagemagick-common_6.7.7.10-3_all.deb
2c10cae0ed58c76b4daf230aa1ea89a865386deb 5627548
imagemagick-doc_6.7.7.10-3_all.deb
d00ad424ebbebe394fd8ff92775afae7fc575c92 2082882
libmagickcore5_6.7.7.10-3_amd64.deb
f03ab1757842383359494832a34b2afc114aeff2 163386
libmagickcore5-extra_6.7.7.10-3_amd64.deb
d532564f4162bcd702ea371ebb9720aea0a22a21 1386230
libmagickcore-dev_6.7.7.10-3_amd64.deb
f504860fe84f2a0f100ddf947a77db47e46b42d1 461860
libmagickwand5_6.7.7.10-3_amd64.deb
33f6dce72ad75eca5855c425ac859a34bcc16448 543964
libmagickwand-dev_6.7.7.10-3_amd64.deb
6f79cfcdc708c9d635bf4d64e934bcb22b27224e 236128
libmagick++5_6.7.7.10-3_amd64.deb
06bf131b21f979bcfefbad427b51d3149ef410b9 284536
libmagick++-dev_6.7.7.10-3_amd64.deb
147b71230ff1d5276e55038c2a4bcdcc8ec4d16f 255204 perlmagick_6.7.7.10-3_amd64.deb
Checksums-Sha256:
06f5875094ecf809fd5d32c0285713c293dfeab275c55045347b3e2b35d9ed85 2505
imagemagick_6.7.7.10-3.dsc
e3192bdcf8d9a9412ded9e34662d4196e5ca20b9ed7e6156fd7677c2551d5cbf 132184
imagemagick_6.7.7.10-3.debian.tar.bz2
5443d0d501c4c72b36015585690c961b5c2b72bdad43d8f7940ea92fd9a5c87b 284526
imagemagick_6.7.7.10-3_amd64.deb
62e0c1f85cc366a21b97bad5f19bea0efe4e730021bee6b4ab649c872fc77331 6275018
imagemagick-dbg_6.7.7.10-3_amd64.deb
cedfce612fcc6272e7b3d947fec78d9a60d0c4a83ca0422ccbff779e9773a5eb 127810
imagemagick-common_6.7.7.10-3_all.deb
f4b1b84ae34dbe630a2fb4ca256197505a3e13266dc864984675b20d0f09938e 5627548
imagemagick-doc_6.7.7.10-3_all.deb
98774db66222e7fcc682e55e422f9418e740dfdd81e0ada8aed5f7d668edac7a 2082882
libmagickcore5_6.7.7.10-3_amd64.deb
d2ab429bacc882ec9329261406448b98829e69be76c0174f91b6d87e577d4f39 163386
libmagickcore5-extra_6.7.7.10-3_amd64.deb
db034514d2e08dd2f0865b35810524998b0f2f20a12864981464223994671634 1386230
libmagickcore-dev_6.7.7.10-3_amd64.deb
9092da17f05208af80ea08e45661229b5442fb283d9129889311fadf5fee3ac1 461860
libmagickwand5_6.7.7.10-3_amd64.deb
89b81e5ac657e81fb1e24bc435e86939469099fab8c65b703ecb678acffdef21 543964
libmagickwand-dev_6.7.7.10-3_amd64.deb
eeb6af2e40bc55aed99245043b6bbf11536bac0f439f7373367d800a6c2eb614 236128
libmagick++5_6.7.7.10-3_amd64.deb
8ae74e143541062821fa7e35d9d8ec5cef00c4c27470af5495d7440460eba9aa 284536
libmagick++-dev_6.7.7.10-3_amd64.deb
ff1febf12b722c2debb3580bd2474ae84f8916f395f39d160c42f10f99b1269c 255204
perlmagick_6.7.7.10-3_amd64.deb
Files:
b611638ede5d3b6e614dad15367003a4 2505 graphics optional
imagemagick_6.7.7.10-3.dsc
f22bd708b87554caedb43c9c1d76ebf8 132184 graphics optional
imagemagick_6.7.7.10-3.debian.tar.bz2
2311a472481174a10fcc612981695ede 284526 graphics optional
imagemagick_6.7.7.10-3_amd64.deb
129ba6ce79d2f2cb1b484bb43bb12a36 6275018 debug extra
imagemagick-dbg_6.7.7.10-3_amd64.deb
60340b6a56c1fb0e5163bde2062748d1 127810 graphics optional
imagemagick-common_6.7.7.10-3_all.deb
24a21b9d0ab54d42e9802389d5e1b2b4 5627548 doc optional
imagemagick-doc_6.7.7.10-3_all.deb
6edd2540fbb9873803c519682d933162 2082882 libs optional
libmagickcore5_6.7.7.10-3_amd64.deb
c2c2bc0e28feb3eb51898641f24dad32 163386 libs optional
libmagickcore5-extra_6.7.7.10-3_amd64.deb
0905c5d1869fce007dd174a6f6281916 1386230 libdevel optional
libmagickcore-dev_6.7.7.10-3_amd64.deb
320b7d6b42b39f7e2d800d5f886ab8bc 461860 libs optional
libmagickwand5_6.7.7.10-3_amd64.deb
076470e146723e600caf34e50bb5af50 543964 libdevel optional
libmagickwand-dev_6.7.7.10-3_amd64.deb
2f5823f82cff493d4cc7405af5ed5923 236128 libs optional
libmagick++5_6.7.7.10-3_amd64.deb
f6571cc6de8c1999c77d5afcbcf68aa9 284536 libdevel optional
libmagick++-dev_6.7.7.10-3_amd64.deb
24a5e4ada7b43a2bec2e924869bb8118 255204 perl optional
perlmagick_6.7.7.10-3_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlAXATMACgkQx/UhwSKygsrKlQCfXTmN+J3+mKnDKzSdOMBjFjvU
SWQAoKxR0E9l3fibCJHE/InsmddYHtUN
=UXHE
-----END PGP SIGNATURE-----
--- End Message ---