Hi Emilio Just wanted you to know that I removed imagemagick from dla-needed.txt now. You are welcome to double-check that these issues were really fixed.
Best regards // Ola On 29 December 2016 at 22:41, Ola Lundqvist <[email protected]> wrote: > Hi > > Thank you. I have updated the security tracker with this information. > > // Ola > > On 28 December 2016 at 23:08, Roberto C. Sánchez <[email protected]> wrote: >> Hi Ola, >> >> The issues CVE-2016-8677 and CVE-2016-9559 were fixed by Antione when he >> uploaded that latest imagemagick update to LTS. However, the >> announcement (DLA-756-1) did not list those issues among the issues that >> were addressed by that update. I have already mentioned it to him a >> couple of days ago via private email. >> >> Regards, >> >> -Roberto >> >> On Wed, Dec 28, 2016 at 09:39:42PM +0100, Ola Lundqvist wrote: >>> Hi >>> >>> We will handle it. Take care. >>> >>> // Ola >>> >>> On 28 December 2016 at 21:15, Bastien Roucaries >>> <[email protected]> wrote: >>> > Take care for this time. I lack tome now (babies) >>> > >>> > >>> > Le 23 décembre 2016 23:32:17 GMT+01:00, Ola Lundqvist <[email protected]> a >>> > écrit : >>> >> >>> >> Hello dear maintainer(s), >>> >> >>> >> the Debian LTS team would like to fix the security issues which are >>> >> currently open in the Wheezy version of imagemagick: >>> >> https://security-tracker.debian.org/tracker/CVE-2016-8677 >>> >> https://security-tracker.debian.org/tracker/CVE-2016-9559 >>> >> >>> >> Would you like to take care of this yourself? >>> >> >>> >> If yes, please follow the workflow we have defined here: >>> >> https://wiki.debian.org/LTS/Development >>> >> >>> >> If that workflow is a burden to you, feel free to just prepare an >>> >> updated source package and send it to [email protected] >>> >> (via a debdiff, or with an URL pointing to the source package, >>> >> or even with a pointer to your packaging repository), and the members >>> >> of the LTS team will >>> >> take care of the rest. Indicate clearly whether you >>> >> have tested the updated package or not. >>> >> >>> >> If you don't want to take care of this update, it's not a problem, we >>> >> will do our best with your package. Just let us know whether you would >>> >> like to review and/or test the updated package before it gets released. >>> >> >>> >> You can also opt-out from receiving future similar emails in your >>> >> answer and then the LTS Team will take care of imagemagick updates >>> >> for the LTS releases. >>> >> >>> >> Thank you very much. >>> >> >>> >> Ola Lundqvist, >>> >> on behalf of the Debian LTS team. >>> >> >>> >> PS: A member of the LTS team might start working on this update at >>> >> any point in time. You can verify whether someone is registered >>> >> on this update in this file: >>> >> >>> >> https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup >>> > >>> > >>> > -- >>> > Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma >>> > brièveté. >>> >>> >>> >>> -- >>> --- Inguza Technology AB --- MSc in Information Technology ---- >>> / [email protected] Folkebogatan 26 \ >>> | [email protected] 654 68 KARLSTAD | >>> | http://inguza.com/ Mobile: +46 (0)70-332 1551 | >>> \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / >>> --------------------------------------------------------------- >>> >> >> -- >> Roberto C. Sánchez >> http://people.connexer.com/~roberto >> http://www.connexer.com > > > > -- > --- Inguza Technology AB --- MSc in Information Technology ---- > / [email protected] Folkebogatan 26 \ > | [email protected] 654 68 KARLSTAD | > | http://inguza.com/ Mobile: +46 (0)70-332 1551 | > \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / > --------------------------------------------------------------- -- --- Inguza Technology AB --- MSc in Information Technology ---- / [email protected] Folkebogatan 26 \ | [email protected] 654 68 KARLSTAD | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / ---------------------------------------------------------------
