Bug#876097: marked as done (imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage)
Your message dated Fri, 09 Feb 2018 22:35:39 + with message-id and subject line Bug#876097: fixed in imagemagick 8:6.9.9.34+dfsg-1 has caused the Debian Bug report #876097, regarding imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 876097: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876097 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: upstream security patch Forwarded: https://github.com/ImageMagick/ImageMagick/issues/733 Hi, the following vulnerability was published for imagemagick. CVE-2017-14224[0]: | A heap-based buffer overflow in WritePCXImage in coders/pcx.c in | ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of | service or code execution via a crafted file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-14224 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14224 [1] https://github.com/ImageMagick/ImageMagick/issues/733 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.9.34+dfsg-1 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 876...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastien Roucariès (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 08 Feb 2018 13:38:05 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.34+dfsg-1 Distribution: experimental Urgency: high Maintainer: ImageMagick Packaging Team Changed-By: Bastien Roucariès Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level
Bug#876097: marked as done (imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage)
Your message dated Sat, 18 Nov 2017 22:18:45 + with message-id and subject line Bug#876097: fixed in imagemagick 8:6.8.9.9-5+deb8u11 has caused the Debian Bug report #876097, regarding imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 876097: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876097 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: upstream security patch Forwarded: https://github.com/ImageMagick/ImageMagick/issues/733 Hi, the following vulnerability was published for imagemagick. CVE-2017-14224[0]: | A heap-based buffer overflow in WritePCXImage in coders/pcx.c in | ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of | service or code execution via a crafted file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-14224 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14224 [1] https://github.com/ImageMagick/ImageMagick/issues/733 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.8.9.9-5+deb8u11 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 876...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Moritz Muehlenhoff (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 16 Nov 2017 23:13:59 +0100 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all amd64 Version: 8:6.8.9.9-5+deb8u11 Distribution: jessie-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Moritz Muehlenhoff Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Closes: 868469 869715 869728 870067 870106 870
Bug#876097: marked as done (imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage)
Your message dated Sat, 18 Nov 2017 21:03:47 + with message-id and subject line Bug#876097: fixed in imagemagick 8:6.9.7.4+dfsg-11+deb9u3 has caused the Debian Bug report #876097, regarding imagemagick: CVE-2017-14224: Heap buffer overflow in WritePCXImage to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 876097: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876097 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: upstream security patch Forwarded: https://github.com/ImageMagick/ImageMagick/issues/733 Hi, the following vulnerability was published for imagemagick. CVE-2017-14224[0]: | A heap-based buffer overflow in WritePCXImage in coders/pcx.c in | ImageMagick 7.0.6-8 Q16 allows remote attackers to cause a denial of | service or code execution via a crafted file. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-14224 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14224 [1] https://github.com/ImageMagick/ImageMagick/issues/733 Please adjust the affected versions in the BTS as needed. Regards, Salvatore --- End Message --- --- Begin Message --- Source: imagemagick Source-Version: 8:6.9.7.4+dfsg-11+deb9u3 We believe that the bug you reported is fixed in the latest version of imagemagick, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 876...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Moritz Mühlenhoff (supplier of updated imagemagick package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 10 Nov 2017 20:46:29 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source all amd64 Version: 8:6.9.7.4+dfsg-11+deb9u3 Distribution: stretch-security Urgency: medium Maintainer: ImageMagick Packaging Team Changed-By: Moritz Mühlenhoff Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header fil