-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 19 Mar 2018 17:03:39 +0100 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-5 libmagickcore-6.q16-5-extra libmagickcore-6.q16-dev libmagickwand-6.q16-5 libmagickwand-6.q16-dev libmagick++-6.q16-8 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-5 libmagickcore-6.q16hdri-5-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-5 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-8 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.9.39+dfsg-1 Distribution: unstable Urgency: medium Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-t...@lists.alioth.debian.org> Changed-By: Bastien Roucariès <ro...@debian.org> Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-8 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-8 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-5 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-5-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-5 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-5-extra - low-level image manipulation library - extra codecs (Q16HDRI) libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-5 - image manipulation library -- quantum depth Q16 libmagickwand-6.q16-dev - image manipulation library - development files (Q16) libmagickwand-6.q16hdri-5 - image manipulation library -- quantum depth Q16HDRI libmagickwand-6.q16hdri-dev - image manipulation library - development files (Q16HDRI) libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Closes: 890805 891291 891420 893030 Changes: imagemagick (8:6.9.9.39+dfsg-1) unstable; urgency=medium . * Fix security bugs (Closes: #890805): + Fix CVE-2018-7443: The ReadTIFFImage function in coders/tiff.c does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c). (Closes: #891291) + Fix CVE-2018-7470: The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.(Closes: #891420) + Fix CVE-2017-17880: there is a stack-based buffer over-read in WriteWEBPImage in coders/webp.c, related to a WEBP_DECODER_ABI_VERSION check. * Provide transitional packages from arch:any packages. (Closes: #893030) Checksums-Sha1: 68583368be415929d51d95e1fe948e2d2d1aa806 5122 imagemagick_6.9.9.39+dfsg-1.dsc 39ea5b36128c4cc0cdb6d6fe8db5eaf972893f4e 9058524 imagemagick_6.9.9.39+dfsg.orig.tar.xz 196f488ec4e3fc833228e5dd750cde7757a052b8 218996 imagemagick_6.9.9.39+dfsg-1.debian.tar.xz 42b622fcf7ab2fd0836c51822d64286f97381fcc 13907 imagemagick_6.9.9.39+dfsg-1_source.buildinfo Checksums-Sha256: a7f4fc23a31b7b83b0221d0a3bfae7089c4d36efd05d68d68d1cf6d3e4c7615f 5122 imagemagick_6.9.9.39+dfsg-1.dsc a8c2d67939938b7a45892090e154c84ef06e03f722ee9012f82f8b61c6454100 9058524 imagemagick_6.9.9.39+dfsg.orig.tar.xz c9a31d2d567cbe93d4daf68d3f6bbe81116432602a18bc4ddb3a13a0d466c61b 218996 imagemagick_6.9.9.39+dfsg-1.debian.tar.xz 273d54cb9b3de62b892b493ff96a5b7f77b86446193fe52a87756475094d461f 13907 imagemagick_6.9.9.39+dfsg-1_source.buildinfo Files: e0fa727e15ad1405d60a8fd279611f8e 5122 graphics optional imagemagick_6.9.9.39+dfsg-1.dsc 14e02933ec960a2152be1aa1bb7f593b 9058524 graphics optional imagemagick_6.9.9.39+dfsg.orig.tar.xz 88de16ba9ba01c723976ba0d5f913de3 218996 graphics optional imagemagick_6.9.9.39+dfsg-1.debian.tar.xz ef04b44105af8fb360546de531484b54 13907 graphics optional imagemagick_6.9.9.39+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAlqw6YsACgkQADoaLapB CF8hxQ/+PJpC0e9EALtyrmJmNzyQl4y+S+2TnbZcEzniZ+YiEAPuln+212DCTAda o2KrUPM4jw2YZHaNcWeuaUYkvlcySWOoMkZTsNpXlmx3AgvUEiujNOzqXDkVKL6l ayRI0Ax0nKHGnPGnrF3OFgdVJz8+XyneVwjQOGA/Wg4p8l+FSRslJgboRJQx8jFl +IpLS0t/Oj6k9gw+n3WPzegcqHVrISzICE/13Hmo/NBiyQYC5/4QzGTDPZmPx732 Ni9LxCf3T8AEUkwu/IAXvyCWExEKernzeLV9VlIx9+hfq+T9XSpIILjiSsyt4Rp4 cynved8UIS/N9wONTilr40BeHk0Sz8N+GboK0GVLRhTVYbuk8nBW6/xiDMrJ87bu xOxR+ZPbAdQLVRVO+x2DKEYgG6vSSS6oHr1NJL30rT9h6op4FLVlm7OHYWxBk38t GYFH13OsdWDGfdFaOl4acvVQ4MGDncYKlh7snf7YNNa7vEB3WGxkV4eLJpt4NCHR DTfG6YBU5fD6aqT5dyVSMuJHHHjgjjWIZHR6G/3mz8nefOlOhVCKg9oebazQEX0I oVEcPqqiVBvFnqRp5EkNFk+pvolkIQypMZm+Myh2ZqpASPG+Z4OfDTh0DBkkjuxs j28JwGDATQK/3wnYAqFydi9+IgpoZ0SDlQ9/moPBPyrbl+kY80E= =VaKi -----END PGP SIGNATURE-----