Accepted imagemagick 7:6.2.4.5.dfsg1-0.15+etch1 (source i386)

To: debian-changes@lists.debian.org
Subject: Accepted imagemagick 7:6.2.4.5.dfsg1-0.15+etch1 (source i386)
From: Luciano Bello <luciano@debian.org>
Date: Wed, 16 Dec 2009 23:55:32 +0000
Message-id: <[🔎] E1NL3iO-00028a-Fx@ries.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 27 Jul 2009 12:49:27 -0300
Source: imagemagick
Binary: perlmagick libmagick9 libmagick9-dev imagemagick libmagick++9-dev libmagick++9c2a
Architecture: source i386
Version: 7:6.2.4.5.dfsg1-0.15+etch1
Distribution: oldstable-security
Urgency: high
Maintainer: Ryuichi Arafune <arafune@debian.org>
Changed-By: Luciano Bello <luciano@debian.org>
Description: 
 imagemagick - Image manipulation programs
 libmagick++9-dev - The object-oriented C++ API to the ImageMagick library--developme
 libmagick++9c2a - The object-oriented C++ API to the ImageMagick library
 libmagick9 - Image manipulation library
 libmagick9-dev - Image manipulation library -- development
 perlmagick - A perl interface to the libMagick graphics routines
Closes: 412945 418057 444267 530838
Changes: 
 imagemagick (7:6.2.4.5.dfsg1-0.15+etch1) oldstable-security; urgency=high
 .
   * Non-maintainer upload.
   * Fix various crashes on malformed input, including CVE-2007-1797,
     CVE-2007-1667, CVE-2008-1096 and CVE-2008-1097. Closes: #418057, #412945
   * Fix multiple vulnerabilities in imagemagick. (It's a port of the diff
     between these tags of the SCM: debian_version_6_2_4_5_dfsg1-2 and
     debian_version_6_2_4_5_dfsg1-1). Closes: #444267
     + magick/memory.c,magick/memory_.h,magick/methods.h: Add new allocator
       wrapper AcquireQuantumMemory() to prevent potential integer overflows.
       Backport from upstream version 6.3.5.9.
     + magick/image.c: Backport new implementation of SetImageExtent() from
       upstream version 6.3.5.9.
     + coders/dcm.c,coders/xcf.c: Fix integer overflow in DCM and XCF coders.
       (CVE-2007-4985) Backport of upstream patch from version 6.3.5.9.
     + coders/dcm.c,coders/dib.c,coders/xbm.c,coders/xcf.c,coders/xwd.c:
       Fix multiple integer overflows in DCM, DIB, XBM, XCF, and XWD coders.
       (CVE-2007-4986 and CVE-2007-4988) Based on upstream patch from
       version 6.3.5.9.
     + magick/blob.c: Fix fencepost error in ReadBlobString()
       (CVE-2007-4987) Backport of upstream patch from version 6.3.5.9.
     + coders/dib.c: Ensure positive value for image rows and columns.
       Based on upstream patch from version 6.3.5.9.
     + All of the above patches have been derived from backports supplied by
       Jonathan Smith.
   * Apply upstream patch to fix integer overflow in XMakeImage()
     (CVE-2009-1882). Closes: #530838
Files: 
 6c8ffe1f0d0efab6652070aabd8fab8d 958 graphics optional imagemagick_6.2.4.5.dfsg1-0.15+etch1.dsc
 cbb51d6956c6dd68f7dfaa068d0b416b 5202678 graphics optional imagemagick_6.2.4.5.dfsg1-0.15+etch1.tar.gz
 1e40ed75296c5446e7f827662cb2490a 745936 graphics optional imagemagick_6.2.4.5.dfsg1-0.15+etch1_i386.deb
 73e5155f242af1d2d16e2e4458d9539f 1299682 libs optional libmagick9_6.2.4.5.dfsg1-0.15+etch1_i386.deb
 fe033745104b08e6ac962a1eef3332f7 1640482 libdevel optional libmagick9-dev_6.2.4.5.dfsg1-0.15+etch1_i386.deb
 87d4d44a22cfed4283420a0d58b33c20 179658 libs optional libmagick++9c2a_6.2.4.5.dfsg1-0.15+etch1_i386.deb
 8b431753808c82a4b4b537aa964dd558 229176 libdevel optional libmagick++9-dev_6.2.4.5.dfsg1-0.15+etch1_i386.deb
 64b62cf6a14fdb016f2175d2f2944977 170978 perl optional perlmagick_6.2.4.5.dfsg1-0.15+etch1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkpvJZEACgkQQWTRs4lLtHnS1gCfUC1Xq12tKsYMdnHR5Y1VCYEw
UKAAoJ8On51YsFaz2hcHTj4k4SvjkePt
=GSZN
-----END PGP SIGNATURE-----


Accepted:
imagemagick_6.2.4.5.dfsg1-0.15+etch1.dsc
  to main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-0.15+etch1.dsc
imagemagick_6.2.4.5.dfsg1-0.15+etch1.tar.gz
  to main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-0.15+etch1.tar.gz
imagemagick_6.2.4.5.dfsg1-0.15+etch1_i386.deb
  to main/i/imagemagick/imagemagick_6.2.4.5.dfsg1-0.15+etch1_i386.deb
libmagick++9-dev_6.2.4.5.dfsg1-0.15+etch1_i386.deb
  to main/i/imagemagick/libmagick++9-dev_6.2.4.5.dfsg1-0.15+etch1_i386.deb
libmagick++9c2a_6.2.4.5.dfsg1-0.15+etch1_i386.deb
  to main/i/imagemagick/libmagick++9c2a_6.2.4.5.dfsg1-0.15+etch1_i386.deb
libmagick9-dev_6.2.4.5.dfsg1-0.15+etch1_i386.deb
  to main/i/imagemagick/libmagick9-dev_6.2.4.5.dfsg1-0.15+etch1_i386.deb
libmagick9_6.2.4.5.dfsg1-0.15+etch1_i386.deb
  to main/i/imagemagick/libmagick9_6.2.4.5.dfsg1-0.15+etch1_i386.deb
perlmagick_6.2.4.5.dfsg1-0.15+etch1_i386.deb
  to main/i/imagemagick/perlmagick_6.2.4.5.dfsg1-0.15+etch1_i386.deb

Reply to:

Prev by Date: Accepted haproxy 1.3.15.2-2+lenny2 (source amd64)
Next by Date: Accepted kde4libs 4:4.1.0-3+lenny1 (source all i386)
Previous by thread: Accepted haproxy 1.3.15.2-2+lenny2 (source amd64)
Next by thread: Accepted kde4libs 4:4.1.0-3+lenny1 (source all i386)
Index(es):
- Date
- Thread