Accepted imagemagick 8:6.8.9.9-5+deb8u16 (source all amd64) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 13 May 2019 21:58:51 +0200
Source: imagemagick
Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev
Architecture: source all amd64
Version: 8:6.8.9.9-5+deb8u16
Distribution: jessie-security
Urgency: high
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
imagemagick - image manipulation programs -- binaries
imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
imagemagick-common - image manipulation programs -- infrastructure
imagemagick-dbg - debugging symbols for ImageMagick
imagemagick-doc - document files of ImageMagick
libimage-magick-perl - Perl interface to the ImageMagick graphics routines
libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio
libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files
libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick
libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files
libmagick++-dev - object-oriented C++ interface to ImageMagick
libmagickcore-6-arch-config - low-level image manipulation library - architecture header files
libmagickcore-6-headers - low-level image manipulation library - header files
libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16
libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16)
libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16)
libmagickcore-dev - low-level image manipulation library -- transition package
libmagickwand-6-headers - image manipulation library - headers files
libmagickwand-6.q16-2 - image manipulation library
libmagickwand-6.q16-dev - image manipulation library - development files
libmagickwand-dev - image manipulation library - transition for development files
perlmagick - Perl interface to ImageMagick -- transition package
Closes: 925395 926091 928206 928207
Changes:
imagemagick (8:6.8.9.9-5+deb8u16) jessie-security; urgency=high
.
* Non-maintainer upload by the LTS team.
[ Hugo Lefeuvre ]
* CVE-2019-9956: stack-based buffer overflow in PopHexPixel, allows DoS or
remote code execution (Closes: #925395).
* CVE-2019-11598: heap-based buffer over-read in WritePNMImage, allows DoS
or information disclosure (Closes: #928206).
* CVE-2019-11597: heap-based buffer over-read in WriteTIFFImage, allows Dos
or information disclosure (Closes: #928207).
* CVE-2019-10650: heap-based buffer over-read in WriteTIFFImage, allows DoS
or information disclosure (Closes: #926091).
.
[ Markus Koschany ]
* Fix CVE-2019-9956 CVE-2019-10650 CVE-2019-11598 CVE-2019-11597
CVE-2017-9500 CVE-2017-18273 CVE-2017-18271 CVE-2017-17914 CVE-2017-17682
CVE-2017-15281 CVE-2017-15017 CVE-2017-15015 CVE-2017-14741 CVE-2017-14739
CVE-2017-14626 CVE-2017-14625 CVE-2017-14624 CVE-2017-14532 CVE-2017-14505
CVE-2017-14400 CVE-2017-14341 CVE-2017-14249 CVE-2017-14175 CVE-2017-14174
CVE-2017-14173 CVE-2017-14172 CVE-2017-14060 CVE-2017-13768 CVE-2017-13658
CVE-2017-13145 CVE-2017-13142 CVE-2017-13133 CVE-2017-12875 CVE-2017-12693
CVE-2017-12692 CVE-2017-12691 CVE-2017-12674 CVE-2017-12670 CVE-2017-12643
CVE-2017-12587 CVE-2017-12563 CVE-2017-12435 CVE-2017-12432 CVE-2017-12430
CVE-2017-12140 CVE-2017-11537 CVE-2017-11523 CVE-2017-11446 CVE-2017-1000476
CVE-2017-1000445
* Numerous security vulnerabilities were fixed in Imagemagick. Various
memory handling problems and cases of missing or incomplete input
sanitising may result in denial of service and memory or CPU exhaustion.
Checksums-Sha1:
ae89777114b7864fcff2406464753828178b7eca 4379 imagemagick_6.8.9.9-5+deb8u16.dsc
be96ba94f8f6af809319bfa4a8227a976702f416 308224 imagemagick_6.8.9.9-5+deb8u16.debian.tar.xz
6e4bf0a7b2dc0931e32f2deab3832251a151ddfb 155298 imagemagick-common_6.8.9.9-5+deb8u16_all.deb
2f6b73500482bb438276da0a1c235a82aca8adac 7653154 imagemagick-doc_6.8.9.9-5+deb8u16_all.deb
b69d23390ff0501779b9930753e3bc2ac105d81a 173394 libmagickcore-6-headers_6.8.9.9-5+deb8u16_all.deb
f5613b61a226b66b51026976293219e5ccc02c1f 136426 libmagickwand-6-headers_6.8.9.9-5+deb8u16_all.deb
68bb2e43ca0032fbb914b932315dad7ecf467c7c 172024 libmagick++-6-headers_6.8.9.9-5+deb8u16_all.deb
8111d05172cfa7dffc7d8b2c9d519efc51a41052 161350 imagemagick_6.8.9.9-5+deb8u16_amd64.deb
8f6c180f10e4f9127e676200ea5c2aefc59c0827 179872 libimage-magick-perl_6.8.9.9-5+deb8u16_all.deb
b97ee22febddffe31fdf7208a138b56cd8cca9d3 135224 libmagickcore-6-arch-config_6.8.9.9-5+deb8u16_amd64.deb
c9b22111dade866f5d6525dc186a01cf12764824 514740 imagemagick-6.q16_6.8.9.9-5+deb8u16_amd64.deb
3fa4e5afcedecfbb734f8a942aaccd092ffe6e1c 1699042 libmagickcore-6.q16-2_6.8.9.9-5+deb8u16_amd64.deb
52c5cc7e4f83f9584a839f5f417eb14561c073c2 175800 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u16_amd64.deb
0abc883fb264aa6b03bfa97d6b88ad942fa11062 1033236 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u16_amd64.deb
a9886bef62628124aae15aa846253d52ad5be33a 409482 libmagickwand-6.q16-2_6.8.9.9-5+deb8u16_amd64.deb
fc5f3706dbb25610cc484ab457fb1dbf29637d1c 395790 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u16_amd64.deb
abb88297fdfec016e130b266ffb677a25903af88 260374 libmagick++-6.q16-5_6.8.9.9-5+deb8u16_amd64.deb
d3217599fb36db0abd5c3e967ce1db7ef2796908 227226 libmagick++-6.q16-dev_6.8.9.9-5+deb8u16_amd64.deb
7672dfd7c31a6b45f6df86cbf0030eb2cd4e1b48 5014444 imagemagick-dbg_6.8.9.9-5+deb8u16_amd64.deb
32e9a782f0eed6ed4813afb77b27fadfad858aa7 225940 libimage-magick-q16-perl_6.8.9.9-5+deb8u16_amd64.deb
f235d24a1198d91b17b996d7f2232882bb5f0e05 127782 perlmagick_6.8.9.9-5+deb8u16_all.deb
ecec787ed0eee2b2976a1655a036d0e45e6576e8 127762 libmagickcore-dev_6.8.9.9-5+deb8u16_all.deb
24c06a43e86407958b8ad967372a0bd07c954390 127750 libmagickwand-dev_6.8.9.9-5+deb8u16_all.deb
d7f813b7cabe2ee5a1cd072e16d8fe72c4938b9d 127776 libmagick++-dev_6.8.9.9-5+deb8u16_all.deb
Checksums-Sha256:
c421b078d063926aaf8138d2d4110ea692264399de44a09f504b040dd6511220 4379 imagemagick_6.8.9.9-5+deb8u16.dsc
897963f96ccf3d9f6a409e84ab64822084fce41535299bc77b42b5a4aa1a499e 308224 imagemagick_6.8.9.9-5+deb8u16.debian.tar.xz
d41fa14a4f063fa0a339a48013c11eb6b71144d0058077698bcd34e7bfe0a9c5 155298 imagemagick-common_6.8.9.9-5+deb8u16_all.deb
ff10e759a82740ae9a86e403f2b407e84816301e345dbc6b8db3a9229a877202 7653154 imagemagick-doc_6.8.9.9-5+deb8u16_all.deb
f1437fcc471706f4d9d6b5aa03aa92c101dd7875012ec882348144716e91e64d 173394 libmagickcore-6-headers_6.8.9.9-5+deb8u16_all.deb
003500c866f9aac6d45df1fe1c7587533f280edfb7bb0b7345cc1e28947cb4ab 136426 libmagickwand-6-headers_6.8.9.9-5+deb8u16_all.deb
b2eb0f85e667bc5c094102ef632517b88b2d003b9c20dac0d807320b172bf193 172024 libmagick++-6-headers_6.8.9.9-5+deb8u16_all.deb
7b090aff0765e04b782df3764cb774e0b312bf5bad7a0461dbba68a51a808d38 161350 imagemagick_6.8.9.9-5+deb8u16_amd64.deb
e5c339ee473703eb91a5f7bd96ded956d0d4dd33b6e336e832e38a72fb61608f 179872 libimage-magick-perl_6.8.9.9-5+deb8u16_all.deb
435402c7aa35b90a12584749a19cd7263ad72e4984cc6ce44e81190589091cd3 135224 libmagickcore-6-arch-config_6.8.9.9-5+deb8u16_amd64.deb
4cca4ff8ed7ab41fbd2f8a59385d5f43960f3008e36e9b7cd11e9e9d5c3ca643 514740 imagemagick-6.q16_6.8.9.9-5+deb8u16_amd64.deb
af8d9a7ccd0ec32b743322d95daa07b671f7e905612348e9d4ad9f23d53e17af 1699042 libmagickcore-6.q16-2_6.8.9.9-5+deb8u16_amd64.deb
52a828bb7238771232a9d5d619a1f07c1bb7fc6909264446e661184ac61f4459 175800 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u16_amd64.deb
cf7aad4635a86455b83bfda11e911615510516259b8e3af030d8bffe8b5ca0ad 1033236 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u16_amd64.deb
7eb3239a1dafb71ad3f8405f1698431ddfe6a602d11ade2f444ed0b9b528eec3 409482 libmagickwand-6.q16-2_6.8.9.9-5+deb8u16_amd64.deb
6de89ebbbeb694254cd71a916ae7bf5a03fad389cb7eaadb8bbc3b3cca5803b1 395790 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u16_amd64.deb
2cda694ddd196898a0d1f2eadc52e4d9fa25c98d39175e580cee1e4771e1428b 260374 libmagick++-6.q16-5_6.8.9.9-5+deb8u16_amd64.deb
f6ace980110c132bee9cf811199f00fbe5a80f1e1341b59d99ba53d55513d2d3 227226 libmagick++-6.q16-dev_6.8.9.9-5+deb8u16_amd64.deb
3a21e51927122388620835184973bce49960728a52d1df94ce2e95d9c4c51cae 5014444 imagemagick-dbg_6.8.9.9-5+deb8u16_amd64.deb
d95be57339bcb91ab1c5a9cd09f508d431dbe7491329a0cf405494f769327115 225940 libimage-magick-q16-perl_6.8.9.9-5+deb8u16_amd64.deb
a02c0600eec620669b298ca7f71ccd57f1fe6be197eb6f7b8605f138e877e1bf 127782 perlmagick_6.8.9.9-5+deb8u16_all.deb
ba765d728a4db5d109cd7ec79623b1d3be10d8224682b6911eca5e1aca49e4ad 127762 libmagickcore-dev_6.8.9.9-5+deb8u16_all.deb
cd4551900b4d7cf6fe8571d7f6e5de9bebdf0902ce6824a2a81f9d8feb2d3085 127750 libmagickwand-dev_6.8.9.9-5+deb8u16_all.deb
857a15684689a13ecefee05a50d4eedf70d42e56fe2a14ec92da1cd7db1477c0 127776 libmagick++-dev_6.8.9.9-5+deb8u16_all.deb
Files:
8dae46cbe767b2ec0cb56964e44c6556 4379 graphics optional imagemagick_6.8.9.9-5+deb8u16.dsc
782153158b7207efab42a3e33e519bde 308224 graphics optional imagemagick_6.8.9.9-5+deb8u16.debian.tar.xz
f112490a09ce21c7cd68e7c155227c7b 155298 graphics optional imagemagick-common_6.8.9.9-5+deb8u16_all.deb
97d201996f5e02e5f570f0774e2484e0 7653154 doc optional imagemagick-doc_6.8.9.9-5+deb8u16_all.deb
988b409fc4c1df3359c01c8a9bcb5a59 173394 libdevel optional libmagickcore-6-headers_6.8.9.9-5+deb8u16_all.deb
9b74f818ca7b275dc16234135e10eb85 136426 libdevel optional libmagickwand-6-headers_6.8.9.9-5+deb8u16_all.deb
bad526d7fd7294ff89d4f25f1ee35967 172024 libdevel optional libmagick++-6-headers_6.8.9.9-5+deb8u16_all.deb
ac5a74da8f2679b153d3d35ca1218312 161350 graphics optional imagemagick_6.8.9.9-5+deb8u16_amd64.deb
d531f27b6196e9211feb8207394869a0 179872 perl optional libimage-magick-perl_6.8.9.9-5+deb8u16_all.deb
f1f6f5ae04ef238d77258fb27f0623ac 135224 libdevel optional libmagickcore-6-arch-config_6.8.9.9-5+deb8u16_amd64.deb
7ea97dd7150ee317f351b75395a95b85 514740 graphics optional imagemagick-6.q16_6.8.9.9-5+deb8u16_amd64.deb
47f13677af973a6c6e19f4cbb951e400 1699042 libs optional libmagickcore-6.q16-2_6.8.9.9-5+deb8u16_amd64.deb
94c9a2afcc8751a1dff17553b99b722a 175800 libs optional libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u16_amd64.deb
9bef4d1991b2811dfab7a78742dd7c91 1033236 libdevel optional libmagickcore-6.q16-dev_6.8.9.9-5+deb8u16_amd64.deb
d82a630c0e16b5719840ce039ca4006e 409482 libs optional libmagickwand-6.q16-2_6.8.9.9-5+deb8u16_amd64.deb
b6c22b5d53d1840aa309132333b2e812 395790 libdevel optional libmagickwand-6.q16-dev_6.8.9.9-5+deb8u16_amd64.deb
2b37ad154c143a5f11453e5ae65b49c2 260374 libs optional libmagick++-6.q16-5_6.8.9.9-5+deb8u16_amd64.deb
841c6da6743852b7cd351b6514205f42 227226 libdevel optional libmagick++-6.q16-dev_6.8.9.9-5+deb8u16_amd64.deb
b04841e7de035512f24bc5c46de91de8 5014444 debug extra imagemagick-dbg_6.8.9.9-5+deb8u16_amd64.deb
0f6abfbc8784189b833c4597b399d96f 225940 perl optional libimage-magick-q16-perl_6.8.9.9-5+deb8u16_amd64.deb
3307029ef84613a7c5b089d213df861e 127782 oldlibs extra perlmagick_6.8.9.9-5+deb8u16_all.deb
8d9b0cd9aa81f3eacb566dabac57503d 127762 oldlibs extra libmagickcore-dev_6.8.9.9-5+deb8u16_all.deb
c141924927ce790418193322c79bb3a6 127750 oldlibs extra libmagickwand-dev_6.8.9.9-5+deb8u16_all.deb
60c723c934f509c53161c9d9b7a7c849 127776 oldlibs extra libmagick++-dev_6.8.9.9-5+deb8u16_all.deb
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlzahNtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk7/QP/0Hz1iMKLsEIfoW0mkSPE+u1zj6vCy+GYcuZ
DT/cT8UZn/JMQe6Zd2OvzuGrsPCPW4ZTx9nwU00Dwpw1VwyoIRzyYc3BPXIMhsIy
veSb/3ctQhx7CHZMqOP7mYLyajDJ/OJcZ7DyhanU85ixuf1rH9tjOUhkDuYa9PZf
Rd7G6N7L1TWamPNXQq0VIZEBA88IwJ4f1Bcc4RQNaE/6jAkMmiWDGF8aWXpocauw
C6OKlq4J+Uuma2toi+G7nQhdvgA+tw0RnvDW1F7Vnrc0OC3V2/8Gu37rLX5Pn+IJ
fqTdNrdBpDALyMSNXC39HLc+8k1JmfqI3b6U/yn2KClHhCR3Mgs19Tt+h0+hSvuG
G7pO5tuP74+9plhybT4lfb4w9qBAK68Kn4dcXqX3xM7zRfi9Ap2KizkpzNFqTWNS
FojuW8rdtVjf8sF1N7VMje5Uo1SzsrA6aNYoM6AvjNNvM3cnil2xq9bS/0N2zqtT
sdrGf4lgOXdkS71e4u1qLuOfmtv1SdF2Lm54YuKM/JZOiehTYTW6l0M2gm6Kp1fX
/5CzZgQIodmKSAOhxQt7Bq6g//54qQYEAgDI64fSu6PztdQGU27VKzgDSCMmCZcB
dbFBT2onpvJbHBXX+das/wb8GQZJvA3+WCw61T7qU1A0Fydoexbf0mBv0BL+L6eY
oPPhGTGq
=tdC5
-----END PGP SIGNATURE-----
Reply to: