Re: Wheezy update of imagemagick?

To: Emilio Pozuelo Monfort <pochu@debian.org>
Cc: Bastien Roucaries <roucaries.bastien@gmail.com>, imagemagick@packages.debian.org, Debian LTS <debian-lts@lists.debian.org>
Subject: Re: Wheezy update of imagemagick?
From: Ola Lundqvist <ola@inguza.com>
Date: Thu, 29 Dec 2016 22:43:06 +0100
Message-id: <[🔎] CABY6=0momjLV3Z8O8hbiPpwkk81-o4qbogu=OF=iRdF1vB=PLQ@mail.gmail.com>
In-reply-to: <[🔎] CABY6=0mMrkpsWUZxy+97Vk80t=Qf7b46rSumQ5d8tw33MBJE+Q@mail.gmail.com>
References: <[🔎] 20161223223213.GA23155@inguza.net> <[🔎] F2A50157-9F87-4F78-8129-07A0B5FCF654@gmail.com> <[🔎] CABY6=0nBXcaZcwjsLf4nZfGJs3yrTq0CN==wWvb=kHH5N=gmgw@mail.gmail.com> <[🔎] 20161228220813.GE25123@connexer.com> <[🔎] CABY6=0mMrkpsWUZxy+97Vk80t=Qf7b46rSumQ5d8tw33MBJE+Q@mail.gmail.com>

Hi Emilio

Just wanted you to know that I removed imagemagick from dla-needed.txt
now. You are welcome to double-check that these issues were really
fixed.

Best regards

// Ola

On 29 December 2016 at 22:41, Ola Lundqvist <ola@inguza.com> wrote:
> Hi
>
> Thank you. I have updated the security tracker with this information.
>
> // Ola
>
> On 28 December 2016 at 23:08, Roberto C. Sánchez <roberto@connexer.com> wrote:
>> Hi Ola,
>>
>> The issues CVE-2016-8677 and CVE-2016-9559 were fixed by Antione when he
>> uploaded that latest imagemagick update to LTS.  However, the
>> announcement (DLA-756-1) did not list those issues among the issues that
>> were addressed by that update.  I have already mentioned it to him a
>> couple of days ago via private email.
>>
>> Regards,
>>
>> -Roberto
>>
>> On Wed, Dec 28, 2016 at 09:39:42PM +0100, Ola Lundqvist wrote:
>>> Hi
>>>
>>> We will handle it. Take care.
>>>
>>> // Ola
>>>
>>> On 28 December 2016 at 21:15, Bastien Roucaries
>>> <roucaries.bastien@gmail.com> wrote:
>>> > Take care for this time. I lack tome now (babies)
>>> >
>>> >
>>> > Le 23 décembre 2016 23:32:17 GMT+01:00, Ola Lundqvist <ola@inguza.com> a
>>> > écrit :
>>> >>
>>> >> Hello dear maintainer(s),
>>> >>
>>> >> the Debian LTS team would like to fix the security issues which are
>>> >> currently open in the Wheezy version of imagemagick:
>>> >> https://security-tracker.debian.org/tracker/CVE-2016-8677
>>> >> https://security-tracker.debian.org/tracker/CVE-2016-9559
>>> >>
>>> >> Would you like to take care of this yourself?
>>> >>
>>> >> If yes, please follow the workflow we have defined here:
>>> >> https://wiki.debian.org/LTS/Development
>>> >>
>>> >> If that workflow is a burden to you, feel free to just prepare an
>>> >> updated source package and send it to debian-lts@lists.debian.org
>>> >> (via a debdiff, or with an URL pointing to the source package,
>>> >> or even with a pointer to your packaging repository), and the members
>>> >> of the LTS team will
>>> >> take care of the rest. Indicate clearly whether you
>>> >> have tested the updated package or not.
>>> >>
>>> >> If you don't want to take care of this update, it's not a problem, we
>>> >> will do our best with your package. Just let us know whether you would
>>> >> like to review and/or test the updated package before it gets released.
>>> >>
>>> >> You can also opt-out from receiving future similar emails in your
>>> >> answer and then the LTS Team will take care of imagemagick updates
>>> >> for the LTS releases.
>>> >>
>>> >> Thank you very much.
>>> >>
>>> >> Ola Lundqvist,
>>> >>   on behalf of the Debian LTS team.
>>> >>
>>> >> PS: A member of the LTS team might start working on this update at
>>> >> any point in time. You can verify whether someone is registered
>>> >> on this update in this file:
>>> >>
>>> >> https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
>>> >
>>> >
>>> > --
>>> > Envoyé de mon appareil Android avec K-9 Mail. Veuillez excuser ma brièveté.
>>>
>>>
>>>
>>> --
>>>  --- Inguza Technology AB --- MSc in Information Technology ----
>>> /  ola@inguza.com                    Folkebogatan 26            \
>>> |  opal@debian.org                   654 68 KARLSTAD            |
>>> |  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
>>> \  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
>>>  ---------------------------------------------------------------
>>>
>>
>> --
>> Roberto C. Sánchez
>> http://people.connexer.com/~roberto
>> http://www.connexer.com
>
>
>
> --
>  --- Inguza Technology AB --- MSc in Information Technology ----
> /  ola@inguza.com                    Folkebogatan 26            \
> |  opal@debian.org                   654 68 KARLSTAD            |
> |  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
> \  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
>  ---------------------------------------------------------------



-- 
 --- Inguza Technology AB --- MSc in Information Technology ----
/  ola@inguza.com                    Folkebogatan 26            \
|  opal@debian.org                   654 68 KARLSTAD            |
|  http://inguza.com/                Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---------------------------------------------------------------

Reply to:

Follow-Ups:
- Re: Wheezy update of imagemagick?
  - From: Ola Lundqvist <ola@inguza.com>

References:
- Wheezy update of imagemagick?
  - From: Ola Lundqvist <ola@inguza.com>
- Re: Wheezy update of imagemagick?
  - From: Bastien Roucaries <roucaries.bastien@gmail.com>
- Re: Wheezy update of imagemagick?
  - From: Ola Lundqvist <ola@inguza.com>
- Re: Wheezy update of imagemagick?
  - From: Roberto C. Sánchez <roberto@connexer.com>
- Re: Wheezy update of imagemagick?
  - From: Ola Lundqvist <ola@inguza.com>

Prev by Date: Re: Wheezy update of imagemagick?
Next by Date: Re: Wheezy update of hplip for CVE-2015-0839
Previous by thread: Re: Wheezy update of imagemagick?
Next by thread: Re: Wheezy update of imagemagick?
Index(es):
- Date
- Thread