Possible imagmagick package update

To: debian-security@lists.debian.org
Subject: Possible imagmagick package update
From: Paul Holden <pdmholden@gmail.com>
Date: Sun, 16 Dec 2018 17:03:47 -0800
Message-id: <[🔎] a9bed466-4325-f3f1-147b-81cd82508a06@gmail.com>

In September CVE-2018-16323
(https://security-tracker.debian.org/tracker/CVE-2018-16323) was
published, indicating a vulnerability in ImageMagick. The Debian
security tracker shows that the Debian package update for stretch has
been postponed (https://security-tracker.debian.org/tracker/CVE-2018-16323).

I know that the ImageMagick developers have patched the vulnerability,
which is available in version 6.9.10-16 (see
https://github.com/ImageMagick/ImageMagick6/commit/57565dace66d550042522e203f522da711d551a6).
Is there interest in adding the patched ImageMagick to the Debian
package? I'm willing to do the work or help out in any way. Just
wondering if this is something the community considers worthwhile and
how I should proceed.

Regards,
Paul

Reply to:

Prev by Date: u+S WAS: Which one is better solution?
Next by Date: "Magellan" bug in sqlite3
Previous by thread: Unsuscribe
Next by thread: "Magellan" bug in sqlite3
Index(es):
- Date
- Thread