Control: tags -1 + moreinfo On Thu, 2016-01-14 at 22:33 +0100, Vincent Fourmond wrote: > The imagemagick maintainers (mostly Bastien) have prepared a new > version of imagemagick for stable that fixes a series of minor > security issues that the security team did not deem worthy of an > upload to stable-security. Can we upload the following package ? Here > is the changelog:
While I've not checked each fix individually (mostly due to the lack of Debian bugs referenced), at least these changes: > - Fix an integer overflow that can lead to a buffer overrun > in the icon parsing code (LP: #1459747, closes: #806441) > - Fix an integer overflow that can lead to a double free in > pict parsing (LP: #1448803, closes: #806441). claim not to be fixed in unstable according to the BTS metadata, which is a pre-requisite for fixing them in stable. Please could you clarify the status of those and the other fixes. Regards, Adam