Your message dated Wed, 12 Oct 2016 12:34:26 +0000
with message-id <e1buijq-0000wq...@franck.debian.org>
and subject line Bug#840437: fixed in imagemagick 8:6.9.6.2+dfsg-1
has caused the Debian Bug report #840437,
regarding CVE-2016-7799 mogrify global buffer overflow
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
840437: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840437
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: src:imagemagick
version: 8:6.7.7.10-4
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
https://github.com/ImageMagick/ImageMagick/issues/280
https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa
--- End Message ---
--- Begin Message ---
Source: imagemagick
Source-Version: 8:6.9.6.2+dfsg-1
We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 840...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bastien Roucariès <roucaries.bastien+deb...@gmail.com> (supplier of updated
imagemagick package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 11 Oct 2016 12:18:59 +0200
Source: imagemagick
Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers
libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl
libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2
libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2
libmagickwand-6.q16-dev libmagick++-6.q16-6v6 libmagick++-6.q16-dev
libimage-magick-q16-perl imagemagick-common imagemagick-doc perlmagick
libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick
Architecture: source
Version: 8:6.9.6.2+dfsg-1
Distribution: experimental
Urgency: high
Maintainer: ImageMagick Packaging Team
<pkg-gmagick-im-t...@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <roucaries.bastien+deb...@gmail.com>
Description:
imagemagick - image manipulation programs -- binaries
imagemagick-6-common - image manipulation programs -- infrastructure
imagemagick-6-doc - document files of ImageMagick
imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
imagemagick-common - image manipulation programs -- infrastructure dummy
package
imagemagick-doc - document files of ImageMagick -- dummy package
libimage-magick-perl - Perl interface to the ImageMagick graphics routines
libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines
-- Q16 versio
libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header
files
libmagick++-6.q16-6v6 - object-oriented C++ interface to ImageMagick
libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick -
development files
libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package
libmagickcore-6-arch-config - low-level image manipulation library -
architecture header files
libmagickcore-6-headers - low-level image manipulation library - header files
libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth
Q16
libmagickcore-6.q16-2-extra - low-level image manipulation library - extra
codecs (Q16)
libmagickcore-6.q16-dev - low-level image manipulation library - development
files (Q16)
libmagickcore-dev - low-level image manipulation library -- dummy package
libmagickwand-6-headers - image manipulation library - headers files
libmagickwand-6.q16-2 - image manipulation library
libmagickwand-6.q16-dev - image manipulation library - development files
libmagickwand-dev - image manipulation library -- dummy package
perlmagick - Perl interface to ImageMagick -- dummy package
Closes: 840435 840437
Changes:
imagemagick (8:6.9.6.2+dfsg-1) experimental; urgency=high
.
* New upstream release.
* Fix CVE-2016-7906 mogrify use after free (Closes: #840435).
* Fix CVE-2016-7799 mogrify global buffer overflow (Closes: #840437).
Checksums-Sha1:
3f9dccd73fbdef75214d3cecb6bbd0950a94a1eb 4337 imagemagick_6.9.6.2+dfsg-1.dsc
fa7319a4f23712e55cd539cf6ff0dbdbc0639846 8996652
imagemagick_6.9.6.2+dfsg.orig.tar.xz
4edde7a1dddb6d686e195877a389ccefca01aa98 206440
imagemagick_6.9.6.2+dfsg-1.debian.tar.xz
Checksums-Sha256:
bb5f2914b3e6f647ca1c450711361962a219466764fa27e36948208319a895b2 4337
imagemagick_6.9.6.2+dfsg-1.dsc
2b82e076ad077385e147856111704f59661eda7b60a5227222a8375158335ec9 8996652
imagemagick_6.9.6.2+dfsg.orig.tar.xz
5b4edf9dbb86f3bd28e7c2449736cc52ce2eebd1bb39794ba96220fedc639176 206440
imagemagick_6.9.6.2+dfsg-1.debian.tar.xz
Files:
3ec185bfe6efa9fce15255e6f20070c8 4337 graphics optional
imagemagick_6.9.6.2+dfsg-1.dsc
7e31ceb28b0731012134d3ffc477c64a 8996652 graphics optional
imagemagick_6.9.6.2+dfsg.orig.tar.xz
2a57d91435562e751c3db96362e93f00 206440 graphics optional
imagemagick_6.9.6.2+dfsg-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJX/ipzAAoJEB8MfdBqtsBmwMIQAKn1kVji7Ze5+Ocno/Yq79l0
PlhtZMdAeQQMdMXaHAUeySDPsrCmh339TsTBixsWpy2o5qaQokJ2KnlEGYi3+FEa
92Mt5Iq7iHR2D80y/aXqH229PCaqTilEypKuzHOKzWREZZ7xIi+ieudTGZkQd+z3
EGMrGACrTVNPAdXOHhz5P/cA/naY69cx+MzhtarmBCe4HdhLGwNnFodyQ2mdN3vS
qCgAyHyfUnhs7+5rvEsJ6DaxM8Skoy6D8V8RrP7Z8syDP+hVtPnMgV6c+RISgNVD
sgDGlQRuuKZ0Mu14Zij1zduEqsT4ucBC8ZKLTS1BD9mVHzHjUEr0YJ2cJfr95iyi
hjr+Svlk5Lwzh9reB6VzMkC7JDbKZ3e7wNz+8BeyrpOwxDp5tpq08T/WKOCYl0+Y
rbp+NXKoXtzkqMwdSF+JygEpmsbIOtPY8DFD0VVNBF5DbwBsppDEiwLzeOjqLvl1
HFt57Sp5794EUiOuA9TQUNDAVrSRfQpVS2T6UG0CQuKhhIew40r010+gKaMDYSP2
/baUjGWGfVCQYZG2XI0EfRIFaxBGm0E9qDObzA9ezQ9YEXkwKkgWQ61Waio7+bix
4Gb4N4batIlwcCjO1SnCvZrjXY2m0T4UYsICdMUmEHEXTaPFgxraTwPX19LkjWdv
ALUOZJM1GT1k1eSsqFfc
=HLOc
-----END PGP SIGNATURE-----
--- End Message ---
