control: tags -1 + patch
control: retitle -1 [CVE-2017-6497] Added missing null check in psd coder
control: severity -1 important
control: tags -1 +wontfix
webp is disable under debian
Package: src:pdfsandwich
version: 0.1.6-1
Severity: grave
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
Hi,
pdfsandwish use totally previsible file name like
/tmp/pdfsandwich_inputfileea1150.pdf[11]
Security team could you open a CVE ?
Upsteam should use for instance
Package: gscan2pdf
Version: 1.6.0-3
Severity: important
Recent version of gscan2pdf fail to correctly import NIST bulletin
http://nvlpubs.nist.gov/nistpubs/bulletin/03/nbsbulletinv3n2p295_A2b.pdf
Thanks
Bastien
control: severity -1 important
Let decrease the severity to something not RC. I need to know if the
problem is in dpkg or imagemagick. And I do not want to block the
security update of imagemagick.
On Sat, Jan 21, 2017 at 11:04 PM, Andreas Beckmann wrote:
> Followup-For: Bug
control: tags -1 + confirmed
control: affect -1 consolation
control: affect -1 gpm
Hi,
Jan 16 08:44:23 portable2015-bastien kernel: [67391.039421] Freezing
user space processes ...
Jan 16 08:44:23 portable2015-bastien kernel: [67411.041796] Freezing
of tasks failed after 20.002 seconds (1
control: retitle -1 ITP: universal-ctags
control: owner -1 !
Resent, one more year
>
> Dear phil
>
> Some file on your website seems to have contradictory license terms:
>
> On http://www.color.org/profiles2.xalter you said:
>
>> The copyright owner and terms of use of an ICC profile are normally
>> identified in the Creator field in
>> the profile header
On Sun, Jan 8, 2017 at 4:03 PM, Bastien ROUCARIES
<roucaries.bast...@gmail.com> wrote:
> On Sun, Jan 8, 2017 at 12:28 PM, Simon McVittie <s...@debian.org> wrote:
>> On Sat, 07 Jan 2017 at 22:18:45 +, Holger Levsen wrote:
>>> On Sat, Jan 07, 2017 at 11:11:02
On Sun, Jan 8, 2017 at 12:28 PM, Simon McVittie wrote:
> On Sat, 07 Jan 2017 at 22:18:45 +, Holger Levsen wrote:
>> On Sat, Jan 07, 2017 at 11:11:02PM +0100, Mattia Rizzolo wrote:
>> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677673
>> >
On Fri, Jan 6, 2017 at 5:41 PM, Jonas Smedegaard <jo...@jones.dk> wrote:
> Quoting Pirate Praveen (2017-01-06 17:12:29)
>> Control: severity -1 important
>>
>> On വെള്ളി 06 ജനുവരി 2017 04:07 വൈകു, Bastien ROUCARIES wrote:
>> > Using grunt for node-sprintf-js
On Fri, Jan 6, 2017 at 6:39 PM, Bastien ROUCARIES
<roucaries.bast...@gmail.com> wrote:
> On Fri, Jan 6, 2017 at 5:41 PM, Jonas Smedegaard <jo...@jones.dk> wrote:
>> Quoting Pirate Praveen (2017-01-06 17:12:29)
>>> Control: severity -1 important
>>>
>>&
Package: node-grunt-cli
Version: 1.2.0-3
Severity: serious
Using grunt for node-sprintf-js I get
Fatal error: Unable to find local grunt.
If you're seeing this message, grunt hasn't been installed locally to
your project. For more information about installing and configuring grunt,
please see
Package: node-grunt-cli
Version: 1.2.0-3
Severity: minor
Hi
Please install completion files
Package: node-grunt-cli
Version: 1.2.0-3
Severity: important
I wish to use grunt-cli for node-sprintf-js but due to lack of
documentation I could not go futher.
They are no man page and moreover running grunt give me:
grunt-cli: The grunt command line interface (v1.2.0)
Fatal error: Unable to
On Mon, Jan 2, 2017 at 1:28 PM, Eduard Bloch wrote:
> Control: reopen 848849
>
>> It is really hard from a pipe to guess the type of file.
>
> Huh?
>
> It has been possible and has been working fine (from user POV) for
> years. Even the oldest version I can access right now (Ubuntu
Le 29 décembre 2016 16:37:43 GMT+01:00, Emilio Pozuelo Monfort
a écrit :
>Control: tags -1 confirmed
>
>On 23/12/16 18:54, Bastien ROUCARIÈS wrote:
>> Package: release.debian.org
>> Severity: normal
>>
>> Hi,
>>
>> Due to #846385 could be possible to get transition for
I suppose experimental version is immune ?
On Tue, Dec 27, 2016 at 8:42 AM, Salvatore Bonaccorso wrote:
> Source: imagemagick
> Version: 8:6.8.9.9-5
> Severity: important
> Tags: upstream security
>
> Hi,
>
> the following vulnerability was published for imagemagick. AFAICT,
>
Hi,
experimental build fine. Waiting for green light
I see you have setup the transition matrix
Bastien
I suppose you use the experimental version
On Tue, Dec 27, 2016 at 1:37 PM, 積丹尼 Dan Jacobson wrote:
> Package: imagemagick-6-common
>
> # aptitude full-upgrade
> The following packages will be upgraded:
> imagemagick-6-common
> 1 packages upgraded, 0 newly installed, 0 to
On Tue, Dec 20, 2016 at 12:26 AM, Jérémy Lal wrote:
> Package: lintian
> Version: 2.5.49
> Severity: normal
>
> This doesn't override anything:
>
> source/lintian-overrides
> source-is-missing deps/v8/benchmarks/regexp.js
> source-is-missing doc/api_assets/sh_javascript.min.js
I forget to mention that rdeps build fine except:
trafficserver is - #848800
rss-glx due to unreleated build
conflict (#838800)
On Thu, Dec 22, 2016 at 4:37 AM, Trent W. Buck wrote:
> Package: lintian
> Version: 2.5.30+deb8u4
> Severity: minor
>
> While making a package I got this from lintian:
>
> E: foo: privacy-breach-w3c-valid-html usr/foo/foo.html
>
Package: sponsorship-requests
Severity: important
control: block 846385- by -1
Dear mentors,
I am looking for a sponsor for my package "imagemagick"
* Package name: imagemagick
Version : 8:6.9.7.0+dfsg-1
Section : graphics
It builds those binary packages:
Yes go for it
On Sun, Dec 18, 2016 at 9:00 PM, Antoine Beaupré wrote:
> Hi!
>
> All the bugs mentionned in the CC list are marked as "Workaround entry
> for DSA--1 until CVEs assigned" in the security tracker:
>
>
control: clone -1 -2
control: reassign -2 dpkg
control: severity -2 wishlist
control: retitle -2 dpkg maint script should ignore dpkg-backup file
Hi,
The following scenario fail
dpkg-maintscript-helper symlink_to_dir foo/bar
dpkg-maintscript-helper dir_to_symlink foo
due to created dkpg-backup
control: clone -1
control: reassign -2 dpkg
control: severity -2 wishlist
control: retitle -2 dpkg maint script should ignore dpkg-backup file
Hi,
The following scenario fail
dpkg-maintscript-helper symlink_to_dir foo/bar
dpkg-maintscript-helper dir_to_symlink foo
due to created dkpg-backup on
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: graveTags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability
http://www.talosintelligence.com/reports/TALOS-2016-0216/
Fixed by:
Le 26 novembre 2016 02:58:08 GMT+01:00, ChangZhuo Chen a
écrit :
>Package: wnpp
>Severity: wishlist
>Owner: "ChangZhuo Chen (陳昌倬)"
>
>* Package name: tpm
> Version : v3.0.0
> Upstream Author : 2014 Bruno Sutic
>* URL :
control: notfixed -1 imagemagick/8:6.9.6.2+dfsg-2
Corrected not fixed in sid, really sorry for this.
Will resend a new sid version
Can i add a newer patch fixing the last cve ?
Le 25 novembre 2016 17:30:54 GMT+01:00, Luciano Bello a
écrit :
>Hi,
> I will sponsor imagemagick/8:6.8.9.9-5+deb8u6 and release the DSA.
>
>Thanks for you effort of keeping imagemagick secure!
>
>/luciano
--
Envoyé de mon
control: severity -1 minor
control: tags -1 + wontfix
This bug concern only Q64 that is not compiled on debian and does not
work on the upstream side.
Bastien
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
control: fixed -1 8:6.9.6.2+dfsg-2
control: forwarded -1
control: fixed -1 8:6.9.6.2+dfsg-1
control: fixed -1 8:6.9.6.2+dfsg-2
control: fixed -1 8:6.9.6.2+dfsg-1
control: found -1 8:6.7.7.10-5+deb7u7
control: found -1 8:6.7.7.10-5+deb7u7
On Tue, Nov 22, 2016 at 12:33 PM, Bastien ROUCARIES
<roucaries.bast...@gmail.com> wrote:
> Corrected in may not a concern for sid
gt; Mon, 21
Nov 2016 22:04:16 +0100
Regards,
bastien roucaries
control: notfound -1 8:6.7.7.10-5+deb7u7
control: notfound -1 8:6.8.9.9-5+deb8u5
bug is not present before sid
control: notfound -1 8:6.8.9.9-5+deb8u5
control: notfound -1 8:6.7.7.10-5+deb7u7
This function is not present in jessie. So no bug
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
control: notfound -1 8:6.9.6.2+dfsg-2
moreinfo
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
control: found -1 8:6.9.6.2+dfsg-2
API abuse lead to sigv
fixed in
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
control: notfound -1 8:6.9.6.2+dfsg-2
Found by code review of changleog
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
control: found -1 8:6.9.6.2+dfsg-2
Lead to segfault
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
control: found -1 8:6.9.6.2+dfsg-2
Moreinformation https://github.com/ImageMagick/ImageMagick/issues/301
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: important
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
control: found -1 8:6.9.6.2+dfsg-2
control: tag -1 fixed-in-experimental
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: important
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
bug: https://github.com/ImageMagick/ImageMagick/issues/129
bug-ubuntu:
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
Avoid a DOS by better checking overflow
control: notfound -1 8:6.9.6.2+dfsg-1
On Mon, Nov 21, 2016 at 2:19 PM, Salvatore Bonaccorso <car...@debian.org> wrote:
> Hi,
>
> On Mon, Nov 21, 2016 at 01:51:52PM +0100, Bastien ROUCARIES wrote:
>> Package: src:imagemagick
>> version: 8:6.9.6.2+dfsg-2
>> S
Package: src:imagemagick
version: 8:6.9.6.2+dfsg-2
Severity: important
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
control: found -1 8:6.8.9.9-5+deb8u5
control: tags -1 + fixed-upstream
Package: src:imagemagick
version: 8:6.9.6.2+dfsg-2
Severity: important
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
control: found -1 8:6.8.9.9-5+deb8u5
control: tags -1 + fixed-upstream
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: important
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
commit c668a174e039905b4df1aaea96fcf087b8526575
Author: Cristy
Date: Wed
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: important
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
This will avoid a buffer overflow
Found during git tree review
origin;
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: important
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
Imagemagick write path does not check return of fputc.
Therefore it could return success of conversion
Package: src:imagemagick
version: 8:6.8.9.9-5+deb8u5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
control: found -1 8:6.7.7.10-5+deb7u7
Found by code review a buffer overflow in imagemagick tiff file handling
Upstream commit
forget to push last version
Done now.
Thanks
On Tue, Nov 8, 2016 at 4:47 PM, Mattia Rizzolo <mat...@debian.org> wrote:
> control: owner -1 !
> control: tag -1 moreinfo
>
> On Mon, Nov 07, 2016 at 09:49:52PM +0100, Bastien ROUCARIES wrote:
>> I am looking for
the last upload:
* New upstream version.
* Bump policy version (no changes).
* Use compat 10.
* Upgrade VCS fields.
It is needed for browserify effort so try to upload correct version
Regards,
bastien roucaries
00
It is needed for browserify effort so try to upload correct version
Regards,
bastien roucaries
amic range. No upstream code change
Regards,
bastien roucaries
control: block -1 by 842928
Not really like a charm it is variation of 842928
On Sat, Nov 5, 2016 at 10:42 PM, Bastien ROUCARIES
<roucaries.bast...@gmail.com> wrote:
> I do not understand hy autoreconf does not run aclocal --install...
>
> If done it work like a charm
I do not understand hy autoreconf does not run aclocal --install...
If done it work like a charm
Please go with it
Le 29 octobre 2016 09:11:52 GMT+02:00, Sarath M S a écrit :
>Hi Bastien,
>
>Can you confirm that you aren't currently packaging this node module? I
>already got started with building the package, with little more work to
>do.
>
>Cheers,
>Sarath
>
>PS: Thanks
severity: grave
package: maxima-emacs
version: 5.38.1-3
Typing imaxima under emacs does not work:
Warning: SIMPLE-WARNING: Maxima is unable to set up the help system.
(Details: CL-INFO::LOAD-PRIMARY-INDEX: Condition in
CL-INFO::LOAD-PRIMARY-INDEX [or a callee]: INTERNAL-SIMPLE-FILE-ERROR:
File
control: tags -1 + moreinfo
Hi,
I have put the patch could you retest and check if it work ?
Bastien
control: tags -1 + moreinfo
Hi,
Could you retest with newer version ?
Thank you
Package: dh-exec
Version: 0.23
Severity: important
dh-exec --with=subst --no-act
/usr/lib/dh-exec/dh-exec-filter | /usr/lib/dh-exec/dh-exec-subst |
/usr/lib/dh-exec/dh-exec-strip [input: {0, NULL}, output: {0, NULL}]
instead of
/usr/lib/dh-exec/dh-exec-subst [input: {0, NULL}, output: {0,
control: severity -1 serious
Transition is on going
Thanks
Patch is fine
Applied
Package: src:imagemagick
version: 8:6.7.7.10-4
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
https://github.com/ImageMagick/ImageMagick/issues/280
https://github.com/ImageMagick/ImageMagick/commit/a7bb158b7bedd1449a34432feb3a67c8f1873bfa
Package: src:imagemagick
version: 8:6.7.7.10-4
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
imagemagick mogrify heap use after free
https://github.com/ImageMagick/ImageMagick/issues/281
package: src:pythonmagick
version: 0.9.11-2
severity: important
Hi
Your package FTBFS with newer imagemagick under experimental.
Usually using newest upstream is the way to go
libtool: compile: g++ -DHAVE_CONFIG_H -I. -I../../../pythonmagick_src
-I../config -Wdate-time -D_FORTIFY_SOURCE=2 -I
vided patch and recompiling
> everything. Unfortunately i can't do it.
>
> Thanks
>
> On Wed, Sep 21, 2016 at 10:14 AM, Bastien ROUCARIES
> <roucaries.bast...@gmail.com> wrote:
>>
>> Hi,
>>
>> Could you check if your php bug is duplicate of 835488 ?.
>&g
Hi,
Could you check if your php bug is duplicate of 835488 ?.
Thanks
Bastien
control: fixed -1 8:6.7.7.10-5+deb7u4
control: fixed -1 8:6.8.9.9-5+deb8u4
Statistic code does not compute histogram so bug not for stable and old stable
So not affected
I prepare a ew version.
Could you merge this bug with other ones citing problem with gscan2pdf?
On Wed, Sep 21, 2016 at 9:31 AM, Gerry Butler wrote:
> The following command produced an un-synchronised image:
>
> convert 1Ay0lSAB3d-pre.pnm -rotate 180
Hi,
The imagemagick package has just hit experimental.
Waiting for green light on your side
Bastien
ool/main/i/imagemagick/imagemagick_6.9.5.9+dfsg-1.dsc
More information about hello can be obtained from https://www.example.com.
Regards,
bastien roucaries
Package: src:imagemagick
version: 8:6.7.7.10-4
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
According to upstream changelog a new bug
buffer overflow in SGI coders (bug report from
pwchen of tencent
Author: Cristy
* Bug fix: "AX_CODE_COVERAGE: does not support lcov-1.12", thanks to
Roman Lebedev (Closes: #834645).
* Put my name is lower case.
* Bump Standards-Version in debian/control (no changes required).
* Fix lintian warnings.
Regards,
bastien roucaries
Aug 31, 2016 at 8:42 AM, Bastien ROUCARIES
>> <roucaries.bast...@gmail.com> wrote:
>>
>> > Patches are needed for a security point of view but it is likely a
>> > problem of backport intereaction.
>> >
>> > Could you help by pin point the probl
Package: src:imagemagick
version: 8:6.7.7.10-4
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
commit 0c00b5cc2b572c5ad4ecf6582dada1d9991ce0e9
Author: Cristy
Date: Sun Aug 28 09:28:02 2016 -0400
Prevent runtime
Package: src:imagemagick
version: 8:6.7.7.10-4
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
commit 10b3823a7619ed22d42764733eb052c4159bc8c1
Author: Cristy
Date: Tue Aug 23 17:41:17 2016 -0400
Prevent buffer
Package: src:imagemagick
version: 8:6.7.7.10-4
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
According to upstream changelog a new
commit f983dcdf9c178e0cbc49608a78713c5669aa1bb5
Author: Cristy
Date: Wed Aug 24
Some correction
On Wed, Aug 31, 2016 at 8:42 AM, Bastien ROUCARIES
<roucaries.bast...@gmail.com> wrote:
> Hi,
>
> Patches are needed for a security point of view but it is likely a
> problem of backport intereaction.
>
> Could you help by pin point the problem.
>
>
Hi,
Patches are needed for a security point of view but it is likely a
problem of backport intereaction.
Could you help by pin point the problem.
as root install a few package needed for imagemagick compilation:
apt-get install git
apt-get build-dep imagemagick
as a user
git clone
Le 27 août 2016 07:30:45 GMT+02:00, Tommie Van Mechgelen a
écrit :
>
>Hi,
>
>I am not sure if this is the same as using pingImage() in PHP.
>
>convert -ping bug.pdf on 8:6.8.9.9-5+deb8u4 and 8:6.8.9.9-5+deb8u3:
>convert: no images defined `bug.pdf' @
control: tags -1 security
control: severity -1 grave
Justification DOS
Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
* Prevent buffer overflow in BMP coder (bug report from pwchen of tencent
Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
Canged the JPEG writer to raise a warning when the exif profile
exceeds 65533 bytes and truncate it.
Avoid out of bound on malformed jpeg file
(cherry
On Fri, Aug 12, 2016 at 6:16 PM, Guillaume Gimenez wrote:
> Package: libmagick++-6.q16-5v5
> Version: 8:6.8.9.9-7.2
> Severity: important
> File: libmagick++
> Tags: patch
>
> Dear Maintainer,
>
> There is a bug in the locking implentation (RAII was the intended C++ idiom)
>
Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
forwarded:
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3=30245
Double free in pwp file.
Fixed by commit
control: tags -1 + moreinfo
On Sun, Aug 7, 2016 at 11:58 PM, Jakub Wilk wrote:
> Package: lintian
> Version: 2.5.45
> Severity: wishlist
>
> Some packages set DEB_BUILD_OPTIONS in debian/rules:
>
Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
Prevent possible stack overflow
Prevent stack overflow by checking if string is null
(cherry picked from commit
control: fixed -1 8:6.8.9.9-7.2
according to
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3=30259=136359#p136359
it is not for us
This is a ImageMagick 7 specific patch. We allocate the buffers based
on the number of image pixel channels, however, the method was not
returning the
Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
RLE check for pixel offset less than 0
Heap overflow report from Craig Young
(cherry picked from commit
Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
commit 68c13e10ab0415f1215f1e869ee851b373a3db70
Author: Cristy
Date: Tue May 17 15:05:03 2016 -0400
Segfault in
Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
Imagemagick arbitrary module loading due to not escaping relative path
commit 3ed665639d7665fabdff33d77e3b8428854726da
Author: Cristy
Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
commit d0422250c0577e6cdacfba63560065886276209b
Author: Cristy
Date: Thu Jun 2 13:44:20 2016 -0400
Fix small
Package: src:imagemagick
Version: 8:6.7.7.10-5
Severity: grave
Tags: patch security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
Prevent buffer overflow in draw.c
Thanks to Max Thrane, an insuffisant allocation of bezier buffer
was dectected. Increase
the size of buffer
On Fri, Mar 4, 2016 at 5:48 PM, Nishanth Aravamudan
wrote:
> Package: imagemagick
> Version: 8:6.8.9.9-7
> Severity: important
>
> Dear Maintainer,
>
> The php-imagick auto tests currently segmentation fault (and have for
> some time, since 12/21):
>
501 - 600 of 2796 matches
Mail list logo