-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 07 Sep 2020 08:32:34 +0200 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.7.4+dfsg-11+deb9u10 Distribution: stretch-security Urgency: high Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-3 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-3-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-3 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-3-extra - low-level image manipulation library - extra codecs (Q16HDRI) libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-3 - image manipulation library -- quantum depth Q16 libmagickwand-6.q16-dev - image manipulation library - development files (Q16) libmagickwand-6.q16hdri-3 - image manipulation library -- quantum depth Q16HDRI libmagickwand-6.q16hdri-dev - image manipulation library - development files (Q16HDRI) libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Changes: imagemagick (8:6.9.7.4+dfsg-11+deb9u10) stretch-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2017-1000445, CVE-2017-1000476, CVE-2017-12140, CVE-2017-12429, CVE-2017-12430, CVE-2017-12435, CVE-2017-12563, CVE-2017-12643, CVE-2017-12674, CVE-2017-12691, CVE-2017-12692, CVE-2017-12693, CVE-2017-12806, CVE-2017-12875, CVE-2017-13061, CVE-2017-13133, CVE-2017-13768, CVE-2017-14060, CVE-2017-14172, CVE-2017-14173, CVE-2017-14174, CVE-2017-14175, CVE-2017-14249, CVE-2017-14341, CVE-2017-14400, CVE-2017-14505, CVE-2017-14532, CVE-2017-14624, CVE-2017-14625, CVE-2017-14626, CVE-2017-14739, CVE-2017-14741, CVE-2017-15015, CVE-2017-15017, CVE-2017-15281, CVE-2017-17682, CVE-2017-17914, CVE-2017-18209, CVE-2017-18211, CVE-2017-18271, CVE-2017-18273, CVE-2018-16643, CVE-2018-16749, CVE-2018-18025, CVE-2019-11598, CVE-2019-13135, CVE-2019-13308, CVE-2019-15139, CVE-2017-13658, CVE-2019-13391. Several security vulnerabilities were fixed in Imagemagick. Various memory handling problems and cases of missing or incomplete input sanitizing may result in denial of service, memory or CPU exhaustion, information disclosure or potentially the execution of arbitrary code when a malformed image file is processed. Checksums-Sha1: 82695ba807f64a00a9fa40df14b23db4fe186fb8 5320 imagemagick_6.9.7.4+dfsg-11+deb9u10.dsc 6f9bce834de86696589a1fdcb3a1a74e42733a88 265156 imagemagick_6.9.7.4+dfsg-11+deb9u10.debian.tar.xz c5afb302d453b5222c5778a6d5c92e7525a6cf47 29972 imagemagick_6.9.7.4+dfsg-11+deb9u10_amd64.buildinfo Checksums-Sha256: 8bfd0b71745c9ad32dc2345a4a4593c64cf3a84c2de8196c9d4d4dc07db59527 5320 imagemagick_6.9.7.4+dfsg-11+deb9u10.dsc ce2ffc09a765f688dd8ce211c28bbfbd2a35ac7a4a05ec709cf5ec644165bff8 265156 imagemagick_6.9.7.4+dfsg-11+deb9u10.debian.tar.xz ea0da001644611de465a749693351c4fb3780f28c8a5ac7846b2a98c7ee6f57a 29972 imagemagick_6.9.7.4+dfsg-11+deb9u10_amd64.buildinfo Files: 496928a31c01f6903b9f4ea8965e47e9 5320 graphics optional imagemagick_6.9.7.4+dfsg-11+deb9u10.dsc e203d138d1de7958f0bb45ba9f1a944c 265156 graphics optional imagemagick_6.9.7.4+dfsg-11+deb9u10.debian.tar.xz 462977a257443284d9606accd275d089 29972 graphics optional imagemagick_6.9.7.4+dfsg-11+deb9u10_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl9WaTlfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkwZAQAI34ZdF/tVSmBRV9opJRiVCOT+oyuPfKvb22 aeGtK6awoxOE6blrFE0MfzPYdrqExz0XUKUKZu+KOqN09wwxXttUnmQyi6CLp55/ ew7WxbOy90o0js4lXqLzDRl5GyZCkqC3eLss55G3cZzOBlV3uG/riJ6Qj5lpOWDr g9334ZXh4HbvQMXZVF2k0zhURYVp3LLzycOpqV14uGpBhbbjgn088xR7GpApiVQo jjLLHx8UKzAtghxQbaGw1Kw5OfBBhb1kkT8SaypJTT2mc00kpAOx7Pg/3Fq4y9Nf pFy1QuyNDDYVpntrYwS4s0R1GE8NmUHCUt90SkKUYwg9W9npaWcqSFiAU8ttuafx wnP9NdVTivmADEwkkp+sH3NK96UpC28dhNef9lwy4XQthhw6oYS7kveg+tJL288f C2vFEPm9KyIoAvdgURknW5z2Rh6+IM7LBb0MLuIabCBvo1BHe98jvi0J6/wNlB2j WUZMv8VfH2J8CN1HU7Ku86JBB3YnD3KjwQYaU0YkupMiWK3R2ccwG3edQ4NqO3dG B+03GmgU4YKX+htWU4Wk1iVbb2UXAFZwdlVKP2NWEIELyyB0jkhwGzGp17Vq5WU/ M7mER3DtMKfx1oxLRggjIhfkD2Y6lSuJaQXus7UEzGiJ2znZvcQBQve8IiYO0gu1 IKgTNEfo =g7N2 -----END PGP SIGNATURE-----