-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 11 Jan 2021 22:14:26 +0000 Source: imagemagick Architecture: source Version: 8:6.9.11.57+dfsg-1 Distribution: unstable Urgency: medium Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org> Changed-By: Bastien Roucariès <rouca@debian.org> Closes: 971216 972797 977205 Changes: imagemagick (8:6.9.11.57+dfsg-1) unstable; urgency=medium . * New upstream version: - Bug fix: "CVE-2020-29599", imagemagick mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c. Thanks to Salvatore Bonaccorso (Closes: #977205). - Bug fix: "CVE-2020-27560: Division by Zero in function OptimizeLayerFrames", thanks to Salvatore Bonaccorso (Closes: #972797). * Fix dh_doxygen FTBFS (Closes: #971216) Checksums-Sha1: 98043226f8d2a24a7f1057380adb9c6867cf54ed 5079 imagemagick_6.9.11.57+dfsg-1.dsc 8420160075e75cde28a09a0b9b7cff725cee9db9 9392580 imagemagick_6.9.11.57+dfsg.orig.tar.xz abbd21d51c0d56aceb902c602c0fc0cf477603e6 245888 imagemagick_6.9.11.57+dfsg-1.debian.tar.xz 944dad89fa48f440ea2391cfd5f9afc1b2b613c3 11973 imagemagick_6.9.11.57+dfsg-1_source.buildinfo Checksums-Sha256: df60159c4f67c2a30fa5b979b82d7202bd9d45225c98348078886c420ccd1d61 5079 imagemagick_6.9.11.57+dfsg-1.dsc 383ed545dc93d34ebefa54623cb7c43e8b32d3076c14d9d93561307c97ed27a7 9392580 imagemagick_6.9.11.57+dfsg.orig.tar.xz 3cf0c4d05a08b3b68f2fa2548f9fd0f20aaa946c8c93a9c4159d8b78173a3a1b 245888 imagemagick_6.9.11.57+dfsg-1.debian.tar.xz 72400364af7ef08008c7182caad793d4cf98aa82427c647f776c7684a80a6da0 11973 imagemagick_6.9.11.57+dfsg-1_source.buildinfo Files: dec3c27f46285b416d8b93bf62c08fed 5079 graphics optional imagemagick_6.9.11.57+dfsg-1.dsc 51d0045050a717cd2d43a6773439aae6 9392580 graphics optional imagemagick_6.9.11.57+dfsg.orig.tar.xz 8666e98765c9a4ad83f7b7e6ba46ed8a 245888 graphics optional imagemagick_6.9.11.57+dfsg-1.debian.tar.xz 7baf9b5debd6ebbae9aba1eaca2dae39 11973 graphics optional imagemagick_6.9.11.57+dfsg-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAl/828YACgkQADoaLapB CF96DRAAl2sVL4PgaetRQs4wTR1TSPEUbwutWYDDPqoN7vfhfNuKiel2BODQQI+r +C1EMAV3zosU5m+oa12z/K30KVZIikfhsMX7LZ22QfSUg/GZV/qeLEz80fiSnT+t xx9y2MWQRtSqsjR2szR7dXCugwkHo1oISaBGKloWyVRCshcLj9pPq+XxsL8AL8o4 z0wl7WB4Xe9VMdvpYS33o+KMUtAAsm2MLNwvf+oNZguOLQvADM1T6t8OrMfOH7Sc SQNh4SSsjOe75CovXQb5UEbNSbBCQXs4IISdEyeDAZhSoqW9hiOQH3s/CHmiS7Lj APJcobQNKalpeSYs7yVC9spIOjZXyKzcDH2O+9O4NCxrM/dfhcMFQI1DMbqZn2WD TS6dWqDqlyDPnofM90UzrS5y1+3HAjsehpnzReXNwYlktfiCVx/EDHDD4dPzevdB KgQ9CY9IBlW8UZjGtaWl3ZF+NvmEncxfZRb2O58i7YqJ3lftq+fpSrqdc1c02Qxp lyQkPl0dExgYzcxQsXYe5ebfBUD/+De98lJCi4LQ920/dj7/zF71CsZ4eO59VcnL ElRXfAwvpn1m9MQlk/EEAi2S/a8sXHu1N9NyHwpRO0HAMOK4J+t4FBkX91XkJubA 9TEFoHkcpMyPjpa0L988ZZO8b22gyb9l4okR938j08e0W9xOw1E= =Tr01 -----END PGP SIGNATURE-----