Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org> , <debian-experimental-changes@lists.debian.org>
Subject: Accepted imagemagick 8:6.9.12.98+dfsg1-1 (source) into experimental
Date: Sat, 21 Oct 2023 16:06:47 +0000
Signed by: Bastien ROUCARIÈS <rouca@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 21 Oct 2023 14:40:53 +0000
Source: imagemagick
Architecture: source
Version: 8:6.9.12.98+dfsg1-1
Distribution: experimental
Urgency: medium
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Changes:
 imagemagick (8:6.9.12.98+dfsg1-1) experimental; urgency=medium
 .
   * New upstream version
   * Drop package imagemagick-doc and imagemagick-common
   * Fix CVE-2023-3428: A heap-based buffer overflow vulnerability
     was found in coders/tiff.c. This issue may allow a local attacker
     to trick the user into opening a specially crafted file,
     resulting in an application crash and denial of service.
   * CVE-2023-3745: A heap-based buffer overflow issue
     was found in ImageMagick's PushCharPixel() function
     in quantum-private.h. This issue may allow a local
     attacker to trick the user into opening a specially crafted file,
     triggering an out-of-bounds read error and allowing an application
     to crash, resulting in a denial of service.
   * Import patch for upstream that avoid a FTBFS due to
     SOURCE_DATE_EPOCH set
   * Use a debian policy. Install other policies as user
     convenience.
Checksums-Sha1:
 ed06c988159cf944c8e4b694aa439e0938709c75 5055 imagemagick_6.9.12.98+dfsg1-1.dsc
 36b7d97e7955137d5ebb2aeaab76fbbe9fc965b9 9606104 imagemagick_6.9.12.98+dfsg1.orig.tar.xz
 84aae0cb3c2b2f83ef45763e96f0f64ab179a1fc 259872 imagemagick_6.9.12.98+dfsg1-1.debian.tar.xz
 ef381c321105e3bb36415a2886f110822a73320e 29536 imagemagick_6.9.12.98+dfsg1-1_amd64.buildinfo
Checksums-Sha256:
 8f06b2ad5b8799e5249366ff0bafe7e24da483f087cecb73e1b09030030b10e1 5055 imagemagick_6.9.12.98+dfsg1-1.dsc
 123a3d1109bf76601614df30d886099abd47aad1b5af8789fae0a954e7475e2d 9606104 imagemagick_6.9.12.98+dfsg1.orig.tar.xz
 96f9fd6ca11075c2a3c63097d1fe4eb0e2252e389ff216d1eb08e6b5be560574 259872 imagemagick_6.9.12.98+dfsg1-1.debian.tar.xz
 c9297b91a9fcba617b116a1d1bd295b7614430d1d2495bcec56d2a56d5f6bc85 29536 imagemagick_6.9.12.98+dfsg1-1_amd64.buildinfo
Files:
 b9baaca74601655b1ebb477826897652 5055 graphics optional imagemagick_6.9.12.98+dfsg1-1.dsc
 0039db1e86a335c488b0f78d07a0d139 9606104 graphics optional imagemagick_6.9.12.98+dfsg1.orig.tar.xz
 98cd7578d64e99f571852d26e8656003 259872 graphics optional imagemagick_6.9.12.98+dfsg1-1.debian.tar.xz
 847fccb562c72e7651d8b4e45bacb62b 29536 graphics optional imagemagick_6.9.12.98+dfsg1-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmUz8tURHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF8PahAAkcC7GNfXn+5dZ7FdbROJ9K+G4ZF/OZ+y
tFvovsORC2d9co2mb3vWGjCGAu+AkMCIFGFbkdiCS2yylflNYN3PL48l1QiZuiWv
6OYf5DIB1WfF2F5UUsZ/Cq/giZfHBL5siV+LiecXQlyTvjCbIMtnQIeF5jOAeEjH
wRD6ObPGsX8eu6u+qZUMiKn5evWEVj4C3rPFxp1M0dNCjbe5PfiLFVoTjC0TV8dw
TKM+sR6zPGnqDRVqayQ3oID+mDol0WKEga1fS4f74dOqFMZ5AyDLzcTl9DV3BJFt
fOQzwpApaqll2aAu3n7A3XJbaLs7X0FVBaa8/I5k1WYTkyRXyg1GJmaTphFuPYtm
N1vfLJvC2MatPMXDhtCXpyOCuodlczChBTCT00Le3+YpyJpurZ1mzzfV3OeDuIHl
Xbo1gA6SljUizX+ZhOv+ULR+eRJyfZVeyG6458t/pVqjm4JXzV39KV3bZSOtC0DR
GPfrdimALHSmKQN7RT4a/JvHngQzWM9Bq5pfjvHSwG5yAlnyzZzvBLoB5zmMiQyu
SOnkLhnLG9eWlG/8UAAN8cXTx8gl7uCsdJwK7tel4ePzztdCegFjRD9efZL3WwQH
aU0iKZbdgO5IxHTeGjOg9AUIsPFo+qQO2qm7snDvprHMNWUgfbjnyKQdbqNHFUFH
oxFr3/NKTro=
=MFp8
-----END PGP SIGNATURE-----
News for package imagemagick
