-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 15 May 2017 14:59:33 +0200 Source: imagemagick Binary: imagemagick-6-common imagemagick-6-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-3 libmagickcore-6.q16-3-extra libmagickcore-6.q16-dev libmagickwand-6.q16-3 libmagickwand-6.q16-dev libmagick++-6.q16-7 libmagick++-6.q16-dev libimage-magick-q16-perl imagemagick-6.q16hdri libmagickcore-6.q16hdri-3 libmagickcore-6.q16hdri-3-extra libmagickcore-6.q16hdri-dev libmagickwand-6.q16hdri-3 libmagickwand-6.q16hdri-dev libmagick++-6.q16hdri-7 libmagick++-6.q16hdri-dev libimage-magick-q16hdri-perl imagemagick-common imagemagick-doc perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev imagemagick Architecture: source Version: 8:6.9.7.4+dfsg-7 Distribution: unstable Urgency: medium Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org> Changed-By: Bastien Roucariès <rouca@debian.org> Description: imagemagick - image manipulation programs -- binaries imagemagick-6-common - image manipulation programs -- infrastructure imagemagick-6-doc - document files of ImageMagick imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-6.q16hdri - image manipulation programs -- quantum depth Q16HDRI imagemagick-common - image manipulation programs -- infrastructure dummy package imagemagick-doc - document files of ImageMagick -- dummy package libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libimage-magick-q16hdri-perl - Perl interface to the ImageMagick graphics routines -- Q16HDRI ve libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-7 - C++ interface to ImageMagick -- quantum depth Q16 libmagick++-6.q16-dev - C++ interface to ImageMagick - development files (Q16) libmagick++-6.q16hdri-7 - C++ interface to ImageMagick -- quantum depth Q16HDRI libmagick++-6.q16hdri-dev - C++ interface to ImageMagick - development files (Q16HDRI) libmagick++-dev - object-oriented C++ interface to ImageMagick -- dummy package libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-3 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-3-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-6.q16hdri-3 - low-level image manipulation library -- quantum depth Q16HDRI libmagickcore-6.q16hdri-3-extra - low-level image manipulation library - extra codecs (Q16HDRI) libmagickcore-6.q16hdri-dev - low-level image manipulation library - development files (Q16HDRI libmagickcore-dev - low-level image manipulation library -- dummy package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-3 - image manipulation library -- quantum depth Q16 libmagickwand-6.q16-dev - image manipulation library - development files (Q16) libmagickwand-6.q16hdri-3 - image manipulation library -- quantum depth Q16HDRI libmagickwand-6.q16hdri-dev - image manipulation library - development files (Q16HDRI) libmagickwand-dev - image manipulation library -- dummy package perlmagick - Perl interface to ImageMagick -- dummy package Closes: 862572 862573 862574 862575 862577 862578 862579 862587 862589 862590 862632 862633 862634 862635 862636 862637 862653 Changes: imagemagick (8:6.9.7.4+dfsg-7) unstable; urgency=medium . * Fix a few securities bug: + Fix CVE-2017-8343: The ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file. (Closes: #862572). + Fix CVE-2017-8344: Fix DOS in PCX file coders. (Closes: #862574). + Fix CVE-2017-8345: The ReadMNGImage function in png.c allows attackers to cause a denial of service (memory leak) via a crafted file. (Closes: #862573) + Fix CVE-2017-8346: The ReadDCMImage function in dcm.c allows attackers to cause a denial of service (memory leak) via a crafted file. (Closes: #862575). + Fix CVE-2017-8347: Fix DOS in EXR file coders. (Closes: #862577). + Fix CVE-2017-8348: Fix DOS in MAT file coders. (Closes: #862578). + Fix CVE-2017-8349: Fix DOS in SWF file coders. (Closes: #862579). + Fix CVE-2017-8350: Fix DOS in png file coders. (Closes: #862587). + Fix CVE-2017-8351: Fix DOS in pcd file coders. (Closes: #862589). + Fix CVE-2017-8352: Fix DOS in xwd file coders. (Closes: #862590). + Fix CVE-2017-8353: Fix DOS in pict file coders. (Closes: #862632). + Fix CVE-2017-8354: Fix DOS in bmp file coders. (Closes: #862633). + Fix CVE-2017-8355: Fix DOS in mtv file coders. (Closes: #862634). + Fix CVE-2017-8356: Fix DOS in sun file coders. (Closes: #862635). + Fix CVE-2017-8357: Fix DOS in ept file coders. (Closes: #862636). + Fix CVE-2017-8765: Fix DOS in icon file coders. (Closes: #862653). + Fix CVE-2017-8830: Fix DOS in bmp file coders. (Closes: #862637). Checksums-Sha1: d53c47143712768c56634279bd69fe8a519be7b5 5133 imagemagick_6.9.7.4+dfsg-7.dsc 17ac772dbcb238e7a0f763a8dc3066d0b08b9b1b 218176 imagemagick_6.9.7.4+dfsg-7.debian.tar.xz 8e04d73edce6388507ea236eda0edc4eda876e10 28054 imagemagick_6.9.7.4+dfsg-7_amd64.buildinfo Checksums-Sha256: f04268c1fa58f7891f60fdedb2d368ae331c774db60379407e5058a7804985c5 5133 imagemagick_6.9.7.4+dfsg-7.dsc a38acfeb5b1224317cde2ce097025696fad4935f1dc12cff12f140a48bb114bc 218176 imagemagick_6.9.7.4+dfsg-7.debian.tar.xz 5409798e4f9ae4330887e1adbbc3c474d5b3fc535a0abc5f3b8f39ba5f41f92f 28054 imagemagick_6.9.7.4+dfsg-7_amd64.buildinfo Files: c04b6306c96c661a20e4bce5845e2031 5133 graphics optional imagemagick_6.9.7.4+dfsg-7.dsc 76088d7f82a268aebbb3f5ddc8c98d88 218176 graphics optional imagemagick_6.9.7.4+dfsg-7.debian.tar.xz e026b53500d03db99b0ce37c5a58ac6f 28054 graphics optional imagemagick_6.9.7.4+dfsg-7_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAlkZtYEACgkQADoaLapB CF9Peg//XNjdQRdwFEpa90+U0ISJOzQAo8Us9I+t7hCGI1it4nbcEWQzNTHozCDC UldbyG6Q3P5U6wHHTqaZtvEAOnQLJR6qtCxGbPxqLRSV1Ugfa+n0Sxrk5IjIeLEs 4w8yyZ025ypZ23+ps/DSI/gk1R5hxYIuYfeCMgxqWKSOupqYYoIp2Y2byStH2ibl J6im4DR1CWNk87iskRvDh7CoTAWtnsTYb7i+KQfC1a3tSQ06H19UikZbPmk9tDRO GDUhcMqGU0/495qMiwEkSbNV6hcVhd8iuvDRvCzafb9hIJrEpBCe+Eh+fTKdq/5X SU7Dgvhm9x7z2qwRM74okRVhw9ELxR3CXMK8fsWENKvv9YcHGY47BUa1E+YJJnPF efYbKwGigzrJwfJi5NUbYDqdF8AEJcM+fcoGI1RCIYbqRq4sNqlf2HNFkrnLMGRA jbxBVhl/Ge8mVq8wHvKi/+snbjgQEvXERQbAy2gwiXCAeSAj9j8oaeVA/8svu0K+ oYXMdVv9jvU2WePKVlch0d/AMeGtP2CYst4u9hgImSOKLXXoafA3GlZWEmcGS+pu dEHtaCeEdPSkTy9XRGKtoWkZG304fQMKdqZTYrTmqpmeZQRWWDvM6+a+ThNZ81jR upewYhMz0d/K4dwOAkJ2Y3Gdlf90VOU4mmDjSAStX3qe75yVrVQ= =uIsO -----END PGP SIGNATURE-----