-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 10 Oct 2017 21:06:33 -0400 Source: imagemagick Binary: imagemagick imagemagick-dbg imagemagick-common imagemagick-doc libmagickcore5 libmagickcore5-extra libmagickcore-dev libmagickwand5 libmagickwand-dev libmagick++5 libmagick++-dev perlmagick Architecture: source amd64 all Version: 8:6.7.7.10-5+deb7u17 Distribution: wheezy-security Urgency: high Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org> Changed-By: Roberto C. Sanchez <roberto@connexer.com> Description: imagemagick - image manipulation programs imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libmagick++-dev - object-oriented C++ interface to ImageMagick - development files libmagick++5 - object-oriented C++ interface to ImageMagick libmagickcore-dev - low-level image manipulation library - development files libmagickcore5 - low-level image manipulation library libmagickcore5-extra - low-level image manipulation library - extra codecs libmagickwand-dev - image manipulation library - development files libmagickwand5 - image manipulation library perlmagick - Perl interface to the ImageMagick graphics routines Closes: 873871 875338 875339 875341 875352 875502 875503 875504 875506 876097 876099 876105 876488 Changes: imagemagick (8:6.7.7.10-5+deb7u17) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * Fix denial of service (memory consumption) via a crafted XCF file. (CVE-2017-12691) (Closes: #875338) * Fix denial of service (memory consumption) via a crafted VIFF file. (CVE-2017-12692) (Closes: #875339) * Fix denial of service (memory consumption) via a crafted BMP file. (CVE-2017-12693) (Closes: #875341) * Fix denial of service (CPU consumption) via a crafted XCF file. (CVE-2017-12875) (Closes: #873871) * Fix a heap-based overflow in the core image drawing function. (CVE-2017-13758) * Fix a Null pointer dereference (program crash) denial of service in the identify application. (CVE-2017-13768) (Closes: #875352) * Fix denial of service (buffer over-read) via a crafted thumbnail file. (CVE-2017-13769) * Fix denial of service (NULL pointer dereference) via a malformed CUT file. (CVE-2017-14060) * Fix denial of service (missing EOF check) via a crafted PSD file. (CVE-2017-14172) (Closes: #875506) * Fix denial of service (infinite loop) via crafted TXT file. (CVE-2017-14173) (Closes: #875504) * Fix denial of service (missing EOF check) via a crafted PSD file. (CVE-2017-14174) (Closes: #875503) * Fix denial of service (missing EOF check) via a crafted XBM file. (CVE-2017-14175) (Closes: #875502) * Fix denial of service/remote code execution from a heap-based buffer overflow via a crafted PCX file. (CVE-2017-14224) (Closes: #876097) * Fix denial of service (missing EOF check) via a crafted MPC file. (CVE-2017-14249) (Closes: #876099) * Fix denial of service (CPU exhaustion) via a crafted WPG file. (CVE-2017-14341) (Closes: #876105) * Fix a Null pointer dereference (program crash) denial of service in the pixel cache nexus. (CVE-2017-14400) * Fix a Null pointer dereference (program crash) denial of service in the core memory handling function. (CVE-2017-14505) * Fix out-of-bounds read (information disclosure or application crash) via crafted TIFF image file. (CVE-2017-14607) * Fix denial of service (buffer overflow and application crash) via a crafted SVG file. (CVE-2017-14682) (Closes: #876488) * Fix failed memory allocation handling (Null pointer dereference and application crash) via unspecified vectors. (CVE-2017-14739) * Fix denial of service (infinite loop) via crafted font file. (CVE-2017-14741) * Fix application crash (use-after-free) via a crafted font file. (CVE-2017-14989) * Fix a Null pointer dereference (program crash) via a malformed EMF file. (CVE-2017-15016) * Fix a Null pointer dereference (program crash) via a malformed PNG file. (CVE-2017-15017) Checksums-Sha1: f27c31d0eb3a7561e95ffe636d59792eecf18575 3160 imagemagick_6.7.7.10-5+deb7u17.dsc f5f2e996dc58ec8f75ab0964972842df1bde73c7 242091 imagemagick_6.7.7.10-5+deb7u17.debian.tar.bz2 c0e82c0dccf37299ce1100e84d55ea47925ef383 292930 imagemagick_6.7.7.10-5+deb7u17_amd64.deb 0c312898d094549d82a88e39092a9e500b0eef52 6322734 imagemagick-dbg_6.7.7.10-5+deb7u17_amd64.deb df33d7b0ff1f185a2b6e453ab115d32589bec842 134564 imagemagick-common_6.7.7.10-5+deb7u17_all.deb 03ffa3b2eef4e65645981a3cbfcc3ee442b54272 5801892 imagemagick-doc_6.7.7.10-5+deb7u17_all.deb 8f72a602ea09f486df33422684b513bdddfb1f11 2127652 libmagickcore5_6.7.7.10-5+deb7u17_amd64.deb fa722bd05a321ca229fea1e266358af833cfbe52 170368 libmagickcore5-extra_6.7.7.10-5+deb7u17_amd64.deb efa7d270462aac31a21bc5beefc078208fd727e5 1394088 libmagickcore-dev_6.7.7.10-5+deb7u17_amd64.deb 729d74562bcdeac612df9af72249cb2896ffb1a8 468482 libmagickwand5_6.7.7.10-5+deb7u17_amd64.deb 5341d20477789e860284b00ae89a76973bcc0880 549442 libmagickwand-dev_6.7.7.10-5+deb7u17_amd64.deb d22854ce3bad2d5d252846f0dd594a792cc168d6 243582 libmagick++5_6.7.7.10-5+deb7u17_amd64.deb 5140669b7e0a1a8edfa9dc723d33064025d59786 290448 libmagick++-dev_6.7.7.10-5+deb7u17_amd64.deb 1848bc48137d50cc48be169e4dbe2f244582f145 261672 perlmagick_6.7.7.10-5+deb7u17_amd64.deb Checksums-Sha256: 954e49b51a417564689b4e0dfc87eaca74a3aff7c97b3ad20d1e579c44ec943b 3160 imagemagick_6.7.7.10-5+deb7u17.dsc 033f6988cc29a053fe9809af921145c32b83e7b95ac1c329b8846bbc2d7780b8 242091 imagemagick_6.7.7.10-5+deb7u17.debian.tar.bz2 4d402e102ebc98f747fd275687ce353424962b1136fb5299bc77e9bdc130f198 292930 imagemagick_6.7.7.10-5+deb7u17_amd64.deb 4f0bdf071cea63a57878609368c5ab01481f085ca57b4657c5837c893f791a8e 6322734 imagemagick-dbg_6.7.7.10-5+deb7u17_amd64.deb 021155bb53b9cb6285d1edbe22028bda51bfd8cdf4227556b3399b51d0275323 134564 imagemagick-common_6.7.7.10-5+deb7u17_all.deb 040f5531e3f3182b2cb4a03a7ade64667856160f8f14a8a92316197611e3eb47 5801892 imagemagick-doc_6.7.7.10-5+deb7u17_all.deb 6b6f8bf1480fa955dd92890271374c41f15b6e4985e784e706070e9825083bad 2127652 libmagickcore5_6.7.7.10-5+deb7u17_amd64.deb 33ad5f6b1a82266325151cd543651a32f77681591aca92419b9622f8b4881922 170368 libmagickcore5-extra_6.7.7.10-5+deb7u17_amd64.deb 04c27f56f559b41e4a5ded58adbb3e8ec08b29436430aecb02ac0f71b6fcbfb6 1394088 libmagickcore-dev_6.7.7.10-5+deb7u17_amd64.deb c5699b29bbf8e257464c0251cae9018ef6956e762b3a031662bdfa100650681b 468482 libmagickwand5_6.7.7.10-5+deb7u17_amd64.deb 93b26154e92231af4775ed4f2519cb04e52b9d1560a8aa2738d009d2a5c48f64 549442 libmagickwand-dev_6.7.7.10-5+deb7u17_amd64.deb d252ea93ae2f3273997cade8b3cd157e268cbc237311825917730dbf23b6b30e 243582 libmagick++5_6.7.7.10-5+deb7u17_amd64.deb 788256e6ff6fe6e36cc15576fbdf2113e25367347a947a12415fa60f34c0a1b9 290448 libmagick++-dev_6.7.7.10-5+deb7u17_amd64.deb 77a5f39d51156bf63920adf7b3f450b1a8668c80741b178b66f664b9f4d1d047 261672 perlmagick_6.7.7.10-5+deb7u17_amd64.deb Files: adc8246a6e0cc98547c08036019187b8 3160 graphics optional imagemagick_6.7.7.10-5+deb7u17.dsc 90b7b1de1495ebdd2ecb16e5360cb438 242091 graphics optional imagemagick_6.7.7.10-5+deb7u17.debian.tar.bz2 9fd7b60da4b9f5bb55f2095c5979d76b 292930 graphics optional imagemagick_6.7.7.10-5+deb7u17_amd64.deb 6681ba2971a8f34327ab5fe033a5eb7f 6322734 debug extra imagemagick-dbg_6.7.7.10-5+deb7u17_amd64.deb 51f414b0393a2152d1c2c1c162aea30a 134564 graphics optional imagemagick-common_6.7.7.10-5+deb7u17_all.deb b4f771aa820d0a22a6e99c1b81277b6a 5801892 doc optional imagemagick-doc_6.7.7.10-5+deb7u17_all.deb 1401524fe4a27c426d029b0981365684 2127652 libs optional libmagickcore5_6.7.7.10-5+deb7u17_amd64.deb 8291f29cdc55ffa9a685525b7758bb00 170368 libs optional libmagickcore5-extra_6.7.7.10-5+deb7u17_amd64.deb 504ede17f0fbb706642d1abb528b3d29 1394088 libdevel optional libmagickcore-dev_6.7.7.10-5+deb7u17_amd64.deb 83077c4acf6984b541f461f14324859b 468482 libs optional libmagickwand5_6.7.7.10-5+deb7u17_amd64.deb 7021296066227985270f10e637fbba70 549442 libdevel optional libmagickwand-dev_6.7.7.10-5+deb7u17_amd64.deb af3335b23634128dd1090ba40e3915e5 243582 libs optional libmagick++5_6.7.7.10-5+deb7u17_amd64.deb f853a62f900e2015d6392fc33c390a8c 290448 libdevel optional libmagick++-dev_6.7.7.10-5+deb7u17_amd64.deb fd8b16f0f02e3a8cabee80877e225f6f 261672 perl optional perlmagick_6.7.7.10-5+deb7u17_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJZ3YDLAAoJECzXeF7dp7IP4RgP/iqwfS1/jUHLpHQUiOT2bpew t3SMrpAHD57o00zscxX8DgnOrFO+5M5YYaetiT3jeFO0FgeC9zX0MO6tWZVzSLML TcKgu9H/KrLRHyFcB/wOLLvokEAZc6g5byBm5dVv+9qrQrVnJWc21uPtreG0etSl iKdY7dLqeGCAaOcWwaOQrnavXy+NhwIqrhCiPNNciq6Skyw8p65ivRCSz+AyZwnr 0kazOZzXIsy23KvQTP78GcsC+wqZ1rOPIjF1r8wd3CYNqHYHigz4aSzJQQxehDSD GVe2CjyZ1e34cxMVKv15NprSaMgON6x1SlWI1ORdyalvZf9OOlLgUZXYQmOumLv9 +9XpaDG17uLUqJRfE/+I6Z2Ivy4EvkA35m2lNT08Y/kVDIilaDSUiNRkB+G5KMDA qzl89egF5a/T59D0Veem2D+Aw73cJywhBAl5+znMkOSgvGE4pSjl9qh35+WfZokb o0V/C9x3bN5x1VnRV6kHgFIlw4Sh/UWIwJbBwRq6mS0XiWbgIkE+t1tFLhstykDg 2wNh+n+bNK0nfZLZIVZQW0HBivTdEEpw7Qpw/hsL3Vav9vfaxKPbeLEI+8s0gIXB hUnq+c/slds8i9YQSZ89U2LfxehD2SuCYxoNiFDr9c230rmwZL51xs6vTbjT/DNo KQL+yLsgNbQd9PnYAmcU =3UE4 -----END PGP SIGNATURE-----