-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 03 Oct 2018 08:08:36 -0400 Source: imagemagick Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev Architecture: source all Version: 8:6.8.9.9-5+deb8u14 Distribution: jessie-security Urgency: high Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org> Changed-By: Roberto C. Sanchez <roberto@debian.org> Description: imagemagick - image manipulation programs -- binaries imagemagick-6.q16 - image manipulation programs -- quantum depth Q16 imagemagick-common - image manipulation programs -- infrastructure imagemagick-dbg - debugging symbols for ImageMagick imagemagick-doc - document files of ImageMagick libimage-magick-perl - Perl interface to the ImageMagick graphics routines libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files libmagick++-dev - object-oriented C++ interface to ImageMagick libmagickcore-6-arch-config - low-level image manipulation library - architecture header files libmagickcore-6-headers - low-level image manipulation library - header files libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16) libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16) libmagickcore-dev - low-level image manipulation library -- transition package libmagickwand-6-headers - image manipulation library - headers files libmagickwand-6.q16-2 - image manipulation library libmagickwand-6.q16-dev - image manipulation library - development files libmagickwand-dev - image manipulation library - transition for development files perlmagick - Perl interface to ImageMagick -- transition package Changes: imagemagick (8:6.8.9.9-5+deb8u14) jessie-security; urgency=high . * Non-maintainer upload. * CVE-2018-16642: denial of service (out-of-bounds write) via a crafted image file. * CVE-2018-16643: denial of service via a crafted image file in various image file format readers (DCM, PWP, CALS, and PICT). * CVE-2018-16412: a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. * CVE-2018-16413: a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. * CVE-2018-16644: denial of service via a crafted image file, resulting from a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c. * CVE-2018-16645: denial of service (excessive memory allocation in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c) via a crafted image file * CVE-2018-16749: a denial of service (WriteBlob assertion failure and application exit) via a crafted file, resulting from a missing NULL check in ReadOneJNGImage in coders/png.c. Checksums-Sha1: ce25ce2e28c162d7827de2971c96258587116d2b 4228 imagemagick_6.8.9.9-5+deb8u14.dsc 3616a7a1bf54462b4c11c1b0b70c2f1bdd2901a8 299976 imagemagick_6.8.9.9-5+deb8u14.debian.tar.xz e92d92802e516c9b79d09f8fd11b55889061268f 154778 imagemagick-common_6.8.9.9-5+deb8u14_all.deb 5d3784fdb423190815a2d33db22d59c575e13ece 7728018 imagemagick-doc_6.8.9.9-5+deb8u14_all.deb edc4da18ff31f3b10a099062150354087913fb4f 172826 libmagickcore-6-headers_6.8.9.9-5+deb8u14_all.deb 23b08e6ba2e0c031945c56c7b84eb16a52913f7e 135922 libmagickwand-6-headers_6.8.9.9-5+deb8u14_all.deb 8e7c9be1d0a3a51ac1c656eb1a4eec2953462017 171344 libmagick++-6-headers_6.8.9.9-5+deb8u14_all.deb bd6dce5a1c3db591e294e0261462e58b887f41d7 179552 libimage-magick-perl_6.8.9.9-5+deb8u14_all.deb c2b01537d973e3304db4afdde59d8ce3801f31ae 127244 perlmagick_6.8.9.9-5+deb8u14_all.deb 4b5521d979490cec8335177860d6d87db35e67f7 127238 libmagickcore-dev_6.8.9.9-5+deb8u14_all.deb 99c3c761d8341eeaaa32bde01a79520bcbae8b97 127228 libmagickwand-dev_6.8.9.9-5+deb8u14_all.deb 64b85b782f9b9ee27f84dcc7c0f1705bab985b35 127244 libmagick++-dev_6.8.9.9-5+deb8u14_all.deb Checksums-Sha256: f29946f8630d34e09edfa3fffb12e0c4e7a34bc72f4b9b757de47ed4b5373ca5 4228 imagemagick_6.8.9.9-5+deb8u14.dsc 74839398d80486414f3c012b7786b9d9720e73231bf30721cd273237e50cdef7 299976 imagemagick_6.8.9.9-5+deb8u14.debian.tar.xz e3f9820d4b7ca1056cd2ac1d62963ae73c58a26a5b2df40c0b002e8c8bd96e0b 154778 imagemagick-common_6.8.9.9-5+deb8u14_all.deb 403401d85f6de4b1ed49d9ea10e0eea164cc2e77783e9e0b03098df10be3ec9a 7728018 imagemagick-doc_6.8.9.9-5+deb8u14_all.deb 66c8b19a2de6d72925949d1ac53c3542e7e3759e4bec52ea61f86bcb6e7a6176 172826 libmagickcore-6-headers_6.8.9.9-5+deb8u14_all.deb d74a28597e9745c4ccf7f542b0d0d9e62f08475e49477df4f7020254d6f709b3 135922 libmagickwand-6-headers_6.8.9.9-5+deb8u14_all.deb 0b7a61714937f96a5b68e74a53d7a2887655e61ba3786ab7643503af0851d3c5 171344 libmagick++-6-headers_6.8.9.9-5+deb8u14_all.deb 24130cf2dacc4ae81ea1d0f7050a2ea6003a5dd77a62e18c4a2bd2c68a0a0821 179552 libimage-magick-perl_6.8.9.9-5+deb8u14_all.deb 8a6161c4921dd91fe6bdf055732b72ac67eedfd83eed9969185e6ae7e153536c 127244 perlmagick_6.8.9.9-5+deb8u14_all.deb c3db4afe995941a1c67e8d85f2d9a95192116c2048dd86cddb4b37e65869283f 127238 libmagickcore-dev_6.8.9.9-5+deb8u14_all.deb 24f5c3bab8cb2721cd90adcd3b0aa5cd99dc0f50904ed3d7f3edbd127e50f94f 127228 libmagickwand-dev_6.8.9.9-5+deb8u14_all.deb bf40af1aeafa7b0e5536189fe0a8973711728525b76de3452b8d5e3442462a9a 127244 libmagick++-dev_6.8.9.9-5+deb8u14_all.deb Files: 7fead31ff6df95068faeeb142df50423 4228 graphics optional imagemagick_6.8.9.9-5+deb8u14.dsc 7e7ddc759425394c1aa4c956dedd4dd5 299976 graphics optional imagemagick_6.8.9.9-5+deb8u14.debian.tar.xz b1cd874f3718dac5a3153c611ec1d189 154778 graphics optional imagemagick-common_6.8.9.9-5+deb8u14_all.deb 6db75b3a73504b343d6bb12532b7c08d 7728018 doc optional imagemagick-doc_6.8.9.9-5+deb8u14_all.deb 4b544ee7b382ebc1e7a036699a6805b9 172826 libdevel optional libmagickcore-6-headers_6.8.9.9-5+deb8u14_all.deb c21872a08792a095ea964a9c128230f7 135922 libdevel optional libmagickwand-6-headers_6.8.9.9-5+deb8u14_all.deb 02eaef01dd03f55bd5b5037574a42bdb 171344 libdevel optional libmagick++-6-headers_6.8.9.9-5+deb8u14_all.deb daa2a9803141a595fcd333e3a6eda56c 179552 perl optional libimage-magick-perl_6.8.9.9-5+deb8u14_all.deb 391cd41ba7d128109accf1751ddc3eed 127244 oldlibs extra perlmagick_6.8.9.9-5+deb8u14_all.deb 04b465a8b75454184cac7f4cf18c8575 127238 oldlibs extra libmagickcore-dev_6.8.9.9-5+deb8u14_all.deb 9409e38c6a68ecc83e9fd61892782ad7 127228 oldlibs extra libmagickwand-dev_6.8.9.9-5+deb8u14_all.deb a967b65f6fcb6d26f44e68ea9a67176f 127244 oldlibs extra libmagick++-dev_6.8.9.9-5+deb8u14_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAlu0x00ACgkQLNd4Xt2n sg/SWBAAinHIrFETG7T7DJFrxmF2ivGT3LqC/anGmw76Mj/J2nd47EFv7ofmTtJm ZGv2Qa8MAjjIW9fnsZlj9Oie1iFNCx7QVPR3WMdksNoepk6cZSyDDBVm2KX0DOf0 q5F57vMS6Ta8OvIqB+STGY25UK5WuuNda63fZsKYrOJhG2/1etCQQdDNoWZP0+WJ nHGF9xwbfmsaOd08xgj75+bKQa0kjY07pjwL9R+PZRzSGySzzsw1RMbdqOp0EeaY vQsIkgL4L06eAK47MCKi0Bf+dSgjFtD44ztIhzxXFSbMLnbICNNGkdM6Gk2PzKyy 8FWZA3zl3jab6jZqCaDXmKDC8FcWUMpiuFGCfVL8kHsK+IAyjHX6J0xMPE0QN+dg J7HzJ5tE3x8D4w3hqHhY2f6NEgivxXb3hcmQKwpOCb5F005EMQb1lE4Nj5GYtu8Z JjkdPHvLmymbno68+biJrWlnk2pyV2ppYDsWmby0CdZHXSiyVg4tCrVmxeXLdSV9 Ia5fj5NPTOT7gZAXSrxwTUbVR1JybkwYRFnNStbCaPHCgJ6N/yQU0GaaoVjvnPzt AAb9GB0H99e8tKrz7nthbXY8lMaI4IE+hUx2i7iIvFS/wy1uRxks8KEmj0mMH5Zu upt3arFjGYWGvv6GaYXo9h6NyKfad3TqSFSu7IaQxEPPITZmxOY= =Er1U -----END PGP SIGNATURE-----
