Debian Bug report logs - #721273
imagemagick: CVE-2013-4298: DoS: Memory corruption while processing GIF comments

version graph

Package: imagemagick; Maintainer for imagemagick is ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>; Source for imagemagick is src:imagemagick.

Reported by: Bastien ROUCARIES <roucaries.bastien@gmail.com>

Date: Thu, 29 Aug 2013 19:15:02 UTC

Severity: serious

Tags: confirmed, fixed-in-experimental, fixed-upstream, patch, security

Found in version imagemagick/8:6.7.7.10-5

Fixed in versions imagemagick/8:6.8.5.6-2, imagemagick/8:6.6.0.4-3+squeeze3, imagemagick/8:6.8.5.6-1, imagemagick/8:6.6.0.4-3+squeeze1, imagemagick/8:6.7.9.3-1, imagemagick/8:6.8.5.6-3, imagemagick/8:6.7.9.3-2, imagemagick/8:6.6.0.4-3+squeeze2, imagemagick/8:6.6.0.4-3, imagemagick/8:6.7.7.10-6, imagemagick/8:6.7.7.10-5+deb7u2

Done: Vincent Fourmond <fourmond@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>:
Bug#721273; Package imagemagick. (Thu, 29 Aug 2013 19:15:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Bastien ROUCARIES <roucaries.bastien@gmail.com>:
New Bug report received and forwarded. Copy sent to ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>. (Thu, 29 Aug 2013 19:15:06 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Bastien ROUCARIES <roucaries.bastien@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Fwd: [Bug 1218248] Re: DoS: memory corruption while processing GIF comments.
Date: Thu, 29 Aug 2013 21:13:18 +0200
[Message part 1 (text/plain, inline)]
Package: ImageMagick
Control: severity -1 serious
Control: tags -1 + security
Control: tags -1 + patch
Control: tags -1 + fixed-upstream
Control: tags -1 + fixed-in-experimental
Control: tag -1 confirmed
>
> ---------- Message transféré ----------
> De : "Bastien ROUCARIES" <roucaries.bastien@gmail.com>
> Date : 29 août 2013 21:05
> Objet : Fwd: [Bug 1218248] Re: DoS: memory corruption while processing
GIF comments.
> À : <security@debian.org>
> Cc :
>
>> Will take care asap for stable and latter old stable testing and
unstable.
>>
>> Bastien
>>
>> ---------- Message transféré ----------
>> De : "Seth Arnold" <1218248@bugs.launchpad.net>
>> Date : 29 août 2013 20:25
>> Objet : [Bug 1218248] Re: DoS: memory corruption while processing GIF
comments.
>> À : <roucaries.bastien+bugs@gmail.com>
>> Cc :
>>
>> ** Information type changed from Private Security to Public Security
>>
>> --
>> You received this bug notification because you are subscribed to
>> imagemagick in Ubuntu.
>> https://bugs.launchpad.net/bugs/1218248
>>
>> Title:
>>   DoS: memory corruption while processing GIF comments.
>>
>> Status in “imagemagick” package in Ubuntu:
>>   New
>>
>> Bug description:
>>   Memory corruption while processing GIF comments. As the result
>>   malloc's private stuctures are corrupted and it causes SIGABRT and
>>   application crashes.
>>
>>   Here is a topic on imagemagick forum: http://www.imagemagick.org
>>   /discourse-server/viewtopic.php?f=3&t=23921 . You can easily reproduce
>>   problem with images from this topic.
>>
>>
>>   It was a problem with handling comments. '\0' symbol was places after
allocated memory buffer.
>>   To fix this problem raw memory handling functions was replaced with
ConcatenateString.
>>   Original code that solves this problem:
http://trac.imagemagick.org/changeset/8770/ImageMagick/trunk/coders/gif.c
>>
>>   Patch that solves problem is attached to this bug report and tested in
>>   Yandex.
>>
>> To manage notifications about this bug go to:
>>
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1218248/+subscriptions
[Message part 2 (text/html, inline)]

Severity set to 'serious' from 'normal' Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Thu, 29 Aug 2013 19:15:06 GMT) Full text and rfc822 format available.

Added tag(s) security. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Thu, 29 Aug 2013 19:15:07 GMT) Full text and rfc822 format available.

Added tag(s) patch. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Thu, 29 Aug 2013 19:15:08 GMT) Full text and rfc822 format available.

Added tag(s) fixed-upstream. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Thu, 29 Aug 2013 19:15:09 GMT) Full text and rfc822 format available.

Added tag(s) fixed-in-experimental. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Thu, 29 Aug 2013 19:15:10 GMT) Full text and rfc822 format available.

Added tag(s) confirmed. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to submit@bugs.debian.org. (Thu, 29 Aug 2013 19:15:11 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>:
Bug#721273; Package imagemagick. (Fri, 30 Aug 2013 00:27:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Bastien ROUCARIES <roucaries.bastien@gmail.com>:
Extra info received and forwarded to list. Copy sent to ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>. (Fri, 30 Aug 2013 00:27:04 GMT) Full text and rfc822 format available.

Message #22 received at 721273@bugs.debian.org (full text, mbox):

From: Bastien ROUCARIES <roucaries.bastien@gmail.com>
To: 721273@bugs.debian.org
Subject: Fixed in old stable/experiment
Date: Fri, 30 Aug 2013 02:25:54 +0200
control: fixed -1 8:6.6.0.4-3+squeeze3
control: fixed -1 8:6.6.0.4-3+squeeze2
control: fixed -1 8:6.6.0.4-3+squeeze1
control: fixed -1 8:6.6.0.4-3
control: fixed -1 8:6.8.5.6-3
control: fixed -1 8:6.8.5.6-2
control: fixed -1 8:6.8.5.6-1
control: fixed -1 8:6.7.9.3-2
control: fixed -1 8:6.7.9.3-1
control: notfixed -1 8:6.7.7.10-5

Fixed in old stable due to other code design
Fixed in experimental



Marked as fixed in versions imagemagick/8:6.6.0.4-3+squeeze3. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:27:04 GMT) Full text and rfc822 format available.

Marked as fixed in versions imagemagick/8:6.6.0.4-3+squeeze2. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:27:05 GMT) Full text and rfc822 format available.

Marked as fixed in versions imagemagick/8:6.6.0.4-3+squeeze1. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:27:06 GMT) Full text and rfc822 format available.

Marked as fixed in versions imagemagick/8:6.6.0.4-3. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:27:07 GMT) Full text and rfc822 format available.

Marked as fixed in versions imagemagick/8:6.8.5.6-3. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:27:08 GMT) Full text and rfc822 format available.

Marked as fixed in versions imagemagick/8:6.8.5.6-2. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:27:09 GMT) Full text and rfc822 format available.

Marked as fixed in versions imagemagick/8:6.8.5.6-1. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:27:10 GMT) Full text and rfc822 format available.

Marked as fixed in versions imagemagick/8:6.7.9.3-2. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:27:11 GMT) Full text and rfc822 format available.

Marked as fixed in versions imagemagick/8:6.7.9.3-1. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:27:12 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>:
Bug#721273; Package imagemagick. (Fri, 30 Aug 2013 00:30:10 GMT) Full text and rfc822 format available.

Acknowledgement sent to Bastien ROUCARIES <roucaries.bastien@gmail.com>:
Extra info received and forwarded to list. Copy sent to ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>. (Fri, 30 Aug 2013 00:30:10 GMT) Full text and rfc822 format available.

Message #45 received at 721273@bugs.debian.org (full text, mbox):

From: Bastien ROUCARIES <roucaries.bastien@gmail.com>
To: 721273 <721273@bugs.debian.org>
Subject: Re: Fixed in old stable/experiment
Date: Fri, 30 Aug 2013 02:27:10 +0200
control: tags 721273 + pending


On Fri, Aug 30, 2013 at 2:25 AM, Bastien ROUCARIES
<roucaries.bastien@gmail.com> wrote:
> control: fixed -1 8:6.6.0.4-3+squeeze3
> control: fixed -1 8:6.6.0.4-3+squeeze2
> control: fixed -1 8:6.6.0.4-3+squeeze1
> control: fixed -1 8:6.6.0.4-3
> control: fixed -1 8:6.8.5.6-3
> control: fixed -1 8:6.8.5.6-2
> control: fixed -1 8:6.8.5.6-1
> control: fixed -1 8:6.7.9.3-2
> control: fixed -1 8:6.7.9.3-1
> control: notfixed -1 8:6.7.7.10-5
>
> Fixed in old stable due to other code design
> Fixed in experimental



Added tag(s) pending. Request was from Bastien ROUCARIES <roucaries.bastien@gmail.com> to 721273-submit@bugs.debian.org. (Fri, 30 Aug 2013 00:30:10 GMT) Full text and rfc822 format available.

Marked as found in versions imagemagick/8:6.7.7.10-5. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Fri, 30 Aug 2013 12:51:07 GMT) Full text and rfc822 format available.

Reply sent to Bastien Roucariès <roucaries.bastien+debian@gmail.com>:
You have taken responsibility. (Sun, 01 Sep 2013 09:36:05 GMT) Full text and rfc822 format available.

Notification sent to Bastien ROUCARIES <roucaries.bastien@gmail.com>:
Bug acknowledged by developer. (Sun, 01 Sep 2013 09:36:05 GMT) Full text and rfc822 format available.

Message #54 received at 721273-close@bugs.debian.org (full text, mbox):

From: Bastien Roucariès <roucaries.bastien+debian@gmail.com>
To: 721273-close@bugs.debian.org
Subject: Bug#721273: fixed in imagemagick 8:6.7.7.10-6
Date: Sun, 01 Sep 2013 09:33:46 +0000
Source: imagemagick
Source-Version: 8:6.7.7.10-6

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 721273@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès <roucaries.bastien+debian@gmail.com> (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 30 Aug 2013 00:29:40 +0200
Source: imagemagick
Binary: imagemagick imagemagick-dbg imagemagick-common imagemagick-doc libmagickcore5 libmagickcore5-extra libmagickcore-dev libmagickwand5 libmagickwand-dev libmagick++5 libmagick++-dev perlmagick
Architecture: source amd64 all
Version: 8:6.7.7.10-6
Distribution: unstable
Urgency: high
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <roucaries.bastien+debian@gmail.com>
Description: 
 imagemagick - image manipulation programs
 imagemagick-common - image manipulation programs -- infrastructure
 imagemagick-dbg - debugging symbols for ImageMagick
 imagemagick-doc - document files of ImageMagick
 libmagick++-dev - object-oriented C++ interface to ImageMagick - development files
 libmagick++5 - object-oriented C++ interface to ImageMagick
 libmagickcore-dev - low-level image manipulation library - development files
 libmagickcore5 - low-level image manipulation library
 libmagickcore5-extra - low-level image manipulation library - extra codecs
 libmagickwand-dev - image manipulation library - development files
 libmagickwand5 - image manipulation library
 perlmagick - Perl interface to the ImageMagick graphics routines
Closes: 721273
Changes: 
 imagemagick (8:6.7.7.10-6) unstable; urgency=high
 .
   * Security Fix: Buffer overflow "Memory corruption while processing
     GIF comments.", (Closes: #721273).
Checksums-Sha1: 
 4089d2b1b7359baeaf6a2a563a74833b85209941 2505 imagemagick_6.7.7.10-6.dsc
 0124116e0ed53f46a9230d57014e8a9042eefd21 138207 imagemagick_6.7.7.10-6.debian.tar.bz2
 10ba300ac3b2a23d83f1455fddcdbd8372e0e85e 280268 imagemagick_6.7.7.10-6_amd64.deb
 b65e451c58c8fcad442b09b2a71a7a4ed6b31e3f 5877226 imagemagick-dbg_6.7.7.10-6_amd64.deb
 307443c2a7b54189310a69b1ada7e0168e6c3f98 123028 imagemagick-common_6.7.7.10-6_all.deb
 06d2cb3b8d4cc1536faa8c185cfde084a64907ca 4362820 imagemagick-doc_6.7.7.10-6_all.deb
 c90c1748bf801fcb26ddc4f40baf29380a4e7a18 1559560 libmagickcore5_6.7.7.10-6_amd64.deb
 3ac2401a3b8d20b12115334b70a7a4a23b7ed76c 146758 libmagickcore5-extra_6.7.7.10-6_amd64.deb
 06484b67ee1ae8036d61d65a8fcb472c073f1363 991592 libmagickcore-dev_6.7.7.10-6_amd64.deb
 93e02da36e0c623ef968e025e0bb5127717d2015 357544 libmagickwand5_6.7.7.10-6_amd64.deb
 874360154ea3518607a5269c6d9d271c0f8202bf 359720 libmagickwand-dev_6.7.7.10-6_amd64.deb
 8cf0e3f2b80e062cfa437acea6b3f9fcbcd942bc 193726 libmagick++5_6.7.7.10-6_amd64.deb
 d2ea579a8de5cc719f30b338784944d033f73475 218514 libmagick++-dev_6.7.7.10-6_amd64.deb
 6542fe861339bc92f76d2f09147ee05965a7445d 227172 perlmagick_6.7.7.10-6_amd64.deb
Checksums-Sha256: 
 43f8dae4d09e50f962e59c9564c009f4794d2751ea1687b9d8acea32e6c2221e 2505 imagemagick_6.7.7.10-6.dsc
 a7cf85bf190ea04786f72816b90bf19fc4e61dd155f4920a183944a16870d4b1 138207 imagemagick_6.7.7.10-6.debian.tar.bz2
 084a656a441f920a91b15bad2ff4e49b7aaae774ae0f4b010b241300525911bd 280268 imagemagick_6.7.7.10-6_amd64.deb
 73aab65c2ea48492fad42d2c85d0549cce9f55bd870f431db1ee4557cbd48a56 5877226 imagemagick-dbg_6.7.7.10-6_amd64.deb
 1320198d79e9d374932af44e17c9ec964687c11da293beab7608577e86f8cbd7 123028 imagemagick-common_6.7.7.10-6_all.deb
 70c126c6e2886f532f6a5c6245952d20d1d137276e6d08918c11e111e0cb07c1 4362820 imagemagick-doc_6.7.7.10-6_all.deb
 d4a5dba6d7b55fc6b50fe4bda81908fb40ac18585e03b8bf764252e2d2d843e0 1559560 libmagickcore5_6.7.7.10-6_amd64.deb
 d15e937068c4216e72fa577a84a0da0f41a42ebd9a3bd31265aef6e3c1b0888e 146758 libmagickcore5-extra_6.7.7.10-6_amd64.deb
 29b46b5c60be24312fd1f287f68e3529d60acdf2579c0b7a49e9d7dd6716d5b2 991592 libmagickcore-dev_6.7.7.10-6_amd64.deb
 c509595abff099efa1b64f0ac3379b274d99feb9cbaf2e7236ebeef38f850b3c 357544 libmagickwand5_6.7.7.10-6_amd64.deb
 6546b7ae02f75d1a01f67eb41f11a6c50ce51ebe2c31335f31de1a371b8dfb71 359720 libmagickwand-dev_6.7.7.10-6_amd64.deb
 f2bddc25b45aa84c6c7d944bfc4e28aa8a6a20043b69199050a5d879336b8fe8 193726 libmagick++5_6.7.7.10-6_amd64.deb
 86144e36f049226e17306f5f73e240d07d806e55be575e03726c52dd4fee0776 218514 libmagick++-dev_6.7.7.10-6_amd64.deb
 97d1aae9dafd0979a591637743e729d5370e6f8f953583bfe4077fbd61d18b74 227172 perlmagick_6.7.7.10-6_amd64.deb
Files: 
 c540fdc56f92714189513adf052179e2 2505 graphics optional imagemagick_6.7.7.10-6.dsc
 eb5bd2f76b74e92fb7c8e6b90df6ec51 138207 graphics optional imagemagick_6.7.7.10-6.debian.tar.bz2
 c67f8917fefd4bdc7ef70cf766368000 280268 graphics optional imagemagick_6.7.7.10-6_amd64.deb
 76519e880f86ebd517e547a3c1ef1fe8 5877226 debug extra imagemagick-dbg_6.7.7.10-6_amd64.deb
 75b0f56250551f446269c24d25bf37bd 123028 graphics optional imagemagick-common_6.7.7.10-6_all.deb
 be23fcc4d007be5132d7c472b02e518a 4362820 doc optional imagemagick-doc_6.7.7.10-6_all.deb
 e2f08bfddbf132b7c452c6903a9740f1 1559560 libs optional libmagickcore5_6.7.7.10-6_amd64.deb
 502a8ae4b786b8d236de050dd4879cb3 146758 libs optional libmagickcore5-extra_6.7.7.10-6_amd64.deb
 a9f633dcc4e51b78e2324f67b8c06874 991592 libdevel optional libmagickcore-dev_6.7.7.10-6_amd64.deb
 b66de1fd0243160d3f00ac26945951ce 357544 libs optional libmagickwand5_6.7.7.10-6_amd64.deb
 69f6557df722955c57326cbf29ea3f0b 359720 libdevel optional libmagickwand-dev_6.7.7.10-6_amd64.deb
 0a6a9773612f27452b259f26240e5322 193726 libs optional libmagick++5_6.7.7.10-6_amd64.deb
 a1c4244585d916afe13e99d14331e559 218514 libdevel optional libmagick++-dev_6.7.7.10-6_amd64.deb
 8b11c732054befd8ce3dcec67c9b1373 227172 perl optional perlmagick_6.7.7.10-6_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlIjBUMACgkQx/UhwSKygsohegCbBG6htEH/2QTYv4w1ODCvb13L
b4gAnjuMn7TP1zPp40oKxR7UL/jnF1t+
=peFm
-----END PGP SIGNATURE-----




Information forwarded to debian-bugs-dist@lists.debian.org, ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>:
Bug#721273; Package imagemagick. (Tue, 03 Sep 2013 20:00:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>. (Tue, 03 Sep 2013 20:00:05 GMT) Full text and rfc822 format available.

Message #59 received at 721273@bugs.debian.org (full text, mbox):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Bastien ROUCARIES <roucaries.bastien@gmail.com>, 721273@bugs.debian.org
Subject: Re: Bug#721273: Fwd: [Bug 1218248] Re: DoS: memory corruption while processing GIF comments.
Date: Tue, 3 Sep 2013 21:57:50 +0200
Control: retitle -1 imagemagick: CVE-2013-4298: DoS: Memory corruption while processing GIF comments

Hi

A CVE was assigned now for this issue: CVE-2013-4298

Regards,
Salvatore



Changed Bug title to 'imagemagick: CVE-2013-4298: DoS: Memory corruption while processing GIF comments' from 'Fwd: [Bug 1218248] Re: DoS: memory corruption while processing GIF comments.' Request was from Salvatore Bonaccorso <carnil@debian.org> to 721273-submit@bugs.debian.org. (Tue, 03 Sep 2013 20:00:05 GMT) Full text and rfc822 format available.

Reply sent to Vincent Fourmond <fourmond@debian.org>:
You have taken responsibility. (Wed, 04 Sep 2013 21:03:15 GMT) Full text and rfc822 format available.

Notification sent to Bastien ROUCARIES <roucaries.bastien@gmail.com>:
Bug acknowledged by developer. (Wed, 04 Sep 2013 21:03:15 GMT) Full text and rfc822 format available.

Message #66 received at 721273-close@bugs.debian.org (full text, mbox):

From: Vincent Fourmond <fourmond@debian.org>
To: 721273-close@bugs.debian.org
Subject: Bug#721273: fixed in imagemagick 8:6.7.7.10-5+deb7u2
Date: Wed, 04 Sep 2013 21:02:22 +0000
Source: imagemagick
Source-Version: 8:6.7.7.10-5+deb7u2

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 721273@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Vincent Fourmond <fourmond@debian.org> (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 01 Sep 2013 23:18:27 +0200
Source: imagemagick
Binary: imagemagick imagemagick-dbg imagemagick-common imagemagick-doc libmagickcore5 libmagickcore5-extra libmagickcore-dev libmagickwand5 libmagickwand-dev libmagick++5 libmagick++-dev perlmagick
Architecture: source amd64 all
Version: 8:6.7.7.10-5+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Vincent Fourmond <fourmond@debian.org>
Description: 
 imagemagick - image manipulation programs
 imagemagick-common - image manipulation programs -- infrastructure
 imagemagick-dbg - debugging symbols for ImageMagick
 imagemagick-doc - document files of ImageMagick
 libmagick++-dev - object-oriented C++ interface to ImageMagick - development files
 libmagick++5 - object-oriented C++ interface to ImageMagick
 libmagickcore-dev - low-level image manipulation library - development files
 libmagickcore5 - low-level image manipulation library
 libmagickcore5-extra - low-level image manipulation library - extra codecs
 libmagickwand-dev - image manipulation library - development files
 libmagickwand5 - image manipulation library
 perlmagick - Perl interface to the ImageMagick graphics routines
Closes: 721273
Changes: 
 imagemagick (8:6.7.7.10-5+deb7u2) wheezy-security; urgency=high
 .
   * Bump version to get on the right side of dak
 .
 imagemagick (8:6.7.7.10-5+deb7u1) wheezy-security; urgency=high
 .
   [ Bastien Roucariès ]
   * Security Fix: Buffer overflow "Memory corruption while processing
     GIF comments.", (Closes: #721273).
 .
   [ Vincent Fourmond ]
   * Upload to wheezy-security
Checksums-Sha1: 
 70fdb7212d076edff5d7f3a9dea07bafaef72935 2533 imagemagick_6.7.7.10-5+deb7u2.dsc
 acb4f2647a19895abb2af5bd1379b0cca151c58a 10473522 imagemagick_6.7.7.10.orig.tar.bz2
 c32805b87117027ce5f20820d48dba6e3501cf5f 138234 imagemagick_6.7.7.10-5+deb7u2.debian.tar.bz2
 84eb49119f77229b766f4d33a7616cc5b33ce1d4 285014 imagemagick_6.7.7.10-5+deb7u2_amd64.deb
 143fefe20621476d80511eea1212eea069d976ac 6274334 imagemagick-dbg_6.7.7.10-5+deb7u2_amd64.deb
 8232c1fdced3684cc92261005dd5c8426602be34 128236 imagemagick-common_6.7.7.10-5+deb7u2_all.deb
 57b6d75c77826dd5195f3a5e2913c3c4729fcf3a 5628110 imagemagick-doc_6.7.7.10-5+deb7u2_all.deb
 e05732e93ac919c4da9753f8c17f9b4857b0f179 2083380 libmagickcore5_6.7.7.10-5+deb7u2_amd64.deb
 61c8659eb9ae6a88142e7c9ff1d64a59758c3f94 163678 libmagickcore5-extra_6.7.7.10-5+deb7u2_amd64.deb
 191a5b4a2e6ea4a180fcf7ab2155c37783fe9394 1386300 libmagickcore-dev_6.7.7.10-5+deb7u2_amd64.deb
 3e48fcac26fcd24912e528165c6b5c42a7d4d2cd 462178 libmagickwand5_6.7.7.10-5+deb7u2_amd64.deb
 c2899a275c17405c7f1ed155af4f944e904fa33d 544286 libmagickwand-dev_6.7.7.10-5+deb7u2_amd64.deb
 6a63e172e2d59556eaca183ffff88401e33eb573 236480 libmagick++5_6.7.7.10-5+deb7u2_amd64.deb
 38b91c4cf50f7b99967ebab97d616579e50e302d 284968 libmagick++-dev_6.7.7.10-5+deb7u2_amd64.deb
 b0a4ed2041d02e3ba719a81b0abdce433b303631 255654 perlmagick_6.7.7.10-5+deb7u2_amd64.deb
Checksums-Sha256: 
 3add8e04c40eca7a436b1acee59c84405d214da472e183953236342d391b214c 2533 imagemagick_6.7.7.10-5+deb7u2.dsc
 05fb23824b1c90ac35259715c94c65fb5cda6969eb597a7637762d8cf3998fda 10473522 imagemagick_6.7.7.10.orig.tar.bz2
 e210f8e5359180202896403d87571f71108d7e4c9658954d0ff3b334891ede27 138234 imagemagick_6.7.7.10-5+deb7u2.debian.tar.bz2
 02d324cc30f13b8f95b3d3a9cebf5e2eb4156feba97823a167602a39a9660040 285014 imagemagick_6.7.7.10-5+deb7u2_amd64.deb
 455230732bd467aeeb6fd147be809fd78d98c261fc3517f9c368183957b96a00 6274334 imagemagick-dbg_6.7.7.10-5+deb7u2_amd64.deb
 323f6ff2a86639de43b5c56c085e73d13ccd0985e1ba9e6eace7b55ace281e47 128236 imagemagick-common_6.7.7.10-5+deb7u2_all.deb
 ce2cc51742d0766a6362c6d09638e3663b2768598870f3e41be58ba5ede77dd8 5628110 imagemagick-doc_6.7.7.10-5+deb7u2_all.deb
 516283e6f9b8d10940f4c9983e5ec77c7740afb943e36d9f2d9bc2fa4d35e5cd 2083380 libmagickcore5_6.7.7.10-5+deb7u2_amd64.deb
 3340a399fab9be3531fdc38c46f0c98ea27865876071ea81e685e90b8e508c45 163678 libmagickcore5-extra_6.7.7.10-5+deb7u2_amd64.deb
 a2ea13b0e0d8e9320dd6e5d9cfbfb250d2b527ac3856887de67260237d702b20 1386300 libmagickcore-dev_6.7.7.10-5+deb7u2_amd64.deb
 5532e59d488f246b1191bfb89766fb1f6fee44b36fa3be773f505799311ce25f 462178 libmagickwand5_6.7.7.10-5+deb7u2_amd64.deb
 c97e39d788b2ce5a4f3fc8f70ef3e81540ee634873aec05212813a856c529639 544286 libmagickwand-dev_6.7.7.10-5+deb7u2_amd64.deb
 92f72a3d5e3f2b309100e122aa99cf04dad75d50a63f0ed2c2eb727935e82146 236480 libmagick++5_6.7.7.10-5+deb7u2_amd64.deb
 75318b22245ce995e3f742bd16ea9961d879d916c0012b1b60991a276ff3ac68 284968 libmagick++-dev_6.7.7.10-5+deb7u2_amd64.deb
 ee9ce3bf46d24bf270901624a7c2f851f7bbb1fb97918dda9cb890ffd5a7230a 255654 perlmagick_6.7.7.10-5+deb7u2_amd64.deb
Files: 
 f1d8faeb667036cd963857fdba35edac 2533 graphics optional imagemagick_6.7.7.10-5+deb7u2.dsc
 fb64a68853b7dd279075c7f2e17a8302 10473522 graphics optional imagemagick_6.7.7.10.orig.tar.bz2
 7eaf9370191b796fe73476c68638619e 138234 graphics optional imagemagick_6.7.7.10-5+deb7u2.debian.tar.bz2
 2b00272fc961116f9d5366c938ad9ed0 285014 graphics optional imagemagick_6.7.7.10-5+deb7u2_amd64.deb
 34b94ee578340e2f284e8582df3b3f07 6274334 debug extra imagemagick-dbg_6.7.7.10-5+deb7u2_amd64.deb
 b2062f813877ab7460db669bcd87b00f 128236 graphics optional imagemagick-common_6.7.7.10-5+deb7u2_all.deb
 54250ee23d95371d683c74e611d45a0e 5628110 doc optional imagemagick-doc_6.7.7.10-5+deb7u2_all.deb
 3d57a3814697bdd467e33180c644ed5c 2083380 libs optional libmagickcore5_6.7.7.10-5+deb7u2_amd64.deb
 cde5662b650407a5e2d9a093b802984b 163678 libs optional libmagickcore5-extra_6.7.7.10-5+deb7u2_amd64.deb
 ce30bea871b9957b33ce0e8793226ddf 1386300 libdevel optional libmagickcore-dev_6.7.7.10-5+deb7u2_amd64.deb
 6b2d71fb049be405eec3f4069642a14d 462178 libs optional libmagickwand5_6.7.7.10-5+deb7u2_amd64.deb
 37bc946a6a9c1632d0e543d14aa4d90e 544286 libdevel optional libmagickwand-dev_6.7.7.10-5+deb7u2_amd64.deb
 d218a04b20196f384a1c9e36e6aabc49 236480 libs optional libmagick++5_6.7.7.10-5+deb7u2_amd64.deb
 735d9aa59351ab259aaf712069e38a17 284968 libdevel optional libmagick++-dev_6.7.7.10-5+deb7u2_amd64.deb
 538bed796bf20e8a0ca8a8f8412ea9eb 255654 perl optional perlmagick_6.7.7.10-5+deb7u2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlIjtjQACgkQx/UhwSKygsqLwACeM+GUfPwZlK1iOWORa+uvUpOB
HXUAnjuV9MNpiBgnF20o5+me7eUtkxrO
=k8iS
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 13 Oct 2013 07:35:07 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 04:42:58 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.