Bug#1121912: freeimage: dead upstream, open security issues
Tobias Frost
tobi at debian.org
Sat Dec 13 08:44:35 GMT 2025
Control: tags -1 moreinfo
There are quite a few reverse dependencies, I guess those needs to be
tackled first.
$ ssh mirror.ftp-master.debian.org "dak rm -Rn freeimage"
Will remove the following packages from unstable:
freeimage | 3.18.0+ds2-11 | source
libfreeimage-dev | 3.18.0+ds2-11 | amd64, arm64, armhf, i386, ppc64el,
riscv64, s390x
libfreeimage3 | 3.18.0+ds2-11 | amd64, arm64, armhf, i386, ppc64el,
riscv64, s390x
libfreeimageplus-dev | 3.18.0+ds2-11 | amd64, arm64, armhf, i386,
ppc64el, riscv64, s390x
libfreeimageplus-doc | 3.18.0+ds2-11 | all
libfreeimageplus3 | 3.18.0+ds2-11 | amd64, arm64, armhf, i386, ppc64el,
riscv64, s390x
Maintainer: Debian Science Maintainers
<debian-science-maintainers at lists.alioth.debian.org>
------------------- Reason -------------------
----------------------------------------------
Checking reverse dependencies...
# Broken Depends:
apriltag: apriltag
colmap: colmap [amd64 arm64 i386 ppc64el riscv64 s390x]
deepin-album: deepin-album
deepin-image-viewer: deepin-image-viewer
forge: libforge1t64
gl-image-display: libgl-image-display0
libkysdk-applications: libkysdk-applications
mrcal: libmrcal4
nvidia-cuda-samples/contrib: nvidia-cuda-samples
ogre-1.12: libogre1.12.10t64
ogre-1.9: libogre-1.9.0t64
opencascade: libocct-ivtk-dev
libocct-visualization-7.8
libocct-visualization-7.9
libocct-visualization-dev
perceptualdiff: perceptualdiff
photoqt: photoqt [amd64 arm64 armhf ppc64el riscv64 s390x]
posterazor: posterazor
ruby-image-science: ruby-image-science
# Broken Build-Depends:
apriltag: libfreeimage-dev
colmap: libfreeimage-dev
deepin-album: libfreeimage-dev
deepin-image-viewer: libfreeimage-dev
dtkgui: libfreeimage-dev
forge: libfreeimage-dev
gl-image-display: libfreeimage-dev
imv: libfreeimage-dev
kew: libfreeimage-dev
libkysdk-applications: libfreeimage-dev
libfreeimageplus-dev
mrcal: libfreeimage-dev
ogre-1.12: libfreeimage-dev
ogre-1.9: libfreeimage-dev
opencascade: libfreeimage-dev
perceptualdiff: libfreeimage-dev
photoqt: libfreeimageplus-dev
posterazor: libfreeimage-dev
ruby-image-science: libfreeimage-dev
xtrkcad: libfreeimage-dev
Dependency problem found.
On Thu, 04 Dec 2025 17:26:59 +0100 Emilio Pozuelo Monfort
<pochu at debian.org> wrote:
> Source: freeimage
> Version: 3.18.0+ds2-11
> Severity: serious
> Tags: security
> X-Debbugs-Cc: team at security.debian.org
>
> Hi,
>
> It looks like freeimage is dead upstream (last upstream release in
2018, upstream
> maintainer email bounces[1]). With many open security issues[2], I
believe freeimage
> is not in a shape to be released in Debian, and should be removed.
>
> This bug at RC severity should kick it out of testing for the time
being, and if
> nobody is willing to take over it and look at the security issues, it
should
> eventually be dropped from sid as well.
>
> Cheers,
> Emilio
>
> [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082375
> [2]
https://security-tracker.debian.org/tracker/source-package/freeimage
>
>
More information about the debian-science-maintainers
mailing list