[Secure-testing-commits] r47310 - in data: . DLA
Antoine Beaupré
anarcat at moszumanska.debian.org
Thu Dec 22 01:36:00 UTC 2016
Author: anarcat
Date: 2016-12-22 01:35:59 +0000 (Thu, 22 Dec 2016)
New Revision: 47310
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-756-1 for imagemagick
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2016-12-21 23:32:02 UTC (rev 47309)
+++ data/DLA/list 2016-12-22 01:35:59 UTC (rev 47310)
@@ -1,3 +1,6 @@
+[21 Dec 2016] DLA-756-1 imagemagick - security update
+ {CVE-2016-7799 CVE-2016-8707 CVE-2016-8862 CVE-2016-8866 CVE-2016-9556}
+ [wheezy] - imagemagick 8:6.7.7.10-5+deb7u10
[21 Dec 2016] DLA-755-1 dcmtk - security update
{CVE-2015-8979}
[wheezy] - dcmtk 3.6.0-12+deb7u1
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-12-21 23:32:02 UTC (rev 47309)
+++ data/dla-needed.txt 2016-12-22 01:35:59 UTC (rev 47310)
@@ -23,8 +23,6 @@
--
hdf5 (Thorsten Alteholz)
--
-imagemagick (Antoine Beaupre)
---
libav (Hugo Lefeuvre)
NOTE: Upstream should provide new point-releases fixing open security issues in the next months.
NOTE: Lots of CVEs are open, this is going to take some time. (See debian-lts ML)
@@ -81,6 +79,7 @@
NOTE: 2/ run autopkgtest and do whatever other tests should be done
NOTE: 3/ wait until jessie has the same upstream version or package this update
NOTE: as a patch on top of 2:3.26-1+debu7u1
+ NOTE: (anarcat) asked secteam for approval, can work on the update
--
ntp
NOTE: Kurt Roeckx is working on an update
More information about the Secure-testing-commits
mailing list