[Pkg-gmagick-im-team] Bug#1076158: bullseye-pu: package imagemagick/8:6.9.11.60+dfsg-1.3+deb11u4
Bastien Roucariès
rouca at debian.org
Thu Jul 11 18:46:07 BST 2024
Package: release.debian.org
Severity: normal
Tags: bullseye
X-Debbugs-Cc: imagemagick at packages.debian.org
Control: affects -1 + src:imagemagick
User: release.debian.org at packages.debian.org
Usertags: pu
[ Reason ]
* CVE-2023-34151 fix was incomplete (Closes: #1070340)
* Fix variation of CVE-2023-1289 found by testing.
* Fix CVE-2021-20312: Fix a divide by zero (Closes: #1013282)
* Fix CVE-2021-20313: Fix a divide by zero
[ Impact ]
CVE are still opened
[ Tests ]
Automatic test for CVE-2023-1289, other manual test with libasan
[ Risks ]
Low review of changes and testing cross checked with santiago
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
-------------- next part --------------
A non-text attachment was scrubbed...
Name: imagemagick-bullseye.debdiff
Type: text/x-patch
Size: 52784 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gmagick-im-team/attachments/20240711/73c341d1/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://alioth-lists.debian.net/pipermail/pkg-gmagick-im-team/attachments/20240711/73c341d1/attachment-0001.sig>
More information about the Pkg-gmagick-im-team
mailing list