[Pkg-gmagick-im-team] imagemagick_7.1.2.7+dfsg1-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sat Oct 18 15:35:34 BST 2025
Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 18 Oct 2025 11:57:01 +0200
Source: imagemagick
Architecture: source
Version: 8:7.1.2.7+dfsg1-1
Distribution: unstable
Urgency: medium
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team at lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca at debian.org>
Closes: 1118340
Changes:
imagemagick (8:7.1.2.7+dfsg1-1) unstable; urgency=medium
.
* New upstream version.
* Fix CVE-2025-62171 (Closes: #1118340)
An integer overflow vulnerability exists in the BMP decoder
on 32-bit systems. The vulnerability occurs in coders/bmp.c
when calculating the extent value by multiplying image columns
by bits per pixel. On 32-bit systems with size_t of 4 bytes,
a malicious BMP file with specific dimensions can cause
this multiplication to overflow and wrap to zero.
Checksums-Sha1:
ba2abb9b1da29b896c50685121a5bb5c48c6b5ef 5097 imagemagick_7.1.2.7+dfsg1-1.dsc
a9ec9ec76effbaaac1ca0d0a0b911e71e2338463 10527588 imagemagick_7.1.2.7+dfsg1.orig.tar.xz
dcd1776a73cf854c5e982306dbc566c841bc34e4 268564 imagemagick_7.1.2.7+dfsg1-1.debian.tar.xz
b5d4832ce0462d02fec0569cca8846623860a12f 8114 imagemagick_7.1.2.7+dfsg1-1_source.buildinfo
Checksums-Sha256:
82c07fd240804227255ecad5fc5b4466a0094038d1120e9872043d10e79f9164 5097 imagemagick_7.1.2.7+dfsg1-1.dsc
e627876db102241d4b803a765edb0dc475e0f60a7284d48f234eebc9aceb24e9 10527588 imagemagick_7.1.2.7+dfsg1.orig.tar.xz
72e40a3765cf04e14b380d669879baaa86378d11da62364c8da92516dcb71acc 268564 imagemagick_7.1.2.7+dfsg1-1.debian.tar.xz
723102db2ac2d555c38ac8d4ee65f56a1083292f9db5cf1c3107374452f34421 8114 imagemagick_7.1.2.7+dfsg1-1_source.buildinfo
Files:
d6cd6ef7ccb3019d050e2f614f1a88e3 5097 graphics optional imagemagick_7.1.2.7+dfsg1-1.dsc
767b48f61d0d0292b3c961d81ccf0f5c 10527588 graphics optional imagemagick_7.1.2.7+dfsg1.orig.tar.xz
35bbb2bfc4b166c91c54bbc182ca11ce 268564 graphics optional imagemagick_7.1.2.7+dfsg1-1.debian.tar.xz
3de689550dc4f17799d9e5bf6a18d6fe 8114 graphics optional imagemagick_7.1.2.7+dfsg1-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmjznqAACgkQADoaLapB
CF9yRg//XhyjjyJefS1zY+YS2jeRokgJZ0szZZR/WpDFdkVbzmo8TISl2y1yqcaH
1tt3Fl3MkARFF8CTGMrCt5zT4mPqd/WhFg34XTFf1nSSYC2UT+UI3CUxZlG18d4y
sBN0/4WJsfC2n19yhLcHGeNIHIRTAfzScJL2QwJUJB0Z3HnpBgLbV9eLWqNPRmQx
v4S+fyOJGOZ5vgyWc6eQHmkPZO2wCitfyWn09/ZMqut4AiAS9x6R12K/cr9YGppY
lsrkgVIQXjsy7L7AORoj9jyIr3uMu9bR4w03S+/7jDRP43OgdOL9MM0kg5UVFeWy
ITx+rKMqNg0jplyTaWBZ0dNT80pslPhfK25xfdp65kIG6N5HQ95TbhinfXOGpa9J
XWxTCljZZl3SZaukr7IGOVtT7QOtyQmjsxZqgP1+7yguilEMfCMyjMqznUO+66yT
uPJqU3U8XfxxwkpYKL/WUxIpiY6I9N3NwSfTriE3js+X+u8v1J7brVZKT/ekoAIW
SFmUeAUW83qyb/cVWX3WARc+/n8Q2SdDdkHG33vQSsasP++1Ss7ySb6kdelEXOR3
y9Pa7s+fGGTPkYzoTIeHZbrUEG9ovldVIjtIGOyTYie8dz7bVI8zh0i/zB5HtYcp
SmV49cuGi+67Oc0L83R1uXd3VYWWnnMpDZFB9cOa/x9KO6wZrOk=
=1ENF
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gmagick-im-team/attachments/20251018/49ba11db/attachment.sig>
More information about the Pkg-gmagick-im-team
mailing list