Ubuntu
imagemagick package

Bug #7359
Comment #1

Comment 1 for bug 7359

Revision history for this message

Debian Bug Importer (debzilla) wrote on 2004-08-08:

Message-ID: <email address hidden>
Date: Sun, 8 Aug 2004 14:10:33 +0200
From: "J.H.M. Dassen (Ray)" <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: New upstream release fixes png handling vulnerabilities

Package: imagemagick
Version: 5:6.0.3.5-2
Severity: grave
Tags: upstream fixed-upstream security sarge sid

ImageMagick 6.0.4 has been released upstream. The change include (according
to freshmeat) "Recently disclosed libpng vulnerabilities were fixed. LZW
compression is now enabled by default."

"recently disclosed libpng vulnerabilities" include
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599

-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (800, 'unstable'), (750, 'experimental'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.27
Locale: LANG=C, LC_CTYPE=en_US.ISO8859-1

Versions of packages imagemagick depends on:
ii libmagick6 5:6.0.3.5-2 Image manipulation library (free v

-- no debconf information
--
Obsig: developing a new sig

Ubuntuimagemagick package

Comment 1 for bug 7359

Ubuntu
imagemagick package