Message-ID: <email address hidden> Date: Sun, 8 Aug 2004 14:10:33 +0200 From: "J.H.M. Dassen (Ray)" <email address hidden> To: Debian Bug Tracking System <email address hidden> Subject: New upstream release fixes png handling vulnerabilities
Package: imagemagick Version: 5:6.0.3.5-2 Severity: grave Tags: upstream fixed-upstream security sarge sid
ImageMagick 6.0.4 has been released upstream. The change include (according to freshmeat) "Recently disclosed libpng vulnerabilities were fixed. LZW compression is now enabled by default."
"recently disclosed libpng vulnerabilities" include http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599
-- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (800, 'unstable'), (750, 'experimental'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: LANG=C, LC_CTYPE=en_US.ISO8859-1
Versions of packages imagemagick depends on: ii libmagick6 5:6.0.3.5-2 Image manipulation library (free v
-- no debconf information -- Obsig: developing a new sig
Message-ID: <email address hidden>
Date: Sun, 8 Aug 2004 14:10:33 +0200
From: "J.H.M. Dassen (Ray)" <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: New upstream release fixes png handling vulnerabilities
Package: imagemagick
Version: 5:6.0.3.5-2
Severity: grave
Tags: upstream fixed-upstream security sarge sid
ImageMagick 6.0.4 has been released upstream. The change include (according
to freshmeat) "Recently disclosed libpng vulnerabilities were fixed. LZW
compression is now enabled by default."
"recently disclosed libpng vulnerabilities" include cve.mitre. org/cgi- bin/cvename. cgi?name= CAN-2004- 0597 cve.mitre. org/cgi- bin/cvename. cgi?name= CAN-2004- 0598 cve.mitre. org/cgi- bin/cvename. cgi?name= CAN-2004- 0599
http://
http://
http://
-- System Information: en_US.ISO8859- 1
Debian Release: 3.1
APT prefers unstable
APT policy: (800, 'unstable'), (750, 'experimental'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.27
Locale: LANG=C, LC_CTYPE=
Versions of packages imagemagick depends on:
ii libmagick6 5:6.0.3.5-2 Image manipulation library (free v
-- no debconf information
--
Obsig: developing a new sig