home  bbs  files  messages ]

      ZZLI4418             linux.debian.changes             452 messages      

[ previous | next | reply ]

[ list messages | list forums ]

  Msg # 295 of 452 on ZZLI4418, Monday 11-02-25, 1:56  
  From: DEBIAN FTP MASTERS  
  To: ALL  
  Subj: Accepted imagemagick 8:7.1.1.43+dfsg1-1+  
 From: ftpmaster@ftp-master.debian.org 
  
 -----BEGIN PGP SIGNED MESSAGE----- 
 Hash: SHA512 
  
 Format: 1.8 
 Date: Sun, 19 Oct 2025 10:37:32 +0200 
 Source: imagemagick 
 Architecture: source 
 Version: 8:7.1.1.43+dfsg1-1+deb13u3 
 Distribution: trixie 
 Urgency: high 
 Maintainer: ImageMagick Packaging Team  
 Changed-By: Bastien Roucari€€s  
 Closes: 1118340 
 Changes: 
  imagemagick (8:7.1.1.43+dfsg1-1+deb13u3) trixie; urgency=high 
  . 
    * Fix CVE-2025-62171 (Closes: #1118340) 
      Integer Overflow in BMP Decoder (ReadBMP): 
      CVE-2025-57803 claims to be patched, but the fix is incomplete 
      and ineffective. 
      . 
      The patch added BMPOverflowCheck() but placed it 
      after the overflow occurs, making it useless. 
      A malicious 58-byte BMP file can trigger AddressSanitizer 
      crashes and DoS. 
 Checksums-Sha1: 
  f4bf6e255bee2c68a74c17dcacd9a11a601cc326 5136 imagemagick_7.1.1 
 43+dfsg1-1+deb13u3.dsc 
  103af0af388a733c043845b228cf3031c16d859b 10501740 imagemagick_7 
 1.1.43+dfsg1.orig.tar.xz 
  8d6842ed6c955dbee61f3919db367e67cb7ea272 284576 imagemagick_7.1 
 1.43+dfsg1-1+deb13u3.debian.tar.xz 
  f17804174754510877d932705399ec3b0a69e442 30879 imagemagick_7.1. 
 .43+dfsg1-1+deb13u3_amd64.buildinfo 
 Checksums-Sha256: 
  a69cd7df2ddd66b2c940aa1f94f0ab343f0b0c2ca162dee17cca0ac8f03d8280 5136 
 imagemagick_7.1.1.43+dfsg1-1+deb13u3.dsc 
  bcb4f3c78a930a608fa4889f889edbcb384974246ad9407fce1858f2c0607bfe 10501740 
 imagemagick_7.1.1.43+dfsg1.orig.tar.xz 
  65cc60e2f990fa43d5c37a1ca181983a33df4b3f851addf3ce83a9f89cc35ff5 284576 
 imagemagick_7.1.1.43+dfsg1-1+deb13u3.debian.tar.xz 
  a4e59f3ae41efb25e29385e4259050f65b0848ce4e159b186a5d46489fc6b9c7 30879 
 imagemagick_7.1.1.43+dfsg1-1+deb13u3_amd64.buildinfo 
 Files: 
  2b3102bad99be3f25ed7a6796706b851 5136 graphics optional imagema 
 ick_7.1.1.43+dfsg1-1+deb13u3.dsc 
  01cfb13a7c1813afb50790e431358c6c 10501740 graphics optional ima 
 emagick_7.1.1.43+dfsg1.orig.tar.xz 
  6f362dbc50a82f466b9304e87775cb44 284576 graphics optional image 
 agick_7.1.1.43+dfsg1-1+deb13u3.debian.tar.xz 
  90e41f7205506455ab42cc927c005369 30879 graphics optional imagem 
 gick_7.1.1.43+dfsg1-1+deb13u3_amd64.buildinfo 
  
 -----BEGIN PGP SIGNATURE----- 
  
 iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmkGRysACgkQADoaLapB 
 CF/vABAAkj+jur80hLrqzl4w/O6js1XDgxUTlKluN2x09rf1ERfdTAbwYNtCW+GR 
 3tOnL6X4MvWKQhSZGKuIpYPrBt6G/Il8Oh3V8jTsJx95Q8U97zsEquD07rWrlmUw 
 yy2VheNP7VDEujruoMX+beFpZxnh2VLna7IxABzi4zeCkm2tXGR4j61EbH2dPXJk 
 jN/t+MdiSOaHzSRQp3NB42ZgLPjvVzAvRhLuwZH1ieo187m1tdC5QzbskXkz0kXg 
 nh7yNRU1uXwY5u5/VlLdI04bl5e8J8nIZ7H3IxTnUndhLSiKzt0tcEqg6xz+te/Q 
 qwtMBkSJ2t8wKIdTxOQxHDbhEoEh2ZSLSNkgPgvn7DaOJKvf2YoiJLeaAplqA/5D 
 3qgtAOIwS+GSl5Lp+B6qjtRjgK4fwY7Kc5paR/Sems0mAfHRzt4lw0OliP7MV1SB 
 9L8jamdU3IMaWA6sVk1AUQOveCgMY0CDuWE+2ltmu+yn1YGJ903VbgBbg/Eq/022 
 ZYOHos3hDzk/EzSYA+Qy7cj4mCyDaI6EVO7D9mt5ziggKZENMgqnC826fqwHKbUm 
 PLRFso/LFflhl9ZzZFfdCoiULxldreL9d6At6eZMheLwkpER2mQ7T2mWsg26PG/9 
 PCic1loHCZZotBY4/j6gkY57WQ25XSl11EkKPsrg3gUzP1Amkmk= 
 =aSMJ 
 -----END PGP SIGNATURE----- 
  
  
 --==============100266832086735936=Content-Type: application/pgp-signature 
  
 -----BEGIN PGP SIGNATURE----- 
  
 iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaQdLxgAKCRCb9qggYcy5 
 IZnGAQC0e8uyGh9lY8ZdAEKEfPy85VVblFM0YwJwaTLzhkJ2DwEAmXpv1nj7UxcM 
 pWUcLwXhvMdNoxis80NLbQiwqJyXLwk=cvBi 
 -----END PGP SIGNATURE----- 
  
 --- SoupGate-Win32 v1.05 
  * Origin: you cannot sedate... all the things you hate (1:229/2) 

[ list messages | list forums | previous | next | reply ]

search for:

328,136 visits
(c) 1994,  bbs@darkrealms.ca