Package "imagemagick"

  imagemagick (8:6.9.10.23+dfsg-2.1ubuntu11.7) focal-security; urgency=medium

  * SECURITY REGRESSION: Revert additional mitigation.
    - debian/patches/CVE-2022-44267_44268-2.patch: Remove bad mitigation via
      a policy file.
    - debian/patches/CVE-2022-44267_44268.patch: Renamed from
      debian/patches/CVE-2022-44267_44268-1.patch.

 -- Paulo Flabiano Smorigo <email address hidden> Thu, 30 Mar 2023 11:21:43 -0300

  imagemagick (8:6.9.10.23+dfsg-2.1ubuntu11.6) focal-security; urgency=medium

  * SECURITY UPDATE: Additional fix from previous release
    - debian/patches/CVE-2022-44267_44268-1.patch: Renamed from
      debian/patches/CVE-2022-44268.patch and change the code following
      discussion in comment 12 of LP: #2004580.
    - debian/patches/CVE-2022-44267_44268-2.patch: Additional mitigation.
    - CVE-2022-44267
    - CVE-2022-44268

 -- Paulo Flabiano Smorigo <email address hidden> Wed, 15 Mar 2023 15:22:06 -0300

  imagemagick (8:6.9.10.23+dfsg-2.1ubuntu11.5) focal-security; urgency=medium

  * SECURITY UPDATE: Information Disclosure
    - debian/patches/CVE-2022-44268.patch: move -set profile handler to CLI
      (LP: #2004580)
    - CVE-2022-44268

 -- Paulo Flabiano Smorigo <email address hidden> Fri, 24 Feb 2023 11:47:55 -0300

  imagemagick (8:6.9.10.23+dfsg-2.1ubuntu11.4) focal-security; urgency=medium

  * SECURITY UPDATE: multiple security issues
    - debian/patches/CVE-*.patch: backport multiple upstream commits.
    - CVE-2020-19667, CVE-2020-25665, CVE-2020-25666, CVE-2020-25674,
      CVE-2020-25675, CVE-2020-25676, CVE-2020-27750, CVE-2020-27751,
      CVE-2020-27753, CVE-2020-27754, CVE-2020-27755, CVE-2020-27756,
      CVE-2020-27757, CVE-2020-27758, CVE-2020-27759, CVE-2020-27754,
      CVE-2020-27760, CVE-2020-27761, CVE-2020-27762, CVE-2020-27763,
      CVE-2020-27764, CVE-2020-27765, CVE-2020-27766, CVE-2020-27767,
      CVE-2020-27768, CVE-2020-27769, CVE-2020-27770, CVE-2020-27771,
      CVE-2020-27772, CVE-2020-27773, CVE-2020-27774, CVE-2020-27775,
      CVE-2020-27776, CVE-2021-20176

 -- Marc Deslauriers <email address hidden> Thu, 10 Jun 2021 07:52:45 -0400

  imagemagick (8:6.9.10.23+dfsg-2.1ubuntu11.2) focal-security; urgency=medium

  * SECURITY UPDATE: division by zero
    - debian/patches/CVE-2020-27560.patch: Change division to multiplication in
      OptimizeLayerFrames in magick/layer.c
    - CVE-2020-27560

 -- Avital Ostromich <email address hidden> Wed, 18 Nov 2020 08:52:45 -0500