imagemagick: CVE-2016-5118

Debian Bug report logs - #825799
imagemagick: CVE-2016-5118

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: imagemagick: CVE-2016-5118

Date: Mon, 30 May 2016 07:29:32 +0200

Source: imagemagick
Version: 8:6.8.9.9-7
Severity: grave
Tags: security upstream patch

Hi,

the following vulnerability was published for imagemagick.

CVE-2016-5118[0]:
popen() shell vulnerability via filename

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-5118
[1] http://www.openwall.com/lists/oss-security/2016/05/29/7

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #12 received at 825799@bugs.debian.org (full text, mbox, reply):

From: Emilio Pozuelo Monfort <pochu@debian.org>

To: 825799@bugs.debian.org

Cc: Salvatore Bonaccorso <carnil@debian.org>

Subject: Re: imagemagick: CVE-2016-5118

Date: Wed, 1 Jun 2016 01:26:17 +0200

[Message part 1 (text/plain, inline)]

Hi,

On Mon, 30 May 2016 07:29:32 +0200 Salvatore Bonaccorso <carnil@debian.org> wrote:
> Source: imagemagick
> Version: 8:6.8.9.9-7
> Severity: grave
> Tags: security upstream patch
> 
> Hi,
> 
> the following vulnerability was published for imagemagick.
> 
> CVE-2016-5118[0]:
> popen() shell vulnerability via filename
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see:
> 
> [0] https://security-tracker.debian.org/tracker/CVE-2016-5118
> [1] http://www.openwall.com/lists/oss-security/2016/05/29/7
> 
> Please adjust the affected versions in the BTS as needed.

Upstream committed this patch:

http://git.imagemagick.org/repos/ImageMagick/commit/ca430ff77794980941ff0fa0d2fc463b50c2c6b7

I prepared an update for wheezy and tested it. Without the patch I could
reproduce the bug and with it I could not. All tests still pass. See wheezy.debdiff.

I also tested this on sid. See sid.debdiff.

I haven't had the time to look at jessie but the change should be similar.

@maintainers: Would you like to upload this fix yourself or want me to do it?
Just for wheezy/jessie or also for unstable?

Cheers,
Emilio

[sid.debdiff (text/plain, attachment)]

[wheezy.debdiff (text/plain, attachment)]

Message #17 received at 825799@bugs.debian.org (full text, mbox, reply):

From: Luciano Bello <luciano@debian.org>

To: Emilio Pozuelo Monfort <pochu@debian.org>

Cc: pkg-gmagick-im-team@lists.alioth.debian.org, 825799@bugs.debian.org, Salvatore Bonaccorso <carnil@debian.org>

Subject: Re: [Pkg-gmagick-im-team] Bug#825799: imagemagick: CVE-2016-5118

Date: Wed, 01 Jun 2016 12:58:24 +0200

On Wednesday 01 June 2016 01.26.17 Emilio Pozuelo Monfort wrote:
> I haven't had the time to look at jessie but the change should be similar.

I just released DSA 3591-1 to fix jessie.

> @maintainers: Would you like to upload this fix yourself or want me to do 
it?
> Just for wheezy/jessie or also for unstable?

Please, fill free to upload to wheezy and sid. Every hand is welcome :)

With respect to your suggested patches, I think the way to go with wheezy is 
with a minimal patch (check out my upload in jessie). I think in sid is okey 
to be more synchronized with upstream.

Thanks a lot for your help!

/luciano

Message #22 received at 825799@bugs.debian.org (full text, mbox, reply):

From: Emilio Pozuelo Monfort <pochu@debian.org>

To: Luciano Bello <luciano@debian.org>

Cc: pkg-gmagick-im-team@lists.alioth.debian.org, 825799@bugs.debian.org, Salvatore Bonaccorso <carnil@debian.org>

Subject: Re: [Pkg-gmagick-im-team] Bug#825799: imagemagick: CVE-2016-5118

Date: Wed, 1 Jun 2016 21:53:14 +0200

On 01/06/16 12:58, Luciano Bello wrote:
> On Wednesday 01 June 2016 01.26.17 Emilio Pozuelo Monfort wrote:
>> I haven't had the time to look at jessie but the change should be similar.
> 
> I just released DSA 3591-1 to fix jessie.
> 
>> @maintainers: Would you like to upload this fix yourself or want me to do 
> it?
>> Just for wheezy/jessie or also for unstable?
> 
> Please, fill free to upload to wheezy and sid. Every hand is welcome :)

:)

> With respect to your suggested patches, I think the way to go with wheezy is 
> with a minimal patch (check out my upload in jessie). I think in sid is okey 
> to be more synchronized with upstream.

OK. My first patch was kinda similar to yours, adding an "&& 0" after the #ifdef
check so it would always evaluate to 0. I have changed it and taken yours to be
aligned here.

I have uploaded it to wheezy and to unstable (with the upstream patch for sid).

Cheers,
Emilio

Message #27 received at 825799-close@bugs.debian.org (full text, mbox, reply):

From: Emilio Pozuelo Monfort <pochu@debian.org>

To: 825799-close@bugs.debian.org

Subject: Bug#825799: fixed in imagemagick 8:6.8.9.9-7.1

Date: Wed, 01 Jun 2016 22:20:00 +0000

Source: imagemagick
Source-Version: 8:6.8.9.9-7.1

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 825799@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Emilio Pozuelo Monfort <pochu@debian.org> (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 01 Jun 2016 21:48:10 +0200
Source: imagemagick
Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5v5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev
Architecture: source
Version: 8:6.8.9.9-7.1
Distribution: unstable
Urgency: medium
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Emilio Pozuelo Monfort <pochu@debian.org>
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-common - image manipulation programs -- infrastructure
 imagemagick-dbg - debugging symbols for ImageMagick
 imagemagick-doc - document files of ImageMagick
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files
 libmagick++-6.q16-5v5 - object-oriented C++ interface to ImageMagick
 libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files
 libmagick++-dev - object-oriented C++ interface to ImageMagick
 libmagickcore-6-arch-config - low-level image manipulation library - architecture header files
 libmagickcore-6-headers - low-level image manipulation library - header files
 libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16
 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16)
 libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16)
 libmagickcore-dev - low-level image manipulation library -- transition package
 libmagickwand-6-headers - image manipulation library - headers files
 libmagickwand-6.q16-2 - image manipulation library
 libmagickwand-6.q16-dev - image manipulation library - development files
 libmagickwand-dev - image manipulation library - transition for development files
 perlmagick - Perl interface to ImageMagick -- transition package
Closes: 825799
Changes:
 imagemagick (8:6.8.9.9-7.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * 0082-Fix-CVE-2016-5118-disable-filename-pipes.patch:
     + Fix CVE-2016-5118: disable pipes in filenames to avoid arbitrary
       command execution. Closes: #825799.
Checksums-Sha1:
 4f21679830a6714a1eba69f6682087f91cbd68e1 4212 imagemagick_6.8.9.9-7.1.dsc
 84abbeab6d142267fe6eedfbbfaec11d43075c48 7891624 imagemagick_6.8.9.9.orig.tar.xz
 63ccac517ba02526288f12274b07bdd442c5762b 204100 imagemagick_6.8.9.9-7.1.debian.tar.xz
Checksums-Sha256:
 9b7cdbeead74acbe7698e30a8d578712d2e0edf9bfe6d7cc6d4f48948b0777a1 4212 imagemagick_6.8.9.9-7.1.dsc
 a4cccc70179ff2c67550e063cdcb2e62907338ef3e68b45bb1c41931e515b3eb 7891624 imagemagick_6.8.9.9.orig.tar.xz
 d14ced3a93819e2af86e608e9103a5ad49a3abee276da529f83ff84683d29ae3 204100 imagemagick_6.8.9.9-7.1.debian.tar.xz
Files:
 bf4a370e42a9bbaf1de9671733bc5be6 4212 graphics optional imagemagick_6.8.9.9-7.1.dsc
 9ac3d9153ef78482d750cb03e3456e28 7891624 graphics optional imagemagick_6.8.9.9.orig.tar.xz
 fa5de1997cf83fad0ce9cd565e85d583 204100 graphics optional imagemagick_6.8.9.9-7.1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXTzzbAAoJEJ1GxIjkNoMCRekQAL4GXGhSFdKf/2MMKE9XP9Vy
MS7qqDmq1YffQJGg7bdmEKmlhafEtWyOUMNpjNgwxfQfuqUsdT0FPfyURi6q8Xca
aqEGKORWH0HK2oRuaJ1wqj8pgQXyimPkDbrtQUjL5s0nUL48ktjNqhHzsp+mDx5t
bittKKAqjuMwN882T1AuH6JdGTf0VzTyJ7QO4kn/GChLVrgGcByjgsrcks0nQd6c
VAUc98s1YlmgdWr81t5w4m4hbCbQXJjAN12LUpUET06Mf+ATjywQB0REdmqqPvgR
9w0+w7cxCuqwGeeS8NpsMjRMGZqDrHPd89FpIcU7Oo2G5+/bSR6Ogq5aYJw0k2X2
HnilinPaRwIl+15eQ18wmAqYJ2rzkbE7B4QQv9wJIP6PubYtPccIK06NMvmXHM7N
USs0GEnz16UrSnL0iSm2ojFIbrH2DuR6zg5oW+8Tp82lyy4oAlc96BuVwyNMQIM4
PSFERUteHssmslO9+eL5+XNXDk24R8WACsSiEAb5J8qAdxg3QyaQMgIgJnUuNIgm
sdVS+/NrdIVI9cjGt6PEkURhzQe5bNvreoPN5gt8BAkwizFYCm1R0xD5RprSqqqk
MZAJulAe34JRkwUP26D1N2HskQZlwvuHd5lu0A185g5+n6zRfWe/eJ7zCaYKeYIE
fGW6Wq/nCI0MbULHtq32
=4p0g
-----END PGP SIGNATURE-----

Message #32 received at 825799-close@bugs.debian.org (full text, mbox, reply):

From: Luciano Bello <luciano@debian.org>

To: 825799-close@bugs.debian.org

Subject: Bug#825799: fixed in imagemagick 8:6.8.9.9-5+deb8u3

Date: Mon, 06 Jun 2016 17:17:11 +0000

Source: imagemagick
Source-Version: 8:6.8.9.9-5+deb8u3

We believe that the bug you reported is fixed in the latest version of
imagemagick, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 825799@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Luciano Bello <luciano@debian.org> (supplier of updated imagemagick package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 31 May 2016 19:49:36 +0200
Source: imagemagick
Binary: imagemagick-common imagemagick-doc libmagickcore-6-headers libmagickwand-6-headers libmagick++-6-headers imagemagick libimage-magick-perl libmagickcore-6-arch-config imagemagick-6.q16 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickcore-6.q16-dev libmagickwand-6.q16-2 libmagickwand-6.q16-dev libmagick++-6.q16-5 libmagick++-6.q16-dev imagemagick-dbg libimage-magick-q16-perl perlmagick libmagickcore-dev libmagickwand-dev libmagick++-dev
Architecture: source all amd64
Version: 8:6.8.9.9-5+deb8u3
Distribution: jessie-security
Urgency: medium
Maintainer: ImageMagick Packaging Team <pkg-gmagick-im-team@lists.alioth.debian.org>
Changed-By: Luciano Bello <luciano@debian.org>
Description:
 imagemagick - image manipulation programs -- binaries
 imagemagick-6.q16 - image manipulation programs -- quantum depth Q16
 imagemagick-common - image manipulation programs -- infrastructure
 imagemagick-dbg - debugging symbols for ImageMagick
 imagemagick-doc - document files of ImageMagick
 libimage-magick-perl - Perl interface to the ImageMagick graphics routines
 libimage-magick-q16-perl - Perl interface to the ImageMagick graphics routines -- Q16 versio
 libmagick++-6-headers - object-oriented C++ interface to ImageMagick - header files
 libmagick++-6.q16-5 - object-oriented C++ interface to ImageMagick
 libmagick++-6.q16-dev - object-oriented C++ interface to ImageMagick - development files
 libmagick++-dev - object-oriented C++ interface to ImageMagick
 libmagickcore-6-arch-config - low-level image manipulation library - architecture header files
 libmagickcore-6-headers - low-level image manipulation library - header files
 libmagickcore-6.q16-2 - low-level image manipulation library -- quantum depth Q16
 libmagickcore-6.q16-2-extra - low-level image manipulation library - extra codecs (Q16)
 libmagickcore-6.q16-dev - low-level image manipulation library - development files (Q16)
 libmagickcore-dev - low-level image manipulation library -- transition package
 libmagickwand-6-headers - image manipulation library - headers files
 libmagickwand-6.q16-2 - image manipulation library
 libmagickwand-6.q16-dev - image manipulation library - development files
 libmagickwand-dev - image manipulation library - transition for development files
 perlmagick - Perl interface to ImageMagick -- transition package
Closes: 825799
Changes:
 imagemagick (8:6.8.9.9-5+deb8u3) jessie-security; urgency=medium
 .
   * Disable support for reading input from a shell command, or writing
     output to a shell command. This was done by the pipe (|) prefix. It
     was possible to perform a command injection as discrived by
     CVE-2016-5118 since it use popen. Closes: 825799
Checksums-Sha1:
 a8c5b2dbfb398e0e60fe379d3f8cb5c59f28eac8 4228 imagemagick_6.8.9.9-5+deb8u3.dsc
 b146cc0cba8c55a92fe952b3cad094be25b63f91 218720 imagemagick_6.8.9.9-5+deb8u3.debian.tar.xz
 03b754678effbf778cbb901fd94df11ab55b9be4 149610 imagemagick-common_6.8.9.9-5+deb8u3_all.deb
 eb9fbd424f72d5d477b0eeb3c83f6bb27d02717a 7665902 imagemagick-doc_6.8.9.9-5+deb8u3_all.deb
 5e580d3e0a0c1f414e5cbfe3a70ea63a17b682c2 168342 libmagickcore-6-headers_6.8.9.9-5+deb8u3_all.deb
 63240173d01305440bf9d15932a63ea8bd526248 131248 libmagickwand-6-headers_6.8.9.9-5+deb8u3_all.deb
 8b5442be4cfbc26213d807128277d53cc88457e6 166946 libmagick++-6-headers_6.8.9.9-5+deb8u3_all.deb
 93d61a97b35ce418b203b71e98450890365c5ff6 156032 imagemagick_6.8.9.9-5+deb8u3_amd64.deb
 ed77339b95f01170d9febade4a6ed64c03b4ef38 174548 libimage-magick-perl_6.8.9.9-5+deb8u3_all.deb
 2b795007e74de36e7b6df7117629c12d72cd27ca 130086 libmagickcore-6-arch-config_6.8.9.9-5+deb8u3_amd64.deb
 2f950d526066aa9d6706b6289b4f25d386118087 508746 imagemagick-6.q16_6.8.9.9-5+deb8u3_amd64.deb
 e30994984c64b5ace1e362c54a41c7776984ac6e 1686244 libmagickcore-6.q16-2_6.8.9.9-5+deb8u3_amd64.deb
 19c075b01fd62f65c516df7e4152306155550cd0 170614 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u3_amd64.deb
 52f8cae08e23296fde383e67435e918786e3e27c 1027292 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u3_amd64.deb
 8efb5dea75013a3cf6a32786736990e5337f54e3 403892 libmagickwand-6.q16-2_6.8.9.9-5+deb8u3_amd64.deb
 5ad8593027f6c8f276f73ae06cff23efbf12454f 392366 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u3_amd64.deb
 ab8c6305dc8c827bfd1d6114792c7c22f42079c0 254668 libmagick++-6.q16-5_6.8.9.9-5+deb8u3_amd64.deb
 21784e7293361ac6f0b2a5b883fa83d04ece2958 221914 libmagick++-6.q16-dev_6.8.9.9-5+deb8u3_amd64.deb
 5fab6694cfa5da9858f20b42cc85c9142ca166c2 5003970 imagemagick-dbg_6.8.9.9-5+deb8u3_amd64.deb
 8ebc3fcd3f59f848eda423336fa5e5de9795fe0b 220738 libimage-magick-q16-perl_6.8.9.9-5+deb8u3_amd64.deb
 6b2f1190ab22a371a524b277801cc64fc0072201 122366 perlmagick_6.8.9.9-5+deb8u3_all.deb
 2a80ae479c5001f1f8b375853312ee8e747d9be3 122350 libmagickcore-dev_6.8.9.9-5+deb8u3_all.deb
 8ca0424785019c987dac224a0dc05ac4a4e290c3 122334 libmagickwand-dev_6.8.9.9-5+deb8u3_all.deb
 89a92fe5c6eb21e4f07976a29ffc78e130eeb29a 122358 libmagick++-dev_6.8.9.9-5+deb8u3_all.deb
Checksums-Sha256:
 3b32e41daa3c38436f90fc83b16340f12d54f41d95dfc71b2590eb5d0a9d5ded 4228 imagemagick_6.8.9.9-5+deb8u3.dsc
 50fca5b7eee0fa84143defdb177a6b653f119c309be0630b3f40ca5c6ba64450 218720 imagemagick_6.8.9.9-5+deb8u3.debian.tar.xz
 9c2e1fb3dece95972eada16c0f2a2c41c10bfbf8acd0bac9e6a543b814dbedfb 149610 imagemagick-common_6.8.9.9-5+deb8u3_all.deb
 c1e43dd0d2d61b72447e220fb966f7ec0ff3add79e179ac9373113d961e92d70 7665902 imagemagick-doc_6.8.9.9-5+deb8u3_all.deb
 801745c96b3a1e973a4065c5639b08dc5c9d0d30e5afbc43bef09c85ad98e13e 168342 libmagickcore-6-headers_6.8.9.9-5+deb8u3_all.deb
 fa024d9a146a700533836aac4088285916585841b1dcde37eccef07829a50bcc 131248 libmagickwand-6-headers_6.8.9.9-5+deb8u3_all.deb
 8f8d57d5dacf195c1954fb6824a26eda64cd496341652481b6809430156a1940 166946 libmagick++-6-headers_6.8.9.9-5+deb8u3_all.deb
 c1529b6888445fe6cabfe631fc242e018a28bf979e8e0466265eedb22d275299 156032 imagemagick_6.8.9.9-5+deb8u3_amd64.deb
 b2f432176acf34dcb949d807c3a397dc257bae16cc9a846145a42af2e8a96106 174548 libimage-magick-perl_6.8.9.9-5+deb8u3_all.deb
 d6c53e9a5dd347de6261764d4afd77642606ddd5f931672627e412e4f723e718 130086 libmagickcore-6-arch-config_6.8.9.9-5+deb8u3_amd64.deb
 b1037d3971a195e7d11054a38eb16b7e9ad2486e83749ce2c8fbc24414455370 508746 imagemagick-6.q16_6.8.9.9-5+deb8u3_amd64.deb
 f47dd0c7e98df9bbd21336ef67d24e2b36b9ab8601f200b0854ff94794bbcc67 1686244 libmagickcore-6.q16-2_6.8.9.9-5+deb8u3_amd64.deb
 82c83ed81b3347fa67f864339e3d7be7b0741fb882b41e4a3fab94816cfbb593 170614 libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u3_amd64.deb
 39fca3730db756c85f36f5446675671a6f30e5de792c57d6c190f2d29fda7961 1027292 libmagickcore-6.q16-dev_6.8.9.9-5+deb8u3_amd64.deb
 abed70032700afb0840cba755158220866edfeac13b24cd918714f65c8cac14b 403892 libmagickwand-6.q16-2_6.8.9.9-5+deb8u3_amd64.deb
 7bf3585893ffe96366d10f8da375cdc938fbf0aa9ebc5845930e7dcdb683f478 392366 libmagickwand-6.q16-dev_6.8.9.9-5+deb8u3_amd64.deb
 7f6fccf1f2e9d4cd53467b82a2878f8f55c2f5f0fece8cdf0b29ea4746c6ff5e 254668 libmagick++-6.q16-5_6.8.9.9-5+deb8u3_amd64.deb
 d54088a69af784b3ea7aafb086f12845035971917ccbdbe7712df0758a5608f1 221914 libmagick++-6.q16-dev_6.8.9.9-5+deb8u3_amd64.deb
 07c5d120cb98bf55c72574a2660d2dbae79fd0bff1eae0e56a4663437b1f6f0c 5003970 imagemagick-dbg_6.8.9.9-5+deb8u3_amd64.deb
 ff341202c22da42d67d7b6eb40c5ac5da70da881fbb035d8a0874f2bb089623d 220738 libimage-magick-q16-perl_6.8.9.9-5+deb8u3_amd64.deb
 f772454dbd01b3e95f20f3ef347124b116d73b51cb3d33c69f7934e65ede55a4 122366 perlmagick_6.8.9.9-5+deb8u3_all.deb
 afb161749a7d7159fb8534d8797554829d4e41f47150a294e36659cce00b2ca4 122350 libmagickcore-dev_6.8.9.9-5+deb8u3_all.deb
 379ba97ad1453bc19a5527f9a1b053cddf880be6377cb24a78068c391c167078 122334 libmagickwand-dev_6.8.9.9-5+deb8u3_all.deb
 3e8b98857096ea3531270e2db2ecd9a19f99d21ef61d07f49300a6b0c8c83ab0 122358 libmagick++-dev_6.8.9.9-5+deb8u3_all.deb
Files:
 c7802341ef88f6cab0c586a22b3040ad 4228 graphics optional imagemagick_6.8.9.9-5+deb8u3.dsc
 519eeeb25fb195f94a0ea27ca14453c8 218720 graphics optional imagemagick_6.8.9.9-5+deb8u3.debian.tar.xz
 0c1b72ae319c2ddcc14e6aa82bd0fcbf 149610 graphics optional imagemagick-common_6.8.9.9-5+deb8u3_all.deb
 ff6d64b4b6907dde6640d5376d7ea891 7665902 doc optional imagemagick-doc_6.8.9.9-5+deb8u3_all.deb
 25022c2feddfae6e7ec47d405a45ee24 168342 libdevel optional libmagickcore-6-headers_6.8.9.9-5+deb8u3_all.deb
 c5ecdc8da31669e64be6a158a043fc3b 131248 libdevel optional libmagickwand-6-headers_6.8.9.9-5+deb8u3_all.deb
 698b9c2cd9fb9890f5b171364926ac2d 166946 libdevel optional libmagick++-6-headers_6.8.9.9-5+deb8u3_all.deb
 04ff0f5ceb360a0e578ac444559bc0fb 156032 graphics optional imagemagick_6.8.9.9-5+deb8u3_amd64.deb
 9d2cf2662553c2cd8453c2d75b210b88 174548 perl optional libimage-magick-perl_6.8.9.9-5+deb8u3_all.deb
 810afbe33a37aa0925aeeb962b0a03ac 130086 libdevel optional libmagickcore-6-arch-config_6.8.9.9-5+deb8u3_amd64.deb
 802d2a85edf4ade848cd0f5acb49c5cc 508746 graphics optional imagemagick-6.q16_6.8.9.9-5+deb8u3_amd64.deb
 78bd47fe2983229b719d6287dbab5587 1686244 libs optional libmagickcore-6.q16-2_6.8.9.9-5+deb8u3_amd64.deb
 7a3c304a7c093bc84baeb3e8c9d85099 170614 libs optional libmagickcore-6.q16-2-extra_6.8.9.9-5+deb8u3_amd64.deb
 45d78bdb0e44cbd2d02777cf05ca5cec 1027292 libdevel optional libmagickcore-6.q16-dev_6.8.9.9-5+deb8u3_amd64.deb
 ad2292e1c45d8803aa4cdc36bbf6f0e9 403892 libs optional libmagickwand-6.q16-2_6.8.9.9-5+deb8u3_amd64.deb
 85b0f5d9be97c8d7f861e82e6ff364b4 392366 libdevel optional libmagickwand-6.q16-dev_6.8.9.9-5+deb8u3_amd64.deb
 692fc16d7d8efb0bc4fe46c031dc33a8 254668 libs optional libmagick++-6.q16-5_6.8.9.9-5+deb8u3_amd64.deb
 3ad5a42052cea7b484b68479ba11f101 221914 libdevel optional libmagick++-6.q16-dev_6.8.9.9-5+deb8u3_amd64.deb
 df4423a0e16641951b9dc679b5b84cea 5003970 debug extra imagemagick-dbg_6.8.9.9-5+deb8u3_amd64.deb
 643c31e3c8a49a09706348a158c95770 220738 perl optional libimage-magick-q16-perl_6.8.9.9-5+deb8u3_amd64.deb
 bd7c5b40479befec8884989fd10be28f 122366 oldlibs extra perlmagick_6.8.9.9-5+deb8u3_all.deb
 df14e0501d3fa25320cf981758a70aca 122350 oldlibs extra libmagickcore-dev_6.8.9.9-5+deb8u3_all.deb
 aab25984e26289b95ef2d07538c2242e 122334 oldlibs extra libmagickwand-dev_6.8.9.9-5+deb8u3_all.deb
 9e141dc707ec694c5e886d7a1b77860a 122358 oldlibs extra libmagick++-dev_6.8.9.9-5+deb8u3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXTq7WAAoJEG7C3vaP/jd0As8P/2i/6no4P5Yk0ryA4kWZ9ADO
xVUnMrWCgtrTrwIsQBmVYDZFzvkWsH9Zz6lr9hwmrdFQsFS9twLwVM11dGlIKcRq
JIlarVGD4xa/hIvB8drVsSe6542PWfhFI1PHwGDz4FvJRt2NJiZVsxP4OQPy5F4S
Arehv7QSrRWYVf2sVbhs32hqYuT8r4GkGrd+BECtRiopDABX4fxsLFX4GYrlaTkg
dgTEcLb16jxy3F452XYx16Y5aw7ve8rW18NpPgN4JgQ32iBHXP/Rjt2XsfwVThVh
jR8TfaAjsawHqoOUWrbXExD/tirpJF5XfKeeXtmDUXpbzAMbYF5F7UBjfUAZvpuY
liQWVl3bE4mxaDopF/NL6WOAuA9s0M7XpNb0YMLBnQv5+kXzCHI7GA2V5ULIxPTh
TaAZkLc4p5lpFE2MnKoQoEHdi9kZ/miKrMwL1MYVhpVaQfJHltvYOnFoA/KPAxiV
rjaerFSyuruZKUadBGybMh4oeiMsJWKU/JWYQi4ttTX2oN23BO/jkpPB4/E1OB0Q
l3u+tUoY4pCt/AjJoV++dbXYOwlog1ge4z1gYdKgseReW7vaepA0gunBxqbkejlJ
M9zg6k3TcndHGDlOM7whZnDMOcZjXXDkb57Qxdf77e24wr0EuceGzL9AAA7G6SfS
4SgbZi3qryr7kDheLrsD
=0U6l
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.