ports/166686: graphics/ImageMagick is vulnerable
Tsurutani Naoki
turutani at scphys.kyoto-u.ac.jp
Fri Apr 6 03:30:08 UTC 2012
>Number: 166686
>Category: ports
>Synopsis: graphics/ImageMagick is vulnerable
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Apr 06 03:30:07 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Tsurutani Naoki
>Release: FreeBSD 8.2-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD h120.65.226.10.32118.vlan.kuins.net 8.2-PRERELEASE FreeBSD 8.2-PRERELEASE #25: Mon Jan 24 10:37:18 JST 2011 turutani at h120.65.226.10.32118.vlan.kuins.net:/usr/local/work/usr/obj/usr/src/sys/POLYMER i386
>Description:
graphics/ImageMagick is vulnerable.
ref: http://www.cert.fi/en/reports/2012/vulnerability635606.html
>How-To-Repeat:
>Fix:
ImageMagick-6.7.6-4 is available.
here is a patch:
--- Makefile.orig 2012-03-16 06:36:03.000000000 +0900
+++ Makefile 2012-04-06 11:09:39.000000000 +0900
@@ -6,7 +6,7 @@
#
PORTNAME= ImageMagick
-DISTVERSION= 6.7.5-10
+DISTVERSION= 6.7.6-4
CATEGORIES= graphics perl5
MASTER_SITES= ftp://ftp.imagemagick.org/pub/ImageMagick/ \
http://image_magick.veidrodis.com/image_magick/ \
--- distinfo.orig 2012-03-16 06:36:03.000000000 +0900
+++ distinfo 2012-04-06 12:17:52.000000000 +0900
@@ -1,2 +1,2 @@
-SHA256 (ImageMagick-6.7.5-10.tar.xz) = 5016dcc7f6d386d8e5321f25bd09cef8519da851e809be6f0cb2321d7218790c
-SIZE (ImageMagick-6.7.5-10.tar.xz) = 7552956
+SHA256 (ImageMagick-6.7.6-4.tar.xz) = 612910aca97c345e21901cb3b2b45b485029f196d02c3c42fc3354fc824b811e
+SIZE (ImageMagick-6.7.6-4.tar.xz) = 7576636
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list