Stop in /usr/ports/graphics/ImageMagick
Kris Kennaway
kris at obsecurity.org
Tue Nov 16 12:29:50 PST 2004
On Tue, Nov 16, 2004 at 09:32:20AM -0500, John Cholewa wrote:
> >===> giFT-0.11.6 depends on shared library: Magick.6 - not found
> >===> Verifying install for Magick.6 in /usr/ports/graphics/ImageMagick
> >===> ImageMagick-6.0.6.2 has known vulnerabilities:
> >>> ImageMagick -- EXIF parser buffer overflow.
> > Reference:
> ><http://www.FreeBSD.org/ports/portaudit/eeb1c128-33e7-11d9-a9e7-0001020eed82.html>
> >>> Please update your ports tree and try again.
> >*** Error code 1
> >
> >Stop in /usr/ports/graphics/ImageMagick.
> >*** Error code 1
> >
> >Stop in /usr/ports/net/gift.
>
>
> Aargh. Over the past week or two, I've cvsupped several times, but I
> keep getting this.
>
> I'm using 5.2.1, and I've tried this using both "portinstall",
> "portinstall -P" and "make" (while in both "/usr/ports/net/gift" and
> "/usr/ports/graphics/ImageMagick"). And I've "make clean"ed beforehand.
>
> Nothing relevant seems to be listed in /usr/ports/UPDATING. Any
> suggestions?
The port maintainer, or someone in the FreeBSD community needs to
submit an update to the port to update it to a non-vulnerable version.
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20041116/5bd2feaf/attachment.bin
More information about the freebsd-questions
mailing list