Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 16 Nov 2004 12:32:52 -0800
From:      Kris Kennaway <kris@obsecurity.org>
To:        John Cholewa <freebsd-questions@jc-news.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Stop in /usr/ports/graphics/ImageMagick
Message-ID:  <20041116203252.GC17125@xor.obsecurity.org>
In-Reply-To: <419A0F74.7090904@jc-news.com>
References:  <419A0F74.7090904@jc-news.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--Md/poaVZ8hnGTzuv
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 16, 2004 at 09:32:20AM -0500, John Cholewa wrote:
> >=3D=3D=3D>   giFT-0.11.6 depends on shared library: Magick.6 - not found
> >=3D=3D=3D>    Verifying install for Magick.6 in /usr/ports/graphics/Imag=
eMagick
> >=3D=3D=3D>  ImageMagick-6.0.6.2 has known vulnerabilities:
> >>> ImageMagick -- EXIF parser buffer overflow.
> >   Reference:=20
> ><http://www.FreeBSD.org/ports/portaudit/eeb1c128-33e7-11d9-a9e7-0001020e=
ed82.html>
> >>> Please update your ports tree and try again.
> >*** Error code 1
> >
> >Stop in /usr/ports/graphics/ImageMagick.
> >*** Error code 1
> >
> >Stop in /usr/ports/net/gift.
>=20
>=20
> Aargh.  Over the past week or two, I've cvsupped several times, but I=20
> keep getting this.
>=20
> I'm using 5.2.1, and I've tried this using both "portinstall",=20
> "portinstall -P" and "make" (while in both "/usr/ports/net/gift" and=20
> "/usr/ports/graphics/ImageMagick").  And I've "make clean"ed beforehand.
>=20
> Nothing relevant seems to be listed in /usr/ports/UPDATING.  Any=20
> suggestions?

The port maintainer, or someone in the FreeBSD community needs to
submit an update to the port to update it to a non-vulnerable version.

Kris

--Md/poaVZ8hnGTzuv
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)

iD8DBQFBmmPzWry0BWjoQKURAsUmAJ9gXh1wo5kIkm9FuPALSQi/68BzmwCg35C3
JfmBZfcbUBgYCYxFvWbynt0=
=wJYK
-----END PGP SIGNATURE-----

--Md/poaVZ8hnGTzuv--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041116203252.GC17125>