Date: Tue, 16 Nov 2004 12:32:52 -0800 From: Kris Kennaway <kris@obsecurity.org> To: John Cholewa <freebsd-questions@jc-news.com> Cc: freebsd-questions@freebsd.org Subject: Re: Stop in /usr/ports/graphics/ImageMagick Message-ID: <20041116203252.GC17125@xor.obsecurity.org> In-Reply-To: <419A0F74.7090904@jc-news.com> References: <419A0F74.7090904@jc-news.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Tue, Nov 16, 2004 at 09:32:20AM -0500, John Cholewa wrote: > >===> giFT-0.11.6 depends on shared library: Magick.6 - not found > >===> Verifying install for Magick.6 in /usr/ports/graphics/ImageMagick > >===> ImageMagick-6.0.6.2 has known vulnerabilities: > >>> ImageMagick -- EXIF parser buffer overflow. > > Reference: > ><http://www.FreeBSD.org/ports/portaudit/eeb1c128-33e7-11d9-a9e7-0001020eed82.html>; > >>> Please update your ports tree and try again. > >*** Error code 1 > > > >Stop in /usr/ports/graphics/ImageMagick. > >*** Error code 1 > > > >Stop in /usr/ports/net/gift. > > > Aargh. Over the past week or two, I've cvsupped several times, but I > keep getting this. > > I'm using 5.2.1, and I've tried this using both "portinstall", > "portinstall -P" and "make" (while in both "/usr/ports/net/gift" and > "/usr/ports/graphics/ImageMagick"). And I've "make clean"ed beforehand. > > Nothing relevant seems to be listed in /usr/ports/UPDATING. Any > suggestions? The port maintainer, or someone in the FreeBSD community needs to submit an update to the port to update it to a non-vulnerable version. Kris [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBmmPzWry0BWjoQKURAsUmAJ9gXh1wo5kIkm9FuPALSQi/68BzmwCg35C3 JfmBZfcbUBgYCYxFvWbynt0= =wJYK -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041116203252.GC17125>