On Tue, Nov 16, 2004 at 09:32:20AM -0500, John Cholewa wrote: > >===> giFT-0.11.6 depends on shared library: Magick.6 - not found > >===> Verifying install for Magick.6 in /usr/ports/graphics/ImageMagick > >===> ImageMagick-6.0.6.2 has known vulnerabilities: > >>> ImageMagick -- EXIF parser buffer overflow. > > Reference: > ><http://www.FreeBSD.org/ports/portaudit/eeb1c128-33e7-11d9-a9e7-0001020eed82.html> > >>> Please update your ports tree and try again. > >*** Error code 1 > > > >Stop in /usr/ports/graphics/ImageMagick. > >*** Error code 1 > > > >Stop in /usr/ports/net/gift. > > > Aargh. Over the past week or two, I've cvsupped several times, but I > keep getting this. > > I'm using 5.2.1, and I've tried this using both "portinstall", > "portinstall -P" and "make" (while in both "/usr/ports/net/gift" and > "/usr/ports/graphics/ImageMagick"). And I've "make clean"ed beforehand. > > Nothing relevant seems to be listed in /usr/ports/UPDATING. Any > suggestions?
The port maintainer, or someone in the FreeBSD community needs to submit an update to the port to update it to a non-vulnerable version. Kris
pgppISLPVx7C2.pgp
Description: PGP signature