On 5/18/07 10:36 AM, [EMAIL PROTECTED] wrote:
See http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=496. ImageMagick 6.3.3-5 and above do not have this vulnerability and most vendors have issued updated ImageMagick releases with this vulnerability fixed for earlier releases of the package (pre 6.3.3).
I either compile ImageMagick from source or use the pre-built package for OS X that is available on the ImageMagick website. I don't have a vendor that issues updated packages for my OS. Do the ImageMagick developers have a mechanism for announcing security vulnerabilities to people who build the package from source? As best I can tell, in order to receive news about ImageMagick security problems, I have to subscribe to the security announcement list of a Linux distribution I don't even use. Am I missing something?
craig _______________________________________________ Magick-developers mailing list Magick-developers@imagemagick.org http://studio.imagemagick.org/mailman/listinfo/magick-developers
