255818 – graphics/ImageMagick6: Upgrade to 6.9.12-12

Bug 255818 - graphics/ImageMagick6: Upgrade to 6.9.12-12

Summary: graphics/ImageMagick6: Upgrade to 6.9.12-12

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Many People
Assignee:	Thierry Thomas

URL:	https://legacy.imagemagick.org/script...
Keywords:	security

Depends on:
Blocks:

Reported:	2021-05-12 16:46 UTC by Thierry Thomas
Modified:	2021-07-20 02:39 UTC (History)
CC List:	3 users (show)

See Also:	257292

Flags:	bugzilla: maintainer-feedback? (kwm) koobs: merge-quarterly-

Attachments
Upgrade ImageMagick6 to 6.9.12-12 (62.01 KB, patch) 2021-05-12 16:46 UTC, Thierry Thomas	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thierry Thomas freebsd_committer

2021-05-12 16:46:25 UTC

Created attachment 224877 [details]
Upgrade ImageMagick6 to 6.9.12-12

Changelog at <https://legacy.imagemagick.org/script/changelog.php>.

Also change WWW: to the legacy version.

Note: this might fix some vulnerabilities, e.g. CVE-2021-20244, CVE-2021-20243, CVE-2021-20176 or CVE-2020-27829, but this is not clear for me.

Comment 1 commit-hook freebsd_committer

2021-05-13 14:44:08 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=e34fc76d33306c0a9b886728887f4b43692825dc

commit e34fc76d33306c0a9b886728887f4b43692825dc
Author:     Thierry Thomas <thierry@FreeBSD.org>
AuthorDate: 2021-05-13 14:41:30 +0000
Commit:     Thierry Thomas <thierry@FreeBSD.org>
CommitDate: 2021-05-13 14:43:16 +0000

    security/vuxml: declare vulnerabilities for ImageMagick6

    PR:             255818

 security/vuxml/vuln.xml | 41 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 40 insertions(+), 1 deletion(-)

Comment 2 Thierry Thomas freebsd_committer

2021-05-27 20:56:49 UTC

Just committed.

Comment 3 commit-hook freebsd_committer

2021-05-27 20:57:06 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=0605ef1bd0c27f1d637a79ce2cbb4255ce7e784b

commit 0605ef1bd0c27f1d637a79ce2cbb4255ce7e784b
Author:     Thierry Thomas <thierry@FreeBSD.org>
AuthorDate: 2021-05-12 13:50:44 +0000
Commit:     Thierry Thomas <thierry@FreeBSD.org>
CommitDate: 2021-05-27 20:56:13 +0000

    graphics/ImageMagick6: upgrade to 6.9.12-12

    Changelog at <https://legacy.imagemagick.org/script/changelog.php>.

    Also change WWW: to the legacy version.

    Note: this might fix some vulnerabilities, e.g. CVE-2021-20244,
    CVE-2021-20243, CVE-2021-20176 or CVE-2020-27829, but this is not clear
    for me.

    PR:             255818
    Approved by:    maintainerâs time-out

 graphics/ImageMagick6/Makefile  |   6 +-
 graphics/ImageMagick6/distinfo  |   6 +-
 graphics/ImageMagick6/pkg-descr |   2 +-
 graphics/ImageMagick6/pkg-plist | 788 +++-------------------------------------
 4 files changed, 49 insertions(+), 753 deletions(-)

Comment 4 Kubilay Kocak freebsd_committer

2021-07-20 02:37:45 UTC

^Triage: Assign to committer that resolved and track non-merge (at the time)