Bug 238199

Summary: graphics/ImageMagick7: Update to 7.0.8-47 (Fixes many vulnerabilities)
Product: Ports & Packages Reporter: Tommy P <tommyhp2>
Component: Individual Port(s)Assignee: Koop Mast <kwm>
Status: Closed FIXED    
Severity: Affects Many People CC: ports-secteam
Priority: Normal Keywords: needs-patch, security
Version: LatestFlags: bugzilla: maintainer-feedback? (kwm)
koobs: merge-quarterly?
Hardware: amd64   
OS: Any   
URL: https://www.cvedetails.com/vulnerability-list/vendor_id-1749/Imagemagick.html

Description Tommy P 2019-05-29 01:03:51 UTC
Please update to 7.0.8-47.  There are about 13 vulnerabilities between 7.0.8-22 up to pre 7.0.8-47 per:

https://www.cvedetails.com/vulnerability-list/vendor_id-1749/Imagemagick.html

Thank you.
Comment 1 Koop Mast freebsd_committer 2019-05-30 09:07:34 UTC
Working on updating
Comment 2 commit-hook freebsd_committer 2019-05-30 10:58:56 UTC
A commit references this bug:

Author: kwm
Date: Thu May 30 10:58:17 UTC 2019
New revision: 503063
URL: https://svnweb.freebsd.org/changeset/ports/503063

Log:
  Document ImageMagick issues.

  PR:		238199
  Reported by:	Tommy P <tommyhp2@gmail.com>
  Security:	CVE-2019-7175, CVE-2019-7395, CVE-2019-7396, CVE-2019-7397,
  		CVE-2019-7398, CVE-2019-9956, CVE-2019-10131, CVE-2019-10649,
  		CVE-2019-10650, CVE-2019-10714, CVE-2019-11470, CVE-2019-11472,
  		CVE-2019-11597, CVE-2019-11598

Changes:
  head/security/vuxml/vuln.xml
Comment 3 commit-hook freebsd_committer 2019-05-30 11:01:00 UTC
A commit references this bug:

Author: kwm
Date: Thu May 30 11:00:26 UTC 2019
New revision: 503064
URL: https://svnweb.freebsd.org/changeset/ports/503064

Log:
  Update Imagemagick6 to 6.9.10.47.

  PR:		238199
  Reported by:	Tommy P <tommyhp2@gmail.com>
  MFH:		2019Q2
  Security:	183d700e-ec70-487e-a9c4-632324afa934

Changes:
  head/graphics/ImageMagick6/Makefile
  head/graphics/ImageMagick6/distinfo
  head/graphics/ImageMagick6/pkg-plist
Comment 4 commit-hook freebsd_committer 2019-05-30 11:02:03 UTC
A commit references this bug:

Author: kwm
Date: Thu May 30 11:01:12 UTC 2019
New revision: 503065
URL: https://svnweb.freebsd.org/changeset/ports/503065

Log:
  Update ImageMagick7 to 7.0.8.47.

  PR:		238199
  Reported by:	Tommy P <tommyhp2@gmail.com>
  MFH:		2019Q2
  Security:	183d700e-ec70-487e-a9c4-632324afa934

Changes:
  head/graphics/ImageMagick7/Makefile
  head/graphics/ImageMagick7/distinfo
  head/graphics/ImageMagick7/pkg-plist
Comment 5 commit-hook freebsd_committer 2019-05-30 14:19:37 UTC
A commit references this bug:

Author: kwm
Date: Thu May 30 14:19:26 UTC 2019
New revision: 503069
URL: https://svnweb.freebsd.org/changeset/ports/503069

Log:
  MFH: r503064

  Update Imagemagick6 to 6.9.10.47.

  PR:		238199
  Reported by:	Tommy P <tommyhp2@gmail.com>
  Security:	183d700e-ec70-487e-a9c4-632324afa934

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2019Q2/
  branches/2019Q2/graphics/ImageMagick6/Makefile
  branches/2019Q2/graphics/ImageMagick6/distinfo
  branches/2019Q2/graphics/ImageMagick6/pkg-plist
Comment 6 commit-hook freebsd_committer 2019-05-30 14:20:40 UTC
A commit references this bug:

Author: kwm
Date: Thu May 30 14:20:06 UTC 2019
New revision: 503070
URL: https://svnweb.freebsd.org/changeset/ports/503070

Log:
  MFH: r503065

  Update ImageMagick7 to 7.0.8.47.

  PR:		238199
  Reported by:	Tommy P <tommyhp2@gmail.com>
  Security:	183d700e-ec70-487e-a9c4-632324afa934

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2019Q2/
  branches/2019Q2/graphics/ImageMagick7/Makefile
  branches/2019Q2/graphics/ImageMagick7/distinfo
  branches/2019Q2/graphics/ImageMagick7/pkg-plist
Comment 7 Koop Mast freebsd_committer 2019-05-30 14:21:40 UTC
Fixed, thanks for the headup. It is really hard sometimes to know about CVE's in IM. I'm going to bookmark that link you posted, which is handy.