ImageMagick @6.9.3-4: Security update to 6.9.3-9

[Schamschula (Marius Schamschula)]

ImageMagick has a serious security issue (CVE-2016-3714). Update to 6.9.3-9 attached.

BTW: ImageMagick 6.9.3-9 is now the legacy version. ImageMagick 7.0.1 is current.

[ryandesign (Ryan Carsten Schmidt)]

Thanks.

[ryandesign (Ryan Carsten Schmidt)]

r148329

[mopihopi]

According to the announcement ​https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588 the security issue was fixed in ImageMagick 7.0.1-1 and 6.9.3-10. However this patch upgrades to 6.9.3-9. Should this be upgraded to 6.9.3-10? Also what is needed to update to the current version 7.0.1-1?

[ryandesign (Ryan Carsten Schmidt)]

6.9.3-10 did not exist when I resolved this ticket. Marius asked me to update the port to 6.9.3-9. I verified it built and installed successfully on my system. I verified that no newer version of 6.9.3 existed. I committed the update. Now 6.9.3-10 has been released with new fixes, and I'm happy to update the port to that version as well, but in the future, please file a new ticket when there is a new issue.

I have not yet looked into what is involved with updating to ImageMagick 7. I'm happy to look into that, when I have a little more time, if you file a new ticket for that.

[ryandesign (Ryan Carsten Schmidt)]

r148348

[mopihopi]

Thanks! I have filed a new ticket for updating to 7.0.1-1 (#51310).