Opened 6 years ago
Closed 5 years ago
#57903 closed update (fixed)
ImageMagick @6.9.9-40_5: update to 6.9.10-40
| Reported by: | l2dy (Zero King) | Owned by: | ryandesign (Ryan Carsten Schmidt) |
|---|---|---|---|
| Priority: | Normal | Milestone: | |
| Component: | ports | Version: | |
| Keywords: | security | Cc: | FranklinYu (Franklin Yu), Dave-Allured (Dave Allured), fmw42 (Fred Weinhaus) |
| Port: | ImageMagick |
Description
- Fixed numerous use of uninitialized values, integer overflow, memory exceeded, and timeouts (credit to OSS Fuzz).
Change History (13)
comment:1 Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
| Status: | assigned → accepted |
|---|
comment:2 Changed 6 years ago by FranklinYu (Franklin Yu)
| Cc: | FranklinYu added |
|---|
comment:3 Changed 6 years ago by l2dy (Zero King)
| Summary: | ImageMagick @6.9.9-40_5: update to 6.9.10-23 → ImageMagick @6.9.9-40_5: update to 6.9.10-27 |
|---|
comment:4 Changed 6 years ago by l2dy (Zero King)
| Summary: | ImageMagick @6.9.9-40_5: update to 6.9.10-27 → ImageMagick @6.9.9-40_5: update to 6.9.10-30 |
|---|
comment:5 Changed 6 years ago by Dave-Allured (Dave Allured)
| Cc: | Dave-Allured added |
|---|
comment:6 Changed 6 years ago by ryandesign (Ryan Carsten Schmidt)
| Cc: | fmw42 added |
|---|
Has duplicate #58292.
comment:7 Changed 6 years ago by l2dy (Zero King)
| Summary: | ImageMagick @6.9.9-40_5: update to 6.9.10-30 → ImageMagick @6.9.9-40_5: update to 6.9.10-40 |
|---|
comment:8 Changed 6 years ago by fmw42 (Fred Weinhaus)
Is there a reason, the upgrade was backed down to 6.9.9.40 after attempting to upgrade to 6.9.10.40? Imagemagick is now at 6.9.10.44. Is the upgrade still in progress?
comment:9 Changed 5 years ago by ryandesign (Ryan Carsten Schmidt)
Nothing has been backed down. No update past 6.9.9-40 has been attempted by me.
comment:10 follow-up: 11 Changed 5 years ago by fmw42 (Fred Weinhaus)
MacPorts is becoming less useful for installing Imagemagick as time goes on, since your version seems to be stuck at 6.9.10.40. The current version is 6.9.10.69 and 7.0.9.0. A number of users of Imagemagick are complaining because the Imagemagick documentation says the preferred way to install is via MacPorts. If MacPorts stays stuck at 6.9.10.40, the Imagemagick team may need to change its recommendation to use other sources of Imagemagick that provide current versions of Imagemagick 6 and/or Imagemagick 7. Perhaps you would consider providing current versions of Imagemagick 7 if you are freezing Imagemagick 6 at 6.9.10.40. Thanks for your consideration.
comment:11 Changed 5 years ago by Dave-Allured (Dave Allured)
comment:12 Changed 5 years ago by ryandesign (Ryan Carsten Schmidt)
We have stayed at 6.9.9-40 because updating to anything newer involves identifying and revbumping anything that links with ImageMagick libraries, and I have not taken the time to do that. Anybody else is welcome to take the time to do that and submit a PR. In fact, someone has already done so: https://github.com/macports/macports-ports/pull/5016
comment:13 Changed 5 years ago by rubendibattista (Ruben Di Battista)
| Resolution: | → fixed |
|---|---|
| Status: | accepted → closed |
I've been meaning to update ImageMagick to the latest version of 6.x. But because the library versions change, it means I have to identify and revbump all the ports that link with those libraries, which is tedious and time-consuming.