Patchwork imagemagick: security bump to version 6.7.8-8

login
register
mail settings
Submitter Gustavo Zacarias
Date Aug. 6, 2012, 7:15 p.m.
Message ID <1344280518-5293-1-git-send-email-gustavo@zacarias.com.ar>
Download mbox | patch
Permalink /patch/175437/
State Accepted
Headers show

Comments

Gustavo Zacarias - Aug. 6, 2012, 7:15 p.m.
Fixes CVE-2012-3437, CVE-2012-3437 and CVE-2012-3438.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
 package/imagemagick/imagemagick.mk |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)
Thomas Petazzoni - Aug. 15, 2012, 10:04 a.m.
Le Mon,  6 Aug 2012 16:15:18 -0300,
Gustavo Zacarias <gustavo@zacarias.com.ar> a écrit :

> Fixes CVE-2012-3437, CVE-2012-3437 and CVE-2012-3438.
> 
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

Since it fixes security problems, I've applied this patch to master.

Thanks!

Thomas

Patch

diff --git a/package/imagemagick/imagemagick.mk b/package/imagemagick/imagemagick.mk
index ede129a..6d34ad3 100644
--- a/package/imagemagick/imagemagick.mk
+++ b/package/imagemagick/imagemagick.mk
@@ -4,8 +4,8 @@ 
 #
 #############################################################
 
-IMAGEMAGICK_MAJOR = 6.7.6
-IMAGEMAGICK_VERSION = $(IMAGEMAGICK_MAJOR)-9
+IMAGEMAGICK_MAJOR = 6.7.8
+IMAGEMAGICK_VERSION = $(IMAGEMAGICK_MAJOR)-8
 IMAGEMAGICK_SOURCE = ImageMagick-$(IMAGEMAGICK_VERSION).tar.bz2
 # The official ImageMagick site only keeps the latest versions
 # available, which is annoying. Use an alternate site that keeps all