Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
imagemagick 6.3.5 has been released on July 5th, with a -2 patch version on the 17th. The reason I am mentioning it is that I got a huge memory leak when using imagemagick 6.3.4 through rmagick 1.15.7-r1. Both imagemagick 6.3.3 and 6.3.5 don't have this problem. Since things work again with imagemagick 6.3.5 I'm not going to hunt for the actual cause, but let me know if you need more information.
Also, seems that this bump could fix: http://bugs.gentoo.org/show_bug.cgi?id=191001 As said in: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=9602&p=0&e=0&sid=179acdbb16feb516eedb6f0477471371 Thanks a lot
Created an attachment (id=131031) [details] Ebuild for imagemagick 6.3.5-9 An updated ebuild for imagemagick-6.3.5-9.
(In reply to comment #2) > Created an attachment (id=131031) [edit] [details] > Ebuild for imagemagick 6.3.5-9 > > An updated ebuild for imagemagick-6.3.5-9. > Couple months gone by since the original report so you could as well go ahead and do the bump yourself.
Just saw the advisories about CVE-2007-4985 [1], CVE-2007-4986 [2], CVE-2007-4987 [3] and CVE-2007-4988 [4] from iDefense, so transforming this one to a security bug. [1] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596 [2] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=594 [3] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=595 [4] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=597
Setting whiteboard to A2 because the application itself is not actively remotely exploitable. A combination with networked applications makes this bug more serious though. graphics, please provide an updated ebuild.
I've added the ebuild for imagemagick 6.3.5-9 to CVS just now, as discussed on IRC with the graphics herd.
Thanks. Arches, please stabilize media-gfx/imagemagick-6.3.5.9, target keywords are: "alpha amd64 hppa ia64 mips ppc ppc64 sparc x86 ~x86-fbsd".
x86 stable
Sparc stable.
Stable for HPPA.
media-gfx/imagemagick-6.3.5.9 USE="X jpeg mpeg perl png tiff truetype xml zlib -bzip2 -doc -fpx -graphviz -gs -hdri -jbig -jpeg2k -lcms -nocxx -openexr -q32 -q8 -wmf" 1. Emerges on AMD64. 2. No collisions etc. 3. Works - have tried to convert images with convert tool. Portage 2.1.2.12 (default-linux/amd64/2007.0/desktop, gcc-4.1.2, glibc-2.5-r4, 2.6.22-gentoo-r2 x86_64) ================================================================= System uname: 2.6.22-gentoo-r2 x86_64 Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz Gentoo Base System release 1.12.9 Timestamp of tree: Wed, 19 Sep 2007 21:50:01 +0000 distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] ccache version 2.4 [enabled] app-shells/bash: 3.2_p17 dev-java/java-config: 1.3.7, 2.0.33-r1 dev-lang/python: 2.4.4-r4 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 1.12.9-r2 sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.24 virtual/os-headers: 2.6.21 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=nocona -Os -msse3 -pipe -fomit-frame-pointer" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo" CXXFLAGS="-march=nocona -Os -msse3 -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="ccache collision-protect distcc distlocks metadata-transfer multilib-strict parallel-fetch sandbox sfperms strict test" GENTOO_MIRRORS="http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ http://trumpetti.atm.tut.fi/gentoo/ http://ftp.snt.utwente.nl/pub/os/linux/gentoo http://ds.thn.htu.se/linux/gentoo" LC_ALL="en_DK.utf8" MAKEOPTS="-j6" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/php-testing /usr/local/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="X a52 aac acl acpi aiglx alsa amd64 apache2 arts atk berkdb bitmap-fonts cairo cdr cli cracklib crypt cups dbus dga directfb dri dts dvd dvdr dvdread eds emboss encode evo fam fbcn ffmpeg firefox fortran ftp gd gdbm gif gphoto2 gpm gstreamer gtk hal iconv icq ieee1394 ipv6 isdnlog java jpeg kde kerberos lm_sensors mad midi mikmod mjpeg mmx mozilla mp2 mp3 mpeg mplayer msn mudflap ncurses nls nptl nptlonly ogg oggvorbis opengl openmp pam pcre pda pdf perl png ppds pppd python qt qt3 qt3support qt4 quicktime readline reflection samba sdl session spell spl sse sse2 sse3 ssl svg tcpd test threads tiff truetype truetype-fonts type1-fonts unicode vorbis x264 xcomposite xml xorg xscreensaver xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="radeon" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
ppc64 stable
22 Sep 2007; Luca Barbato <lu_zero@gentoo.org> imagemagick-6.3.5.9.ebuild: Marked ppc
alpha/ia64 stable
removing ppc64 as ranger marked stable (comment #12)
amd64 done
Last supported arch, ready for GLSA.
glsa request filed.
The thing is broken, see Bug 193737. We need this bumped to 6.3.5.10
Seems like a regression so yes we need fixed ebuild.
imagemagick 6.3.5.10 is now in CVS and I got confirmation that it fixes the issues in bug 193737
Re-cc'ing arches. There was a regression in media-gfx/imagemagick-6.3.5.9, please stabilize 6.3.5.10. See comments 19 to 21 for details. Targets are still: "alpha amd64 hppa ia64 mips ppc ppc64 sparc x86"
ppc64 stable thanks
mips stable.
Sparc stable for 6.3.5.10
alpha/ia64/x86 stable, removing bsd since they have nothing to do
ppc stable
Marked stable on amd64.
Stable for HPPA. Oh, by the way: # ChangeLog for dev-ruby/rmagick ... *rmagick-1.15.10 (17 Sep 2007) 17 Sep 2007; Hans de Graaff <graaff@gentoo.org> +rmagick-1.15.10.ebuild: Version bump, fixes compatibility issue with ImageMagick-6.3.5-9 I will consider stabilising rmagick for hppa before it's due.
Thanks Jeroen. I've now filed a stablization request as bug 194246.
A2 -> GLSA request filed.
GLSA 200710-27, sorry for the delay
I assume it should be closed
mips, you've stabled the wrong version (6.3.5.9), I guess you want 6.3.5.10 stable to not cause any breakage (see comment #22). Thanks to chithead who noticed that on #gentoo-security.
