Where is change log?

Questions and postings pertaining to the usage of ImageMagick regardless of the interface. This includes the command-line utilities, as well as the C and C++ APIs. Usage questions are like "How do I use ImageMagick to create drop shadows?".
Post Reply
mrmikel
Posts: 2
Joined: 2012-05-15T10:39:44-07:00
Authentication code: 13

Where is change log?

Post by mrmikel »

Image Magick is used in calibre and it has not been updated in calibre. The developer wants to know if there are security issues which would require this. It trips Secunia PSI 2.0, so I want to be able tell the developer to update or Secunia there is no security issue.
Top
User avatar
fmw42
Posts: 25562
Joined: 2007-07-02T17:14:51-07:00
Authentication code: 1152
Location: Sunnyvale, California, USA

Re: Where is change log?

Post by fmw42 »

http://www.imagemagick.org/script/changelog.php
Top
mrmikel
Posts: 2
Joined: 2012-05-15T10:39:44-07:00
Authentication code: 13

Re: Where is change log?

Post by mrmikel »

Then there are no security issues after 6.5.2-8, which is older than the version that calibre uses?
Top
User avatar
fmw42
Posts: 25562
Joined: 2007-07-02T17:14:51-07:00
Authentication code: 1152
Location: Sunnyvale, California, USA

Re: Where is change log?

Post by fmw42 »

mrmikel wrote:Then there are no security issues after 6.5.2-8, which is older than the version that calibre uses?
That is beyond my understanding. You need to hear back from Magick for further details.
Top
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: Where is change log?

Post by magick »

Security issues are tagged in the ChangeLog by CVE #. For example, @ http://www.imagemagick.org/script/changelog.php:

2012-01-30 6.7.5-1 Cristy <quetzlzacatenango@image...>
Prevent overflow when casting short int to size_t when parsing a maliciously crafted image with an IFD whose all IOP tags' value offsets point to the beginning of the IFD itself [CVE-2012-0247].
Top
Post Reply

Return to “Users”