升级ImageMagick到最新版本,修复 ImageMagick拒绝服务漏洞(CVE-2017-1000476)和ImageMagick远程代码执行漏洞(CVE-2016-8707)
程序员文章站
2022-07-15 16:10:07
...
1. 环境
- 系统:Centos7+PHP7
- 旧 ImageMagick:6.9.10.68
- 目标 ImageMagick:7.0.10-29(写博客时的最新版本,如有更新请选择最新版本)
2.准备
- 首先去官网看看最新版本的地址
https://www.imagemagick.org/download/linux/CentOS/x86_64/
- 找到最新版本的 .rpm 文件 ,此处应该需要两个文件 ImageMagick-7.0.10-29.x86_64.rpm/ImageMagick-libs-7.0.10-29.x86_64.rpm
https://www.imagemagick.org/download/linux/CentOS/x86_64/ImageMagick-7.0.10-29.x86_64.rpm
https://www.imagemagick.org/download/linux/CentOS/x86_64/ImageMagick-libs-7.0.10-29.x86_64.rpm
- 下载到服务器上,使用wget命令
3. 安装
- 先安装lib库
rpm -Uvh ImageMagick-libs-7.0.10-29.x86_64.rpm
报需要依赖
error: Failed dependencies:
libfftw3.so.3()(64bit) is needed by ImageMagick-libs-7.0.10-29.x86_64
libraqm.so.0()(64bit) is needed by ImageMagick-libs-7.0.10-29.x86_64
安装所需依赖
yum install -y fftw3
yum install -y libraqm
再次尝试安装lib库即可
- 安装ImageMagick
rpm -Uvh ImageMagick-7.0.10-29.x86_64.rpm
4. 问题
- 如果直接安装ImageMagick 而不安装其他依赖会出现如下错
error: Failed dependencies:
ImageMagick-libs(x86-64) = 7.0.10-29 is needed by ImageMagick-7.0.10-29.x86_64
libMagickCore-7.Q16HDRI.so.7()(64bit) is needed by ImageMagick-7.0.10-29.x86_64
libMagickWand-7.Q16HDRI.so.7()(64bit) is needed by ImageMagick-7.0.10-29.x86_64
libMagickWand-7.Q16HDRI.so.7(VERS_7.0)(64bit) is needed by ImageMagick-7.0.10-29.x86_64
libfftw3.so.3()(64bit) is needed by ImageMagick-7.0.10-29.x86_64
libraqm.so.0()(64bit) is needed by ImageMagick-7.0.10-29.x86_64
libMagickCore-6.Q16.so.6()(64bit) is needed by (installed) php72w-pecl-imagick-3.4.4-1.2.w7.x86_64
libMagickWand-6.Q16.so.6()(64bit) is needed by (installed) php72w-pecl-imagick-3.4.4-1.2.w7.x86_64
- 忽略依赖,强制安装ImageMagick ,会有依赖缺失
rpm -Uvh ImageMagick-7.0.10-29.x86_64.rpm --nodeps --force
[aaa@qq.com data]# convert -version
convert: error while loading shared libraries: libMagickCore-7.Q16HDRI.so.7: cannot open shared object file: No such file or directory
- 解决办法都是将缺失的库,按上面的方式重新安装即可
4.总结
尽量不要使用 --nodeps --force ,缺失依赖怎么能强制安装呢?