1709 lines
79 KiB
Plaintext
1709 lines
79 KiB
Plaintext
-------------------------------------------------------------------
|
|
Mon Mar 25 12:40:12 UTC 2024 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.43
|
|
Bug fixes:
|
|
* JBIG: Add support for 'width', 'height', and 'pixels', resource
|
|
limits. Your mileage may vary.
|
|
* WPG: Many fixes based on oss-fuzz testing.
|
|
* Ghostscript: When invoking Ghostscript, re-direct Ghostscript stdout
|
|
to stderr to avoid output corruption when GM stdout is redirected to
|
|
a file.
|
|
New Features:
|
|
* File write limit: Add support for a per-file write limit (-limit
|
|
write or MAGICK_LIMIT_WRITE). This imposes a limit on the number of
|
|
uncompressed bytes written. The behavior when the limit is hit is
|
|
similar to an unexpected write error, as if the disk is full.
|
|
* Resource limit highwater: Resource highwater values are maintained
|
|
for successful resource requests and final values are traced
|
|
via -debug resource' at the end of program execution. These values
|
|
may be used to understand the most restrictive resource limits which
|
|
may be applied while still achieving successful operation.
|
|
* BMP: Support BI_PNG compression (PNG inside BMP).
|
|
* BMP: Support reading 64 bits-per-pixel.
|
|
* BMP: Support reading 48 bits-per-pixel.
|
|
* HEIF: Call heif_init() and heif_deinit() if they are
|
|
available. Support setting image width limit.
|
|
* HRZ: Added support for Slow scan TV format.
|
|
* JPEG: Added support for reading and writing lossy or lossless 12
|
|
bits, and lossless 16-bits using libjpeg-turbo-3.0
|
|
* JXL: Improve JXL reader/writer exception information.
|
|
* TIFF: Remove miniswhite/minisblack prohibitions when using Group3
|
|
and Group4 compression in order to allow using inverted photometric
|
|
from the standard.
|
|
* TIFF: Store EXIF IFD and GPS IFD tag information natively in TIFF
|
|
sub-IFDs, the same as it would be produced in a camera supporting
|
|
TIFF. This allows an EXIF profile from HEIF, JPEG, JXL, PNG, WebP,
|
|
or from the META coder to be preserved in TIFF.
|
|
API Updates:
|
|
* ExpandFilenames(): Fix memory leak of existing allocations if
|
|
realloc() fails.
|
|
- modified patches
|
|
% GraphicsMagick-disable-insecure-coders.patch (refreshed)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 29 10:10:37 UTC 2024 - pgajdos@suse.com
|
|
|
|
- ghostscript-fonts-std: relax to recommends [bsc#1216604]
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Oct 26 09:38:20 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
|
|
- Have libGraphicsMagick3-config require ghostscript-fonts-std
|
|
(boo#1216604).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 2 06:55:47 UTC 2023 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.42
|
|
Bug fixes:
|
|
* TIFF: Default the alpha channel to type EXTRASAMPLE_UNASSALPHA(2).
|
|
* BMP: Many fixes for reading esoteric BMP sub-formats.
|
|
* TranslateTextEx(): Revert change so now a NULL pointer is returned
|
|
when given an empty string. Some algorithms (e.g. montage) were
|
|
depending on this!.
|
|
* PAM: Fix reading comments.
|
|
* PNG: Added Add missing module aliases "PNG00", "PNG48", "PNG64", so
|
|
it is again possible to request these subformats directly.
|
|
* TIFF: For common formats with the required number of channels, but
|
|
one is an 'unspecified' channel, promote unspecified alpha to
|
|
unassociated alpha so that the alpha channel is not ignored.
|
|
* "Magick" command line emulation: Eliminate duplicate utility name
|
|
output in error messages
|
|
New Features:
|
|
* BMP: Added the ability to read and write BMP using JPEG compression.
|
|
Use '-define bmp:allow-jpeg' to allow use of JPEG compression.
|
|
* BMP: Added support for BI_ALPHABITFIELDS compression
|
|
* BMP: Added support for reading BMP with PNG compression.
|
|
- modified patches
|
|
% GraphicsMagick-disable-insecure-coders.patch (refreshed)
|
|
- deleted patches
|
|
- strlcpy-wrong-sizing.patch (upstreamed)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 1 13:19:26 UTC 2023 - pgajdos@suse.com
|
|
|
|
- revert to 1.3.40 [bsc#1214831]
|
|
https://sourceforge.net/p/graphicsmagick/news/2023/08/because-1341-is-discarded-i-has-been-published-2-builds-for-win32-architecture/
|
|
- modified patches
|
|
% GraphicsMagick-disable-insecure-coders.patch (refreshed)
|
|
- deleted patches
|
|
- GraphicsMagick-fix-regression-NULL-instead-of-empty-string.patch (not needed)
|
|
- GraphicsMagick-name-key-return-input-file-base-name.patch (not needed)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 28 12:41:40 UTC 2023 - pgajdos@suse.com
|
|
|
|
- fix regression in 1.3.41
|
|
https://sourceforge.net/p/graphicsmagick/bugs/722/
|
|
- added patches
|
|
fix 17179:91afa18a6161
|
|
+ GraphicsMagick-fix-regression-NULL-instead-of-empty-string.patch
|
|
fix 17180:bb42cd90ce6f
|
|
+ GraphicsMagick-name-key-return-input-file-base-name.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 24 11:54:37 UTC 2023 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.41
|
|
Bug fixes:
|
|
* Blob: Immediately reject attempts to write blobs to formats which
|
|
can not support blobs.
|
|
* TranslateTextEx(): An empty string argument should return an empty
|
|
string rather than a NULL string.
|
|
* SetImageAttribute(): Fix bounds issue when concatenating string.
|
|
* JPEG: Do not set image resolution if the values provided are outside
|
|
of the valid range.
|
|
* Fixes for NaN when reading formats based on floating point.
|
|
* HEIF: Fix reading images with rotation/transformation.
|
|
* BMP: Do not decode primaries or gamma unless colorspace is
|
|
LCS_CALIBRATED_RGB. Add/correct bmp_info.size "biSize" logic which
|
|
decides if header chunks are present (or invalid).
|
|
* MNG: Fixes for resizing using X_method 5.
|
|
* GM command (convert, montage, mogrify): Many command-line parser
|
|
fixes/checks for invalid command line syntax which causes unexpected
|
|
behavior, or core dumps.
|
|
|
|
* TopoL: Given that a writer is now provided, issues found in the
|
|
reader (and writer) due to continual fuzz-testing have been fixed,
|
|
as encountered.
|
|
* GetImageClippingPathAttribute(): Check for and use clipping path
|
|
name (ID=2999) to get the real attribute name.
|
|
* ReadIPTCProfile(): Fix malformed IPTC data parsing.
|
|
New Features:
|
|
* TopoL: Now provides a writer.
|
|
* WPG: Now provides a writer.
|
|
* gm batch: Implement simple Test Anything Protocol (TAP) test
|
|
counting and "ok N"/"not ok N" messaging.
|
|
* TIFF: Support '-define tiff:photometric=minisblack' and '-define
|
|
tiff:photometric=miniswhite' to be able to adjust the sense used
|
|
when writing bilevel TIFF images.
|
|
* TIFF: Require that TIFFTAG_EXTRASAMPLES be used appropriately to
|
|
indicate the intention of extra channels.
|
|
* utilities/tests/gen-tiff-images/genimages: Script for writing (and
|
|
then reading) thousands (5568 permutations) of TIFF format variants.
|
|
* EXIF and PNG: Retrieve image orientation from EXIF (if present) and
|
|
store in image.
|
|
* HEIF: Retrieve image orientation from EXIF and store in image.
|
|
Behavior Changes:
|
|
* The ability to extend existing image attribute text by calling
|
|
SetImageAttribute() multiple times with the same key is now
|
|
deprecated, and will soon be removed. In the mean time, the
|
|
annoying message "SetImageAttribute: Extending attribute value text
|
|
is deprecated!" is printed to the standard error output to help
|
|
expose code which is using this feature.
|
|
- modified patches
|
|
% GraphicsMagick-disable-insecure-coders.patch (refreshed)
|
|
- deleted patches
|
|
- strlcpy-wrong-sizing.patch (upstreamed)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 8 08:23:35 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
- add strlcpy-wrong-sizing.patch: fix incorrect usages of
|
|
strlcpy and strlcat detected by glibc 2.38's fortify
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 2 13:45:30 UTC 2023 - pgajdos@suse.com
|
|
|
|
- clean up old conditionals
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 7 12:36:21 UTC 2023 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.40
|
|
* GetMagickGeometry(): Fix a scaling issue where dimensions could be
|
|
scaled down to zero.
|
|
* PCD: Handle writing image with a dimension of 1.
|
|
* PNG: When writing, use lower-case raw profile identifiers (e.g. 'Raw
|
|
profile type xmp') because exiftool expects that.
|
|
* SUN: The sense of monochrome images was inverted. Fix scanline size
|
|
calculation.
|
|
* WPG: Fix 20-year old bug in WPG header reading.
|
|
New Features:
|
|
* JXL: Decode and log extra channel information. This information is
|
|
not yet used.
|
|
* PCX and DCX: Support writing uncompressed format (use -compress none
|
|
for no compression).
|
|
* Added IM1, IM8, and IM24 magick aliases for the Sun Raster format
|
|
since those are the historically correct extensions.
|
|
API Updates:
|
|
* AppendImageToList() now updates the image list pointer to be the
|
|
image which was just added. Use GetFirstImageInList() when the
|
|
pointer to the first image in the list is needed.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jan 8 11:25:06 UTC 2023 - munix9@googlemail.com
|
|
|
|
- version update to 1.3.39
|
|
Special Issues:
|
|
* GraphicsMagick really does need some additional productive
|
|
volunteers. For several years now, the burden has entirely been on
|
|
me (Bob Friesenhahn). I have been sheparding the project for 20
|
|
years already (and contributed to ImageMagick and GraphicsMagick
|
|
combined for 26 years already). It is not reasonable to expect
|
|
someone with a full time job (and expecting to retire in a few
|
|
years) to do all of the work.
|
|
Security Fixes:
|
|
* GraphicsMagick is participating in Google's oss-fuzz project since
|
|
February 4 2018 due to the contributions and assistance of Alex
|
|
Gaynor and Paul Kehrer. The issues list is available at
|
|
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
|
|
"graphicsmagick". Issues are available for anyone to view and
|
|
duplicate if they have been in "Verified" status for 30 days, or if
|
|
they have been in "New" status for 90 days. Please consult the
|
|
GraphicsMagick ChangeLog file, Mercurial repository commit log, and
|
|
the oss-fuzz issues list for details.
|
|
Security Fixes:
|
|
* oss-fuzz: Several security fixes originating from oss-fuzz testing.
|
|
* ALL: Replace strcpy() with strlcpy(), replace strcat() with
|
|
strlcat(), replace sprintf() with snprintf(). Prefer using bounded
|
|
string functions. This change is made for the purpose of increasing
|
|
safety than to address any existing demonstrated concern.
|
|
Bug fixes:
|
|
* Coverity: Several fixes for issues found by Coverity to reduce the
|
|
number of reported issues back down to zero.
|
|
* Clang Analyzer 12: Fix most discovered issues.
|
|
* PNG: Fix possible use of uninitialized 'ping_num_trans' value in
|
|
ReadOnePNGImage().
|
|
* MinGW: Eliminate overwrite of existing _MSC_VER value in MinGW compile.
|
|
* MNG: Fix heap-use-after-free in CloseBlob.
|
|
* MNG: Fix indirect leak in MagickMallocCleared().
|
|
* PS: Assure that 'bounds' structure is initialized.
|
|
* EPT: Assure that 'bounds' structure is initialized.
|
|
* HEIF: If heif_image_handle_get_metadata_size() returns 0, then
|
|
carrying on with reading image data.
|
|
* configure.ac: Fix Bashism in maintainer-mode check.
|
|
* TGA: Remove a defective validation of comment length, which blocked
|
|
reading some sample TGA files from the "Encyclopedia Of Graphics
|
|
File Formats" book. Monochromatic bilevel TGA can now be read and
|
|
written. TGA "Footers" are now read and used when logging as well
|
|
as converted to Image attributes.
|
|
* WebP: Add configure.ac updates to check for libsharpyuv so that
|
|
builds with the development version work again.
|
|
* Visual Studio Build (VisualMagick): Fix project file generation.
|
|
Improve portability of code for configure.exe.
|
|
* Fixed mixed encoding (non-UTF-8) errors in text and source files.
|
|
* DrawPrimitive(): Fix composition using "0,0" for image size. This
|
|
became broken in GraphicsMagick 1.3.36.
|
|
* Blob API: Fixed SEEK_END validation. SEEK_END was not used before,
|
|
but now it is.
|
|
New Features:
|
|
* AVIF: Support reading AVIF via libheif if it supports decoding AVIF
|
|
(still no writer support).
|
|
* LOG: Added function IsEventLogged() to report if a particular event
|
|
will be logged. Us this as much as possible throughout the software
|
|
to replace use of IsEventLogging(). This avoids a possible
|
|
performance hit if any logging is enabled at all and logging
|
|
statements are executed which are filtered and produce no output.
|
|
* FITS: Support storing multiple scenes in one file (non-standard
|
|
extension).
|
|
* JPEG: Optionally enable arithmetic coder in JPG images using
|
|
'-define jpeg:arithmetic-coding=true'.
|
|
* JPEG: Add support for reading deep gray images.
|
|
* HEIF: Support reading ICC color profiles.
|
|
* Produce ASCII armored ".asc" format GPG signature files.
|
|
* Support reading directly from .bz2, .gz, .svgz, and .Z files
|
|
(without creating a temporary file), if possible.
|
|
API Updates:
|
|
* Magick++: Provide a version of Image::colorMapSize() which is a
|
|
'const' method. Continue to provide the non-const version in order
|
|
to avoid an ABI change. The compiler should choose the appropriate
|
|
version.
|
|
Feature improvements:
|
|
* HTML documentation generation based on Docutils is significantly
|
|
updated and improved.
|
|
* PerlMagick: Added more sample input files and changed many reader
|
|
tests to use hash signature rather than comparison to reduce the
|
|
distribution size.
|
|
* Blob: The ReadBlobString() function has been re-written to perform
|
|
better when reading from files.
|
|
* JXL: The JXL coder is updated to compile with what will likely
|
|
become JXL 0.8.0. Support for 16-bit 'short' samples, 16-bit
|
|
'float' samples, and 32-bit float samples added. Support for
|
|
reading and writing ICC, EXIF, and XMP profiles added.
|
|
* MIME: GM "magick" to MIME mappings have been added for apng, avif,
|
|
bmp, ico, and webp (regardless of if they are supported).
|
|
* XPM: The XPM reader performance is dramatically improved and is
|
|
observed to be 32x faster when reading a medium-sized XPM file
|
|
(e.g. the GraphicsMagick logo).
|
|
* XPM: Support reading "deep" images with more pallete entries than
|
|
the maximum colormap size.
|
|
Windows Delegate Updates/Additions:
|
|
* Update bundled libjasper to version 1.900.26. Please note that 4.0.0
|
|
is the latest version at this time and fixes a great many security
|
|
and stability issues which are present in 1.900.26.
|
|
* Update bundled libjpeg to version 9e.
|
|
* Update bundled libtiff to version 4.5.0.
|
|
Build Changes:
|
|
* MSVC: Added porting function to emulate C'99 snprintf for MSVC older
|
|
than 2015.
|
|
* MSVC: Successfully compiles using Visual Studio 2008 and 2019.
|
|
Compiles successfully using Visual Studio 2022 if optimization is
|
|
disabled (otherwise there is an internal compiler error in effect.c).
|
|
|
|
- Enable JPEG-XL on Tumbleweed.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 12 07:50:49 UTC 2022 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.38
|
|
Special Issues:
|
|
* The FTP site ftp.graphicsmagick.org is now shut down due to a lack
|
|
of bandwith, extremely abusive users (including from Google and
|
|
customers of Amazon Web Services), and a lack of support from the
|
|
user community. Another factor is that FTP support has been removed
|
|
from popular web browsers. This is very unfortunate since the site
|
|
served multiple usages, including providing a lot of historical data
|
|
(e.g. related to PNG) which may not be available elsewhere.
|
|
* GraphicsMagick really does need some additional productive
|
|
volunteers. For several years now, the burden has entirely been on
|
|
me (Bob Friesenhahn). I have been sheparding the project for 20
|
|
years already (and contributed to ImageMagick and GraphicsMagick
|
|
combined for 26 years already). It is not reasonable to expect
|
|
someone with a full time job (and expecting to retire in a few
|
|
years) to do all of the work.
|
|
Security Fixes:
|
|
* GraphicsMagick is participating in Google's oss-fuzz project due to
|
|
the contributions and assistance of Alex Gaynor. Since February 4
|
|
2018, ??? issues have been opened by oss-fuzz and ?? issues remain
|
|
open. The issues list is available at
|
|
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
|
|
"graphicsmagick". Issues are available for anyone to view and
|
|
duplicate if they have been in "Verified" status for 30 days, or if
|
|
they have been in "New" status for 90 days. Please consult the
|
|
GraphicsMagick ChangeLog file, Mercurial repository commit log, and
|
|
the oss-fuzz issues list for details.
|
|
Bug fixes:
|
|
* Documentation: Generator scripts in 'doc' directory now produce
|
|
similar results using GNU sed and Solaris/Illumos sed and don't
|
|
produce warnings.
|
|
* JNG: Fixes to error handling to avoid temporary file leaks and
|
|
avoiding returning a broken image.
|
|
* JPEG: Always store embedded profiles in image, even if in 'ping'
|
|
mode.
|
|
* MAT: Change from using 'int' for sizes/offsets to using 'size_t' and
|
|
check all related calculations for overload.
|
|
* MIFF: Fix heap buffer overflow which may be provoked in builds with
|
|
BZLIB support.
|
|
* MogrifyImage() and Magick::Image::trim(): Trim requires
|
|
NorthWestGravity.
|
|
* PICT: Fixed a heap overflow.
|
|
* PerlMagick: Fix issue that image fill attribute had its opacity
|
|
reset to transparent so it could not be usefully set at image scope.
|
|
* Test Suite: Fixed portability issue related to 'sed' which broke
|
|
utilities/tests/convert.tap test script.
|
|
* WPG: Fix incorrect TrX and TrY elements in CTM.
|
|
New Features:
|
|
* Added support for a 'Read' resource limit (e.g. '-limit read 5mb').
|
|
This allows the user to specify a hard limit for how much data may
|
|
be read from a file, read from a pipe, or decompressed from a file
|
|
(e.g gzip or bzip2) before a hard error is reported. This resource
|
|
limit is a useful alternative to completely disabling support for
|
|
compressed files using the --disable-compressed-files option and it
|
|
provides more protections as well.
|
|
* Added support for reading HEIF/HEIC format.
|
|
* Added support for reading and writing JPEG XL format.
|
|
* Support for JasPer 3.0.0 is completed. Upgrading to JasPer 3.0.0 is
|
|
strongly recommended due to its many security fixes and integration
|
|
with GraphicsMagick's resource-limited memory allocator.
|
|
* PNG: Support the define png:chunk-malloc-max=limit in order to allow
|
|
reading PNG files which report "chunk data is too large" or to
|
|
reduce the default limit.
|
|
* compare: Added support for the '-compress' option.
|
|
* compare: Added support for the '-auto-orient' option. This tries to
|
|
assure that the two images are right-side up before comparing.
|
|
API Updates:
|
|
* Magick++: Support the new 'ReadResource' enumeration.
|
|
Feature improvements:
|
|
* JPEG: Implement more efficient way to append JPEG profile chunks.
|
|
* Resource Limited Memory: The resource limited memory allocator now
|
|
maintains useful statistics such as a tally of the total number of
|
|
octets moved by realloc.
|
|
Windows Delegate Updates/Additions:
|
|
* None
|
|
Build Changes:
|
|
* In maintainer mode, the configure script searches for a GnuPG 'gpg'
|
|
program to use for signing snapshot releases and uses this to
|
|
support PGP-signed development snapshots.
|
|
Behavior Changes:
|
|
* None
|
|
* fixes CVE-2022-1270 [bsc#1198351]
|
|
- modified patches
|
|
% GraphicsMagick-disable-insecure-coders.patch (refreshed)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 13 10:51:02 UTC 2021 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.37
|
|
* bug fix release, see NEWS.txt
|
|
- modified patches
|
|
% GraphicsMagick-disable-insecure-coders.patch (refreshed)
|
|
- added sources
|
|
+ GraphicsMagick-1.3.37.tar.xz.sig
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 28 14:27:07 UTC 2020 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.36
|
|
Security Fixes:
|
|
* fix issues found by oss-fuzz project
|
|
* WPG: Fixes for heap buffer overflow.
|
|
Bug fixes:
|
|
* ConstituteImage(): Set image depth appropriately based on the
|
|
storage size specified by StorageType and QuantumDepth.
|
|
* GetImageBoundingBox(): Fix problem that MagickTrimImage with extreme
|
|
fuzz values could produce an image with negative width.
|
|
* ImageToFile(): Improve error handling to avoid possible deferred
|
|
deletion of temporary files, causing unexpected excessive use of
|
|
temporary file space.
|
|
* JNG: Add validations for alpha compression method values and use
|
|
this information to enforce decoding using the appropriate
|
|
sub-format (rather than auto-detecting the format). Also, address
|
|
memory leaks which may occur if the sub-decoder does something other
|
|
than was expected.
|
|
* MagickCondSignal(): Improvements to conditional signal handler
|
|
registration (which avoids over-riding signal handlers previously
|
|
registered by an API user).
|
|
* ModifyCache(): Fix memory leak.
|
|
* ReadCacheIndexes(): Don't blunder into accessing a null pointer if
|
|
the using code has ignored a previous error report bubled-up from
|
|
SetNexus().
|
|
* MNG: When doing image scaling and the image width or height is 1
|
|
then always use simple pixel replication as per the MNG
|
|
specification.
|
|
* MVG: Fixes to 'push clip-path foo' and 'pop clip-path foo' parsing
|
|
to eliminate a class of malign behavior.
|
|
* MVG: Place an aribrary limit on stroke dash polygon unit maximum
|
|
length in order to avoid possibly rendering "forever".
|
|
* PCL: No longer attempt to handle reading HP PCL format via the
|
|
external 'hp2xx' program since it seems worthless for that task.
|
|
* PS: Fix corrupt image when writing PseudoClass image with a colormap
|
|
larger than two entries as bilevel.
|
|
* SVG: Memory leak fixes.
|
|
* SVG reader: Now support 'ping' support so the identify command works
|
|
as expected.
|
|
* TIFF: WEBP compression only supports a depth of 8 so force that
|
|
value.
|
|
* Wand MagickSetSamplingFactors(): Correct formatting of sampling
|
|
factors string.
|
|
New Features:
|
|
* Logging is now fully programmable.
|
|
* DPX format: Support dpx:swap-samples-read define which behaves
|
|
similar to dpx:swap-samples, but is only applied when reading, as
|
|
well as dpx:swap-samples-write, which is only applied when
|
|
writing. This provides for use when there is both reading and
|
|
writing in the same operation (otherwise the final result was no
|
|
effect!).
|
|
API Updates:
|
|
* magick/api.h: Add "magick/enum_strings.h" to API headers.
|
|
* New log settings accessor C functions: SetLogDefaultFileName(),
|
|
SetLogDefaultFormat(), SetLogDefaultOutputType(),
|
|
SetLogDefaultLogMethod(), SetLogDefaultLimit(),
|
|
SetLogDefaultGenerations(), SetLogDefaultEventType(). These
|
|
functions allow a program to set the same parameters which may be
|
|
set by loading a "log.mgk" function. If a default logging callback
|
|
was provided via SetLogDefaultLogMethod() such that MethodOutput is
|
|
used, then the search for a "log.mgk" is avoided entirely.
|
|
* New log settings accessor C++ functions: SetLogDefaultFileName(),
|
|
SetLogDefaultFormat(), SetLogDefaultOutputType(),
|
|
SetLogDefaultLogMethod(), SetLogDefaultLimit(),
|
|
SetLogDefaultGenerations(), SetLogDefaultEventType(). These C++
|
|
functions just pass through to the equivalent C functions and
|
|
provide the same benefits.
|
|
* A simple resource-limit respecting memory allocator has been
|
|
developed for internal use wherever arbitrarily-large amounts of
|
|
memory might be requested. This will gradually be added wherever it
|
|
appears to be needed. The memory resource limits are at the overall
|
|
process level. The MVG/SVG rendering code is updated to use this
|
|
new allocator. Almost all of the coders (image format
|
|
readers/writers) have now been updated to use this new allocator.
|
|
This means that '-limit memory 300MB' would be more complete and
|
|
meaningful now. Temporary allocations by the image processing
|
|
algorithms (other than for the images themselves) are still not
|
|
accounted for in the resource limiting.
|
|
* MVG Renderer / DrawImage(): Use resource-limit respecting memory
|
|
allocators for remaining large memory allocations.
|
|
* PNG writer: Don't skip optional Exif identifier code if it isn't present.
|
|
* DPX reader/writer: decode/encode of 10-bit packed DPX is now twice
|
|
as fast due to code simplification.
|
|
* TIFF reader: Apply the same resource limits to TIFF tile sizes as
|
|
apply to the image itself.
|
|
- deleted patches
|
|
- GraphicsMagick-CVE-2020-12672.patch (upstreamed)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 25 09:00:35 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com>
|
|
|
|
- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 2 12:57:34 UTC 2020 - pgajdos@suse.com
|
|
|
|
- security update
|
|
- added patches
|
|
fix CVE-2020-12672 [bsc#1171271], heap-based buffer overflow in ReadMNGImage in coders/png.c.
|
|
+ GraphicsMagick-CVE-2020-12672.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 25 08:17:55 UTC 2020 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.35
|
|
Special Issues:
|
|
* It has been discovered that the 'ICU' library (a perhaps 30MB C++
|
|
library) which is now often a libxml2 dependendency causes huge
|
|
process initialization overhead. This is noticed as unexpected
|
|
slowness when GraphicsMagick utilities are used to process small to
|
|
medium sized files. The time to initialize the 'ICU' library is
|
|
often longer than the time that GraphicsMagick would otherwise
|
|
require to read the input file, process the image, and write the
|
|
output file. If the 'ICU' dependency can not be avoided, then make
|
|
sure to use the modules build so there is only impact for file
|
|
formats which require libxml2. Please lobby the 'ICU' library
|
|
developers to change their implementation to avoid long start-up
|
|
times due to merely linking with the library.
|
|
Security Fixes:
|
|
* GraphicsMagick is now participating in Google's oss-fuzz project due
|
|
to the contributions and assistance of Alex Gaynor. Since February 4
|
|
2018, 398 issues have been opened by oss-fuzz (some of which were
|
|
benign build issues) and 11 issues remain open.
|
|
The issues list is available at
|
|
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
|
|
"graphicsmagick". Issues are available for anyone to view and
|
|
duplicate if they have been in "Verified" status for 30 days, or if
|
|
they have been in "New" status for 90 days. There are too many
|
|
fixes to list here. Please consult the GraphicsMagick ChangeLog
|
|
file, Mercurial repository commit log, and the oss-fuzz issues list
|
|
for details.
|
|
Bug fixes:
|
|
* Fix broken definition of ResourceInfinity which resulted in that
|
|
GetMagickResource() would return -1 rather than the maximum range
|
|
value for the return type as documented. (problem added by the
|
|
1.3.32 release).
|
|
* ModifyCache(): Re-open the pixel cache if the cache rows/columns do
|
|
not match the owning image rows/columns.
|
|
* Fix DisplayImages() return status. The return status was inverted.
|
|
* HISTOGRAM: Histogram once again includes the histogram as a text
|
|
comment. This became broken by previous security fixes.
|
|
* PICT: Fixed heap buffer overuns reported multiple sources.
|
|
* JNG: Detect when JPEG encoder has failed and throw an exception.
|
|
* MVG/DrawImage(): Performs even more parsing validations.
|
|
* Clang static analyzer fixes: A great many fixes were made based on
|
|
problem reports by the Clang static analyzer.
|
|
* Visual Studio static analyzer fixes: A great many fixes were made
|
|
based on problem reports by the Visual Studio 2019 static analyzer.
|
|
Many of these may improve the robustness of 64-bit code.
|
|
New Features:
|
|
* GRADIENT/GradientImage(): Improved accuracy of gradient levels as
|
|
well as dramaticaly improving performance. Output PseudoClass
|
|
images if we can. Add support for using the image 'gravity'
|
|
attribute as well as the "gradient:direction" definition to produce
|
|
gradient vector directions corresponding to SouthGravity (the
|
|
previously-existing default), NorthGravity, WestGravity,
|
|
EastGravity, NorthWestGravity, NorthEastGravity, SouthWestGravity,
|
|
and SouthEastGravity.
|
|
API Updates:
|
|
* InitializeMagickEx(): New function which may be used in place of
|
|
InitializeMagick() to initialize GraphicsMagick. This
|
|
initialization function returns an error status value, may update a
|
|
passed ExceptionInfo structure with error information, and provides
|
|
an options parameter which supports simple bit-flags to tailor
|
|
initialization. The signal handler registrations are skipped if the
|
|
MAGICK_OPT_NO_SIGNAL_HANDER flag is set in the options.
|
|
Feature improvements:
|
|
* Replace use of non-reentrant legacy POSIX functions with reentrant
|
|
equivalents.
|
|
* Timing of image reads should now be very accurate. The timer was
|
|
sometimes not stopped as soon as it should be.
|
|
* PICT: The PICT reader is working pretty good now. It handles all
|
|
the PICT image files I have available to me.
|
|
Behavior Changes:
|
|
* POSIX Signals: Use the normal termination signal handler for SIGXCPU
|
|
and SIGXFSZ so that ulimit or setrlimit(2) may be used to apply CPU
|
|
(RLIMIT_CPU) and output file size (RLIMIT_FSIZE) limits with the
|
|
normal cleanup, and without dumping core. Note that any output files
|
|
currently being written may be truncated and files being written by
|
|
external programs (e.g. Ghostscript) might be left behind unless
|
|
they are to a temporary file assigned by GraphicsMagick.
|
|
* Some private string and integer constants were removed from the
|
|
apparent library ABI. Some private functions were marked static and
|
|
removed from the apparent library ABI. This is mentioned because
|
|
someone is sure to notice and be concerned about it.
|
|
* The remaining private content in installed header files was moved
|
|
into -private.h header files which are not installed. This should
|
|
not be cause for concern but is mentiond because someone is sure to
|
|
notice and be concerned about it.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 6 22:29:55 UTC 2020 - Stefan Brüns <stefan.bruens@rwth-aachen.de>
|
|
|
|
- Remove xorg-x11-fonts runtime Requires, gm display no longer
|
|
fails when it is missing (see boo#619103).
|
|
- Cleanup, replace $RPM_OPT_FLAGS with %optflags
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jan 4 16:04:54 UTC 2020 - Arjen de Korte <suse+build@de-korte.org>
|
|
|
|
- Revert the change to relinquish resources used by OpenMP on all
|
|
devices. There are concerns upstream that this might break
|
|
applications that use OpenMP too and suddenly find their threads
|
|
closed (remove GraphicsMagick-wait-for-threads-close.patch)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 2 20:18:49 UTC 2020 - Arjen de Korte <suse+build@de-korte.org>
|
|
|
|
- Due to a broken check, it wasn't noticed the typemap file is
|
|
already provided in the source archive (removed typemap)
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Dec 29 14:32:23 UTC 2019 - Arjen de Korte <suse+build@de-korte.org>
|
|
|
|
- Relinquish resources used by OpenMP on all devices (GCC >= 9)
|
|
+ GraphicsMagick-wait-for-threads-close.patch
|
|
- Set configure options to what is actually build
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 27 17:03:02 UTC 2019 - Arjen de Korte <suse+build@de-korte.org>
|
|
|
|
- version update to 1.3.34
|
|
* DPS: Eliminate a memory leak.
|
|
* Debug Trace: Only output text to terminate an XML format log file
|
|
if XML format is active.
|
|
* EXIF Parser: Detect non-terminal parsing and report an error.
|
|
* EXIF Parser: Eliminate heap buffer overflows.
|
|
* HuffmanDecodeImage(): Fix heap overflow in 32-bit applications.
|
|
* MAT: Implement subimage/subrange support.
|
|
* MVG: Address non-terminal loops, excessive run-time, thrown
|
|
assertions, divide-by-zero, heap overflow, and memory leaks.
|
|
* OpenModule(): Now properly case-insensitive, as it used to be.
|
|
* PCX: Verify that pixel region is not negative. Assure that opacity
|
|
channel is initialized to opaqueOpacity. Update DirectClass
|
|
representation while PseudoClass representation is updated.
|
|
Improve read performance with uncompressed PCX.
|
|
* PICT: Fix heap overflow in PICT writer.
|
|
* PNG: Fix validation of raw profile length.
|
|
* PNG: Skip coalescing layers if there is only one layer.
|
|
* PNM: Fix denial of service opportunity by limiting the length of
|
|
PNM comment text.
|
|
* WPG: Avoid Avoid dereferencing a null pointer.
|
|
* WPG: Implement subimage/subrange support.
|
|
* WPG: Improve performance when reading an embedded image.
|
|
* Wand library: In MagickClearException(), destroy any existing
|
|
exception info before re-initializing the exception info or else
|
|
there will be a memory leak.
|
|
* XPM: Rquire that image properties appear in the first 512 bytes
|
|
of the XPM file header.
|
|
* Compliles clean using GCC 9.
|
|
* Python scripts related to the build (enabled by --enable-maintainer-mode)
|
|
are now compatible with Python 3.
|
|
* Now supports using Google gperftools tcmalloc library for the memory
|
|
allocator. This improves performance for certain repetitive work-loads
|
|
and heavily-threaded algorithms.
|
|
* Configure now reports the status of zstd (FaceBook Zstandard)
|
|
compression in its configuration summary.
|
|
* TclMagick: Address many issues mentioned by SourceForge issue #420
|
|
"TclMagick issues and patch".
|
|
* PNG: Post-processing to convert the image type in the PNG reader based
|
|
on a specified magick prefix string is now disabled. This can (and
|
|
should) be done after the image has been returned.
|
|
* Trace Logging: The compiled-in logging default is always to stderr,
|
|
which may be over-ridden using log.mgk as soon as it is loaded.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 8 15:00:02 UTC 2019 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.33
|
|
* It has been discovered that the 'ICU' library (a perhaps 30MB C++
|
|
library) which is now often a libxml2 dependendency causes huge
|
|
process initialization overhead. This is noticed as unexpected
|
|
slowness when GraphicsMagick utilities are used to process small to
|
|
medium sized files. The time to initialize is often longer than the
|
|
time to read the input file, process the image, and write the output
|
|
file. If the 'ICU' dependency can not be avoided, then make sure to
|
|
use the modules build. Please lobby the 'ICU' library developers to
|
|
change their implementation to avoid long start-up times due to
|
|
merely linking with the library.
|
|
* GraphicsMagick is now participating in Google's oss-fuzz project due
|
|
to the contributions and assistance of Alex Gaynor. Since February 4
|
|
2018, 353 issues have been opened by oss-fuzz and 338 of those
|
|
issues have been resolved. The issues list is available at
|
|
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
|
|
"graphicsmagick". Issues are available for anyone to view and
|
|
duplicate if they have been in "Verified" status for 30 days, or if
|
|
they have been in "New" status for 90 days. There are too many
|
|
fixes to list here. Please consult the GraphicsMagick ChangeLog
|
|
file, Mercurial repository commit log, and the oss-fuzz issues list
|
|
for details.
|
|
* Documentation has been added regarding security hazards due to
|
|
commands which support a '@filename' syntax.
|
|
* MontageImages(): Fix wrong length argument to strlcat() when
|
|
building montage directory, which could allow heap overwrite.
|
|
* PNG: Pass correct size value to strlcat() in module registration
|
|
code. This bug is noticed to cause problems for Apple's OS X and
|
|
Linux Alpine with musl libc. This fixes a regression introduced by
|
|
the 1.3.32 release.
|
|
* Re-implement command-line utility `'@'` file inclusion support for
|
|
`-comment`, `-draw`, `-format`, and `-label` which was removed for
|
|
the 1.3.32 release. The new implementation is isolated to
|
|
command-line utility implementation code rather than being deeply
|
|
embedded in the library and exposed in other usage contexts. This
|
|
fixes a regression introduced by the 1.3.32 release.
|
|
* CAPTION: The The CAPTION reader did not appear to work at all any
|
|
more. Now it works again, but still not very well.
|
|
* MagickXDisplayImage(): Fix heap overwrite of windows->image.name and
|
|
windows->image.icon_name buffers. This bug has surely existed since
|
|
early GraphicsMagick releases.
|
|
* MagickXAnimateImages(): Fix memory leak of scene_info.pixels.
|
|
* AcquireTemporaryFileDescriptor(): Fix compilation under Cygwin. This
|
|
fixes a regression introduced by the 1.3.32 release.
|
|
* PNG: Fix saving to palette when mage has an alpha channel but no
|
|
color is marked as transparent.
|
|
* Compilation warnings in the Visual Studio WIN64 build due to the
|
|
'long' type being only 32-bits have been addressed.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 21 12:58:44 UTC 2019 - pgajdos@suse.com
|
|
|
|
- drop JPEG2000 support [bsc#1144240]
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 15 21:35:15 UTC 2019 - Stefan Brüns <stefan.bruens@rwth-aachen.de>
|
|
|
|
- Cleanup BuildRequires:
|
|
* Remove ghostscript-library (support removed upstream)
|
|
* Use ghostscript-mini (sufficient for path and feature detection)
|
|
instead of full ghostscript (implicitly added by ghostscript-library)
|
|
* Remove ghostscript-fonts-other (unused).
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 18 08:36:44 UTC 2019 - pgajdos@suse.com
|
|
|
|
- version update to 1.3.32
|
|
New Features:
|
|
* Added support for writing the Braille image format (by Samuel
|
|
Thibault).
|
|
* WebP writer: Support WebP 'use_sharp_yuv' option ("if needed, use
|
|
sharp (and slow) RGB->YUV conversion") via `-define
|
|
webp:use-sharp-yuv=true`.
|
|
* The version command output now reports the OpenMP specification
|
|
number rather than just the integer version identifier.
|
|
API Updates:
|
|
* ReallocateImageColormap() added to re-allocate an existing colormap.
|
|
* Some improperly-exposed globals are now static as they should have
|
|
been.
|
|
* The 'benchmark' command now shows 6 digits (microseconds) of elapsed
|
|
time indication.
|
|
* The 'time' command now shows 6 digits (microseconds) of elapsed time
|
|
indication.
|
|
* The logging facility now shows 6 digits (microseconds) of time
|
|
resolulution
|
|
* Dcraw: When QuantumDepth is greater than 8, pass -6 option to dcraw
|
|
so that it returns a 16-bit/sample image.
|
|
* Dcraw: If Dcraw supports TIFF format, then request TIFF format in
|
|
order to be able to acquire more metatdata.
|
|
* Scale algorithm: Eliminate artifacts when scaling an image with
|
|
semi-transparent pixels.
|
|
* Library metrics: The number of shared library relocations and the
|
|
amount of initialized data has been signficantly reduced by
|
|
following recommendations from Ulrich Drepper's document `How To
|
|
Write Shared Libraries <https://akkadia.org/drepper/dsohowto.pdf>`_.
|
|
(Security) Bug Fixes:
|
|
* see NEWS.txt
|
|
* fixes [bsc#1138425]
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 19 15:37:55 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
|
|
|
|
- asan_build: build ASAN included
|
|
- debug_build: build more suitable for debugging
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 19 10:08:13 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
|
|
|
|
- update to 1.3.31:
|
|
Special Issues:
|
|
* Firmware and operating system updates to address the Spectre
|
|
vulnerability (and possibly to some extent the Meltdown
|
|
vulnerability) have substantially penalized GraphicsMagick's OpenMP
|
|
performance. Performance is reduced even with GCC 7 and 8's
|
|
improved optimizers. There does not appear to be anything we can do
|
|
about this.
|
|
|
|
Security Fixes:
|
|
* GraphicsMagick is now participating in Google's oss-fuzz project due
|
|
to the contributions and assistance of Alex Gaynor.
|
|
|
|
Bug fixes:
|
|
* See above note about oss-fuzz fixes.
|
|
* CINEON: Fix unexpected hang on a crafted Cineon image. SourceForge
|
|
issue 571.
|
|
* Drawing recursion is limited to 100 and may be tuned via the
|
|
MAX_DRAWIMAGE_RECURSION pre-processor definition.
|
|
* Fix reading MIFF files using legacy keyword 'color-profile' for ICC
|
|
color profile as was used by ImageMagick 4.2.9.
|
|
* Fix reading/writing files when 'magick' is specified in lower case.
|
|
This bug was a regression in 1.3.30.
|
|
|
|
New Features:
|
|
* TIFF: Support Zstd compression in TIFF. This requires libtiff
|
|
4.0.10 or later.
|
|
* TIFF: Support WebP compression in TIFF. This requires libtiff
|
|
4.0.10 or later.
|
|
|
|
API Updates:
|
|
* MagickMonitor() is marked as deprecated.
|
|
- see NEWS.txt for more details
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 22 12:50:39 UTC 2018 - pgajdos@suse.com
|
|
|
|
- disable PS, PS2, PS3 and PDF coders by default, remove gs calls
|
|
from delegates.mgk [bsc#1105592]
|
|
+ GraphicsMagick-disable-insecure-coders.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 3 12:32:58 UTC 2018 - idonmez@suse.com
|
|
|
|
- update to 1.3.30:
|
|
* Security Fixes:
|
|
. GraphicsMagick is now participating in Google's oss-fuzz project due
|
|
to the contributions and assistance of Alex Gaynor. Since February 4
|
|
2018, 238 issues have been opened by oss-fuzz and 230 of those
|
|
issues have been resolved. The issues list is available at
|
|
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
|
|
"graphicsmagick". Issues are available for anyone to view and
|
|
duplicate if they have been in "Verified" status for 30 days, or if
|
|
they have been in "New" status for 90 days. There are too many
|
|
fixes to list here. Please consult the GraphicsMagick ChangeLog
|
|
file, Mercurial repository commit log, and the oss-fuzz issues list
|
|
for details.
|
|
. SVG/Rendering: Fix heap write overflow of PrimitiveInfo and
|
|
PointInfo arrays. This is another manefestation of CVE-2016-2317,
|
|
which should finally be fixed correctly due to active
|
|
detection/correction of pending overflow rather than using
|
|
estimation.
|
|
* Bug fixes:
|
|
. Many oss-fuzz fixes are bug fixes.
|
|
. Drawing/Rendering: Many more fixes by Gregory J Wolfe (see the ChangeLog).
|
|
. MIFF: Detect end of file while reading image directory.
|
|
. SVG: Many more fixes by Gregory J Wolfe (see the ChangeLog).
|
|
. The AlphaCompositePixel macro was producing wrong results when the
|
|
output alpha value was not 100% opaque. This is a regression
|
|
introduced in 1.3.29.
|
|
. TILE: Fix problem with tiling JPEG images because the size request
|
|
used by the TILE algorithm was also causing re-scaling in the JPEG
|
|
reader. The problem is solved by stripping the size request before
|
|
reading the image.
|
|
|
|
* API Updates:
|
|
. The size of PrimitiveInfo (believed to be an internal/private
|
|
structure but in a header which is installed, has been increased to
|
|
store a 'flags' argument. This is intended to be an internal
|
|
interface but but may be detected as an ABI change.
|
|
|
|
* Behavior Changes:
|
|
. JPEG: The JPEG reader now allows 3 warnings of any particular type
|
|
before giving up on reading and throwing an exception. This choice
|
|
was made after observing files which produce hundreds of warnings
|
|
and consume massive amounts of memory before reading the image data
|
|
has even started. It is currently unknown how many files which were
|
|
previously accepted will be rejected by default. The number of
|
|
allowed warnings may be adjusted using '-define
|
|
jpeg:max-warnings=<value>'. The default limit will be adjusted
|
|
based on reported user experiences and may be adjusted prior to
|
|
compilation via the MaxWarningCount definition in coders/jpeg.c.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 23 08:34:17 UTC 2018 - pgajdos@suse.com
|
|
|
|
- update to 1.3.29:
|
|
* Security Fixes:
|
|
. GraphicsMagick is now participating in Google's oss-fuzz project
|
|
. JNG: Require that the embedded JPEG image have the same dimensions
|
|
as the JNG image as provided by JHDR. Avoids a heap write overflow.
|
|
. MNG: Arbitrarily limit the number of loops which may be requested by
|
|
the MNG LOOP chunk to 512 loops, and provide the '-define
|
|
mng:maximum-loops=value' option in case the user wants to change the
|
|
limit. This fixes a denial of service caused by large LOOP
|
|
specifications.
|
|
* Bug fixes:
|
|
. DICOM: Pre/post rescale functions are temporarily disabled (until
|
|
the implementation is fixed).
|
|
. JPEG: Fix regression in last release in which reading some JPEG
|
|
files produces the error "Improper call to JPEG library in state
|
|
201".
|
|
. ICON: Some DIB-based Windows ICON files were reported as corrupt to
|
|
an unexpectedly missing opacity mask image.
|
|
. In-memory Blob I/O: Don't implicitly increase the allocation size
|
|
due to seek offsets.
|
|
. MNG: Detect and handle failure to allocate global PLTE. Fix divide
|
|
by zero.
|
|
. DrawGetStrokeDashArray(): Check for failure to allocate memory.
|
|
. BlobToImage(): Now produces useful exception reports to cover the
|
|
cases where 'magick' was not set and the file format could not be
|
|
deduced from its header.
|
|
* API Updates:
|
|
. Wand API: Added MagickIsPaletteImage(), MagickIsOpaqueImage(),
|
|
MagickIsMonochromeImage(), MagickIsGrayImage(), MagickHasColormap()
|
|
based on contributions by Troy Patteson.
|
|
. New structure ImageExtra added and Image 'clip_mask' member is
|
|
replaced by 'extra' which points to private ImageExtra allocation.
|
|
The ImageGetClipMask() function now provides access to the clip mask
|
|
image.
|
|
. New structure DrawInfoExtra and DrawInfo 'clip_path' is replaced by
|
|
'extra' which points to private DrawInfoExtra allocation. The
|
|
DrawInfoGetClipPath() function now provides access to the clip path.
|
|
. New core library functions: GetImageCompositeMask(),
|
|
CompositeMaskImage(), CompositePathImage(), SetImageCompositeMask(),
|
|
ImageGetClipMask(), ImageGetCompositeMask(), DrawInfoGetClipPath(),
|
|
DrawInfoGetCompositePath()
|
|
. Deprecated core library functions: RegisterStaticModules(),
|
|
UnregisterStaticModules().
|
|
* Feature improvements:
|
|
. Static modules (in static library or shared library without
|
|
dynamically loadable modules) are now lazy-loaded using the same
|
|
external interface as the lazy-loader for dynamic modules. This
|
|
results in more similarity between the builds and reduces the fixed
|
|
initialization overhead by only initializing the modules which are
|
|
used.
|
|
. SVG: The quality of SVG support has been significantly improved due
|
|
to the efforts of Greg Wolfe.
|
|
. FreeType/TTF rendering: Rendering fixes for opacity.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 20 18:23:41 UTC 2018 - crrodriguez@opensuse.org
|
|
|
|
- Add explicit buildrequires on: pkgconfig(libwebpmux),
|
|
pkgconfig(libpng), pkgconfig(x11), pkgconfig(xext),
|
|
pkgconfig(zlib), libjpeg-devel. all
|
|
of them direct build dependencies but not included in
|
|
the spec file
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 24 10:30:22 UTC 2018 - pgajdos@suse.com
|
|
|
|
- update to 1.3.28:
|
|
* Security Fixes:
|
|
BMP: Fix non-terminal loop due to unexpected bit-field mask
|
|
value (DOS opportunity).
|
|
PALM: Fix heap buffer underflow in builds with QuantumDepth=8.
|
|
SetNexus() Fix heap overwrite under certain conditions due to
|
|
using a wrong destination buffer. This issue impacts all
|
|
1.3.X releases.
|
|
TIFF: Fix heap buffer read overflow in LocaleNCompare() when
|
|
parsing NEWS profile.
|
|
* Bug fixes:
|
|
DescribeImage(): Eliminate possible use of null pointer.
|
|
GIF: Fix memory leak of global colormap in error path.
|
|
GZ: Writing to gzip files with the extension ".gz" was
|
|
not working with Zlib 1.2.8.
|
|
JNG: Fix buffer read overflow (a tiny fixed overflow of just
|
|
one byte).
|
|
JPEG: Promoting certain libjpeg warnings to errors caused
|
|
much more problems than expected. The promotion of
|
|
warnings to errors is removed. Claimed pixel dimensions
|
|
are validated by file size before allocating memory for
|
|
the pixels.
|
|
IntegralRotateImage(): Assure that reported error in rotate by
|
|
270 case does immediately terminate processing.
|
|
MNG: Fix possible null pointer reference related to DEFI chunk
|
|
parsing. Fix minor heap read overflow (constrained to just
|
|
one byte) due to an ordering issue in a limit check. Fix
|
|
memory leaks in error path.
|
|
WebP: Fix stack buffer overflow in WriteWEBPImage() which
|
|
occurs with libwebp 0.5.0 or newer due to a structure type
|
|
change in the structure passed to the progress monitor
|
|
callback.
|
|
WPG: Memory leaks fixed.
|
|
* API Updates:
|
|
InterpolateViewColor(): This function now returns MagickPassFail
|
|
(an unsigned int) rather than void so that errors can be
|
|
efficiently reported.
|
|
The magick/pixel_cache.h header is updated to add deprecation
|
|
attributes such that code using GetPixels(), GetIndexes(),
|
|
and GetOnePixel() will produce deprecation warnings for
|
|
compilers which support them. These functions will not be
|
|
removed in the 1.3.X release series and when they are
|
|
removed, pre-processor macros will be added so a replacement
|
|
function is used instead. There is a long-term objective to
|
|
eliminate functionally-redundant pixel cache functions to
|
|
only the ones with the best properties since this reduces
|
|
maintenance and may reduce the depth of the call stack
|
|
(improving performance).
|
|
* removed unneded GraphicsMagick-release-date-missing-quote.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 10 11:42:53 UTC 2018 - pgajdos@suse.com
|
|
|
|
- update to 1.3.27:
|
|
* New Features:
|
|
. PNG: Implemented eXIf chunk support.
|
|
. WEBP: Add support for EXIF and ICC metadata provided that at
|
|
least libwebp 0.5.0 is used.
|
|
. Magick++ Image autoOrient(): New Image method to auto-orient an
|
|
image so it looks right-side up by default.
|
|
* Behavior Changes:
|
|
. PALM: PALM writer is disabled.
|
|
. ThrowLoggedException(): Capture the first exception
|
|
at ErrorException level or greater, or only capture exception
|
|
if it is more severe than an already reported exception.
|
|
. DestroyJNG(): This internal function is now declared static
|
|
and is removed from shared library or DLL namespace.
|
|
* lot of security and other bug fixes, see
|
|
https://sourceforge.net/projects/graphicsmagick/files/graphicsmagick/1.3.27/
|
|
- added GraphicsMagick-release-date-missing-quote.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 19 13:21:49 UTC 2017 - pgajdos@suse.com
|
|
|
|
- builds for sle11
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 11 09:57:00 UTC 2017 - pgajdos@suse.com
|
|
|
|
- fix perl bindings
|
|
+ GraphicsMagick-perl-linkage.patch from fedora
|
|
- turn on perl test suite
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 24 20:52:03 UTC 2017 - jengelh@inai.de
|
|
|
|
- Trim descriptions. Redo summaries and RPM groups.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 21 08:47:35 UTC 2017 - tchvatal@suse.com
|
|
|
|
- Drop patches not meintioned in the changelog ever:
|
|
* GraphicsMagick-debian-fixed.patch
|
|
* GraphicsMagick-include.patch
|
|
* GraphicsMagick-perl-link.patch
|
|
* The package builds just fine without them and there is no
|
|
refference explaining it
|
|
- Convert the deps to pkgconfig variants where possible.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 21 08:29:03 UTC 2017 - tchvatal@suse.com
|
|
|
|
- Version update to 1.3.26:
|
|
* DPX: Fix excessive use of memory (DOS issue) due to file header
|
|
claiming large image dimensions but insufficient backing
|
|
data. (CVE-2017-10799 bsc#1047054).
|
|
* JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350).
|
|
* MAT: Fix excessive use of memory (DOS issue) due to continuing
|
|
processing with insufficient data and claimed large image
|
|
size. Verify each file extent to make sure that it is within range
|
|
of file size. (CVE-2017-10800 bsc#1047044).
|
|
* META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800).
|
|
* PCX: Fix denial of service issue.
|
|
* RLE: Fix abnomally slow operation (denial of service issue) with
|
|
intentionally corrupt colormapped file.
|
|
* PICT: Fix possible buffer overflow vulnerability given suitably
|
|
truncated input file.
|
|
* PNG: Enforce spec requirement that the dimensions of the JPEG
|
|
embedded in a JDAT chunk must match the JHDR dimensions
|
|
(CVE-2016-9830).
|
|
* PNG: Avoid NULL dereference when MAGN chunk processing fails.
|
|
* SCT: Fix stack-buffer read overflow (underflow?) while reading SCT
|
|
header.
|
|
* SGI: Fix denial of service issues. Delay large memory allocations
|
|
until file header has fully passed sanity checks.
|
|
* TIFF: Fix out of bounds read when reading CMYKA TIFF which claims to
|
|
have only 2 samples per pixel (CVE-2017-6335 bsc#1027255).
|
|
* TIFF: Fix out of bounds read when reading RGB TIFF which claims to
|
|
have only 1 sample per pixel (CVE-2017-10794).
|
|
* WPG: Fix heap overflow (CVE-2016-7996). Fix assertion crash
|
|
(CVE-2016-7997).
|
|
* DifferenceImage(): Fix Fix all-black difference image if an input
|
|
file is colormapped.
|
|
* EXIF orientation was not being properly detected for some files.
|
|
* -frame: The `import` command -frame handling was improperly
|
|
implemented and was using already freed data.
|
|
* GIF: Fixes for "Excessive LZW string data" problem.
|
|
* Magick++: Bug fixes to PathSmoothCurvetoRel::operator() and
|
|
PathSmoothCurvetoRel::operator().
|
|
* PAM: Support writing GRAYSCALE PAM format.
|
|
* PNG: Fix memory leaks.
|
|
* SVG: Fixed a memory leak. Fixed a possible null pointer dereference.
|
|
* TclMagick: Problem that TkMagick could not resolve functions from
|
|
TclMagick under Linux is fixed.
|
|
* TclMagick: Fix parser validatation in magickCmd() to avoid crash
|
|
given a syntax error.
|
|
* TIFF: Fix for reading old JPEG files (avoids "Improper call to JPEG
|
|
library in state 0. (LibJpeg).").
|
|
* TXT: Fixed memory leak.
|
|
* XCF: Error checking is improved.
|
|
* EXIF rotation: Support is added such that the EXIF orientation tag
|
|
is updated when the image is rotated.
|
|
* MAT: Now support reading multiple images from Matlab V4 format.
|
|
* Magick++: Orientation method now updates orientation in EXIF
|
|
profile, if it exists.
|
|
* Magick++: Added Image attribute method which accepts a 'char *'
|
|
argument, and will remove the attribute if the value argument is
|
|
NULL.
|
|
* -orient: The -orient command line option now also updates the
|
|
orientation in the EXIF profile, if it exists.
|
|
* PGX: Support PGX JPEG 2000 format for reading and writing (within
|
|
the bounds of what JasPer supports).
|
|
* Wand API: Added MagickAutoOrientImage(),
|
|
MagickGetImageOrientation(), MagickSetImageOrientation(),
|
|
MagickRemoveImageOption(), and MagickClearException().
|
|
- Drop merged patch GraphicsMagick-CVE-2017-8350.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 26 06:49:55 UTC 2017 - pgajdos@suse.com
|
|
|
|
- complementary fix for CVE-2017-8350 [bsc#1036985 c13-c21]
|
|
* GraphicsMagick-CVE-2017-8350.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 26 09:01:33 UTC 2016 - pgajdos@suse.com
|
|
|
|
- update to 1.3.25:
|
|
* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
|
|
overflow in EscapeParenthesis() used in the text annotation code.
|
|
While not being able to reproduce the issue, the implementation of
|
|
this function is completely redone.
|
|
* Utah RLE: Reject truncated/absurd files which caused huge memory
|
|
allocations and/or consumed huge CPU. Problem was reported by
|
|
Agostino Sarubbo based on testing with AFL.
|
|
* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
|
|
the MVG rendering code (also impacts SVG).
|
|
* TIFF: Fix heap buffer read overflow while copying sized TIFF
|
|
attributes. Problem was reported by Agostino Sarubbo based on
|
|
testing with AFL.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 23 11:54:26 UTC 2016 - meissner@suse.com
|
|
|
|
- Build "gm" as position independend executable (PIE).
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 6 09:22:05 UTC 2016 - pgajdos@suse.com
|
|
|
|
- updated to 1.3.24:
|
|
* many security related changes (incl. CVE-2016-5118), see
|
|
ChangeLog
|
|
- removed patches:
|
|
* GraphicsMagick-CVE-2016-5118.patch
|
|
* GraphicsMagick-upstream-delegates-safer.patch
|
|
* GraphicsMagick-upstream-disable-mvg-ext.patch
|
|
* GraphicsMagick-upstream-disable-tmp-magick-prefix.patch
|
|
* GraphicsMagick-upstream-image-sanity-check.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 30 14:19:50 UTC 2016 - pgajdos@suse.com
|
|
|
|
- security update:
|
|
* CVE-2016-5118 [bsc#982178]
|
|
+ GraphicsMagick-CVE-2016-5118.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 9 12:35:32 UTC 2016 - sflees@suse.de
|
|
|
|
- Multiple security issues in GraphicsMagick/ImageMagick [boo#978061]
|
|
(CVE-2016-3714, CVE-2016-3718, CVE-2016-3715, CVE-2016-3717)
|
|
* GraphicsMagick-upstream-delegates-safer.patch
|
|
* GraphicsMagick-upstream-disable-mvg-ext.patch
|
|
* GraphicsMagick-upstream-disable-tmp-magick-prefix.patch
|
|
* GraphicsMagick-upstream-image-sanity-check.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Nov 8 12:53:03 UTC 2015 - dmitry_r@opensuse.org
|
|
|
|
- Update to version 1.3.23
|
|
* See included NEWS.txt for details
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 5 20:09:55 UTC 2015 - dmitry_r@opensuse.org
|
|
|
|
- Update to version 1.3.22
|
|
* See included NEWS.txt for details
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Mar 21 11:41:22 UTC 2015 - dmitry_r@opensuse.org
|
|
|
|
- Update to version 1.3.21
|
|
* See included NEWS.txt for details
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 17 06:18:26 UTC 2014 - dmitry_r@opensuse.org
|
|
|
|
- Move library configuration files to separated package
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 16 07:24:18 UTC 2014 - dmitry_r@opensuse.org
|
|
|
|
- Fix devel package dependencies
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Sep 13 07:21:37 UTC 2014 - dmitry_r@opensuse.org
|
|
|
|
- Update to version 1.3.20
|
|
* See included NEWS.txt for details
|
|
- Enable quantum depth in shared library names
|
|
- Enable bzip2, jbig, webp support
|
|
- Use LCMSv2
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 25 08:43:01 UTC 2014 - dmitry_r@opensuse.org
|
|
|
|
- Fix quantum depth in package description
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 2 09:43:18 UTC 2014 - pgajdos@suse.com
|
|
|
|
- updated to 1.3.19:
|
|
* EPT: Fix crash observed when Ghostscript fails to produce useful
|
|
output. This was particularly noticeable when Ghostscript was not
|
|
installed. This crash could be used to cause denial of service.
|
|
* PNG: With libpng 1.6.X, avoid a crash while copying a PNG with a
|
|
"known incorrect ICC profile". This crash could be used to cause
|
|
denial of service.
|
|
* etc. see NEWS.txt
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 15 13:32:17 UTC 2013 - pgajdos@suse.com
|
|
|
|
- set quantum depth to 16 [bnc#828380]
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 12 07:06:04 UTC 2013 - pgajdos@suse.com
|
|
|
|
- updated to 1.3.18:
|
|
* Due to `GCC bug 53967`_, several key agorithms (e.g. convolution)
|
|
may execute much faster (e.g. 2-3X) for x86-64 and/or when SSE is
|
|
enabled for floating point math (`-mfpmath=sse`) if the GCC option
|
|
`-frename-registers` is used. Default 32-bit builds do not
|
|
experience the problem since they use '387 math. It is not clear
|
|
in what version of GCC this problem started but it was not noticed
|
|
by the developers until the GCC 4.6 timeframe. Other compilers do
|
|
not suffer from this bug.
|
|
* Fixed bug with format substitutions if input string ends with a
|
|
single '%'.
|
|
* BMP: Fixed an old bug with decoding chromaticity primaries.
|
|
* PNG: Fixed reading of interlaced images. Fix reading of sub-8-bit
|
|
palette and grayscale images. Some PNG sub-formats were written
|
|
incorrectly. Fix crash in PNG8 writer if image colors happened to
|
|
be non-zero but image was not actually colormapped.
|
|
* PNG: Configure script now also searches for libpng versions 16 and
|
|
17.
|
|
* TIFF: Fix a crash which was noticed when writing RGBA separated
|
|
(planar) format.
|
|
* `--enable-symbol-prefix` was not prefixing all of the C
|
|
symbols. Some core C library functions were not prefixed. This
|
|
option applies to the Wand library API as well now.
|
|
* C API: When input is from a user-provided file descriptor, the
|
|
file position is restored after reading the file header bytes.
|
|
Previously the file position was rewound to the beginning of the
|
|
file. This allows reading embedded image data from the current
|
|
offset in a file, and allows continuing to use the stream after
|
|
GraphicsMagick has returned the image.
|
|
* C API: It is now possible to invoke CloseBlob() multiple times.
|
|
* etc. see NEWS.txt
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 15 07:13:56 UTC 2012 - pgajdos@suse.com
|
|
|
|
- updated to 1.3.17:
|
|
* PNG: Fix for CVE-2012-3438. The Magick_png_malloc function in
|
|
coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper
|
|
variable type for the allocation size, which might allow remote
|
|
attackers to cause a denial of service (crash) via a crafted PNG
|
|
file that triggers incorrect memory allocation.
|
|
* PNG: Reading sub-8-bit palette images is fixed (images looked
|
|
stretched).
|
|
* SVG: Fixed bug which allowed MVG and SVG files with long vector
|
|
paths to crash the software.
|
|
* SVG: Ignore XML headers rather than rendering them as text.
|
|
* MVG/SVG/WMF/-draw: It is now possible to draw a plain ','
|
|
character.
|
|
* etc., see NEWS.txt
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 31 09:01:37 UTC 2012 - pgajdos@suse.com
|
|
|
|
- fixed PerlMagick/Makefile.PL.in [bnc#771540]
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 25 08:29:04 UTC 2012 - pgajdos@suse.com
|
|
|
|
- updated to 1.3.16:
|
|
Security Fixes:
|
|
* Don't translate 'comment' and 'label' attributes if the request is
|
|
made while a file is being read. Only translate such attributes
|
|
if they come from the command line or API user.
|
|
Bug fixes:
|
|
* SWT: SWT reader suffered from a number of implementation errors
|
|
which caused it not to work any more. Works again.
|
|
* XBM: Fix memory leak observed when reading file in 'ping' mode.
|
|
* Support -trim on images which use a consistent (single color)
|
|
transparent background. In this case, trim is done based on
|
|
opacity rather than foreground color.
|
|
* Include <sys/types.h> in order to assure that 'size_t' and
|
|
'ssize_t' are declared. This is necessary since
|
|
MagickExtentImage() uses these types as part of its definition.
|
|
* +repage was not working because parser was insisting that it
|
|
should include an argument.
|
|
(i.e. multiplying rather than dividing).
|
|
* PerlMagick: Fix compilation with Perl 5.16.
|
|
* PingBlob(): PingBlob was not working for all cases. Is now based
|
|
on BlobToImage() for assured reliability.
|
|
Feature improvements:
|
|
* MAT: Animated movies inside 4D matrices are loaded now.
|
|
* PDF: File base name is used as the document title.
|
|
* PNG: Fix issues observed specifically with libpng 1.5.10.
|
|
Performance Improvements:
|
|
* Pixel iterators should be more efficient now if the image uses a
|
|
file-backed cache.
|
|
* Motion blur algorithm does scale well as cores are added so
|
|
include OpenMP support for it by default.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 4 08:50:13 UTC 2012 - pgajdos@suse.com
|
|
|
|
- added PerlMagick/typemap to build module with perl 5.16; to be
|
|
removed for 1.4.0
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 2 08:59:10 UTC 2012 - pgajdos@suse.com
|
|
|
|
- updated to 1.3.15:
|
|
Bug fixes:
|
|
* PNG - fixed problem with bit depth when the encoder decides to
|
|
write RGBA instead of indexed PNG.
|
|
* Fixed some temporary file leaks which were caused by the temporary
|
|
file name being automatically extended to include a scene number,
|
|
and therefore fail to be deleted.
|
|
New Features:
|
|
* Added '+noise random' and '-operator noise-random' to 'convert'
|
|
and 'mogrify'. This modulates the existing image data with
|
|
uniformely random noise.
|
|
* Added -strip option in composite, convert, mogrify, and montage to
|
|
remove all profiles and text attributes from the image.
|
|
* Added -repage option to composite, convert, mogrify, and montage
|
|
subcommands to reset or adjust the current image page offsets
|
|
based on a provided geometry specification.
|
|
* New C function StripImage() to remove all profiles and text
|
|
attributes from the image.
|
|
* New C function ResetImagePage() to adjust the current image page
|
|
canvas and position based on a relative page specification.
|
|
* C functions GenerateDifferentialNoise(), AddNoiseImageChannel(),
|
|
QuantumOperatorRegionImage(), AddNoiseImage() updated to support
|
|
RandomNoise enumeration.
|
|
* New C++ Image method strip(), and unary function stripImage() to
|
|
remove all profiles and text attributes from the image.
|
|
* XCF format now respects image subimage and subrange members so
|
|
that returned image layers may be selected.
|
|
* The INFO coder (e.g. output file "info:-") now respects the
|
|
-format option so that its output may be adjusted identically to
|
|
how -format works for 'identify'.
|
|
* TclMagick now supports Random noise.
|
|
Feature improvements:
|
|
* C function ThumbnailImage() now allows the user to override the
|
|
filter used, but still defaults to using the box filter.
|
|
Behavior Changes:
|
|
* No longer add a printf-style scene formatting specification to
|
|
filenames which do not have one and no longer automatically
|
|
operate in 'adjoin' mode in such cases. If multiple numbered
|
|
files are intended to be output, then add +adjoin to the command
|
|
line and use an output filename specification similar to
|
|
"image-%d.jpg". Output files are now completely specified and
|
|
predictable but this may break some existing usages which
|
|
anticipate the automatic file numbering.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 27 08:05:20 UTC 2012 - pgajdos@suse.com
|
|
|
|
- updated to 1.3.14:
|
|
Bug fixes:
|
|
* TGA format: Assume that 32-bit TGA files have an alpha channel,
|
|
even if they are not marked as such.
|
|
* XCF format: Fix reading XCF which is comprised of different sized
|
|
layers.
|
|
* JPEG & CineonLog: Convert RGB-compatible colorspaces
|
|
(e.g. CineonLog) to RGB by default since that was the case prior
|
|
to release 1.3.13.
|
|
* RAW formats: Small memory leak in dcraw module was fixed.
|
|
* Resize: ResizeImage() was ignoring its resize filter argument and
|
|
was using the filter setting from the Image structure instead.
|
|
* The mirror virtual pixel method was broken.
|
|
New Features:
|
|
* Open64 Compiler Suite: Version 5.0 is fully supported.
|
|
* Wand API: Added MagickExtentImage().
|
|
* MEF RAW: Mamiya Photo RAW "MEF" format is now supported.
|
|
Feature improvements:
|
|
* DPX format: Original file endianness is preserved by default.
|
|
Performance Improvements:
|
|
* Despeckle algorithm (-despeckle) is many times faster.
|
|
Behavior Changes:
|
|
* DPX format: Original file endianness is preserved by default.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Dec 27 09:30:07 UTC 2011 - pgajdos@suse.com
|
|
|
|
- updated to 1.3.13:
|
|
* In I/O blob, don't rewind already open file handle passed to
|
|
OpenBlob() since we don't know the intended state of this file
|
|
handle, and because it prevents appending to an existing file.
|
|
* In AppendImageProfile(), don't leak profile buffer while appending
|
|
a chunk to an existing profile.
|
|
* Fix deadlock in ClonePixelCache() which was caused by using the
|
|
same semaphore pointer in the source and destination images.
|
|
* etc. see NEWS.txt
|
|
- disabled perl.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 11 11:26:09 CEST 2011 - pgajdos@suse.cz
|
|
|
|
- removed dependency of devel packages on the main package
|
|
[bnc#685755]
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 22 10:11:32 UTC 2010 - neptunia@mail.ru
|
|
|
|
- restoring *-config scripts as in upstream version: their removal
|
|
breaks older software
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Dec 14 16:53:58 UTC 2010 - cristian.rodriguez@opensuse.org
|
|
|
|
- package no longer requires -fno-strict-aliasins
|
|
- fix -devel package dependencies
|
|
- run make check
|
|
- exclude *-config scripts, whatever uses them _must_ use pkgconfig
|
|
to avoid the mess this scripts create.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 12 13:50:07 CEST 2010 - pgajdos@suse.cz
|
|
|
|
- added xorg-x11-fonts as runtime dependency [bnc#619103]
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 9 08:59:09 CET 2010 - pgajdos@suse.cz
|
|
|
|
- updated to version 1.3.12:
|
|
* Filter mode (write to stdout) was completely broken.
|
|
* Should now compile with libpng 1.4.
|
|
* DCX output format is only written on request. Previously the PCX
|
|
coder would automatically switch to DCX format if multiple frames
|
|
would be written.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 23 09:44:42 CET 2010 - pgajdos@suse.cz
|
|
|
|
- updated to version 1.3.11:
|
|
* Fixed array underflow on systems using signed char
|
|
which could result in a program crash due to extended
|
|
characters in filenames or in certain file formats.
|
|
* Fixed array underflow on systems using signed char
|
|
which could result in a program crash due to extended
|
|
characters in filenames or in certain file formats.
|
|
* Added a -thumbnail command to 'convert' and 'mogrify'.
|
|
This is a faster way to scale down the image when
|
|
speed is a primary concern.
|
|
* Added a -extent command to 'convert' and 'mogrify'
|
|
which composites the image on top of a backing
|
|
canvas image of solid color.
|
|
* Added support for -compose to the 'convert' and
|
|
'mogrify', which were documented to support it
|
|
(but did not).
|
|
* Requests for 'Over' and 'Atop' composition are
|
|
converted to a request for the (faster) 'Copy'
|
|
composition when both images are opaque.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 15 11:05:19 CET 2010 - pgajdos@suse.cz
|
|
|
|
- updated to version 1.3.10:
|
|
* +adjoin was not working correctly for the case when only one image
|
|
frame is present. With +adjoin and writing one frame to
|
|
"foo%d.jpg" it was outputting "foo%d.jpg" rather than "foo0.jpg".
|
|
|
|
* When drawing paths, memory allocation for the points was much
|
|
larger than it needed to be (patch by Vladimir Lukianov).
|
|
|
|
* To reiterate the change which first appeared in 1.3.9, there is no
|
|
longer an implicit +adjoin if the output file name happens to
|
|
contain a %d sequence, or there are multiple frames and the output
|
|
file format only supports storing one frame. Specify +adjoin if
|
|
scene number substition is desired in the output file names.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 8 10:22:54 CET 2010 - pgajdos@suse.cz
|
|
|
|
- updated to version 1.3.9:
|
|
* There is no longer an implicit 'adjoin' if an output filename
|
|
contains an apparent scene specification (e.g. foo%02d.tiff) and
|
|
multiple files are not needed to save the image.. It is necessary
|
|
to use +adjoin. For example ``gm convert foo.pdf +adjoin
|
|
%02d.tiff``.
|
|
|
|
* For formats which support multiple frames, output with +adjoing to
|
|
filenames containing a scene specification (e.g. foo%02d.tiff) was
|
|
resulting in wrong output file names.
|
|
|
|
* -flatten now applies the image background color under the first
|
|
image in the list if it is not already opaque.
|
|
|
|
* Fix "double free" error when using gm import -frame.
|
|
|
|
* XPM does not support RGBA color syntax, so return RGB instead.
|
|
|
|
* The display '-update' option was only working in conjunction with
|
|
the '-delay' option with a delay setting of 2 or greater.
|
|
|
|
* -convolve was crashing rather than reporting an error.
|
|
|
|
* Fixed crash if the number of OpenMP threads was reduced from the
|
|
original value via '-limit threads' or omp_set_num_threads().
|
|
|
|
* -blur was not blurring the opacity channel for solid-color images.
|
|
|
|
* Several deleted global string constants are restored with
|
|
deprecated status in order to assure that symbols are not removed
|
|
from the ABI.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 25 10:16:57 CET 2010 - pgajdos@suse.cz
|
|
|
|
- updated to version 1.3.8:
|
|
|
|
Security Fixes:
|
|
|
|
* Fix for CVE-2009-1882 "Integer overflow in the XMakeImage
|
|
function".
|
|
|
|
* Fix lockup due to hanging in loop while parsing malformed
|
|
sub-image specification (SourceForge issue 2886560).
|
|
|
|
* Libltdl: Updated libtool to 2.2.6b in order to fix security issue.
|
|
Resolves CVE-2009-3736 as it pertains to GraphicsMagick.
|
|
|
|
Bug fixes:
|
|
|
|
* -convolve, -recolor: Validate that user-provided matrix is square
|
|
when parsing -convolve and -recolor commands in order to avoid a
|
|
core dump.
|
|
|
|
* CALS: Reading images taller than the image width resulted in a
|
|
failure.
|
|
|
|
* ConstituteImage(), DispatchImage(): 'A' and 'T' should indicate
|
|
transparency and 'O' should indicate opacity. Behavior was
|
|
inconsistent. In some cases 'O' meant transparency while in other
|
|
cases it meant opacity. Also, in a few cases, matte was not
|
|
getting enabled in the image as it should.
|
|
|
|
* DCRAW: Module name was not registered so modules based builds were
|
|
not supporting formats provided via 'dcraw'.
|
|
|
|
* GetOptimalKernelWidth1D(), GetOptimalKernelWidth2D(): In the Q32
|
|
build, convolution kernel size was estimated incorrectly for large
|
|
sigmas on 32-bit systems due to arithmetic overflow. This could
|
|
cause wrong results for -convolve, -blur, -sharpen, and other
|
|
algorithms which use these functions.
|
|
|
|
etc., see NEWS.txt
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 23 17:05:42 CET 2009 - pgajdos@suse.cz
|
|
|
|
- updated to version 1.3.7 (see ChangeLog)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 3 19:09:19 UTC 2009 - coolo@novell.com
|
|
|
|
- updated patches to apply with fuzz=0
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 4 18:38:37 CEST 2009 - pgajdos@suse.cz
|
|
|
|
- updated to 1.2.7:
|
|
- Bug fixes:
|
|
* VID: Eliminate memory leak.
|
|
* montage: Eliminate use of freed memory.
|
|
* delegates.mgk: Fix hang when co-process is invoked.
|
|
* identify: Return comment text of any size.
|
|
* ConvolveImage: Correctly log the convolution kernel used.
|
|
- Feature improvements:
|
|
* Convert: Re-implement -write so that it works in a useful fashion.
|
|
- Performance improvments:
|
|
* TIFF: Ping mode ('identify') is now really fast.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 15 11:35:47 CEST 2008 - nadvornik@suse.cz
|
|
|
|
- renamed libGraphicsMagick1 -> libGraphicsMagick2
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 12 15:05:31 CEST 2008 - nadvornik@suse.cz
|
|
|
|
- updated to 1.2.5
|
|
* many fixes and improvements
|
|
* see NEWS.txt for details
|
|
- renamed libGraphicsMagickWand0 -> libGraphicsMagickWand1
|
|
- renamed libGraphicsMagick++1 -> libGraphicsMagick++2
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 23 15:51:33 CEST 2008 - nadvornik@suse.cz
|
|
|
|
- fixed CVE-2008-1097 PCX buffer overflow [bnc#391366]
|
|
- fixed CVE-2008-1096 XCF Buffer overflow [bnc#391364]
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 11 17:02:23 CET 2008 - nadvornik@suse.cz
|
|
|
|
- updated to 1.1.11:
|
|
* security fixes merged upstream
|
|
* BMP, DIB: Support large files
|
|
* TIFF: Endian option (-endian) now controls TIFF byte endian
|
|
order rather than bit fill order
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 23 17:13:42 CEST 2007 - nadvornik@suse.cz
|
|
|
|
- updated to 1.1.10:
|
|
Bugs Fixed:
|
|
o Image rotate by -90/270 degrees was producing wrong output.
|
|
o In mogrify command, don't remove file name based on random junk in
|
|
memory.
|
|
o Fixed memory leak when reading MPC files.
|
|
o Fixed crash when writing MIFF format and depth is not expected 8/16/32/.
|
|
o In mogrify command, don't leak memory in the case where the image
|
|
file contains multiple frames.
|
|
o Fixed crash in PNG and JPEG coders when the image to be written is
|
|
part of an image list.
|
|
o PNG reader errors are now properly reported to the user.
|
|
o TIFF output can now be written to a pipe or other non-seekable
|
|
destination.
|
|
o Support writing PDF with CCITT compression.
|
|
|
|
Feature Improvements:
|
|
o Added a new 'benchmark' command which can be used to perform
|
|
benchmarking on any other command.
|
|
o Image rotate in clockwise (90 degrees) or counter-clockwise (270
|
|
degrees) direction is now 2-9X faster than before.
|
|
o The -version option now includes a list of supported features.
|
|
|
|
- fixed interger overflows: CVE-2007-4985, CVE-2007-4986,
|
|
CVE-2007-4988 [#327021]
|
|
- fixed to build with GCC 4.3
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 6 16:53:26 CEST 2007 - nadvornik@suse.cz
|
|
|
|
- updated to 1.1.8:
|
|
* security fixes merged upstream
|
|
* a lot of other bugfixes
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 25 13:41:10 CEST 2007 - nadvornik@suse.cz
|
|
|
|
- adjusted to Shared Library Policy:
|
|
* new subpackages libGraphicsMagick1, libGraphicsMagickWand0
|
|
* GraphicsMagick-c++ -> libGraphicsMagick++1
|
|
* GraphicsMagick-c++-devel -> libGraphicsMagick++-devel
|
|
- fixed to build
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 19 14:15:49 CEST 2007 - nadvornik@suse.cz
|
|
|
|
- fixed various crashes on malformed input, including
|
|
CVE-2007-1797 and CVE-2007-1667 [#258253]
|
|
- adjusted BuildRequires for libjasper-devel
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 27 22:49:43 CET 2007 - dmueller@suse.de
|
|
|
|
- reduce buildrequires
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 22 17:32:48 CET 2007 - nadvornik@suse.cz
|
|
|
|
- fixed patch for palm codec CVE-2006-5456 [#215685]
|
|
- fixed palm patch for palm codec [#215685]
|
|
- fixed PerlMagic module library dependencies [#243002]
|
|
- fixed broken code that caused compiler warnings [#243012]
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 16 18:35:03 CET 2006 - dmueller@suse.de
|
|
|
|
- fix c++-devel package requires
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 30 16:27:15 CET 2006 - nadvornik@suse.cz
|
|
|
|
- applied debian patch for CVE-2006-5456, CVE-2006-3743,
|
|
CVE-2006-3744, CAN-2005-0397, CVE-2005-4601
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 21 18:47:45 CEST 2006 - nadvornik@suse.cz
|
|
|
|
- minor adjustments in spec file
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 14 18:20:05 CEST 2006 - lmichnovic@suse.cz
|
|
|
|
- initial version 1.1.7
|
|
|