- update to 1.3.30:
* Security Fixes:
. GraphicsMagick is now participating in Google's oss-fuzz project due
to the contributions and assistance of Alex Gaynor. Since February 4
2018, 238 issues have been opened by oss-fuzz and 230 of those
issues have been resolved. The issues list is available at
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
"graphicsmagick". Issues are available for anyone to view and
duplicate if they have been in "Verified" status for 30 days, or if
they have been in "New" status for 90 days. There are too many
fixes to list here. Please consult the GraphicsMagick ChangeLog
file, Mercurial repository commit log, and the oss-fuzz issues list
for details.
. SVG/Rendering: Fix heap write overflow of PrimitiveInfo and
PointInfo arrays. This is another manefestation of CVE-2016-2317,
which should finally be fixed correctly due to active
detection/correction of pending overflow rather than using
estimation.
* Bug fixes:
. Many oss-fuzz fixes are bug fixes.
. Drawing/Rendering: Many more fixes by Gregory J Wolfe (see the ChangeLog).
. MIFF: Detect end of file while reading image directory.
. SVG: Many more fixes by Gregory J Wolfe (see the ChangeLog).
. The AlphaCompositePixel macro was producing wrong results when the
output alpha value was not 100% opaque. This is a regression
introduced in 1.3.29.
. TILE: Fix problem with tiling JPEG images because the size request
used by the TILE algorithm was also causing re-scaling in the JPEG
reader. The problem is solved by stripping the size request before
reading the image. (forwarded request 627341 from namtrac)
OBS-URL: https://build.opensuse.org/request/show/627347
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=66
- update to 1.3.30:
* Security Fixes:
. GraphicsMagick is now participating in Google's oss-fuzz project due
to the contributions and assistance of Alex Gaynor. Since February 4
2018, 238 issues have been opened by oss-fuzz and 230 of those
issues have been resolved. The issues list is available at
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
"graphicsmagick". Issues are available for anyone to view and
duplicate if they have been in "Verified" status for 30 days, or if
they have been in "New" status for 90 days. There are too many
fixes to list here. Please consult the GraphicsMagick ChangeLog
file, Mercurial repository commit log, and the oss-fuzz issues list
for details.
. SVG/Rendering: Fix heap write overflow of PrimitiveInfo and
PointInfo arrays. This is another manefestation of CVE-2016-2317,
which should finally be fixed correctly due to active
detection/correction of pending overflow rather than using
estimation.
* Bug fixes:
. Many oss-fuzz fixes are bug fixes.
. Drawing/Rendering: Many more fixes by Gregory J Wolfe (see the ChangeLog).
. MIFF: Detect end of file while reading image directory.
. SVG: Many more fixes by Gregory J Wolfe (see the ChangeLog).
. The AlphaCompositePixel macro was producing wrong results when the
output alpha value was not 100% opaque. This is a regression
introduced in 1.3.29.
. TILE: Fix problem with tiling JPEG images because the size request
used by the TILE algorithm was also causing re-scaling in the JPEG
reader. The problem is solved by stripping the size request before
reading the image. (forwarded request 627341 from namtrac)
OBS-URL: https://build.opensuse.org/request/show/627347
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=66
- update to 1.3.30:
* Security Fixes:
. GraphicsMagick is now participating in Google's oss-fuzz project due
to the contributions and assistance of Alex Gaynor. Since February 4
2018, 238 issues have been opened by oss-fuzz and 230 of those
issues have been resolved. The issues list is available at
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
"graphicsmagick". Issues are available for anyone to view and
duplicate if they have been in "Verified" status for 30 days, or if
they have been in "New" status for 90 days. There are too many
fixes to list here. Please consult the GraphicsMagick ChangeLog
file, Mercurial repository commit log, and the oss-fuzz issues list
for details.
. SVG/Rendering: Fix heap write overflow of PrimitiveInfo and
PointInfo arrays. This is another manefestation of CVE-2016-2317,
which should finally be fixed correctly due to active
detection/correction of pending overflow rather than using
estimation.
* Bug fixes:
. Many oss-fuzz fixes are bug fixes.
. Drawing/Rendering: Many more fixes by Gregory J Wolfe (see the ChangeLog).
. MIFF: Detect end of file while reading image directory.
. SVG: Many more fixes by Gregory J Wolfe (see the ChangeLog).
. The AlphaCompositePixel macro was producing wrong results when the
output alpha value was not 100% opaque. This is a regression
introduced in 1.3.29.
. TILE: Fix problem with tiling JPEG images because the size request
used by the TILE algorithm was also causing re-scaling in the JPEG
reader. The problem is solved by stripping the size request before
reading the image.
OBS-URL: https://build.opensuse.org/request/show/627341
OBS-URL: https://build.opensuse.org/package/show/graphics/GraphicsMagick?expand=0&rev=91
- update to 1.3.29:
* Security Fixes:
. GraphicsMagick is now participating in Google's oss-fuzz project
. JNG: Require that the embedded JPEG image have the same dimensions
as the JNG image as provided by JHDR. Avoids a heap write overflow.
. MNG: Arbitrarily limit the number of loops which may be requested by
the MNG LOOP chunk to 512 loops, and provide the '-define
mng:maximum-loops=value' option in case the user wants to change the
limit. This fixes a denial of service caused by large LOOP
specifications.
* Bug fixes:
. DICOM: Pre/post rescale functions are temporarily disabled (until
the implementation is fixed).
. JPEG: Fix regression in last release in which reading some JPEG
files produces the error "Improper call to JPEG library in state
201".
. ICON: Some DIB-based Windows ICON files were reported as corrupt to
an unexpectedly missing opacity mask image.
. In-memory Blob I/O: Don't implicitly increase the allocation size
due to seek offsets.
. MNG: Detect and handle failure to allocate global PLTE. Fix divide
by zero.
. DrawGetStrokeDashArray(): Check for failure to allocate memory.
. BlobToImage(): Now produces useful exception reports to cover the
cases where 'magick' was not set and the file format could not be
deduced from its header.
* API Updates:
. Wand API: Added MagickIsPaletteImage(), MagickIsOpaqueImage(),
MagickIsMonochromeImage(), MagickIsGrayImage(), MagickHasColormap()
based on contributions by Troy Patteson.
OBS-URL: https://build.opensuse.org/request/show/611509
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=65
- update to 1.3.29:
* Security Fixes:
. GraphicsMagick is now participating in Google's oss-fuzz project
. JNG: Require that the embedded JPEG image have the same dimensions
as the JNG image as provided by JHDR. Avoids a heap write overflow.
. MNG: Arbitrarily limit the number of loops which may be requested by
the MNG LOOP chunk to 512 loops, and provide the '-define
mng:maximum-loops=value' option in case the user wants to change the
limit. This fixes a denial of service caused by large LOOP
specifications.
* Bug fixes:
. DICOM: Pre/post rescale functions are temporarily disabled (until
the implementation is fixed).
. JPEG: Fix regression in last release in which reading some JPEG
files produces the error "Improper call to JPEG library in state
201".
. ICON: Some DIB-based Windows ICON files were reported as corrupt to
an unexpectedly missing opacity mask image.
. In-memory Blob I/O: Don't implicitly increase the allocation size
due to seek offsets.
. MNG: Detect and handle failure to allocate global PLTE. Fix divide
by zero.
. DrawGetStrokeDashArray(): Check for failure to allocate memory.
. BlobToImage(): Now produces useful exception reports to cover the
cases where 'magick' was not set and the file format could not be
deduced from its header.
* API Updates:
. Wand API: Added MagickIsPaletteImage(), MagickIsOpaqueImage(),
MagickIsMonochromeImage(), MagickIsGrayImage(), MagickHasColormap()
based on contributions by Troy Patteson.
OBS-URL: https://build.opensuse.org/request/show/611509
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=65
* Security Fixes:
. GraphicsMagick is now participating in Google's oss-fuzz project
. JNG: Require that the embedded JPEG image have the same dimensions
as the JNG image as provided by JHDR. Avoids a heap write overflow.
. MNG: Arbitrarily limit the number of loops which may be requested by
the MNG LOOP chunk to 512 loops, and provide the '-define
mng:maximum-loops=value' option in case the user wants to change the
limit. This fixes a denial of service caused by large LOOP
specifications.
* Bug fixes:
. DICOM: Pre/post rescale functions are temporarily disabled (until
the implementation is fixed).
. JPEG: Fix regression in last release in which reading some JPEG
files produces the error "Improper call to JPEG library in state
201".
. ICON: Some DIB-based Windows ICON files were reported as corrupt to
an unexpectedly missing opacity mask image.
. In-memory Blob I/O: Don't implicitly increase the allocation size
due to seek offsets.
. MNG: Detect and handle failure to allocate global PLTE. Fix divide
by zero.
. DrawGetStrokeDashArray(): Check for failure to allocate memory.
. BlobToImage(): Now produces useful exception reports to cover the
cases where 'magick' was not set and the file format could not be
deduced from its header.
* API Updates:
. Wand API: Added MagickIsPaletteImage(), MagickIsOpaqueImage(),
MagickIsMonochromeImage(), MagickIsGrayImage(), MagickHasColormap()
based on contributions by Troy Patteson.
OBS-URL: https://build.opensuse.org/package/show/graphics/GraphicsMagick?expand=0&rev=89
* Security Fixes:
BMP: Fix non-terminal loop due to unexpected bit-field mask
value (DOS opportunity).
PALM: Fix heap buffer underflow in builds with QuantumDepth=8.
SetNexus() Fix heap overwrite under certain conditions due to
using a wrong destination buffer. This issue impacts all
1.3.X releases.
TIFF: Fix heap buffer read overflow in LocaleNCompare() when
parsing NEWS profile.
* Bug fixes:
DescribeImage(): Eliminate possible use of null pointer.
GIF: Fix memory leak of global colormap in error path.
GZ: Writing to gzip files with the extension ".gz" was
not working with Zlib 1.2.8.
JNG: Fix buffer read overflow (a tiny fixed overflow of just
one byte).
JPEG: Promoting certain libjpeg warnings to errors caused
much more problems than expected. The promotion of
warnings to errors is removed. Claimed pixel dimensions
are validated by file size before allocating memory for
the pixels.
IntegralRotateImage(): Assure that reported error in rotate by
270 case does immediately terminate processing.
MNG: Fix possible null pointer reference related to DEFI chunk
parsing. Fix minor heap read overflow (constrained to just
one byte) due to an ordering issue in a limit check. Fix
memory leaks in error path.
WebP: Fix stack buffer overflow in WriteWEBPImage() which
occurs with libwebp 0.5.0 or newer due to a structure type
OBS-URL: https://build.opensuse.org/package/show/graphics/GraphicsMagick?expand=0&rev=85
- update to 1.3.27:
* New Features:
. PNG: Implemented eXIf chunk support.
. WEBP: Add support for EXIF and ICC metadata provided that at
least libwebp 0.5.0 is used.
. Magick++ Image autoOrient(): New Image method to auto-orient an
image so it looks right-side up by default.
* Behavior Changes:
. PALM: PALM writer is disabled.
. ThrowLoggedException(): Capture the first exception
at ErrorException level or greater, or only capture exception
if it is more severe than an already reported exception.
. DestroyJNG(): This internal function is now declared static
and is removed from shared library or DLL namespace.
* lot of security and other bug fixes, see
https://sourceforge.net/projects/graphicsmagick/files/graphicsmagick/1.3.27/
- added GraphicsMagick-release-date-missing-quote.patch
OBS-URL: https://build.opensuse.org/request/show/563347
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=62
- update to 1.3.27:
* New Features:
. PNG: Implemented eXIf chunk support.
. WEBP: Add support for EXIF and ICC metadata provided that at
least libwebp 0.5.0 is used.
. Magick++ Image autoOrient(): New Image method to auto-orient an
image so it looks right-side up by default.
* Behavior Changes:
. PALM: PALM writer is disabled.
. ThrowLoggedException(): Capture the first exception
at ErrorException level or greater, or only capture exception
if it is more severe than an already reported exception.
. DestroyJNG(): This internal function is now declared static
and is removed from shared library or DLL namespace.
* lot of security and other bug fixes, see
https://sourceforge.net/projects/graphicsmagick/files/graphicsmagick/1.3.27/
- added GraphicsMagick-release-date-missing-quote.patch
OBS-URL: https://build.opensuse.org/request/show/563347
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=62
. PALM: PALM writer is disabled.
. ThrowLoggedException(): Capture the first exception
at ErrorException level or greater, or only capture exception
if it is more severe than an already reported exception.
. DestroyJNG(): This internal function is now declared static
and is removed from shared library or DLL namespace.
OBS-URL: https://build.opensuse.org/package/show/graphics/GraphicsMagick?expand=0&rev=82
- Drop patches not meintioned in the changelog ever:
* GraphicsMagick-debian-fixed.patch
* GraphicsMagick-include.patch
* GraphicsMagick-perl-link.patch
* The package builds just fine without them and there is no
refference explaining it
- Convert the deps to pkgconfig variants where possible.
- Version update to 1.3.26:
* DPX: Fix excessive use of memory (DOS issue) due to file header
claiming large image dimensions but insufficient backing
data. (CVE-2017-10799 bsc#1047054).
* JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350).
* MAT: Fix excessive use of memory (DOS issue) due to continuing
processing with insufficient data and claimed large image
size. Verify each file extent to make sure that it is within range
of file size. (CVE-2017-10800 bsc#1047044).
* META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800).
* PCX: Fix denial of service issue.
* RLE: Fix abnomally slow operation (denial of service issue) with
intentionally corrupt colormapped file.
* PICT: Fix possible buffer overflow vulnerability given suitably
truncated input file.
* PNG: Enforce spec requirement that the dimensions of the JPEG
embedded in a JDAT chunk must match the JHDR dimensions
(CVE-2016-9830).
* PNG: Avoid NULL dereference when MAGN chunk processing fails.
* SCT: Fix stack-buffer read overflow (underflow?) while reading SCT
header.
* SGI: Fix denial of service issues. Delay large memory allocations (forwarded request 511776 from scarabeus_iv)
OBS-URL: https://build.opensuse.org/request/show/511779
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=58
- Drop patches not meintioned in the changelog ever:
* GraphicsMagick-debian-fixed.patch
* GraphicsMagick-include.patch
* GraphicsMagick-perl-link.patch
* The package builds just fine without them and there is no
refference explaining it
- Convert the deps to pkgconfig variants where possible.
- Version update to 1.3.26:
* DPX: Fix excessive use of memory (DOS issue) due to file header
claiming large image dimensions but insufficient backing
data. (CVE-2017-10799 bsc#1047054).
* JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350).
* MAT: Fix excessive use of memory (DOS issue) due to continuing
processing with insufficient data and claimed large image
size. Verify each file extent to make sure that it is within range
of file size. (CVE-2017-10800 bsc#1047044).
* META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800).
* PCX: Fix denial of service issue.
* RLE: Fix abnomally slow operation (denial of service issue) with
intentionally corrupt colormapped file.
* PICT: Fix possible buffer overflow vulnerability given suitably
truncated input file.
* PNG: Enforce spec requirement that the dimensions of the JPEG
embedded in a JDAT chunk must match the JHDR dimensions
(CVE-2016-9830).
* PNG: Avoid NULL dereference when MAGN chunk processing fails.
* SCT: Fix stack-buffer read overflow (underflow?) while reading SCT
header.
* SGI: Fix denial of service issues. Delay large memory allocations (forwarded request 511776 from scarabeus_iv)
OBS-URL: https://build.opensuse.org/request/show/511779
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=58
- Drop patches not meintioned in the changelog ever:
* GraphicsMagick-debian-fixed.patch
* GraphicsMagick-include.patch
* GraphicsMagick-perl-link.patch
* The package builds just fine without them and there is no
refference explaining it
- Convert the deps to pkgconfig variants where possible.
- Version update to 1.3.26:
* DPX: Fix excessive use of memory (DOS issue) due to file header
claiming large image dimensions but insufficient backing
data. (CVE-2017-10799 bsc#1047054).
* JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350).
* MAT: Fix excessive use of memory (DOS issue) due to continuing
processing with insufficient data and claimed large image
size. Verify each file extent to make sure that it is within range
of file size. (CVE-2017-10800 bsc#1047044).
* META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800).
* PCX: Fix denial of service issue.
* RLE: Fix abnomally slow operation (denial of service issue) with
intentionally corrupt colormapped file.
* PICT: Fix possible buffer overflow vulnerability given suitably
truncated input file.
* PNG: Enforce spec requirement that the dimensions of the JPEG
embedded in a JDAT chunk must match the JHDR dimensions
(CVE-2016-9830).
* PNG: Avoid NULL dereference when MAGN chunk processing fails.
* SCT: Fix stack-buffer read overflow (underflow?) while reading SCT
header.
* SGI: Fix denial of service issues. Delay large memory allocations
OBS-URL: https://build.opensuse.org/request/show/511776
OBS-URL: https://build.opensuse.org/package/show/graphics/GraphicsMagick?expand=0&rev=73
- update to 1.3.25:
* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
overflow in EscapeParenthesis() used in the text annotation code.
While not being able to reproduce the issue, the implementation of
this function is completely redone.
* Utah RLE: Reject truncated/absurd files which caused huge memory
allocations and/or consumed huge CPU. Problem was reported by
Agostino Sarubbo based on testing with AFL.
* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
the MVG rendering code (also impacts SVG).
* TIFF: Fix heap buffer read overflow while copying sized TIFF
attributes. Problem was reported by Agostino Sarubbo based on
testing with AFL.
OBS-URL: https://build.opensuse.org/request/show/430385
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=56
- update to 1.3.25:
* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
overflow in EscapeParenthesis() used in the text annotation code.
While not being able to reproduce the issue, the implementation of
this function is completely redone.
* Utah RLE: Reject truncated/absurd files which caused huge memory
allocations and/or consumed huge CPU. Problem was reported by
Agostino Sarubbo based on testing with AFL.
* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
the MVG rendering code (also impacts SVG).
* TIFF: Fix heap buffer read overflow while copying sized TIFF
attributes. Problem was reported by Agostino Sarubbo based on
testing with AFL.
OBS-URL: https://build.opensuse.org/request/show/430385
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/GraphicsMagick?expand=0&rev=56
* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
overflow in EscapeParenthesis() used in the text annotation code.
While not being able to reproduce the issue, the implementation of
this function is completely redone.
* Utah RLE: Reject truncated/absurd files which caused huge memory
allocations and/or consumed huge CPU. Problem was reported by
Agostino Sarubbo based on testing with AFL.
* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
the MVG rendering code (also impacts SVG).
* TIFF: Fix heap buffer read overflow while copying sized TIFF
attributes. Problem was reported by Agostino Sarubbo based on
testing with AFL.
OBS-URL: https://build.opensuse.org/package/show/graphics/GraphicsMagick?expand=0&rev=68
