From 27a4da982f102550900dc1928bf45f28f9593333cc839b95d8bd105041226c8e Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Fri, 17 Aug 2018 08:04:07 +0000 Subject: [PATCH 1/5] - update to 7.0.8-10: * Added dcraw coder (dcraw:img.cr2) that can be used to force the use of the dcraw delegate when libraw is the default raw delegate. * Restored thread support for the HEIC coder. * ThumbnailImage function no longer reveals sensitive information (reference https://github.com/ImageMagick/ImageMagick/issues/1243). - remove upstreamed ImageMagick-filter.t.patch OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=379 --- ImageMagick-7.0.8-10.tar.bz2 | 3 ++ ImageMagick-7.0.8-10.tar.bz2.asc | 16 +++++++++++ ImageMagick-7.0.8-9.tar.bz2 | 3 -- ImageMagick-7.0.8-9.tar.bz2.asc | 16 ----------- ImageMagick-filter.t.patch | 49 -------------------------------- ImageMagick.changes | 11 +++++++ ImageMagick.spec | 5 +--- 7 files changed, 31 insertions(+), 72 deletions(-) create mode 100644 ImageMagick-7.0.8-10.tar.bz2 create mode 100644 ImageMagick-7.0.8-10.tar.bz2.asc delete mode 100644 ImageMagick-7.0.8-9.tar.bz2 delete mode 100644 ImageMagick-7.0.8-9.tar.bz2.asc delete mode 100644 ImageMagick-filter.t.patch diff --git a/ImageMagick-7.0.8-10.tar.bz2 b/ImageMagick-7.0.8-10.tar.bz2 new file mode 100644 index 0000000..e9aa06c --- /dev/null +++ b/ImageMagick-7.0.8-10.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f9d99573f8b8d7f90319fdf22a1a41a6764ac247b1c3f6ae08d9a3657ec977a5 +size 10838874 diff --git a/ImageMagick-7.0.8-10.tar.bz2.asc b/ImageMagick-7.0.8-10.tar.bz2.asc new file mode 100644 index 0000000..55c8f51 --- /dev/null +++ b/ImageMagick-7.0.8-10.tar.bz2.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIcBAABAgAGBQJbctPGAAoJEImrY9SCdzd6IhUP/22pqvsmJIO2tpfb20iy74LS +QcO1rqwjt9BY/NBo3mxR7d/iuzk99nFTKhx41eSmgLezNyRSxcxYCNYmIeH1c1Kb +XYsN6dmEKIuG8in+gE8nFodMQ0VCxO4viQtyvvZp6wGQOeiUkAOLVTGyG9S/0NXb +Ey6kinFvxQVv0iY4Y46JGyTUdE6Z+rXFUEP2BqCNuUCjDWQ1xQThe0mYNQyq/Mh/ +D8tFTy9g5weXZk3oUd6U+jwTPjCmyoxNk/1P/yYRmtCGxCmlQ1UiLD8f8ljd52UW +BQe0sxuHpM0qLAhUo+rFIBat/RbQxCcoQuU/sfm9cmwWapiauZ4xHc6lw/1nBsXz +M+RgDHYtLZHFTMm26ZxVCOds4Kugk7bnQsvu07/B/QfFSoIXYEX1Laa6OvM6FDci +CfIY2EK4nKWuAvCYV3ciE8YYtA2Lj+xGEQrOPPfVwj32lsvCJ122viMwHDn3nLZl +EMqHNfk2eBnNuAHgMshyGfBAAr6IG/Jegrj7vlRXQzw9/W6tqcXE/ySyeYl1ktGN +Sv2BA+AXVVQbwLLmeHTOPpIOCShmIbv6vnMYjZkEC+9Au58qiqJtltWFO02qP3Wq +j1JTTc/R1Opamwtr96QTuGksnndUk+IFa9qIFxKJ2OGkqOkO4nGMMumC1bmBa40O +QPog7a1E+FQOeY7/SIWt +=LeYr +-----END PGP SIGNATURE----- diff --git a/ImageMagick-7.0.8-9.tar.bz2 b/ImageMagick-7.0.8-9.tar.bz2 deleted file mode 100644 index a49edef..0000000 --- a/ImageMagick-7.0.8-9.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a0304796d86f47ba9b9448c8e0056884666168b8e60fdf4a34defc82470cf009 -size 10836315 diff --git a/ImageMagick-7.0.8-9.tar.bz2.asc b/ImageMagick-7.0.8-9.tar.bz2.asc deleted file mode 100644 index a07da70..0000000 --- a/ImageMagick-7.0.8-9.tar.bz2.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIcBAABAgAGBQJbaEG5AAoJEImrY9SCdzd6el0QAKWBfrhgLkTbD2AYzBw3wopU -tzHFRFKwwLZAm//g4rjFA05kvqxyPVKh0p/jnQx5HFsbmhVoBB+Pa6HwB27bvROD -UYghMgwYkIKU2hmYJujdXA+ahcC5IyWC1Q5wgTwkD30ZbsmnFCmVXz6g1akkjYPs -aPnrkTSVhSAtPJkhHu+KjiCwJOHqZPa66LtdBKCZVtYv5wvwi2tHHFpyR07FczQj -JA6HIjYsbT5PBqnefhaAfYAQoyhol6QNo6V31b/UzV4/wTg/5CEDtfjBIUxsgAy+ -EzEtfdZiMt+a/0qtBYujHxC5WSdZo16IHsSMtTYAVyvdS0aFLMYI5XMM3XY6xWd2 -LFnTsRn5WBgp60/+eiNUrZL37CGoJBGYoOfEuFVaEQSjjPG7tgBSJ9Y52lt00t8r -W3edQWf6oqdDN3RW5A4UWJqiwZYYAiMhq5Hq8xuVLW0LEEiYFv7bJdlFxlYq0rfh -aMepcqidle4uBek0F0kya77nncQEQsgSp5zPPftDluJ9NT66HHuAN5nCFEeNTZX2 -wEc/BE9R3+SjY6ZINwwYICwI3sxJk5U9sFp8OM++0cAnjNu/2IgBhUUdSE4atJkM -2jPZ23hOmNwW3qyqDWNN0MhFRr8hhxM1l08IdUFKgeZ4OETGAU5t4WWzIAWeWT9+ -6wT99tM1Nl8vz7IYftSZ -=XrrC ------END PGP SIGNATURE----- diff --git a/ImageMagick-filter.t.patch b/ImageMagick-filter.t.patch deleted file mode 100644 index fb35f94..0000000 --- a/ImageMagick-filter.t.patch +++ /dev/null @@ -1,49 +0,0 @@ -diff --git a/MagickCore/fx.c b/MagickCore/fx.c -index 75b2b98c16..3bdc468273 100644 ---- a/MagickCore/fx.c -+++ b/MagickCore/fx.c -@@ -3394,7 +3394,7 @@ MagickExport Image *ImplodeImage(const Image *image,const double amount, - delta.x=scale.x*(double) (x-center.x); - distance=delta.x*delta.x+delta.y*delta.y; - if ((distance >= (radius*radius)) || -- (GetPixelWriteMask(canvas_image,p) > (QuantumRange/2))) -+ (GetPixelWriteMask(canvas_image,p) <= (QuantumRange/2))) - for (i=0; i < (ssize_t) GetPixelChannels(canvas_image); i++) - { - PixelChannel channel = GetPixelChannelChannel(canvas_image,i); -@@ -5227,7 +5227,7 @@ MagickExport Image *SwirlImage(const Image *image,double degrees, - delta.x=scale.x*(double) (x-center.x); - distance=delta.x*delta.x+delta.y*delta.y; - if ((distance >= (radius*radius)) || -- (GetPixelWriteMask(canvas_image,p) > (QuantumRange/2))) -+ (GetPixelWriteMask(canvas_image,p) <= (QuantumRange/2))) - { - register ssize_t - i; -@@ -5729,7 +5729,7 @@ MagickExport Image *WaveImage(const Image *image,const double amplitude, - } - for (x=0; x < (ssize_t) wave_image->columns; x++) - { -- if (GetPixelWriteMask(image,p) > (QuantumRange/2)) -+ if (GetPixelWriteMask(image,p) <= (QuantumRange/2)) - { - register ssize_t - i; -diff --git a/MagickCore/image.c b/MagickCore/image.c -index a74ba1118c..310eb535cc 100644 ---- a/MagickCore/image.c -+++ b/MagickCore/image.c -@@ -3374,10 +3374,10 @@ MagickExport MagickBooleanType SetImageRegionMask(Image *image, - Quantum - pixel; - -- pixel=QuantumRange; -+ pixel=(Quantum) 0; - if (((x >= region->x) && (x < (region->x+(ssize_t) region->width))) && - ((y >= region->y) && (y < (region->y+(ssize_t) region->height)))) -- pixel=(Quantum) 0; -+ pixel=QuantumRange; - switch (type) - { - case ReadPixelMask: - diff --git a/ImageMagick.changes b/ImageMagick.changes index f276e77..39f92b9 100644 --- a/ImageMagick.changes +++ b/ImageMagick.changes @@ -1,3 +1,14 @@ +------------------------------------------------------------------- +Fri Aug 17 07:54:19 UTC 2018 - pgajdos@suse.com + +- update to 7.0.8-10: + * Added dcraw coder (dcraw:img.cr2) that can be used to force the use of the + dcraw delegate when libraw is the default raw delegate. + * Restored thread support for the HEIC coder. + * ThumbnailImage function no longer reveals sensitive information (reference + https://github.com/ImageMagick/ImageMagick/issues/1243). +- remove upstreamed ImageMagick-filter.t.patch + ------------------------------------------------------------------- Mon Aug 6 13:42:03 UTC 2018 - pgajdos@suse.com diff --git a/ImageMagick.spec b/ImageMagick.spec index 73d97e1..9845d6c 100644 --- a/ImageMagick.spec +++ b/ImageMagick.spec @@ -18,7 +18,7 @@ %define maj 7 %define mfr_version %{maj}.0.8 -%define mfr_revision 9 +%define mfr_revision 10 %define quantum_depth 16 %define source_version %{mfr_version}-%{mfr_revision} %define clibver 6 @@ -45,8 +45,6 @@ Patch2: ImageMagick-library-installable-in-parallel.patch #%%ifarch s390x s390 ppc64 ppc Patch3: ImageMagick-s390-disable-tests.patch #%%endif -# https://github.com/ImageMagick/ImageMagick/issues/1241 -Patch4: ImageMagick-filter.t.patch BuildRequires: chrpath BuildRequires: dos2unix BuildRequires: fdupes @@ -298,7 +296,6 @@ HTML documentation for ImageMagick library and scene examples. %ifarch s390x s390 ppc ppc64 %patch3 -p1 %endif -%patch4 -p1 %build # bsc#1088463 From 9e9d1e4a9d0a2fdb5ac6186c3803dd29eb4b50d3ed4d2258458fc6fc28579001 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Wed, 22 Aug 2018 09:22:33 +0000 Subject: [PATCH 2/5] - disable PS, EPS, PDF and XPS in default policy.xml [bsc#1105592] OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=380 --- ImageMagick-disable-insecure-coders.patch | 12 ++++++++---- ImageMagick.changes | 5 +++++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/ImageMagick-disable-insecure-coders.patch b/ImageMagick-disable-insecure-coders.patch index 3232ecc..5e60135 100644 --- a/ImageMagick-disable-insecure-coders.patch +++ b/ImageMagick-disable-insecure-coders.patch @@ -1,8 +1,8 @@ -Index: ImageMagick-7.0.6-0/config/policy.xml +Index: ImageMagick-7.0.8-10/config/policy.xml =================================================================== ---- ImageMagick-7.0.6-0.orig/config/policy.xml 2017-06-28 09:11:49.170299620 +0200 -+++ ImageMagick-7.0.6-0/config/policy.xml 2017-06-28 09:13:16.191813685 +0200 -@@ -76,4 +76,15 @@ +--- ImageMagick-7.0.8-10.orig/config/policy.xml 2018-08-13 13:05:28.000000000 +0200 ++++ ImageMagick-7.0.8-10/config/policy.xml 2018-08-22 11:10:01.821570102 +0200 +@@ -74,4 +74,19 @@ @@ -17,4 +17,8 @@ Index: ImageMagick-7.0.6-0/config/policy.xml + + + ++ ++ ++ ++ diff --git a/ImageMagick.changes b/ImageMagick.changes index 39f92b9..9b387bd 100644 --- a/ImageMagick.changes +++ b/ImageMagick.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Aug 22 09:10:19 UTC 2018 - pgajdos@suse.com + +- disable PS, EPS, PDF and XPS in default policy.xml [bsc#1105592] + ------------------------------------------------------------------- Fri Aug 17 07:54:19 UTC 2018 - pgajdos@suse.com From 9078d5b212c8aa2e854fc4f8716636de6ffd08714a5d07f473cccb6ba635966a Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Wed, 22 Aug 2018 10:25:03 +0000 Subject: [PATCH 3/5] OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=381 --- ImageMagick-disable-insecure-coders.patch | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/ImageMagick-disable-insecure-coders.patch b/ImageMagick-disable-insecure-coders.patch index 5e60135..9323b11 100644 --- a/ImageMagick-disable-insecure-coders.patch +++ b/ImageMagick-disable-insecure-coders.patch @@ -1,8 +1,8 @@ Index: ImageMagick-7.0.8-10/config/policy.xml =================================================================== --- ImageMagick-7.0.8-10.orig/config/policy.xml 2018-08-13 13:05:28.000000000 +0200 -+++ ImageMagick-7.0.8-10/config/policy.xml 2018-08-22 11:10:01.821570102 +0200 -@@ -74,4 +74,19 @@ ++++ ImageMagick-7.0.8-10/config/policy.xml 2018-08-22 12:24:40.219828953 +0200 +@@ -74,4 +74,20 @@ @@ -18,7 +18,8 @@ Index: ImageMagick-7.0.8-10/config/policy.xml + + + -+ ++ ++ + + From 2ba75a70c9609331a897e6add5ccdd4ff5606f01391a8e764c594b5ec253a112 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Wed, 22 Aug 2018 10:30:13 +0000 Subject: [PATCH 4/5] - disable PS, PS2, PS3, XPS and PDF coders in default policy.xml [bsc#1105592] OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=382 --- ImageMagick.changes | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ImageMagick.changes b/ImageMagick.changes index 9b387bd..e7838c2 100644 --- a/ImageMagick.changes +++ b/ImageMagick.changes @@ -1,7 +1,8 @@ ------------------------------------------------------------------- Wed Aug 22 09:10:19 UTC 2018 - pgajdos@suse.com -- disable PS, EPS, PDF and XPS in default policy.xml [bsc#1105592] +- disable PS, PS2, PS3, XPS and PDF coders in default policy.xml + [bsc#1105592] ------------------------------------------------------------------- Fri Aug 17 07:54:19 UTC 2018 - pgajdos@suse.com From 99a7681c71700fafb5da77ae5e33b77cc8b7619f11768308a93f861abf4667f0 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Mon, 3 Sep 2018 08:21:46 +0000 Subject: [PATCH 5/5] - update to 7.0.8-11: * Fixed numerous use of uninitialized values, integer overflow, memory exceeded, and timeouts (credit to OSS Fuzz). * Add support for "module" security policy. OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=383 --- ImageMagick-7.0.8-10.tar.bz2 | 3 --- ImageMagick-7.0.8-10.tar.bz2.asc | 16 ---------------- ImageMagick-7.0.8-11.tar.bz2 | 3 +++ ImageMagick-7.0.8-11.tar.bz2.asc | 16 ++++++++++++++++ ImageMagick.changes | 8 ++++++++ ImageMagick.spec | 2 +- 6 files changed, 28 insertions(+), 20 deletions(-) delete mode 100644 ImageMagick-7.0.8-10.tar.bz2 delete mode 100644 ImageMagick-7.0.8-10.tar.bz2.asc create mode 100644 ImageMagick-7.0.8-11.tar.bz2 create mode 100644 ImageMagick-7.0.8-11.tar.bz2.asc diff --git a/ImageMagick-7.0.8-10.tar.bz2 b/ImageMagick-7.0.8-10.tar.bz2 deleted file mode 100644 index e9aa06c..0000000 --- a/ImageMagick-7.0.8-10.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f9d99573f8b8d7f90319fdf22a1a41a6764ac247b1c3f6ae08d9a3657ec977a5 -size 10838874 diff --git a/ImageMagick-7.0.8-10.tar.bz2.asc b/ImageMagick-7.0.8-10.tar.bz2.asc deleted file mode 100644 index 55c8f51..0000000 --- a/ImageMagick-7.0.8-10.tar.bz2.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIcBAABAgAGBQJbctPGAAoJEImrY9SCdzd6IhUP/22pqvsmJIO2tpfb20iy74LS -QcO1rqwjt9BY/NBo3mxR7d/iuzk99nFTKhx41eSmgLezNyRSxcxYCNYmIeH1c1Kb -XYsN6dmEKIuG8in+gE8nFodMQ0VCxO4viQtyvvZp6wGQOeiUkAOLVTGyG9S/0NXb -Ey6kinFvxQVv0iY4Y46JGyTUdE6Z+rXFUEP2BqCNuUCjDWQ1xQThe0mYNQyq/Mh/ -D8tFTy9g5weXZk3oUd6U+jwTPjCmyoxNk/1P/yYRmtCGxCmlQ1UiLD8f8ljd52UW -BQe0sxuHpM0qLAhUo+rFIBat/RbQxCcoQuU/sfm9cmwWapiauZ4xHc6lw/1nBsXz -M+RgDHYtLZHFTMm26ZxVCOds4Kugk7bnQsvu07/B/QfFSoIXYEX1Laa6OvM6FDci -CfIY2EK4nKWuAvCYV3ciE8YYtA2Lj+xGEQrOPPfVwj32lsvCJ122viMwHDn3nLZl -EMqHNfk2eBnNuAHgMshyGfBAAr6IG/Jegrj7vlRXQzw9/W6tqcXE/ySyeYl1ktGN -Sv2BA+AXVVQbwLLmeHTOPpIOCShmIbv6vnMYjZkEC+9Au58qiqJtltWFO02qP3Wq -j1JTTc/R1Opamwtr96QTuGksnndUk+IFa9qIFxKJ2OGkqOkO4nGMMumC1bmBa40O -QPog7a1E+FQOeY7/SIWt -=LeYr ------END PGP SIGNATURE----- diff --git a/ImageMagick-7.0.8-11.tar.bz2 b/ImageMagick-7.0.8-11.tar.bz2 new file mode 100644 index 0000000..d5b6756 --- /dev/null +++ b/ImageMagick-7.0.8-11.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a1aef96c89a9a9fac51a6e141deffa0b2f8db2062a24f6ba9fe3846dde7491ac +size 10840126 diff --git a/ImageMagick-7.0.8-11.tar.bz2.asc b/ImageMagick-7.0.8-11.tar.bz2.asc new file mode 100644 index 0000000..8fa653a --- /dev/null +++ b/ImageMagick-7.0.8-11.tar.bz2.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIcBAABAgAGBQJbhq3GAAoJEImrY9SCdzd6F8wQAIfW3tPi924gczHbUZAqdiW7 +ZIcGvzhr0SC1URz3atFUL9N3M8Y4pvCtiGL07+9amjB+/bMqg9hNV3L6VXMsax/Y +IAPgPOS9P2YeqsvjTVAzDgVsyCY1l22ZhJ4LCPb1hU6oh4ItWTtjPr6m7q9PUA1v +zYmEbitfK/YCPeJZWVvSDLVH54HTc73JRNAMCwRG09zDlZrh12lDb9do+/iGF7v5 +V+kYMHs8B6HFinJdX5cd0bGyylr4+bw/pMfaFKKysny8aYLQ00gD45SjByac6aal +oT5BZFynG36PwWoApoAzIgMggYLUfTDYLP9P6Ubwkh/PIwljgoW4SVH+puAZ+vvQ +hRyyiIyl21K5sCFPW9et4/fpEsJcAT2kYz0j7rrpPBv+CmMLwg+b0RoilUhiZzkg +4ISLfTtv2pZCTb7k70mx03oVGTykbVJD7ek0vRO0JiybnPfOKQhK31Oq7jls1xop +PjVMhhzSEAms0T3l6uteZW+n3Yx6zPbWfl8Ff7Ks6n4BxHdNVk/i2L+3+BDOr+oH +5sI3CRLhM03lGFYxi9wY8M3jprSRCtcDprdHqOduhTI4ZcQDHQZyFgg/QVNar4d6 +acoFZpbXiGhXoJrRflawE0bz4zPvvSutNGA1f3Nzxn9BTFr65JDCaru/D3FGCnNq +oKFnl1bodLvUtVFtdkux +=/5UE +-----END PGP SIGNATURE----- diff --git a/ImageMagick.changes b/ImageMagick.changes index e7838c2..9e20c25 100644 --- a/ImageMagick.changes +++ b/ImageMagick.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon Sep 3 08:20:41 UTC 2018 - pgajdos@suse.com + +- update to 7.0.8-11: + * Fixed numerous use of uninitialized values, integer overflow, memory + exceeded, and timeouts (credit to OSS Fuzz). + * Add support for "module" security policy. + ------------------------------------------------------------------- Wed Aug 22 09:10:19 UTC 2018 - pgajdos@suse.com diff --git a/ImageMagick.spec b/ImageMagick.spec index 9845d6c..a03c92c 100644 --- a/ImageMagick.spec +++ b/ImageMagick.spec @@ -18,7 +18,7 @@ %define maj 7 %define mfr_version %{maj}.0.8 -%define mfr_revision 10 +%define mfr_revision 11 %define quantum_depth 16 %define source_version %{mfr_version}-%{mfr_revision} %define clibver 6