From 8a2956a91966359fa632fbcfa36d6ebf982c98f0e3efd4eae6e480ca90fbea74 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Tue, 22 Aug 2023 13:13:21 +0000 Subject: [PATCH 1/2] - version update to 7.1.1.15 * upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-15---2023-07-30 - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=663 --- ImageMagick-7.1.1-12.tar.xz | 3 --- ImageMagick-7.1.1-12.tar.xz.asc | 16 ---------------- ImageMagick-7.1.1-15.tar.xz | 3 +++ ImageMagick-7.1.1-15.tar.xz.asc | 16 ++++++++++++++++ ...eMagick-library-installable-in-parallel.patch | 8 ++++---- ImageMagick.changes | 9 +++++++++ ImageMagick.spec | 5 +---- 7 files changed, 33 insertions(+), 27 deletions(-) delete mode 100644 ImageMagick-7.1.1-12.tar.xz delete mode 100644 ImageMagick-7.1.1-12.tar.xz.asc create mode 100644 ImageMagick-7.1.1-15.tar.xz create mode 100644 ImageMagick-7.1.1-15.tar.xz.asc diff --git a/ImageMagick-7.1.1-12.tar.xz b/ImageMagick-7.1.1-12.tar.xz deleted file mode 100644 index 1d6eb67..0000000 --- a/ImageMagick-7.1.1-12.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a761aa8c3b0690910600ba838d15379b676820f1ed912382d31c9b5da1ca1878 -size 10197236 diff --git a/ImageMagick-7.1.1-12.tar.xz.asc b/ImageMagick-7.1.1-12.tar.xz.asc deleted file mode 100644 index 4449049..0000000 --- a/ImageMagick-7.1.1-12.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEE2Ccu9R2iI+TQW0Zpiatj1IJ3N3oFAmSY0TYACgkQiatj1IJ3 -N3paEQ//XtBcUOXIaaEFQPYWjOicVQff4Uq9NQxxhdwzRGtSytfqv7SrQo1+3ZNG -DjQ1hY5xMRUL/+2pmpuLgc5WAtGQ0LxOFAsW1f8gPo2XxfCQlXkCq0HaX3JzvngH -ZSSu+y1YtG+YkZtEUVyQwyJCCfS1FptDjOQkq208mxbn8P4C0DqV4Yl6ap2Lpehd -sqL1ssUVC0l9z4TELlcZCnUl7sf8L5Ya0JdQ+vZzNykr5sB+9PiXv8lAT4Gs2Xo6 -5IGC2cBJn4n/L3dcSCWJ3we9ypXZpMYzsCSYI97qlvHXB789br6J6m5Hohlp0uFN -5iH0ztXH3dqlKflKX3WA1w/dlqZ0Z93q0mKmFJNe6wBK7We//3FbeqWzbrn3zNq7 -EQBdfH72LBypw2tHdnpAnk3m77IxAUQ8XLd5j9kJquunihUBGNkO6Yag7CaehCtG -bvaWjuDBZ3tfUPzhKpg8Shpg7GQTltmblsFU+HalL6FlbiUdt4P5S40mdoDXJ7xe -RbZOEpD7GyuTRKDf11GTQ6pvGvwdjEMy8EQWnK9JxNhaa8REQdH9sOmwPqoVcV3i -qLML7P6Xb5ADfuLILlz6vqagkQD7Hr2FvymD4SdCFMESL6+CSxKWG1mWd93Vs5LR -0nHTfd61ub1F/JZlpw8jy3SGuzQz38jD5Mhlmd66T/6FgXvKXD4= -=j99y ------END PGP SIGNATURE----- diff --git a/ImageMagick-7.1.1-15.tar.xz b/ImageMagick-7.1.1-15.tar.xz new file mode 100644 index 0000000..3361f7f --- /dev/null +++ b/ImageMagick-7.1.1-15.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c8589ea233f678b0474daaba19a55ce783b52b25495fb5ba93ac1d377f65bb2f +size 10200668 diff --git a/ImageMagick-7.1.1-15.tar.xz.asc b/ImageMagick-7.1.1-15.tar.xz.asc new file mode 100644 index 0000000..28437b9 --- /dev/null +++ b/ImageMagick-7.1.1-15.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEE2Ccu9R2iI+TQW0Zpiatj1IJ3N3oFAmTGad0ACgkQiatj1IJ3 +N3q70A//VACuhnStqbXC+miIR0u7kOzip6uCszmV+X5w7L4ePCdke6Hp7CoSLATo +/BJUt+CU2K8a6exHwx4tTTtNm9ALASFfubL9aUCjKCh+83H6dnHgI5NpS2gSsNMD +i+FRlmm0yKKYTZZqwgWkTYDWJvnHhEEtVX+C1vgAyljlusjb+bSmEVGYPdh+EXca +rMF2bnOT3GG+MiLvI93wJAqhIGz1Zh85Ywf+wzSRaRby2z3cvH6RUMbfQXD1bOQL +l3BT+vtEsw6+GV37iWzqhVwFMWBYNzJDZUsUN6V9HmcnLdKVpPLT9a1jDZhBBDzc +kH5f4iaseG3jp7rz9BbXYQGMC8iRpZv+Ty3ew+EzjZ5Bt7ThxXVl/VnfofXOI6de +m2qj2SnLF/G3BFctpfTVYO4SWiED1/aNt5k8S0KHuYRKmGzjGf3vBV0LBIMKXs4y +VTpCm1p+RcUjHD9MKEcRpsGi6KGyLH4dZlKDwXhQ/Vcj8hg7DvvS+O2uPq/QjXPg +Dzlp0JkdRHAIMWR7Jf1XEVe1IPfl4lrxQnQkX1SxVMQExa/vXflQR91el9ijeVTv +2EEMx6hzzp07ZmQvFBCruY/gliPwyZdCY2/BmwHJ0hMekg9Z4p8NLcna+rtEMaBJ +E7IjHdHcXXxwDPCNGpeiNLSdO/oi3Il+Z0nVFqw0pI3AbojUde8= +=0QMW +-----END PGP SIGNATURE----- diff --git a/ImageMagick-library-installable-in-parallel.patch b/ImageMagick-library-installable-in-parallel.patch index f616a60..f16d461 100644 --- a/ImageMagick-library-installable-in-parallel.patch +++ b/ImageMagick-library-installable-in-parallel.patch @@ -1,8 +1,8 @@ -Index: ImageMagick-7.1.1-11/configure +Index: ImageMagick-7.1.1-15/configure =================================================================== ---- ImageMagick-7.1.1-11.orig/configure -+++ ImageMagick-7.1.1-11/configure -@@ -35205,7 +35205,9 @@ fi +--- ImageMagick-7.1.1-15.orig/configure ++++ ImageMagick-7.1.1-15/configure +@@ -35317,7 +35317,9 @@ fi # Subdirectory to place architecture-dependent configuration files diff --git a/ImageMagick.changes b/ImageMagick.changes index d10aa3f..5808644 100644 --- a/ImageMagick.changes +++ b/ImageMagick.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Tue Aug 22 13:11:14 UTC 2023 - pgajdos@suse.com + +- version update to 7.1.1.15 + * upstream changelog: + https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-15---2023-07-30 +- modified patches + % ImageMagick-library-installable-in-parallel.patch (refreshed) + ------------------------------------------------------------------- Thu Jun 29 09:17:27 UTC 2023 - pgajdos@suse.com diff --git a/ImageMagick.spec b/ImageMagick.spec index 4d02cf4..c1d8edc 100644 --- a/ImageMagick.spec +++ b/ImageMagick.spec @@ -20,7 +20,7 @@ %define asan_build 0 %define maj 7 %define mfr_version %{maj}.1.1 -%define mfr_revision 12 +%define mfr_revision 15 %define quantum_depth 16 %define source_version %{mfr_version}-%{mfr_revision} %define clibver 10 @@ -55,8 +55,6 @@ Patch2: ImageMagick-library-installable-in-parallel.patch Patch4: ImageMagick-filter.t-disable-Contrast.patch #%%endif #%%endif -# CVE-2023-3428 [bsc#1212847], heap-buffer-overflow in coders/tiff.c -Patch5: ImageMagick-CVE-2023-3428.patch BuildRequires: chrpath BuildRequires: dejavu-fonts BuildRequires: fdupes @@ -299,7 +297,6 @@ preserved. %patch4 -p1 %endif %endif -%patch5 -p1 %build # bsc#1088463 From 2b024f3aac5c2a0d8c28c8ab3ca84ec71efd9d8755478f5e2089e63b1a0f51a2 Mon Sep 17 00:00:00 2001 From: Petr Gajdos Date: Wed, 23 Aug 2023 07:23:21 +0000 Subject: [PATCH 2/2] - deleted patches - ImageMagick-CVE-2023-3428.patch (upstreamed) OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=664 --- ImageMagick-CVE-2023-3428.patch | 14 -------------- ImageMagick.changes | 2 ++ 2 files changed, 2 insertions(+), 14 deletions(-) delete mode 100644 ImageMagick-CVE-2023-3428.patch diff --git a/ImageMagick-CVE-2023-3428.patch b/ImageMagick-CVE-2023-3428.patch deleted file mode 100644 index bf19f28..0000000 --- a/ImageMagick-CVE-2023-3428.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/coders/tiff.c b/coders/tiff.c -index 9e0d0b1201..df4274cacd 100644 ---- a/coders/tiff.c -+++ b/coders/tiff.c -@@ -2010,7 +2010,7 @@ static Image *ReadTIFFImage(const ImageInfo *image_info, - number_pixels=(MagickSizeType) columns*rows; - if (HeapOverflowSanityCheck(rows,sizeof(*tile_pixels)) != MagickFalse) - ThrowTIFFException(ResourceLimitError,"MemoryAllocationFailed"); -- extent=4*(samples_per_pixel+1)*MagickMax(rows*TIFFTileRowSize(tiff), -+ extent=4*(samples_per_pixel+1)*MagickMax((rows+1)*TIFFTileRowSize(tiff), - TIFFTileSize(tiff)); - tile_pixels=(unsigned char *) AcquireQuantumMemory(extent, - sizeof(*tile_pixels)); - diff --git a/ImageMagick.changes b/ImageMagick.changes index 5808644..d05b53b 100644 --- a/ImageMagick.changes +++ b/ImageMagick.changes @@ -6,6 +6,8 @@ Tue Aug 22 13:11:14 UTC 2023 - pgajdos@suse.com https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-15---2023-07-30 - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) +- deleted patches + - ImageMagick-CVE-2023-3428.patch (upstreamed) ------------------------------------------------------------------- Thu Jun 29 09:17:27 UTC 2023 - pgajdos@suse.com