From 90cc09d28a0402b46d2d2cf274a9a9ac0a90043bd312237ebc2047466c42781a Mon Sep 17 00:00:00 2001
From: OBS User unknown <null@suse.de>
Date: Thu, 19 Apr 2007 19:46:30 +0000
Subject: [PATCH] OBS-URL:
 https://build.opensuse.org/package/show/openSUSE:Factory/ImageMagick?expand=0&rev=4

---
 ImageMagick-6.3.0-0.tar.bz2                   |  3 --
 ImageMagick-6.3.0.0-CVE-2006-5456.patch       | 40 -------------------
 ImageMagick-6.3.0.0-bezier-array.patch        | 11 -----
 ImageMagick-6.3.3-8.tar.bz2                   |  3 ++
 ImageMagick-6.3.3.8-autoconf.patch            | 11 +++++
 ...doc.patch => ImageMagick-6.3.3.8-doc.patch |  0
 ...atch => ImageMagick-6.3.3.8-examples.patch |  0
 ImageMagick.changes                           |  9 +++++
 ImageMagick.spec                              | 40 ++++++++++---------
 9 files changed, 44 insertions(+), 73 deletions(-)
 delete mode 100644 ImageMagick-6.3.0-0.tar.bz2
 delete mode 100644 ImageMagick-6.3.0.0-CVE-2006-5456.patch
 delete mode 100644 ImageMagick-6.3.0.0-bezier-array.patch
 create mode 100644 ImageMagick-6.3.3-8.tar.bz2
 create mode 100644 ImageMagick-6.3.3.8-autoconf.patch
 rename ImageMagick-6.3.0.0-doc.patch => ImageMagick-6.3.3.8-doc.patch (100%)
 rename ImageMagick-6.3.0.0-examples.patch => ImageMagick-6.3.3.8-examples.patch (100%)

diff --git a/ImageMagick-6.3.0-0.tar.bz2 b/ImageMagick-6.3.0-0.tar.bz2
deleted file mode 100644
index 16fca3f..0000000
--- a/ImageMagick-6.3.0-0.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1595f9462b4d083944d7f1a28fead810399a709cc834ca7cfd4b6336597b41cb
-size 5348178
diff --git a/ImageMagick-6.3.0.0-CVE-2006-5456.patch b/ImageMagick-6.3.0.0-CVE-2006-5456.patch
deleted file mode 100644
index bac4b71..0000000
--- a/ImageMagick-6.3.0.0-CVE-2006-5456.patch
+++ /dev/null
@@ -1,40 +0,0 @@
---- coders/dcm.c
-+++ coders/dcm.c
-@@ -2950,7 +2950,7 @@
-             /*
-               Photometric interpretation.
-             */
--            for (i=0; i < (long) length; i++)
-+            for (i=0; i < (long) Min(length, MaxTextExtent-1); i++)
-               photometric[i]=(char) data[i];
-             photometric[i]='\0';
-             break;
---- coders/palm.c
-+++ coders/palm.c
-@@ -398,7 +398,7 @@
-               image->compression=RLECompression;
-               for (i=0; i < (long) bytes_per_row; )
-               {
--                count=ReadBlobByte(image);
-+                count=Min(ReadBlobByte(image), bytes_per_row-i);
-                 byte=ReadBlobByte(image);
-                 (void) ResetMagickMemory(one_row+i,(int) byte,count);
-                 i+=count;
-@@ -431,6 +431,8 @@
-       indexes=GetIndexes(image);
-       if (bits_per_pixel == 16)
-         {
-+          if (image->columns > 2*bytes_per_row)
-+            ThrowReaderException(CorruptImageError,"ImproperImageHeader");
-           for (x=0; x < (long) image->columns; x++)
-           {
-             color16=(*ptr++ << 8);
-@@ -447,6 +449,8 @@
-           bit=8-bits_per_pixel;
-           for (x=0; x < (long) image->columns; x++)
-           {
-+	    if (ptr - one_row >= bytes_per_row)
-+              ThrowReaderException(CorruptImageError,"ImproperImageHeader");
-             index=(IndexPacket) (mask-(((*ptr) & (mask << bit)) >> bit));
-             indexes[x]=index;
-             *q++=image->colormap[index];
diff --git a/ImageMagick-6.3.0.0-bezier-array.patch b/ImageMagick-6.3.0.0-bezier-array.patch
deleted file mode 100644
index 091d5cd..0000000
--- a/ImageMagick-6.3.0.0-bezier-array.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- magick/draw.c
-+++ magick/draw.c
-@@ -4910,7 +4910,7 @@
-               points[0]=points[2];
-               points[1]=points[3];
-             }
--          for (i=0; i <= 4; i++)
-+          for (i=0; i <= 3; i++)
-             (q+i)->point=points[i];
-           TraceBezier(q,4);
-           q+=q->coordinates;
diff --git a/ImageMagick-6.3.3-8.tar.bz2 b/ImageMagick-6.3.3-8.tar.bz2
new file mode 100644
index 0000000..59c70d2
--- /dev/null
+++ b/ImageMagick-6.3.3-8.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e2b557f971fa5875647ad4c848025a095eb5784a4296d884ff162212eab8db4e
+size 5633820
diff --git a/ImageMagick-6.3.3.8-autoconf.patch b/ImageMagick-6.3.3.8-autoconf.patch
new file mode 100644
index 0000000..93dd69f
--- /dev/null
+++ b/ImageMagick-6.3.3.8-autoconf.patch
@@ -0,0 +1,11 @@
+--- Makefile.am
++++ Makefile.am
+@@ -21,7 +21,7 @@
+ 
+ AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir)
+ 
+-ACLOCAL_AMFLAGS = -Iltdl/m4 -I m4
++ACLOCAL_AMFLAGS = -I m4
+ 
+ MODULECOMMONFLAGS = -no-undefined -module -avoid-version
+ 
diff --git a/ImageMagick-6.3.0.0-doc.patch b/ImageMagick-6.3.3.8-doc.patch
similarity index 100%
rename from ImageMagick-6.3.0.0-doc.patch
rename to ImageMagick-6.3.3.8-doc.patch
diff --git a/ImageMagick-6.3.0.0-examples.patch b/ImageMagick-6.3.3.8-examples.patch
similarity index 100%
rename from ImageMagick-6.3.0.0-examples.patch
rename to ImageMagick-6.3.3.8-examples.patch
diff --git a/ImageMagick.changes b/ImageMagick.changes
index e68b3c5..ae7ab88 100644
--- a/ImageMagick.changes
+++ b/ImageMagick.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Thu Apr 19 13:53:08 CEST 2007 - nadvornik@suse.cz
+
+- updated to 6.3.3-8, see ChangeLog for details
+- fixed various crashes on malformed input, including
+  CVE-2007-1797 and CVE-2007-1667 [#258253]
+- do not build static libs
+- adjusted BuildRequires for libjasper-devel
+
 -------------------------------------------------------------------
 Tue Feb 27 22:53:46 CET 2007 - dmueller@suse.de
 
diff --git a/ImageMagick.spec b/ImageMagick.spec
index 70a7d36..9bb0e6a 100644
--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@@ -1,5 +1,5 @@
 #
-# spec file for package ImageMagick (Version 6.3.0.0)
+# spec file for package ImageMagick (Version 6.3.3.8)
 #
 # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@@ -12,26 +12,30 @@
 
 Name:           ImageMagick
 BuildRequires:  dcraw freetype2-devel gcc-c++ ghostscript-fonts-other ghostscript-fonts-std
-BuildRequires:  ghostscript-library glib libjasper liblcms-devel libtiff-devel libwmf-devel
-BuildRequires:  libexif-devel libxml2-devel pkgconfig
+BuildRequires:  ghostscript-library glib liblcms-devel libtiff-devel libwmf-devel
+BuildRequires:  libxml2-devel pkgconfig
+%if %suse_version > 1020
+BuildRequires:  libexif-devel libjasper-devel
+%else
+BuildRequires:  libexif libjasper
+%endif
 Obsoletes:      imagemag
 Provides:       imagemag
 %define xtp_version 5.4.3
 %define prefix /usr
 %define perl_prefix /usr
-License:        Public Domain, Freeware
+License:        Any permissive
 Group:          Productivity/Graphics/Other
 Autoreqprov:    on
-Version:        6.3.0.0
-Release:        32
+Version:        6.3.3.8
+Release:        1
 Summary:        Viewer and Converter for Images
 URL:            http://www.imagemagick.org
-Source:         ImageMagick-6.3.0-0.tar.bz2
+Source:         ImageMagick-6.3.3-8.tar.bz2
 Source2:        xtp-%{xtp_version}.tar.bz2
 Patch1:         ImageMagick-%{version}-examples.patch
 Patch2:         ImageMagick-%{version}-doc.patch
-Patch3:         ImageMagick-%{version}-CVE-2006-5456.patch
-Patch4:         ImageMagick-%{version}-bezier-array.patch
+Patch3:         ImageMagick-%{version}-autoconf.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %package -n perl-PerlMagick
 Requires:       perl = %{perl_version}
@@ -57,20 +61,17 @@ Group:          Development/Libraries/C and C++
 Autoreqprov:    on
 %prep
 rm -rf xtp-%{xtp_version}
-%setup -n ImageMagick-6.3.0 -b 2
+%setup -n ImageMagick-6.3.3 -b 2
 %patch1
 %patch2
 %patch3
-%patch4
 
 %build
 cp -f /usr/share/libtool/libltdl/*.{c,h} ltdl
 mv ltdl/ltdl.c ltdl/ltdl.c.orig
 sed -e "s:<config.h>:<magick/magick-config.h>:" ltdl/ltdl.c.orig >ltdl/ltdl.c
-%{?suse_update_config:%{suse_update_config -f ltdl }}
 autoreconf --force --install
 pushd ../xtp-%{xtp_version}
-%{?suse_update_config:%{suse_update_config -f }}
 autoreconf --force --install
 popd
 export CFLAGS="$RPM_OPT_FLAGS"
@@ -83,7 +84,7 @@ export LDFLAGS="-L%{_libdir}"
 ./configure --prefix=%{prefix} --libdir=%{_libdir} \
          --mandir=%{_mandir} --enable-shared --without-frozenpaths \
 	 --with-largefiles  --with-magick_plus_plus --with-modules\
-	 --with-threads --without-perl 
+	 --with-threads --without-perl --disable-static
 make %{?jobs:-j%jobs} all
 cd PerlMagick
 perl Makefile.PL
@@ -156,10 +157,8 @@ rm -rf $RPM_BUILD_ROOT
 %files devel
 %defattr(-,root,root)
 %{_libdir}/libMagick.so
-%{_libdir}/libMagick.a
 %{_libdir}/libMagick.la
 %{_libdir}/libWand.so
-%{_libdir}/libWand.a
 %{_libdir}/libWand.la
 %{prefix}/include/magick
 %{prefix}/include/wand
@@ -167,8 +166,6 @@ rm -rf $RPM_BUILD_ROOT
 %{prefix}/bin/Wand-config
 %{_libdir}/pkgconfig/ImageMagick.pc
 %{_libdir}/pkgconfig/Wand.pc
-#
-%{_libdir}/ImageMagick*/modules*/*/*.a
 
 %files -n perl-PerlMagick
 %defattr(-,root,root)
@@ -187,7 +184,6 @@ rm -rf $RPM_BUILD_ROOT
 %files Magick++-devel
 %defattr(-,root,root)
 %doc Magick++/demo
-%{_libdir}/libMagick++.a
 %{_libdir}/libMagick++.so
 %{_libdir}/libMagick++.la
 %{prefix}/include/Magick++.h
@@ -290,6 +286,12 @@ Authors:
 
 
 %changelog
+* Thu Apr 19 2007 - nadvornik@suse.cz
+- updated to 6.3.3-8, see ChangeLog for details
+- fixed various crashes on malformed input, including
+  CVE-2007-1797 and CVE-2007-1667 [#258253]
+- do not build static libs
+- adjusted BuildRequires for libjasper-devel
 * Tue Feb 27 2007 - dmueller@suse.de
 - adjust BuildRequires: libexif -> libexif-devel
 * Mon Feb 19 2007 - mvaner@suse.cz