OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ImageMagick?expand=0&rev=4

2007-04-19 19:46:30 +00:00 · 2007-04-19 19:46:30 +00:00 · 90cc09d28a
commit 90cc09d28a
parent 23d885c90d
9 changed files with 44 additions and 73 deletions
--- a/ImageMagick-6.3.0-0.tar.bz2
+++ b/ImageMagick-6.3.0-0.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1595f9462b4d083944d7f1a28fead810399a709cc834ca7cfd4b6336597b41cb
-size 5348178
--- a/ImageMagick-6.3.0.0-CVE-2006-5456.patch
+++ b/ImageMagick-6.3.0.0-CVE-2006-5456.patch
@ -1,40 +0,0 @@
--- coders/dcm.c
-+++ coders/dcm.c
-@@ -2950,7 +2950,7 @@
-             /*
-               Photometric interpretation.
-             */
-            for (i=0; i < (long) length; i++)
-+            for (i=0; i < (long) Min(length, MaxTextExtent-1); i++)
-               photometric[i]=(char) data[i];
-             photometric[i]='\0';
-             break;
--- coders/palm.c
-+++ coders/palm.c
-@@ -398,7 +398,7 @@
-               image->compression=RLECompression;
-               for (i=0; i < (long) bytes_per_row; )
-               {
-                count=ReadBlobByte(image);
-+                count=Min(ReadBlobByte(image), bytes_per_row-i);
-                 byte=ReadBlobByte(image);
-                 (void) ResetMagickMemory(one_row+i,(int) byte,count);
-                 i+=count;
-@@ -431,6 +431,8 @@
-       indexes=GetIndexes(image);
-       if (bits_per_pixel == 16)
-         {
-+          if (image->columns > 2*bytes_per_row)
-+            ThrowReaderException(CorruptImageError,"ImproperImageHeader");
-           for (x=0; x < (long) image->columns; x++)
-           {
-             color16=(*ptr++ << 8);
-@@ -447,6 +449,8 @@
-           bit=8-bits_per_pixel;
-           for (x=0; x < (long) image->columns; x++)
-           {
-+	    if (ptr - one_row >= bytes_per_row)
-+              ThrowReaderException(CorruptImageError,"ImproperImageHeader");
-             index=(IndexPacket) (mask-(((*ptr) & (mask << bit)) >> bit));
-             indexes[x]=index;
-             *q++=image->colormap[index];
--- a/ImageMagick-6.3.0.0-bezier-array.patch
+++ b/ImageMagick-6.3.0.0-bezier-array.patch
@ -1,11 +0,0 @@
--- magick/draw.c
-+++ magick/draw.c
-@@ -4910,7 +4910,7 @@
-               points[0]=points[2];
-               points[1]=points[3];
-             }
-          for (i=0; i <= 4; i++)
-+          for (i=0; i <= 3; i++)
-             (q+i)->point=points[i];
-           TraceBezier(q,4);
-           q+=q->coordinates;
--- a/ImageMagick-6.3.3-8.tar.bz2
+++ b/ImageMagick-6.3.3-8.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e2b557f971fa5875647ad4c848025a095eb5784a4296d884ff162212eab8db4e
+size 5633820
--- a/ImageMagick-6.3.3.8-autoconf.patch
+++ b/ImageMagick-6.3.3.8-autoconf.patch
@ -0,0 +1,11 @@
+--- Makefile.am
+++ Makefile.am
+@@ -21,7 +21,7 @@
+ 
+ AM_CPPFLAGS = -I$(top_builddir) -I$(top_srcdir)
+ 
+-ACLOCAL_AMFLAGS = -Iltdl/m4 -I m4
+ACLOCAL_AMFLAGS = -I m4
+ 
+ MODULECOMMONFLAGS = -no-undefined -module -avoid-version
+ 
--- a/ImageMagick-6.3.3.8-doc.patch
+++ b/ImageMagick-6.3.3.8-doc.patch
--- a/ImageMagick-6.3.3.8-examples.patch
+++ b/ImageMagick-6.3.3.8-examples.patch
--- a/ImageMagick.changes
+++ b/ImageMagick.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Thu Apr 19 13:53:08 CEST 2007 - nadvornik@suse.cz
+
+- updated to 6.3.3-8, see ChangeLog for details
+- fixed various crashes on malformed input, including
+  CVE-2007-1797 and CVE-2007-1667 [#258253]
+- do not build static libs
+- adjusted BuildRequires for libjasper-devel
+
 -------------------------------------------------------------------
 Tue Feb 27 22:53:46 CET 2007 - dmueller@suse.de

--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@ -1,5 +1,5 @@
 #
-# spec file for package ImageMagick (Version 6.3.0.0)
+# spec file for package ImageMagick (Version 6.3.3.8)
 #
 # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
 # This file and all modifications and additions to the pristine
@ -12,26 +12,30 @@

 Name:           ImageMagick
 BuildRequires:  dcraw freetype2-devel gcc-c++ ghostscript-fonts-other ghostscript-fonts-std
-BuildRequires:  ghostscript-library glib libjasper liblcms-devel libtiff-devel libwmf-devel
-BuildRequires:  libexif-devel libxml2-devel pkgconfig
+BuildRequires:  ghostscript-library glib liblcms-devel libtiff-devel libwmf-devel
+BuildRequires:  libxml2-devel pkgconfig
+%if %suse_version > 1020
+BuildRequires:  libexif-devel libjasper-devel
+%else
+BuildRequires:  libexif libjasper
+%endif
 Obsoletes:      imagemag
 Provides:       imagemag
 %define xtp_version 5.4.3
 %define prefix /usr
 %define perl_prefix /usr
-License:        Public Domain, Freeware
+License:        Any permissive
 Group:          Productivity/Graphics/Other
 Autoreqprov:    on
-Version:        6.3.0.0
-Release:        32
+Version:        6.3.3.8
+Release:        1
 Summary:        Viewer and Converter for Images
 URL:            http://www.imagemagick.org
-Source:         ImageMagick-6.3.0-0.tar.bz2
+Source:         ImageMagick-6.3.3-8.tar.bz2
 Source2:        xtp-%{xtp_version}.tar.bz2
 Patch1:         ImageMagick-%{version}-examples.patch
 Patch2:         ImageMagick-%{version}-doc.patch
-Patch3:         ImageMagick-%{version}-CVE-2006-5456.patch
-Patch4:         ImageMagick-%{version}-bezier-array.patch
+Patch3:         ImageMagick-%{version}-autoconf.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %package -n perl-PerlMagick
 Requires:       perl = %{perl_version}
@ -57,20 +61,17 @@ Group:          Development/Libraries/C and C++
 Autoreqprov:    on
 %prep
 rm -rf xtp-%{xtp_version}
-%setup -n ImageMagick-6.3.0 -b 2
+%setup -n ImageMagick-6.3.3 -b 2
 %patch1
 %patch2
 %patch3
-%patch4

 %build
 cp -f /usr/share/libtool/libltdl/*.{c,h} ltdl
 mv ltdl/ltdl.c ltdl/ltdl.c.orig
 sed -e "s:<config.h>:<magick/magick-config.h>:" ltdl/ltdl.c.orig >ltdl/ltdl.c
-%{?suse_update_config:%{suse_update_config -f ltdl }}
 autoreconf --force --install
 pushd ../xtp-%{xtp_version}
-%{?suse_update_config:%{suse_update_config -f }}
 autoreconf --force --install
 popd
 export CFLAGS="$RPM_OPT_FLAGS"
@ -83,7 +84,7 @@ export LDFLAGS="-L%{_libdir}"
 ./configure --prefix=%{prefix} --libdir=%{_libdir} \
         --mandir=%{_mandir} --enable-shared --without-frozenpaths \
 	 --with-largefiles  --with-magick_plus_plus --with-modules\
-	 --with-threads --without-perl 
+	 --with-threads --without-perl --disable-static
 make %{?jobs:-j%jobs} all
 cd PerlMagick
 perl Makefile.PL
@ -156,10 +157,8 @@ rm -rf $RPM_BUILD_ROOT
 %files devel
 %defattr(-,root,root)
 %{_libdir}/libMagick.so
-%{_libdir}/libMagick.a
 %{_libdir}/libMagick.la
 %{_libdir}/libWand.so
-%{_libdir}/libWand.a
 %{_libdir}/libWand.la
 %{prefix}/include/magick
 %{prefix}/include/wand
@ -167,8 +166,6 @@ rm -rf $RPM_BUILD_ROOT
 %{prefix}/bin/Wand-config
 %{_libdir}/pkgconfig/ImageMagick.pc
 %{_libdir}/pkgconfig/Wand.pc
-#
-%{_libdir}/ImageMagick*/modules*/*/*.a

 %files -n perl-PerlMagick
 %defattr(-,root,root)
@ -187,7 +184,6 @@ rm -rf $RPM_BUILD_ROOT
 %files Magick++-devel
 %defattr(-,root,root)
 %doc Magick++/demo
-%{_libdir}/libMagick++.a
 %{_libdir}/libMagick++.so
 %{_libdir}/libMagick++.la
 %{prefix}/include/Magick++.h
@ -290,6 +286,12 @@ Authors:


 %changelog
+* Thu Apr 19 2007 - nadvornik@suse.cz
+- updated to 6.3.3-8, see ChangeLog for details
+- fixed various crashes on malformed input, including
+  CVE-2007-1797 and CVE-2007-1667 [#258253]
+- do not build static libs
+- adjusted BuildRequires for libjasper-devel
 * Tue Feb 27 2007 - dmueller@suse.de
 - adjust BuildRequires: libexif -> libexif-devel
 * Mon Feb 19 2007 - mvaner@suse.cz