- updated to 6.9.4-1:

* Remove https delegate. * Check for buffer overflow in magick/draw.c/DrawStrokePolygon(). * Replace show delegate title with image filename rather than label. * Fix GetNextToken() off by one error. * Remove support for internal ephemeral coder. - refreshed ImageMagick-6.8.8-1-disable-insecure-coders.patch - believe or not, correct license string is ImageMagick: http://spdx.org/licenses/ImageMagick.html OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=254
2016-05-17 09:26:57 +00:00 · 2016-05-17 09:26:57 +00:00 · b1059c89a0
commit b1059c89a0
parent cceb4654ff
7 changed files with 44 additions and 31 deletions
--- a/ImageMagick-6.8.8-1-disable-insecure-coders.patch
+++ b/ImageMagick-6.8.8-1-disable-insecure-coders.patch
@ -1,10 +1,10 @@
-Index: config/policy.xml
+Index: ImageMagick-6.9.4-1/config/policy.xml
 ===================================================================
--- config/policy.xml.orig
-+++ config/policy.xml
-@@ -62,4 +62,15 @@
-   <!-- <policy domain="resource" name="time" value="3600"/> -->
-   <!-- <policy domain="system" name="precision" value="6"/> -->
+--- ImageMagick-6.9.4-1.orig/config/policy.xml	2016-05-09 19:28:58.000000000 +0200
+++ ImageMagick-6.9.4-1/config/policy.xml	2016-05-17 11:09:37.470928022 +0200
+@@ -64,4 +64,15 @@
+   <!-- <policy domain="coder" rights="none" pattern="HTTPS" /> -->
+   <!-- <policy domain="path" rights="none" pattern="@*" /> -->
   <policy domain="cache" name="shared-secret" value="passphrase"/>
 +  <!-- Disable insecure coders by default -->
 +  <!-- https://bugzilla.suse.com/show_bug.cgi?id=978061 -->
--- a/ImageMagick-6.9.3-10.tar.xz
+++ b/ImageMagick-6.9.3-10.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e33f021c879f31703f9e620f578ccf7d221a34941589da4bbe967b16a814336a
-size 8784108
--- a/ImageMagick-6.9.3-10.tar.xz.asc
+++ b/ImageMagick-6.9.3-10.tar.xz.asc
@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
-
-iQIcBAABAgAGBQJXKf1FAAoJEImrY9SCdzd6rUQP+wQAnK8TATsxTUrGhocQnBrT
-vc8l15R1U96Y8fqoOEr6xRzFtrRUt0gaxbdo5VJXMCSIMYGuwWqD7NijsgPo6INL
-iuCb+fqkdwD+MdVHXyTnWfmG3xdY+VLTVkEzW7PNdz4I15WCoe8iZNQSpN8EY8Yv
-RxrAB9nT5awFSfLg+5AixwxerktjresoQfknzC7uZjcHG6T568teUF5Ap7xMjAOd
-w2NPQzEPXZt3cOuW/Sw/PqGNqHnY9yDJ+ciUTaVAyI8T48A5KIJq6OrVeDDsyNnJ
-nxfqlo0vAiT8os3ZoSD8CByIeOf5DqlWYin9ymRojqn3MUsTFC92ZH2MlVRK/jVJ
-sRjA7pOjqR9Ml5nGP92Ze+9l73RNt840jJEXKyySlVEMSSLloS+MjuUQFH0xhLf9
-FEZ2qZKKaTA3QAoiag1LBuaU/mms9Sv2PXbgW3JZWxw7xMWh9EazVJyPfbhaA4mh
-//eX1iuZsggoQs9VQTcr5CTJBy9WxUIVglcxFEXyuLZPu+JkYIYUV1JT2yEpypIq
-T7onwUyrSXjPSh4KqeeI1U1yUIfPEFLADHo219vNLiH0ceG51d+lEbqAMB/6CMPf
-sMFMjzGRrU4Sc5YqSjPoPw65yHnWjMAzTSBNbjUT1oXlEUJ82qfI4nygK0Evdfpm
-jr2tioHe8JIfFvnAxPM5
-=cE7v
-----END PGP SIGNATURE-----
--- a/ImageMagick-6.9.4-1.tar.xz
+++ b/ImageMagick-6.9.4-1.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2ea0fef839cd5d6f134502b7cf7ee0e57a3f230b19771515d4aa44354f4c6b3b
+size 8789688
--- a/ImageMagick-6.9.4-1.tar.xz.asc
+++ b/ImageMagick-6.9.4-1.tar.xz.asc
@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1
+
+iQIcBAABAgAGBQJXMTreAAoJEImrY9SCdzd6H30P/RG55RDq9x9co7ff6DVcVIqh
+6/zgKm1cvhgk3ssaaqXuQMlqITfDEo4vKfYFapJMYlSPY8o3p+6WWwGSVGurZiLR
+smhlqPLPIyaRmnwoBpiTb+LgzeLfauxznaXI1uh0T2oFPu3UkFay9ChIh1gI2whk
+8HU3fB3EMo8E6Zykb3qsBf4tL59/QJeVyJBa/C1byq1kqZDGaDOhsSalupeIWNSp
+FWpRLp7Gw77r4zyrr6TIjEayY+tgm6zvVJPl2ipvGZ/o+1HkOozhUJp3ni+tWDA4
+UkhJBZIqwc2BETIIl9u3hXI/m8UJ69198b1X0XMpcH7K81iEpOp9kYAfqZfXJjBp
+9Krc0fXLaeaDkSVc70xzXyJwbKJst61gJcCp017+Am+ZLOpxqFuJSOJS6Ua2Fjec
+p/6YuIaxNbI+if8E3Yy34DZh0AojPJ0+GoZk8ZChZL8q9X70eX8Vw04MrUKExS3M
+IK5at4Fk/HRTvfj9gOG+TxChjWcnfpJDr3g+VTIsTFmBqZ4fBkHyFCMPxFTUkCif
+TF6AoGrZxdSOdpDstk6nNDJfzI/n/mipnORRxxivLswrA8gabt04AZJT+fww7Y4x
+rRaBglb7W+GgZSo4yS/Ve+wYLQf8Rhwi2JayJicJ2RnaAyRb4v0eHcHrua4yF5eM
+o6IQM3HqSMPUrXs3uiSp
+=UZ1q
+-----END PGP SIGNATURE-----
--- a/ImageMagick.changes
+++ b/ImageMagick.changes
@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Tue May 17 09:10:23 UTC 2016 - pgajdos@suse.com
+
+- updated to 6.9.4-1:
+  * Remove https delegate.
+  * Check for buffer overflow in magick/draw.c/DrawStrokePolygon().
+  * Replace show delegate title with image filename rather than label.
+  * Fix GetNextToken() off by one error.
+  * Remove support for internal ephemeral coder.
+- refreshed ImageMagick-6.8.8-1-disable-insecure-coders.patch
+- believe or not, correct license string is ImageMagick:
+  http://spdx.org/licenses/ImageMagick.html
+
 -------------------------------------------------------------------
 Wed May 11 11:56:25 UTC 2016 - chris@computersalat.de

--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@ -1,7 +1,7 @@
 #
 # spec file for package ImageMagick
 #
-# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -62,8 +62,8 @@ BuildRequires:  xz
 BuildRequires:  zip

 %define maj           6
-%define mfr_version   %{maj}.9.3
-%define mfr_revision  10
+%define mfr_version   %{maj}.9.4
+%define mfr_revision  1
 %define quantum_depth 16
 %define source_version %{mfr_version}-%{mfr_revision}
 %define clibver   2
@ -72,7 +72,7 @@ BuildRequires:  zip
 Version:        %{mfr_version}.%{mfr_revision}
 Release:        0
 Summary:        Viewer and Converter for Images
-License:        SUSE-ImageMagick
+License:        ImageMagick
 Group:          Productivity/Graphics/Other
 Url:            http://www.imagemagick.org
 Source:         http://www.imagemagick.org/download/ImageMagick-%{mfr_version}-%{mfr_revision}.tar.xz
@ -252,7 +252,7 @@ HTML documentation for ImageMagick library and scene examples.
 %patch3
 %patch4
 %patch11
-%patch20
+%patch20 -p1

 # remove executeable bits from per demos
 chmod -x PerlMagick/demo/*.pl