From 4f33e84315c7ab505fe83f052447eea858f7a40486408782c602a102921093a2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Lie?= <bjorn.lie@gmail.com>
Date: Wed, 19 Jan 2022 20:31:30 +0000
Subject: [PATCH] Add CVE-2021-45463 ref to .changes This update fixed
 CVE-2021-45463.

OBS-URL: https://build.opensuse.org/package/show/graphics/gegl?expand=0&rev=117
---
 gegl.changes | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/gegl.changes b/gegl.changes
index 26d6221..938f38a 100644
--- a/gegl.changes
+++ b/gegl.changes
@@ -14,6 +14,22 @@ Tue Dec 21 19:08:52 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
       operations using it avoiding polluting the GEGL library
       symbol table with the ctx symbols.
 
+-------------------------------------------------------------------
+Tue Dec 21 19:08:52 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to version 0.4.34 (CVE-2021-45463): 
+  + Operations:
+    - magick-load: use g_spawn_async instead of system to run the
+      image magick convert fallback - preventing shell expansion on
+      non-escaped/filtered paths in constructed commandline.
+    - ripple: avoid a possible division by zero.
+  + Build:
+    - Explicit dependency specification in meson for generated CL
+      files.
+    - ctx has been moved to be part of gegl-common.so nearer to the
+      operations using it avoiding polluting the GEGL library
+      symbol table with the ctx symbols.
+
 -------------------------------------------------------------------
 Wed Oct 27 21:23:26 UTC 2021 - Michael Gorse <mgorse@suse.com>