Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package GraphicsMagick for openSUSE:Factory
checked in at 2022-04-14 17:23:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/GraphicsMagick (Old)
and /work/SRC/openSUSE:Factory/.GraphicsMagick.new.1941 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "GraphicsMagick"
Thu Apr 14 17:23:47 2022 rev:81 rq:969384 version:1.3.38
Changes:
--------
--- /work/SRC/openSUSE:Factory/GraphicsMagick/GraphicsMagick.changes
2021-12-16 21:20:15.326542773 +0100
+++ /work/SRC/openSUSE:Factory/.GraphicsMagick.new.1941/GraphicsMagick.changes
2022-04-14 17:23:51.011150113 +0200
@@ -1,0 +2,88 @@
+Tue Apr 12 07:50:49 UTC 2022 - [email protected]
+
+- version update to 1.3.38
+ Special Issues:
+ * The FTP site ftp.graphicsmagick.org is now shut down due to a lack
+ of bandwith, extremely abusive users (including from Google and
+ customers of Amazon Web Services), and a lack of support from the
+ user community. Another factor is that FTP support has been removed
+ from popular web browsers. This is very unfortunate since the site
+ served multiple usages, including providing a lot of historical data
+ (e.g. related to PNG) which may not be available elsewhere.
+ * GraphicsMagick really does need some additional productive
+ volunteers. For several years now, the burden has entirely been on
+ me (Bob Friesenhahn). I have been sheparding the project for 20
+ years already (and contributed to ImageMagick and GraphicsMagick
+ combined for 26 years already). It is not reasonable to expect
+ someone with a full time job (and expecting to retire in a few
+ years) to do all of the work.
+ Security Fixes:
+ * GraphicsMagick is participating in Google's oss-fuzz project due to
+ the contributions and assistance of Alex Gaynor. Since February 4
+ 2018, ??? issues have been opened by oss-fuzz and ?? issues remain
+ open. The issues list is available at
+ https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
+ "graphicsmagick". Issues are available for anyone to view and
+ duplicate if they have been in "Verified" status for 30 days, or if
+ they have been in "New" status for 90 days. Please consult the
+ GraphicsMagick ChangeLog file, Mercurial repository commit log, and
+ the oss-fuzz issues list for details.
+ Bug fixes:
+ * Documentation: Generator scripts in 'doc' directory now produce
+ similar results using GNU sed and Solaris/Illumos sed and don't
+ produce warnings.
+ * JNG: Fixes to error handling to avoid temporary file leaks and
+ avoiding returning a broken image.
+ * JPEG: Always store embedded profiles in image, even if in 'ping'
+ mode.
+ * MAT: Change from using 'int' for sizes/offsets to using 'size_t' and
+ check all related calculations for overload.
+ * MIFF: Fix heap buffer overflow which may be provoked in builds with
+ BZLIB support.
+ * MogrifyImage() and Magick::Image::trim(): Trim requires
+ NorthWestGravity.
+ * PICT: Fixed a heap overflow.
+ * PerlMagick: Fix issue that image fill attribute had its opacity
+ reset to transparent so it could not be usefully set at image scope.
+ * Test Suite: Fixed portability issue related to 'sed' which broke
+ utilities/tests/convert.tap test script.
+ * WPG: Fix incorrect TrX and TrY elements in CTM.
+ New Features:
+ * Added support for a 'Read' resource limit (e.g. '-limit read 5mb').
+ This allows the user to specify a hard limit for how much data may
+ be read from a file, read from a pipe, or decompressed from a file
+ (e.g gzip or bzip2) before a hard error is reported. This resource
+ limit is a useful alternative to completely disabling support for
+ compressed files using the --disable-compressed-files option and it
+ provides more protections as well.
+ * Added support for reading HEIF/HEIC format.
+ * Added support for reading and writing JPEG XL format.
+ * Support for JasPer 3.0.0 is completed. Upgrading to JasPer 3.0.0 is
+ strongly recommended due to its many security fixes and integration
+ with GraphicsMagick's resource-limited memory allocator.
+ * PNG: Support the define png:chunk-malloc-max=limit in order to allow
+ reading PNG files which report "chunk data is too large" or to
+ reduce the default limit.
+ * compare: Added support for the '-compress' option.
+ * compare: Added support for the '-auto-orient' option. This tries to
+ assure that the two images are right-side up before comparing.
+ API Updates:
+ * Magick++: Support the new 'ReadResource' enumeration.
+ Feature improvements:
+ * JPEG: Implement more efficient way to append JPEG profile chunks.
+ * Resource Limited Memory: The resource limited memory allocator now
+ maintains useful statistics such as a tally of the total number of
+ octets moved by realloc.
+ Windows Delegate Updates/Additions:
+ * None
+ Build Changes:
+ * In maintainer mode, the configure script searches for a GnuPG 'gpg'
+ program to use for signing snapshot releases and uses this to
+ support PGP-signed development snapshots.
+ Behavior Changes:
+ * None
+ * fixes CVE-2022-1270 [bsc#1198351]
+- modified patches
+ % GraphicsMagick-disable-insecure-coders.patch (refreshed)
+
+-------------------------------------------------------------------
Old:
----
GraphicsMagick-1.3.37.tar.xz
New:
----
GraphicsMagick-1.3.38.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ GraphicsMagick.spec ++++++
--- /var/tmp/diff_new_pack.spvRWZ/_old 2022-04-14 17:23:51.707150926 +0200
+++ /var/tmp/diff_new_pack.spvRWZ/_new 2022-04-14 17:23:51.711150930 +0200
@@ -1,7 +1,7 @@
#
# spec file for package GraphicsMagick
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -25,7 +25,7 @@
%define pp_so_ver 12
%define wand_so_ver 2
Name: GraphicsMagick
-Version: 1.3.37
+Version: 1.3.38
Release: 0
Summary: Viewer and Converter for Images
License: MIT
@@ -37,8 +37,8 @@
BuildRequires: cups-client
BuildRequires: dcraw
BuildRequires: gcc-c++
+BuildRequires: ghostscript
BuildRequires: ghostscript-fonts-std
-BuildRequires: ghostscript-mini
%if 0%{?suse_version} >= 1315
BuildRequires: libjbig-devel
BuildRequires: libltdl-devel
++++++ GraphicsMagick-1.3.37.tar.xz -> GraphicsMagick-1.3.38.tar.xz ++++++
++++ 102820 lines of diff (skipped)
++++++ GraphicsMagick-disable-insecure-coders.patch ++++++
--- /var/tmp/diff_new_pack.spvRWZ/_old 2022-04-14 17:23:53.179152646 +0200
+++ /var/tmp/diff_new_pack.spvRWZ/_new 2022-04-14 17:23:53.183152651 +0200
@@ -1,7 +1,7 @@
-Index: GraphicsMagick-1.3.37/coders/pdf.c
+Index: GraphicsMagick-1.3.38/coders/pdf.c
===================================================================
---- GraphicsMagick-1.3.37.orig/coders/pdf.c 2021-12-12 22:07:42.000000000
+0100
-+++ GraphicsMagick-1.3.37/coders/pdf.c 2021-12-13 11:43:36.303459820 +0100
+--- GraphicsMagick-1.3.38.orig/coders/pdf.c
++++ GraphicsMagick-1.3.38/coders/pdf.c
@@ -499,7 +499,7 @@ ModuleExport void RegisterPDFImage(void)
entry->seekable_stream=True;
entry->description="Encapsulated Portable Document Format";
@@ -20,10 +20,10 @@
(void) RegisterMagickInfo(entry);
}
�
-Index: GraphicsMagick-1.3.37/coders/ps.c
+Index: GraphicsMagick-1.3.38/coders/ps.c
===================================================================
---- GraphicsMagick-1.3.37.orig/coders/ps.c 2020-12-26 17:34:21.000000000
+0100
-+++ GraphicsMagick-1.3.37/coders/ps.c 2021-12-13 11:43:36.303459820 +0100
+--- GraphicsMagick-1.3.38.orig/coders/ps.c
++++ GraphicsMagick-1.3.38/coders/ps.c
@@ -452,7 +452,7 @@ ModuleExport void RegisterPSImage(void)
entry->adjoin=False;
entry->description="Adobe Encapsulated PostScript Interchange format";
@@ -69,10 +69,10 @@
(void) RegisterMagickInfo(entry);
}
�
-Index: GraphicsMagick-1.3.37/coders/ps2.c
+Index: GraphicsMagick-1.3.38/coders/ps2.c
===================================================================
---- GraphicsMagick-1.3.37.orig/coders/ps2.c 2021-12-12 22:07:42.000000000
+0100
-+++ GraphicsMagick-1.3.37/coders/ps2.c 2021-12-13 11:43:36.307459846 +0100
+--- GraphicsMagick-1.3.38.orig/coders/ps2.c
++++ GraphicsMagick-1.3.38/coders/ps2.c
@@ -252,7 +252,7 @@ ModuleExport void RegisterPS2Image(void)
entry->seekable_stream=True;
entry->description="Adobe Level II Encapsulated PostScript";
@@ -91,10 +91,10 @@
(void) RegisterMagickInfo(entry);
}
�
-Index: GraphicsMagick-1.3.37/coders/ps3.c
+Index: GraphicsMagick-1.3.38/coders/ps3.c
===================================================================
---- GraphicsMagick-1.3.37.orig/coders/ps3.c 2021-12-12 22:07:42.000000000
+0100
-+++ GraphicsMagick-1.3.37/coders/ps3.c 2021-12-13 11:43:36.307459846 +0100
+--- GraphicsMagick-1.3.38.orig/coders/ps3.c
++++ GraphicsMagick-1.3.38/coders/ps3.c
@@ -394,7 +394,7 @@ ModuleExport void RegisterPS3Image(void)
entry->description="Adobe Level III Encapsulated PostScript";
entry->seekable_stream=MagickTrue;
@@ -113,10 +113,10 @@
(void) RegisterMagickInfo(entry);
}
�
-Index: GraphicsMagick-1.3.37/config/delegates.mgk.in
+Index: GraphicsMagick-1.3.38/config/delegates.mgk.in
===================================================================
---- GraphicsMagick-1.3.37.orig/config/delegates.mgk.in 2019-06-15
16:05:05.000000000 +0200
-+++ GraphicsMagick-1.3.37/config/delegates.mgk.in 2021-12-13
11:43:36.307459846 +0100
+--- GraphicsMagick-1.3.38.orig/config/delegates.mgk.in
++++ GraphicsMagick-1.3.38/config/delegates.mgk.in
@@ -76,27 +76,27 @@
<delegate decode="dot" command='"@DOTDecodeDelegate@" -Tps "%i" -o "%o"' />
<delegate decode="dvi" command='"@DVIDecodeDelegate@" -q -o "%o" "%i"' />
@@ -170,11 +170,11 @@
<delegate decode="ps" encode="print" mode="encode"
command='"@PrintDelegate@" "%i"' />
<!-- Read HTML file -->
<delegate decode="shtml" command='"@HTMLDecodeDelegate@" -U -o "%o" "%i"' />
-Index: GraphicsMagick-1.3.37/Makefile.in
+Index: GraphicsMagick-1.3.38/Makefile.in
===================================================================
---- GraphicsMagick-1.3.37.orig/Makefile.in 2021-12-12 22:09:13.000000000
+0100
-+++ GraphicsMagick-1.3.37/Makefile.in 2021-12-13 11:43:36.307459846 +0100
-@@ -4259,7 +4259,6 @@ TESTS_TESTS = \
+--- GraphicsMagick-1.3.38.orig/Makefile.in
++++ GraphicsMagick-1.3.38/Makefile.in
+@@ -4312,7 +4312,6 @@ TESTS_TESTS = \
tests/rwfile.tap \
tests/rwfile_sized.tap \
tests/rwfile_miff.tap \
@@ -182,10 +182,10 @@
tests/rwfile_deep.tap
TESTS_EXTRA_DIST = \
-Index: GraphicsMagick-1.3.37/tests/rwblob.tap
+Index: GraphicsMagick-1.3.38/tests/rwblob.tap
===================================================================
---- GraphicsMagick-1.3.37.orig/tests/rwblob.tap 2018-11-17
17:13:19.000000000 +0100
-+++ GraphicsMagick-1.3.37/tests/rwblob.tap 2021-12-13 11:43:36.307459846
+0100
+--- GraphicsMagick-1.3.38.orig/tests/rwblob.tap
++++ GraphicsMagick-1.3.38/tests/rwblob.tap
@@ -10,7 +10,7 @@ rwblob=./rwblob
check_types='bilevel gray pallette truecolor'
@@ -214,16 +214,16 @@
# FAX format
for type in ${check_types}
do
-Index: GraphicsMagick-1.3.37/tests/rwfile.tap
+Index: GraphicsMagick-1.3.38/tests/rwfile.tap
===================================================================
---- GraphicsMagick-1.3.37.orig/tests/rwfile.tap 2018-11-17
17:13:19.000000000 +0100
-+++ GraphicsMagick-1.3.37/tests/rwfile.tap 2021-12-13 11:43:36.307459846
+0100
+--- GraphicsMagick-1.3.38.orig/tests/rwfile.tap
++++ GraphicsMagick-1.3.38/tests/rwfile.tap
@@ -11,7 +11,7 @@ rwfile=./rwfile
check_types='bilevel gray pallette truecolor'
# Number of tests we plan to run
--test_plan_fn 648
-+test_plan_fn 608
+-test_plan_fn 656
++test_plan_fn 616
# ART format
for type in ${check_types}
@@ -276,7 +276,7 @@
# FAX format
for type in ${check_types}
do
-@@ -290,13 +248,6 @@ do
+@@ -297,13 +255,6 @@ do
test_command_fn "PCX ${type} (stdio)" ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" PCX
done
@@ -290,7 +290,7 @@
# PGM format
for type in ${check_types}
do
-@@ -356,27 +307,6 @@ do
+@@ -363,27 +314,6 @@ do
done
done
