Hello community, here is the log from the commit of package ImageMagick for openSUSE:Factory checked in at 2017-07-04 11:55:03 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ImageMagick (Old) and /work/SRC/openSUSE:Factory/.ImageMagick.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ImageMagick" Tue Jul 4 11:55:03 2017 rev:140 rq:507404 version:7.0.6.0 Changes: -------- --- /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick.changes 2017-05-27 13:12:17.782983297 +0200 +++ /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick.changes 2017-07-04 11:55:20.463149861 +0200 @@ -1,0 +2,26 @@ +Wed Jun 28 07:18:12 UTC 2017 - [email protected] + +- updated to 7.0.6-0 + * coders/png.c: Accept exIf chunks whose data segment + erroneously begins with "Exif\0\0". + * Introduce SetMagickSecurityPolicy() (MagickCore) and + MagickSetSecurityPolicy() (MagickWand) to set the ImageMagick security + policy (reference https://github.com/ImageMagick/ImageMagick/issues/407). + * Removed experimental PNG zxIF chunk support; the proposal is dead. + * Fix choppy bitmap font rendering (reference + https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32071). + * The +opaque option is not longer a noop (reference + https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32081). + * Add support for 'hex:' property. + * Transient error validating the JPEG-2000 image format (reference + https://github.com/ImageMagick/ImageMagick/issues/501). + * Properly allocate DCM image colormap (reference + https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32063). + * Improper allocation of memory for IM instances without threads (reference + https://github.com/ImageMagick/ImageMagick/issues/497). + * Delete corrupt image from list (reference + https://github.com/ImageMagick/ImageMagick/issues/500). + * Support various image operators for the compare utility (reference + https://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=31938). + +------------------------------------------------------------------- Old: ---- ImageMagick-7.0.5-6.tar.xz ImageMagick-7.0.5-6.tar.xz.asc New: ---- ImageMagick-7.0.6-0.tar.xz ImageMagick-7.0.6-0.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ImageMagick.spec ++++++ --- /var/tmp/diff_new_pack.eAaW14/_old 2017-07-04 11:55:22.354883640 +0200 +++ /var/tmp/diff_new_pack.eAaW14/_new 2017-07-04 11:55:22.354883640 +0200 @@ -54,8 +54,8 @@ BuildRequires: zip %define maj 7 -%define mfr_version %{maj}.0.5 -%define mfr_revision 6 +%define mfr_version %{maj}.0.6 +%define mfr_revision 0 %define quantum_depth 16 %define source_version %{mfr_version}-%{mfr_revision} %define clibver 2 ++++++ ImageMagick-7.0.5-6.tar.xz -> ImageMagick-7.0.6-0.tar.xz ++++++ /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick-7.0.5-6.tar.xz /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick-7.0.6-0.tar.xz differ: char 26, line 1 ++++++ ImageMagick-disable-insecure-coders.patch ++++++ --- /var/tmp/diff_new_pack.eAaW14/_old 2017-07-04 11:55:22.426873509 +0200 +++ /var/tmp/diff_new_pack.eAaW14/_new 2017-07-04 11:55:22.426873509 +0200 @@ -1,11 +1,11 @@ -Index: ImageMagick-6.9.8-2/config/policy.xml +Index: ImageMagick-7.0.6-0/config/policy.xml =================================================================== ---- ImageMagick-6.9.8-2.orig/config/policy.xml 2017-03-19 00:28:24.000000000 +0100 -+++ ImageMagick-6.9.8-2/config/policy.xml 2017-03-20 14:05:22.979847731 +0100 -@@ -81,4 +81,15 @@ +--- ImageMagick-7.0.6-0.orig/config/policy.xml 2017-06-28 09:11:49.170299620 +0200 ++++ ImageMagick-7.0.6-0/config/policy.xml 2017-06-28 09:13:16.191813685 +0200 +@@ -76,4 +76,15 @@ <!-- <policy domain="cache" name="memory-map" value="anonymous"/> --> <!-- <policy domain="cache" name="synchronize" value="True"/> --> - <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> + <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> --> + <!-- Disable insecure coders by default --> + <!-- https://bugzilla.suse.com/show_bug.cgi?id=978061 --> + <policy domain="coder" rights="none" pattern="EPHEMERAL" />
