Hello community, here is the log from the commit of package ImageMagick for openSUSE:Factory checked in at 2018-05-07 14:51:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ImageMagick (Old) and /work/SRC/openSUSE:Factory/.ImageMagick.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ImageMagick" Mon May 7 14:51:51 2018 rev:161 rq:603123 version:7.0.7.29 Changes: -------- --- /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick.changes 2018-04-17 11:15:17.860656041 +0200 +++ /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick.changes 2018-05-07 14:51:58.417231997 +0200 @@ -1,0 +2,20 @@ +Wed May 2 12:25:24 UTC 2018 - pgaj...@suse.com + +- instead of disabling test, apply upstream fix introduced + few minutes after upstream report was made + - ImageMagick-filter.t-primitive-circle.patch + + ImageMagick-draw-circle-primitive.patch + +------------------------------------------------------------------- +Wed May 2 11:00:44 UTC 2018 - pgaj...@suse.com + +- update to 7.0.7-29: + * Fixed numerous use of uninitialized values, integer overflow, + memory exceeded, and timeouts (credit to OSS Fuzz). +- turn off drawing primitive 'circle' test: + + ImageMagick-filter.t-primitive-circle.patch +- dropped patches (upstreamed): + - ImageMagick-CVE-2018-9135.patch + - ImageMagick-write.t-pict.patch + +------------------------------------------------------------------- Old: ---- ImageMagick-7.0.7-28.tar.bz2 ImageMagick-7.0.7-28.tar.bz2.asc ImageMagick-CVE-2018-9135.patch ImageMagick-write.t-pict.patch New: ---- ImageMagick-7.0.7-29.tar.bz2 ImageMagick-7.0.7-29.tar.bz2.asc ImageMagick-draw-circle-primitive.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ImageMagick.spec ++++++ --- /var/tmp/diff_new_pack.p5SS33/_old 2018-05-07 14:51:59.753190307 +0200 +++ /var/tmp/diff_new_pack.p5SS33/_new 2018-05-07 14:51:59.757190182 +0200 @@ -18,11 +18,11 @@ %define maj 7 %define mfr_version %{maj}.0.7 -%define mfr_revision 28 +%define mfr_revision 29 %define quantum_depth 16 %define source_version %{mfr_version}-%{mfr_revision} -%define clibver 5 -%define cwandver 5 +%define clibver 6 +%define cwandver 6 %define cxxlibver 4 %define libspec -%{maj}_Q%{quantum_depth}HDRI # bsc#1088463 @@ -51,13 +51,13 @@ #%%ifarch s390x s390 ppc64 ppc Patch3: ImageMagick-s390-disable-tests.patch #%%endif -# https://github.com/ImageMagick/ImageMagick/issues/1058 -Patch4: ImageMagick-write.t-pict.patch # https://github.com/ImageMagick/ImageMagick/issues/1019 #%%ifarch i586 Patch5: ImageMagick-tests.tap-attributes.patch #%%endif -Patch6: ImageMagick-CVE-2018-9135.patch +# fix circle primitive draw +# https://github.com/ImageMagick/ImageMagick/issues/1120 +Patch6: ImageMagick-draw-circle-primitive.patch BuildRequires: chrpath BuildRequires: dos2unix BuildRequires: fdupes @@ -310,7 +310,6 @@ %ifarch s390x s390 ppc ppc64 %patch3 -p1 %endif -%patch4 -p1 %ifarch i586 %patch5 -p1 %endif ++++++ ImageMagick-7.0.7-28.tar.bz2 -> ImageMagick-7.0.7-29.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick-7.0.7-28.tar.bz2 /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick-7.0.7-29.tar.bz2 differ: char 11, line 1 ++++++ ImageMagick-draw-circle-primitive.patch ++++++ diff --git a/MagickCore/draw.c b/MagickCore/draw.c index 2cefdcfb22..4df5e0bfc7 100644 --- a/MagickCore/draw.c +++ b/MagickCore/draw.c @@ -4354,21 +4354,21 @@ RestoreMSCWarning bounds.y2=p->bounds.y2; } bounds.x1-=(mid+1.0); + bounds.y1-=(mid+1.0); + bounds.x2+=(mid+1.0); + bounds.y2+=(mid+1.0); + if ((bounds.x1 >= image->columns) || (bounds.y1 >= image->rows) || + (bounds.x2 <= 0.0) || (bounds.y2 <= 0.0)) + return(MagickTrue); bounds.x1=bounds.x1 < 0.0 ? 0.0 : bounds.x1 >= (double) image->columns-1.0 ? (double) image->columns-1.0 : bounds.x1; - bounds.y1-=(mid+1.0); bounds.y1=bounds.y1 < 0.0 ? 0.0 : bounds.y1 >= (double) image->rows-1.0 ? (double) image->rows-1.0 : bounds.y1; - bounds.x2+=(mid+1.0); bounds.x2=bounds.x2 < 0.0 ? 0.0 : bounds.x2 >= (double) image->columns-1.0 ? (double) image->columns-1.0 : bounds.x2; - bounds.y2+=(mid+1.0); bounds.y2=bounds.y2 < 0.0 ? 0.0 : bounds.y2 >= (double) image->rows-1.0 ? (double) image->rows-1.0 : bounds.y2; status=MagickTrue; - if ((fabs(bounds.x2-bounds.x1) < MagickEpsilon) || - (fabs(bounds.y2-bounds.y1) < MagickEpsilon)) - status=MagickFalse; image_view=AcquireAuthenticCacheView(image,exception); if ((primitive_info->coordinates == 1) || (polygon_info[0]->number_edges == 0)) ++++++ baselibs.conf ++++++ --- /var/tmp/diff_new_pack.p5SS33/_old 2018-05-07 14:51:59.929184814 +0200 +++ /var/tmp/diff_new_pack.p5SS33/_new 2018-05-07 14:51:59.929184814 +0200 @@ -1,10 +1,10 @@ -libMagickCore-7_Q16HDRI5 -libMagickWand-7_Q16HDRI5 +libMagickCore-7_Q16HDRI6 +libMagickWand-7_Q16HDRI6 libMagick++-7_Q16HDRI4 ImageMagick-devel requires -ImageMagick-<targettype> - requires "libMagickCore-7_Q16HDRI5-<targettype> = <version>" - requires "libMagickWand-7_Q16HDRI5-<targettype> = <version>" + requires "libMagickCore-7_Q16HDRI6-<targettype> = <version>" + requires "libMagickWand-7_Q16HDRI6-<targettype> = <version>" libMagick++-devel requires -ImageMagick-<targettype> requires "libMagick++-7_Q16HDRI4-<targettype> = <version>"