commit ImageMagick for openSUSE:Factory

Mon, 07 May 2018 05:52:19 -0700 

Hello community,

here is the log from the commit of package ImageMagick for openSUSE:Factory 
checked in at 2018-05-07 14:51:51
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ImageMagick (Old)
 and      /work/SRC/openSUSE:Factory/.ImageMagick.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "ImageMagick"

Mon May  7 14:51:51 2018 rev:161 rq:603123 version:7.0.7.29

Changes:
--------
--- /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick.changes  2018-04-17 
11:15:17.860656041 +0200
+++ /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick.changes     
2018-05-07 14:51:58.417231997 +0200
@@ -1,0 +2,20 @@
+Wed May  2 12:25:24 UTC 2018 - pgaj...@suse.com
+
+- instead of disabling test, apply upstream fix introduced
+  few minutes after upstream report was made
+  - ImageMagick-filter.t-primitive-circle.patch
+  + ImageMagick-draw-circle-primitive.patch
+
+-------------------------------------------------------------------
+Wed May  2 11:00:44 UTC 2018 - pgaj...@suse.com
+
+- update to 7.0.7-29:
+  * Fixed numerous use of uninitialized values, integer overflow, 
+    memory exceeded, and timeouts (credit to OSS Fuzz).
+- turn off drawing primitive 'circle' test:
+  + ImageMagick-filter.t-primitive-circle.patch
+- dropped patches (upstreamed):
+  - ImageMagick-CVE-2018-9135.patch
+  - ImageMagick-write.t-pict.patch
+
+-------------------------------------------------------------------

Old:
----
  ImageMagick-7.0.7-28.tar.bz2
  ImageMagick-7.0.7-28.tar.bz2.asc
  ImageMagick-CVE-2018-9135.patch
  ImageMagick-write.t-pict.patch

New:
----
  ImageMagick-7.0.7-29.tar.bz2
  ImageMagick-7.0.7-29.tar.bz2.asc
  ImageMagick-draw-circle-primitive.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ ImageMagick.spec ++++++
--- /var/tmp/diff_new_pack.p5SS33/_old  2018-05-07 14:51:59.753190307 +0200
+++ /var/tmp/diff_new_pack.p5SS33/_new  2018-05-07 14:51:59.757190182 +0200
@@ -18,11 +18,11 @@
 
 %define maj           7
 %define mfr_version   %{maj}.0.7
-%define mfr_revision  28
+%define mfr_revision  29
 %define quantum_depth 16
 %define source_version %{mfr_version}-%{mfr_revision}
-%define clibver   5
-%define cwandver  5
+%define clibver   6
+%define cwandver  6
 %define cxxlibver 4
 %define libspec -%{maj}_Q%{quantum_depth}HDRI
 # bsc#1088463
@@ -51,13 +51,13 @@
 #%%ifarch s390x s390 ppc64 ppc
 Patch3:         ImageMagick-s390-disable-tests.patch
 #%%endif
-# https://github.com/ImageMagick/ImageMagick/issues/1058
-Patch4:         ImageMagick-write.t-pict.patch
 # https://github.com/ImageMagick/ImageMagick/issues/1019
 #%%ifarch i586
 Patch5:         ImageMagick-tests.tap-attributes.patch
 #%%endif
-Patch6:         ImageMagick-CVE-2018-9135.patch
+# fix circle primitive draw
+# https://github.com/ImageMagick/ImageMagick/issues/1120
+Patch6:         ImageMagick-draw-circle-primitive.patch
 BuildRequires:  chrpath
 BuildRequires:  dos2unix
 BuildRequires:  fdupes
@@ -310,7 +310,6 @@
 %ifarch s390x s390 ppc ppc64
 %patch3 -p1
 %endif
-%patch4 -p1
 %ifarch i586
 %patch5 -p1
 %endif

++++++ ImageMagick-7.0.7-28.tar.bz2 -> ImageMagick-7.0.7-29.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/ImageMagick/ImageMagick-7.0.7-28.tar.bz2 
/work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick-7.0.7-29.tar.bz2 
differ: char 11, line 1

++++++ ImageMagick-draw-circle-primitive.patch ++++++
diff --git a/MagickCore/draw.c b/MagickCore/draw.c
index 2cefdcfb22..4df5e0bfc7 100644
--- a/MagickCore/draw.c
+++ b/MagickCore/draw.c
@@ -4354,21 +4354,21 @@ RestoreMSCWarning
       bounds.y2=p->bounds.y2;
   }
   bounds.x1-=(mid+1.0);
+  bounds.y1-=(mid+1.0);
+  bounds.x2+=(mid+1.0);
+  bounds.y2+=(mid+1.0);
+  if ((bounds.x1 >= image->columns) || (bounds.y1 >= image->rows) ||
+      (bounds.x2 <= 0.0) || (bounds.y2 <= 0.0))
+    return(MagickTrue);
   bounds.x1=bounds.x1 < 0.0 ? 0.0 : bounds.x1 >= (double) image->columns-1.0 ?
     (double) image->columns-1.0 : bounds.x1;
-  bounds.y1-=(mid+1.0);
   bounds.y1=bounds.y1 < 0.0 ? 0.0 : bounds.y1 >= (double) image->rows-1.0 ?
     (double) image->rows-1.0 : bounds.y1;
-  bounds.x2+=(mid+1.0);
   bounds.x2=bounds.x2 < 0.0 ? 0.0 : bounds.x2 >= (double) image->columns-1.0 ?
     (double) image->columns-1.0 : bounds.x2;
-  bounds.y2+=(mid+1.0);
   bounds.y2=bounds.y2 < 0.0 ? 0.0 : bounds.y2 >= (double) image->rows-1.0 ?
     (double) image->rows-1.0 : bounds.y2;
   status=MagickTrue;
-  if ((fabs(bounds.x2-bounds.x1) < MagickEpsilon) ||
-      (fabs(bounds.y2-bounds.y1) < MagickEpsilon))
-    status=MagickFalse;
   image_view=AcquireAuthenticCacheView(image,exception);
   if ((primitive_info->coordinates == 1) ||
       (polygon_info[0]->number_edges == 0))


++++++ baselibs.conf ++++++
--- /var/tmp/diff_new_pack.p5SS33/_old  2018-05-07 14:51:59.929184814 +0200
+++ /var/tmp/diff_new_pack.p5SS33/_new  2018-05-07 14:51:59.929184814 +0200
@@ -1,10 +1,10 @@
-libMagickCore-7_Q16HDRI5
-libMagickWand-7_Q16HDRI5
+libMagickCore-7_Q16HDRI6
+libMagickWand-7_Q16HDRI6
 libMagick++-7_Q16HDRI4
 ImageMagick-devel
    requires -ImageMagick-<targettype>
-   requires "libMagickCore-7_Q16HDRI5-<targettype> = <version>"
-   requires "libMagickWand-7_Q16HDRI5-<targettype> = <version>"
+   requires "libMagickCore-7_Q16HDRI6-<targettype> = <version>"
+   requires "libMagickWand-7_Q16HDRI6-<targettype> = <version>"
 libMagick++-devel
    requires -ImageMagick-<targettype>
    requires "libMagick++-7_Q16HDRI4-<targettype> = <version>"

Reply via email to