Hello community,
here is the log from the commit of package GraphicsMagick for openSUSE:Factory
checked in at 2018-08-24 17:10:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/GraphicsMagick (Old)
and /work/SRC/openSUSE:Factory/.GraphicsMagick.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "GraphicsMagick"
Fri Aug 24 17:10:35 2018 rev:67 rq:631020 version:1.3.30
Changes:
--------
--- /work/SRC/openSUSE:Factory/GraphicsMagick/GraphicsMagick.changes
2018-08-04 21:54:49.365436836 +0200
+++ /work/SRC/openSUSE:Factory/.GraphicsMagick.new/GraphicsMagick.changes
2018-08-24 17:10:42.898542848 +0200
@@ -1,0 +2,7 @@
+Wed Aug 22 12:50:39 UTC 2018 - [email protected]
+
+- disable PS, PS2, PS3 and PDF coders by default, remove gs calls
+ from delegates.mgk [bsc#1105592]
+ + GraphicsMagick-disable-insecure-coders.patch
+
+-------------------------------------------------------------------
New:
----
GraphicsMagick-disable-insecure-coders.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ GraphicsMagick.spec ++++++
--- /var/tmp/diff_new_pack.yJQ3wU/_old 2018-08-24 17:10:43.450543505 +0200
+++ /var/tmp/diff_new_pack.yJQ3wU/_new 2018-08-24 17:10:43.450543505 +0200
@@ -42,6 +42,7 @@
%if %{bindperl}
Patch0: GraphicsMagick-perl-linkage.patch
%endif
+Patch1: GraphicsMagick-disable-insecure-coders.patch
BuildRequires: cups-client
BuildRequires: dcraw
BuildRequires: gcc-c++
@@ -213,6 +214,7 @@
%if %{bindperl}
%patch0 -p1
%endif
+%patch1 -p1
%build
# This shouldn't be there yet.
@@ -275,6 +277,8 @@
export MAGICK_CONFIGURE_PATH=$PWD/config
%if %{bindperl}
cd PerlMagick
+# bsc#1105592
+rm -r t/ps
make test
%endif
++++++ GraphicsMagick-disable-insecure-coders.patch ++++++
Index: GraphicsMagick-1.3.30/coders/pdf.c
===================================================================
--- GraphicsMagick-1.3.30.orig/coders/pdf.c 2018-04-29 20:01:26.000000000
+0200
+++ GraphicsMagick-1.3.30/coders/pdf.c 2018-08-22 14:43:01.665828434 +0200
@@ -495,7 +495,7 @@ ModuleExport void RegisterPDFImage(void)
entry->seekable_stream=True;
entry->description="Encapsulated Portable Document Format";
entry->module="PDF";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
entry=SetMagickInfo("PDF");
@@ -506,7 +506,7 @@ ModuleExport void RegisterPDFImage(void)
entry->seekable_stream=True;
entry->description="Portable Document Format";
entry->module="PDF";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
}
�
Index: GraphicsMagick-1.3.30/coders/ps.c
===================================================================
--- GraphicsMagick-1.3.30.orig/coders/ps.c 2018-04-29 20:01:26.000000000
+0200
+++ GraphicsMagick-1.3.30/coders/ps.c 2018-08-22 14:37:42.260163129 +0200
@@ -458,7 +458,7 @@ ModuleExport void RegisterPSImage(void)
entry->adjoin=False;
entry->description="Adobe Encapsulated PostScript Interchange format";
entry->module="PS";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
entry=SetMagickInfo("EPS");
@@ -468,7 +468,7 @@ ModuleExport void RegisterPSImage(void)
entry->adjoin=False;
entry->description="Adobe Encapsulated PostScript";
entry->module="PS";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
entry=SetMagickInfo("EPSF");
@@ -478,7 +478,7 @@ ModuleExport void RegisterPSImage(void)
entry->adjoin=False;
entry->description="Adobe Encapsulated PostScript";
entry->module="PS";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
entry=SetMagickInfo("EPSI");
@@ -488,7 +488,7 @@ ModuleExport void RegisterPSImage(void)
entry->adjoin=False;
entry->description="Adobe Encapsulated PostScript Interchange format";
entry->module="PS";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
entry=SetMagickInfo("PS");
@@ -497,7 +497,7 @@ ModuleExport void RegisterPSImage(void)
entry->magick=(MagickHandler) IsPS;
entry->description="Adobe PostScript";
entry->module="PS";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
}
�
Index: GraphicsMagick-1.3.30/coders/ps2.c
===================================================================
--- GraphicsMagick-1.3.30.orig/coders/ps2.c 2018-04-29 20:01:26.000000000
+0200
+++ GraphicsMagick-1.3.30/coders/ps2.c 2018-08-22 14:38:15.308335440 +0200
@@ -244,7 +244,7 @@ ModuleExport void RegisterPS2Image(void)
entry->seekable_stream=True;
entry->description="Adobe Level II Encapsulated PostScript";
entry->module="PS2";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
entry=SetMagickInfo("PS2");
@@ -252,7 +252,7 @@ ModuleExport void RegisterPS2Image(void)
entry->seekable_stream=True;
entry->description="Adobe Level II PostScript";
entry->module="PS2";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
}
�
Index: GraphicsMagick-1.3.30/coders/ps3.c
===================================================================
--- GraphicsMagick-1.3.30.orig/coders/ps3.c 2018-04-29 20:01:26.000000000
+0200
+++ GraphicsMagick-1.3.30/coders/ps3.c 2018-08-22 14:42:36.217695754 +0200
@@ -386,7 +386,7 @@ ModuleExport void RegisterPS3Image(void)
entry->description="Adobe Level III Encapsulated PostScript";
entry->seekable_stream=MagickTrue;
entry->module="PS3";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
entry=SetMagickInfo("PS3");
@@ -394,7 +394,7 @@ ModuleExport void RegisterPS3Image(void)
entry->description="Adobe Level III PostScript";
entry->seekable_stream=MagickTrue;
entry->module="PS3";
- entry->coder_class=PrimaryCoderClass;
+ entry->coder_class=BrokenCoderClass;
(void) RegisterMagickInfo(entry);
}
�
Index: GraphicsMagick-1.3.30/config/delegates.mgk.in
===================================================================
--- GraphicsMagick-1.3.30.orig/config/delegates.mgk.in 2016-05-30
19:19:54.000000000 +0200
+++ GraphicsMagick-1.3.30/config/delegates.mgk.in 2018-08-22
15:16:26.932049510 +0200
@@ -76,28 +76,8 @@
<delegate decode="dot" command='"@DOTDecodeDelegate@" -Tps "%i" -o "%o"' />
<delegate decode="dvi" command='"@DVIDecodeDelegate@" -q -o "%o" "%i"' />
<delegate decode="edit" stealth="True" command='"@EditorDelegate@" -title
"Edit Image Comment" -e vi "%o"' />
- <delegate decode="eps" encode="pdf" mode="bi" command='"@PSDelegate@" -q
-dBATCH -dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSPDFDevice@
"-sOutputFile=%o" -- "%i" -c quit' />
- <delegate decode="eps" encode="ps" mode="bi" command='"@PSDelegate@" -q
-dBATCH -dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSPSDevice@
"-sOutputFile=%o" -- "%i" -c quit' />
<delegate decode="fig" command='"@FIGDecodeDelegate@" -L ps "%i" "%o"' />
- <!-- Read monochrome Postscript, EPS, and PDF -->
- <delegate decode="gs-mono" stealth="True" command='"@PSDelegate@" -q -dBATCH
-dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSMonoDevice@
-dTextAlphaBits=%u -dGraphicsAlphaBits=%u -r%s %s "-sOutputFile=%s" -- "%s" -c
quit' />
-
- <!-- Read grayscale Postscript, EPS, and PDF -->
- <delegate decode="gs-gray" stealth="True" command='"@PSDelegate@" -q -dBATCH
-dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSGrayDevice@
-dTextAlphaBits=%u -dGraphicsAlphaBits=%u -r%s %s "-sOutputFile=%s" -- "%s" -c
quit' />
-
- <!-- Read colormapped Postscript, EPS, and PDF -->
- <delegate decode="gs-palette" stealth="True" command='"@PSDelegate@" -q
-dBATCH -dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSPaletteDevice@
-dTextAlphaBits=%u -dGraphicsAlphaBits=%u -r%s %s "-sOutputFile=%s" -- "%s" -c
quit' />
-
- <!-- Read color Postscript, EPS, and PDF -->
- <delegate decode="gs-color" stealth="True" command='"@PSDelegate@" -q
-dBATCH -dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSColorDevice@
-dTextAlphaBits=%u -dGraphicsAlphaBits=%u -r%s %s "-sOutputFile=%s" -- "%s" -c
quit' />
-
- <!-- Read color+alpha Postscript, EPS, and PDF -->
- <delegate decode="gs-color+alpha" stealth="True" command='"@PSDelegate@" -q
-dBATCH -dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSColorAlphaDevice@
-dTextAlphaBits=%u -dGraphicsAlphaBits=%u -r%s %s "-sOutputFile=%s" -- "%s" -c
quit' />
-
- <!-- Read CMYK Postscript, EPS, and PDF -->
- <delegate decode="gs-cmyk" stealth="True" command='"@PSDelegate@" -q -dBATCH
-dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSCMYKDevice@
-dTextAlphaBits=%u -dGraphicsAlphaBits=%u -r%s %s "-sOutputFile=%s" -- "%s" -c
quit' />
-
<delegate decode="hpg" command='"@HPGLDecodeDelegate@" -q -m eps -f
`basename "%o"` "%i" && @MVDelegate@ -f `basename "%o"` "%o"' />
<delegate decode="hpgl" command='"@HPGLDecodeDelegate@" -q -m eps -f
`basename "%o"` "%i" && @MVDelegate@ -f `basename "%o"` "%o"' />
<!-- Read HTML file -->
@@ -110,16 +90,10 @@
<delegate decode="mpeg" command='"@MPEGDecodeDelegate@" -q -b "%i" -f -o3
"%u%%05d"; @GMDelegate@ convert -temporary "%u*.ppm" "miff:%o" ; rm -f
"%u"*.ppm ' />
<!-- Write MPEG file using mpeg2encode -->
<delegate encode="mpeg-encode" stealth="True"
command='"@MPEGEncodeDelegate@" "%i" "%o"' />
- <!-- Convert PDF to Encapsulated Poscript using Ghostscript -->
- <delegate decode="pdf" encode="eps" mode="bi" command='"@PSDelegate@" -q
-dBATCH -dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSEPSDevice@
"-sOutputFile=%o" -- "%i" -c quit' />
- <!-- Convert PDF to Postcript using Ghostscript -->
- <delegate decode="pdf" encode="ps" mode="bi" command='"@PSDelegate@" -q
-dBATCH -dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSPSDevice@
"-sOutputFile=%o" -- "%i" -c quit' />
<!-- Convert PNM file to IFF ILBM format using ppmtoilbm -->
<delegate decode="pnm" encode="ilbm" mode="encode"
command='"@ILBMEncodeDelegate@" -24if "%i" > "%o"' />
<delegate decode="pnm" encode="launch" mode="encode"
command='"@LaunchDelegate@" "%i"' />
<delegate decode="pnm" encode="win" mode="encode" command='"@GMDelegate@"
display -immutable "%i"' />
- <delegate decode="ps" encode="eps" mode="bi" command='"@PSDelegate@" -q
-dBATCH -dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSEPSDevice@
"-sOutputFile=%o" -- "%i" -c quit' />
- <delegate decode="ps" encode="pdf" mode="bi" command='"@PSDelegate@" -q
-dBATCH -dSAFER -dMaxBitmap=50000000 -dNOPAUSE -sDEVICE=@GSPDFDevice@
"-sOutputFile=%o" -- "%i" -c quit' />
<delegate decode="ps" encode="print" mode="encode"
command='"@PrintDelegate@" "%i"' />
<!-- Read HTML file -->
<delegate decode="shtml" command='"@HTMLDecodeDelegate@" -U -o "%o" "%i"' />
Index: GraphicsMagick-1.3.30/Makefile.in
===================================================================
--- GraphicsMagick-1.3.30.orig/Makefile.in 2018-06-23 19:01:45.000000000
+0200
+++ GraphicsMagick-1.3.30/Makefile.in 2018-08-22 15:20:27.317271220 +0200
@@ -3876,7 +3876,6 @@ TESTS_TESTS = \
tests/rwfile.tap \
tests/rwfile_sized.tap \
tests/rwfile_miff.tap \
- tests/rwfile_pdf.tap \
tests/rwfile_deep.tap
TESTS_EXTRA_DIST = \
Index: GraphicsMagick-1.3.30/tests/rwblob.tap
===================================================================
--- GraphicsMagick-1.3.30.orig/tests/rwblob.tap 2018-06-23 19:00:29.000000000
+0200
+++ GraphicsMagick-1.3.30/tests/rwblob.tap 2018-08-22 15:31:01.392493703
+0200
@@ -10,7 +10,7 @@ rwblob=./rwblob
check_types='bilevel gray pallette truecolor'
# Number of tests we plan to run
-test_plan_fn 208
+test_plan_fn 200
# ART format
for type in ${check_types}
@@ -66,18 +66,6 @@ do
test_command_fn "DPX ${type}" ${MEMCHECK} ${rwblob}
"${SRCDIR}/input_${type}.miff" DPX
done
-# EPDF format
-for type in ${check_types}
-do
- test_command_fn "EPDF ${type}" -F 'PS' ${MEMCHECK} ${rwblob}
"${SRCDIR}/input_${type}.miff" EPDF
-done
-
-# EPT format
-for type in ${check_types}
-do
- test_command_fn "EPT ${type}" -F 'PS TIFF' ${MEMCHECK} ${rwblob}
"${SRCDIR}/input_${type}.miff" EPT
-done
-
# FAX format
for type in ${check_types}
do
Index: GraphicsMagick-1.3.30/tests/rwfile.tap
===================================================================
--- GraphicsMagick-1.3.30.orig/tests/rwfile.tap 2018-06-23 19:00:29.000000000
+0200
+++ GraphicsMagick-1.3.30/tests/rwfile.tap 2018-08-22 15:30:32.828348551
+0200
@@ -11,7 +11,7 @@ rwfile=./rwfile
check_types='bilevel gray pallette truecolor'
# Number of tests we plan to run
-test_plan_fn 576
+test_plan_fn 536
# ART format
for type in ${check_types}
@@ -83,48 +83,6 @@ do
test_command_fn "DPX ${type} (stdio)" ${MEMCHECK} ${rwfile} -stdio -filespec
"out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" DPX
done
-# EPDF format
-for type in ${check_types}
-do
- test_command_fn "EPDF ${type}" -F 'PS' ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" EPDF
- #test_command_fn "EPDF ${type} (stdio)" -F 'PS' ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" EPDF
-done
-
-# EPSF format
-for type in ${check_types}
-do
- test_command_fn "EPSF ${type}" -F 'PS' ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" EPSF
- #test_command_fn "EPSF ${type} (stdio)" -F 'PS' ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" EPSF
-done
-
-# EPSI format
-for type in ${check_types}
-do
- test_command_fn "EPSI ${type}" -F 'PS' ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" EPSI
- #test_command_fn "EPSI ${type} (stdio)" -F 'PS' ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" EPSI
-done
-
-# EPI format
-for type in ${check_types}
-do
- test_command_fn "EPI ${type}" -F 'PS' ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" EPI
- #test_command_fn "EPI ${type} (stdio)" -F 'PS' ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" EPI
-done
-
-# EPS format
-for type in ${check_types}
-do
- test_command_fn "EPS ${type}" -F 'PS' ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" EPS
- #test_command_fn "EPS ${type} (stdio)" -F 'PS' ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" EPS
-done
-
-# EPT format
-for type in ${check_types}
-do
- test_command_fn "EPT ${type}" -F 'PS TIFF' ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" EPT
- #test_command_fn "EPT ${type} (stdio)" -F 'PS TIFF' ${MEMCHECK} ${rwfile}
-stdio -filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" EPT
-done
-
# FAX format
for type in ${check_types}
do
@@ -290,13 +248,6 @@ do
test_command_fn "PCX ${type} (stdio)" ${MEMCHECK} ${rwfile} -stdio -filespec
"out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" PCX
done
-# PDF format
-for type in ${check_types}
-do
- test_command_fn "PDF ${type}" -F PS ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" PDF
- #test_command_fn "PDF ${type} (stdio)" -F PS ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" PDF
-done
-
# PGM format
for type in ${check_types}
do
@@ -356,27 +307,6 @@ do
done
done
-# PS format
-for type in ${check_types}
-do
- test_command_fn "PS ${type}" -F PS ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" PS
- #test_command_fn "PS ${type} (stdio)" -F PS ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" PS
-done
-
-# PS2 format
-for type in ${check_types}
-do
- test_command_fn "PS2 ${type}" -F PS ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" PS2
- #test_command_fn "PS2 ${type} (stdio)" -F PS ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" PS2
-done
-
-# PS3 format
-for type in ${check_types}
-do
- test_command_fn "PS3 ${type}" -F PS ${MEMCHECK} ${rwfile} -filespec
"out_${type}_%d" "${SRCDIR}/input_${type}.miff" PS3
- #test_command_fn "PS3 ${type} (stdio)" -F PS ${MEMCHECK} ${rwfile} -stdio
-filespec "out_${type}_stdio_%d" "${SRCDIR}/input_${type}.miff" PS3
-done
-
# PSD format
for type in ${check_types}
do
