Hello community, here is the log from the commit of package GraphicsMagick for openSUSE:Factory checked in at 2019-10-11 17:14:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/GraphicsMagick (Old) and /work/SRC/openSUSE:Factory/.GraphicsMagick.new.2352 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "GraphicsMagick" Fri Oct 11 17:14:24 2019 rev:73 rq:736253 version:1.3.33 Changes: -------- --- /work/SRC/openSUSE:Factory/GraphicsMagick/GraphicsMagick.changes 2019-08-27 15:54:23.475663260 +0200 +++ /work/SRC/openSUSE:Factory/.GraphicsMagick.new.2352/GraphicsMagick.changes 2019-10-11 17:14:29.853654474 +0200 @@ -1,0 +2,52 @@ +Tue Oct 8 15:00:02 UTC 2019 - [email protected] + +- version update to 1.3.33 + * It has been discovered that the 'ICU' library (a perhaps 30MB C++ + library) which is now often a libxml2 dependendency causes huge + process initialization overhead. This is noticed as unexpected + slowness when GraphicsMagick utilities are used to process small to + medium sized files. The time to initialize is often longer than the + time to read the input file, process the image, and write the output + file. If the 'ICU' dependency can not be avoided, then make sure to + use the modules build. Please lobby the 'ICU' library developers to + change their implementation to avoid long start-up times due to + merely linking with the library. + * GraphicsMagick is now participating in Google's oss-fuzz project due + to the contributions and assistance of Alex Gaynor. Since February 4 + 2018, 353 issues have been opened by oss-fuzz and 338 of those + issues have been resolved. The issues list is available at + https://bugs.chromium.org/p/oss-fuzz/issues/list under search term + "graphicsmagick". Issues are available for anyone to view and + duplicate if they have been in "Verified" status for 30 days, or if + they have been in "New" status for 90 days. There are too many + fixes to list here. Please consult the GraphicsMagick ChangeLog + file, Mercurial repository commit log, and the oss-fuzz issues list + for details. + * Documentation has been added regarding security hazards due to + commands which support a '@filename' syntax. + * MontageImages(): Fix wrong length argument to strlcat() when + building montage directory, which could allow heap overwrite. + * PNG: Pass correct size value to strlcat() in module registration + code. This bug is noticed to cause problems for Apple's OS X and + Linux Alpine with musl libc. This fixes a regression introduced by + the 1.3.32 release. + * Re-implement command-line utility `'@'` file inclusion support for + `-comment`, `-draw`, `-format`, and `-label` which was removed for + the 1.3.32 release. The new implementation is isolated to + command-line utility implementation code rather than being deeply + embedded in the library and exposed in other usage contexts. This + fixes a regression introduced by the 1.3.32 release. + * CAPTION: The The CAPTION reader did not appear to work at all any + more. Now it works again, but still not very well. + * MagickXDisplayImage(): Fix heap overwrite of windows->image.name and + windows->image.icon_name buffers. This bug has surely existed since + early GraphicsMagick releases. + * MagickXAnimateImages(): Fix memory leak of scene_info.pixels. + * AcquireTemporaryFileDescriptor(): Fix compilation under Cygwin. This + fixes a regression introduced by the 1.3.32 release. + * PNG: Fix saving to palette when mage has an alpha channel but no + color is marked as transparent. + * Compilation warnings in the Visual Studio WIN64 build due to the + 'long' type being only 32-bits have been addressed. + +------------------------------------------------------------------- Old: ---- GraphicsMagick-1.3.32.tar.xz New: ---- GraphicsMagick-1.3.33.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ GraphicsMagick.spec ++++++ --- /var/tmp/diff_new_pack.f5kQMK/_old 2019-10-11 17:14:30.393653092 +0200 +++ /var/tmp/diff_new_pack.f5kQMK/_new 2019-10-11 17:14:30.401653071 +0200 @@ -30,7 +30,7 @@ %define pp_so_ver 12 %define wand_so_ver 2 Name: GraphicsMagick -Version: 1.3.32 +Version: 1.3.33 Release: 0 Summary: Viewer and Converter for Images License: MIT ++++++ GraphicsMagick-1.3.32.tar.xz -> GraphicsMagick-1.3.33.tar.xz ++++++ ++++ 3978 lines of diff (skipped)
