commit GraphicsMagick for openSUSE:Factory

Tue, 27 Sep 2016 04:46:07 -0700 

Hello community,

here is the log from the commit of package GraphicsMagick for openSUSE:Factory 
checked in at 2016-09-27 13:45:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/GraphicsMagick (Old)
 and      /work/SRC/openSUSE:Factory/.GraphicsMagick.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "GraphicsMagick"

Changes:
--------
--- /work/SRC/openSUSE:Factory/GraphicsMagick/GraphicsMagick.changes    
2016-06-25 02:23:32.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.GraphicsMagick.new/GraphicsMagick.changes       
2016-09-27 13:45:15.000000000 +0200
@@ -1,0 +2,17 @@
+Mon Sep 26 09:01:33 UTC 2016 - [email protected]
+
+- update to 1.3.25:
+   * EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
+     overflow in EscapeParenthesis() used in the text annotation code.
+     While not being able to reproduce the issue, the implementation of
+     this function is completely redone.
+   * Utah RLE: Reject truncated/absurd files which caused huge memory
+     allocations and/or consumed huge CPU.  Problem was reported by
+     Agostino Sarubbo based on testing with AFL.
+   * SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
+     the MVG rendering code (also impacts SVG).
+   * TIFF: Fix heap buffer read overflow while copying sized TIFF
+     attributes.  Problem was reported by Agostino Sarubbo based on
+     testing with AFL.
+
+-------------------------------------------------------------------

Old:
----
  GraphicsMagick-1.3.24.tar.bz2

New:
----
  GraphicsMagick-1.3.25.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ GraphicsMagick.spec ++++++
--- /var/tmp/diff_new_pack.Q1D0xu/_old  2016-09-27 13:45:17.000000000 +0200
+++ /var/tmp/diff_new_pack.Q1D0xu/_new  2016-09-27 13:45:17.000000000 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           GraphicsMagick
-Version:        1.3.24
+Version:        1.3.25
 Release:        0
 # Define Quantum depth
 %define quant 16

++++++ GraphicsMagick-1.3.24.tar.bz2 -> GraphicsMagick-1.3.25.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/GraphicsMagick/GraphicsMagick-1.3.24.tar.bz2 
/work/SRC/openSUSE:Factory/.GraphicsMagick.new/GraphicsMagick-1.3.25.tar.bz2 
differ: char 11, line 1

Reply via email to