pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/graphics/GraphicsMagick Updated GraphicsMagick to 1.3.25.
details: https://anonhg.NetBSD.org/pkgsrc/rev/5cdf1a6a096a
branches: trunk
changeset: 352113:5cdf1a6a096a
user: wiz <wiz%pkgsrc.org@localhost>
date: Wed Sep 07 06:29:31 2016 +0000
description:
Updated GraphicsMagick to 1.3.25.
1.3.25 (September 5, 2016)
==========================
Special Issues:
* None
Security Fixes:
* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
overflow in EscapeParenthesis() used in the text annotation code.
While not being able to reproduce the issue, the implementation of
this function is completely redone.
* Utah RLE: Reject truncated/absurd files which caused huge memory
allocations and/or consumed huge CPU. Problem was reported by
Agostino Sarubbo based on testing with AFL.
* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
the MVG rendering code (also impacts SVG).
* TIFF: Fix heap buffer read overflow while copying sized TIFF
attributes. Problem was reported by Agostino Sarubbo based on
testing with AFL.
Bug fixes:
* GetToken(): Fix obscure bug (read beyond end of string buffer)
noticed while parsing a MVG file. This problem was reported by
Gustavo Grieco.
* MVG rendering: Fix undesired hard errors when some objects were
drawn outside of the image bounds. Requests to draw objects
entirely outside of the image should be silently ignored.
* MVG/SVG rendering: Fix gradient size sanity checks which were
causing gradient requests to fail. Due to a design weakness in that
gradient images allocate resources rather than being computations at
point of use, the maximum gradient image size is now hard-limited to
5000x5000 pixels until the design problem is fixed. Some SVG icons
(as small as 8x8 pixels) authored using Inkscape request absurdly
huge gradients. Gradient sizes as large as 20,000x20,000 have been
observed in SVG icon files delivered by packages on an Ubuntu Linux
system.
* SVG: Fix some memory leaks which occur on parsing error.
New Features:
* None
Feature improvements:
* ElapsedTime(): Use clock_gettime() (when available with default
linkage) to obtain elapsed time.
* DescribeImage(): Provide 6 digits of seconds precision in in elapsed
time output. Previously the resolution was rounded up to a full
second.
Windows Delegate Updates/Additions:
* webp: Updated bundled libwebp to release 0.5.1.
* libxml: Updated bundled libxml2 to release 2.9.4.
* lcms: Updated bundled lcms2 to release 2.8.
* png: Update bundled libpng to release 1.6.24.
Build Changes:
* OpenMP is properly configured for clang 3.8 using its own '-lomp'
rather than '-lgomp'.
Behavior Changes:
* SVG: Some SVG files may be rejected due to absurdly large gradient
requests.
* The 'identify' and 'info' functionality only shows the pixel read
rate if image was not read in 'ping' mode. Provide 6 digits of
seconds precision in in elapsed time output.
diffstat:
graphics/GraphicsMagick/Makefile | 3 +--
graphics/GraphicsMagick/Makefile.common | 4 ++--
graphics/GraphicsMagick/PLIST | 3 ++-
graphics/GraphicsMagick/distinfo | 10 +++++-----
4 files changed, 10 insertions(+), 10 deletions(-)
diffs (59 lines):
diff -r 3c6f1fe18aca -r 5cdf1a6a096a graphics/GraphicsMagick/Makefile
--- a/graphics/GraphicsMagick/Makefile Wed Sep 07 06:21:56 2016 +0000
+++ b/graphics/GraphicsMagick/Makefile Wed Sep 07 06:29:31 2016 +0000
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.77 2016/07/09 06:38:19 wiz Exp $
+# $NetBSD: Makefile,v 1.78 2016/09/07 06:29:31 wiz Exp $
-PKGREVISION= 1
.include "Makefile.common"
MAINTAINER= pkgsrc-users%NetBSD.org@localhost
diff -r 3c6f1fe18aca -r 5cdf1a6a096a graphics/GraphicsMagick/Makefile.common
--- a/graphics/GraphicsMagick/Makefile.common Wed Sep 07 06:21:56 2016 +0000
+++ b/graphics/GraphicsMagick/Makefile.common Wed Sep 07 06:29:31 2016 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.14 2016/06/06 11:46:04 wiz Exp $
+# $NetBSD: Makefile.common,v 1.15 2016/09/07 06:29:31 wiz Exp $
# used by graphics/GraphicsMagick/Makefile
# used by graphics/p5-GraphicsMagick/Makefile
GM_MAJOR_VER= 1.3
-GM_MINOR_VER= 24
+GM_MINOR_VER= 25
DISTVERSION= ${GM_MAJOR_VER}.${GM_MINOR_VER}
DISTNAME= GraphicsMagick-${DISTVERSION}
CATEGORIES= graphics
diff -r 3c6f1fe18aca -r 5cdf1a6a096a graphics/GraphicsMagick/PLIST
--- a/graphics/GraphicsMagick/PLIST Wed Sep 07 06:21:56 2016 +0000
+++ b/graphics/GraphicsMagick/PLIST Wed Sep 07 06:29:31 2016 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.23 2016/06/06 11:46:04 wiz Exp $
+@comment $NetBSD: PLIST,v 1.24 2016/09/07 06:29:31 wiz Exp $
bin/GraphicsMagick++-config
bin/GraphicsMagick-config
bin/GraphicsMagickWand-config
@@ -367,6 +367,7 @@
share/doc/GraphicsMagick/www/project.html
share/doc/GraphicsMagick/www/quantize.html
share/doc/GraphicsMagick/www/reference.html
+share/doc/GraphicsMagick/www/security.html
share/doc/GraphicsMagick/www/smile.c
share/doc/GraphicsMagick/www/time.html
share/doc/GraphicsMagick/www/tools.html
diff -r 3c6f1fe18aca -r 5cdf1a6a096a graphics/GraphicsMagick/distinfo
--- a/graphics/GraphicsMagick/distinfo Wed Sep 07 06:21:56 2016 +0000
+++ b/graphics/GraphicsMagick/distinfo Wed Sep 07 06:29:31 2016 +0000
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.41 2016/06/06 11:46:04 wiz Exp $
+$NetBSD: distinfo,v 1.42 2016/09/07 06:29:31 wiz Exp $
-SHA1 (GraphicsMagick-1.3.24.tar.xz) = 4f208b7bda9f139ca22d9921758452bb9915334e
-RMD160 (GraphicsMagick-1.3.24.tar.xz) = 1670b2d5712cdff2010d2936ad427977195bfaa2
-SHA512 (GraphicsMagick-1.3.24.tar.xz) = d55f8b7d96bc746e2b501ec6315f174f2ab5f6b31a1d138196bf17b506e6d0c2b91ee19f5dd0a2877cd47910aebdcf11158303e90b1b267c6082d462f8548684
-Size (GraphicsMagick-1.3.24.tar.xz) = 5372048 bytes
+SHA1 (GraphicsMagick-1.3.25.tar.xz) = 0dcf4c1f6f3ead29147ea0392a148ce50cd64bb4
+RMD160 (GraphicsMagick-1.3.25.tar.xz) = 6a4e8c415c3d268a46f1327c819d7ec2afd9bc60
+SHA512 (GraphicsMagick-1.3.25.tar.xz) = d62d6aee96d7b8444f1aa206b0c5cbbed9511612cb71d667af072ea52b68dcd11088699debc58faacbb014ad83fb8c2b3e474220f506069f7b5d22f0340f8ef8
+Size (GraphicsMagick-1.3.25.tar.xz) = 5387880 bytes
SHA1 (patch-config_delegates.mgk.in) = c7a38daeeccd12e19480d1222e400899da1d4153
Home |
Main Index |
Thread Index |
Old Index