SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libGraphicsMagick++-devel-1.4-8.1.i586.rpm :

* Mon Feb 11 2019 Petr Gajdos - updated to 15891:e29c20957e2d
* Mon Oct 22 2018 Petr Gajdos - asan_build: build ASAN included- debug_build: build more suitable for debugging
* Mon Sep 03 2018 pgajdosAATTsuse.com- updated to 15783:f9154aa8139f
* Wed May 23 2018 pgajdosAATTsuse.com- updated to 15658:ebd3eb090848- do not build modules
* Wed Jan 10 2018 pgajdosAATTsuse.com- updated to 15323:d30ed06e9b87
* Mon Sep 11 2017 pgajdosAATTsuse.com- updated to mercurial version for testing purposes
* Mon Jul 24 2017 jengelhAATTinai.de- Trim descriptions. Redo summaries and RPM groups.
* Fri Jul 21 2017 tchvatalAATTsuse.com- Drop patches not meintioned in the changelog ever:
* GraphicsMagick-debian-fixed.patch
* GraphicsMagick-include.patch
* GraphicsMagick-perl-link.patch
* The package builds just fine without them and there is no refference explaining it- Convert the deps to pkgconfig variants where possible.
* Fri Jul 21 2017 tchvatalAATTsuse.com- Version update to 1.3.26:
* DPX: Fix excessive use of memory (DOS issue) due to file header claiming large image dimensions but insufficient backing data. (CVE-2017-10799 bsc#1047054).
* JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350).
* MAT: Fix excessive use of memory (DOS issue) due to continuing processing with insufficient data and claimed large image size. Verify each file extent to make sure that it is within range of file size. (CVE-2017-10800 bsc#1047044).
* META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800).
* PCX: Fix denial of service issue.
* RLE: Fix abnomally slow operation (denial of service issue) with intentionally corrupt colormapped file.
* PICT: Fix possible buffer overflow vulnerability given suitably truncated input file.
* PNG: Enforce spec requirement that the dimensions of the JPEG embedded in a JDAT chunk must match the JHDR dimensions (CVE-2016-9830).
* PNG: Avoid NULL dereference when MAGN chunk processing fails.
* SCT: Fix stack-buffer read overflow (underflow?) while reading SCT header.
* SGI: Fix denial of service issues. Delay large memory allocations until file header has fully passed sanity checks.
* TIFF: Fix out of bounds read when reading CMYKA TIFF which claims to have only 2 samples per pixel (CVE-2017-6335 bsc#1027255).
* TIFF: Fix out of bounds read when reading RGB TIFF which claims to have only 1 sample per pixel (CVE-2017-10794).
* WPG: Fix heap overflow (CVE-2016-7996). Fix assertion crash (CVE-2016-7997).
* DifferenceImage(): Fix Fix all-black difference image if an input file is colormapped.
* EXIF orientation was not being properly detected for some files.
* -frame: The `import` command -frame handling was improperly implemented and was using already freed data.
* GIF: Fixes for \"Excessive LZW string data\" problem.
* Magick++: Bug fixes to PathSmoothCurvetoRel::operator() and PathSmoothCurvetoRel::operator().
* PAM: Support writing GRAYSCALE PAM format.
* PNG: Fix memory leaks.
* SVG: Fixed a memory leak. Fixed a possible null pointer dereference.
* TclMagick: Problem that TkMagick could not resolve functions from TclMagick under Linux is fixed.
* TclMagick: Fix parser validatation in magickCmd() to avoid crash given a syntax error.
* TIFF: Fix for reading old JPEG files (avoids \"Improper call to JPEG library in state 0. (LibJpeg).\").
* TXT: Fixed memory leak.
* XCF: Error checking is improved.
* EXIF rotation: Support is added such that the EXIF orientation tag is updated when the image is rotated.
* MAT: Now support reading multiple images from Matlab V4 format.
* Magick++: Orientation method now updates orientation in EXIF profile, if it exists.
* Magick++: Added Image attribute method which accepts a \'char
*\' argument, and will remove the attribute if the value argument is NULL.
* -orient: The -orient command line option now also updates the orientation in the EXIF profile, if it exists.
* PGX: Support PGX JPEG 2000 format for reading and writing (within the bounds of what JasPer supports).
* Wand API: Added MagickAutoOrientImage(), MagickGetImageOrientation(), MagickSetImageOrientation(), MagickRemoveImageOption(), and MagickClearException().- Drop merged patch GraphicsMagick-CVE-2017-8350.patch
* Mon Jun 26 2017 pgajdosAATTsuse.com- complementary fix for CVE-2017-8350 [bsc#1036985 c13-c21]
* GraphicsMagick-CVE-2017-8350.patch
* Mon Sep 26 2016 pgajdosAATTsuse.com- update to 1.3.25:
* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap overflow in EscapeParenthesis() used in the text annotation code. While not being able to reproduce the issue, the implementation of this function is completely redone.
* Utah RLE: Reject truncated/absurd files which caused huge memory allocations and/or consumed huge CPU. Problem was reported by Agostino Sarubbo based on testing with AFL.
* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in the MVG rendering code (also impacts SVG).
* TIFF: Fix heap buffer read overflow while copying sized TIFF attributes. Problem was reported by Agostino Sarubbo based on testing with AFL.
* Thu Jun 23 2016 meissnerAATTsuse.com- Build \"gm\" as position independend executable (PIE).
* Mon Jun 06 2016 pgajdosAATTsuse.com- updated to 1.3.24:
* many security related changes (incl. CVE-2016-5118), see ChangeLog- removed patches:
* GraphicsMagick-CVE-2016-5118.patch
* GraphicsMagick-upstream-delegates-safer.patch
* GraphicsMagick-upstream-disable-mvg-ext.patch
* GraphicsMagick-upstream-disable-tmp-magick-prefix.patch
* GraphicsMagick-upstream-image-sanity-check.patch
* Mon May 30 2016 pgajdosAATTsuse.com- security update:
* CVE-2016-5118 [bsc#982178] + GraphicsMagick-CVE-2016-5118.patch
* Mon May 09 2016 sfleesAATTsuse.de- Multiple security issues in GraphicsMagick/ImageMagick [boo#978061] (CVE-2016-3714, CVE-2016-3718, CVE-2016-3715, CVE-2016-3717)
* GraphicsMagick-upstream-delegates-safer.patch
* GraphicsMagick-upstream-disable-mvg-ext.patch
* GraphicsMagick-upstream-disable-tmp-magick-prefix.patch
* GraphicsMagick-upstream-image-sanity-check.patch
* Sun Nov 08 2015 dmitry_rAATTopensuse.org- Update to version 1.3.23
* See included NEWS.txt for details
* Mon Oct 05 2015 dmitry_rAATTopensuse.org- Update to version 1.3.22
* See included NEWS.txt for details
* Sat Mar 21 2015 dmitry_rAATTopensuse.org- Update to version 1.3.21
* See included NEWS.txt for details
  
ICM