Changelog for
GraphicsMagick-devel-1.3.43-1.2.x86_64.rpm :
* Mon Mar 25 2024 pgajdosAATTsuse.com- version update to 1.3.43 Bug fixes:
* JBIG: Add support for \'width\', \'height\', and \'pixels\', resource limits. Your mileage may vary.
* WPG: Many fixes based on oss-fuzz testing.
* Ghostscript: When invoking Ghostscript, re-direct Ghostscript stdout to stderr to avoid output corruption when GM stdout is redirected to a file. New Features:
* File write limit: Add support for a per-file write limit (-limit write or MAGICK_LIMIT_WRITE). This imposes a limit on the number of uncompressed bytes written. The behavior when the limit is hit is similar to an unexpected write error, as if the disk is full.
* Resource limit highwater: Resource highwater values are maintained for successful resource requests and final values are traced via -debug resource\' at the end of program execution. These values may be used to understand the most restrictive resource limits which may be applied while still achieving successful operation.
* BMP: Support BI_PNG compression (PNG inside BMP).
* BMP: Support reading 64 bits-per-pixel.
* BMP: Support reading 48 bits-per-pixel.
* HEIF: Call heif_init() and heif_deinit() if they are available. Support setting image width limit.
* HRZ: Added support for Slow scan TV format.
* JPEG: Added support for reading and writing lossy or lossless 12 bits, and lossless 16-bits using libjpeg-turbo-3.0
* JXL: Improve JXL reader/writer exception information.
* TIFF: Remove miniswhite/minisblack prohibitions when using Group3 and Group4 compression in order to allow using inverted photometric from the standard.
* TIFF: Store EXIF IFD and GPS IFD tag information natively in TIFF sub-IFDs, the same as it would be produced in a camera supporting TIFF. This allows an EXIF profile from HEIF, JPEG, JXL, PNG, WebP, or from the META coder to be preserved in TIFF. API Updates:
* ExpandFilenames(): Fix memory leak of existing allocations if realloc() fails.- modified patches % GraphicsMagick-disable-insecure-coders.patch (refreshed)
* Mon Jan 29 2024 pgajdosAATTsuse.com- ghostscript-fonts-std: relax to recommends [bsc#1216604]
* Thu Oct 26 2023 Dominique Leuenberger
- Have libGraphicsMagick3-config require ghostscript-fonts-std (boo#1216604).
* Mon Oct 02 2023 pgajdosAATTsuse.com- version update to 1.3.42 Bug fixes:
* TIFF: Default the alpha channel to type EXTRASAMPLE_UNASSALPHA(2).
* BMP: Many fixes for reading esoteric BMP sub-formats.
* TranslateTextEx(): Revert change so now a NULL pointer is returned when given an empty string. Some algorithms (e.g. montage) were depending on this!.
* PAM: Fix reading comments.
* PNG: Added Add missing module aliases \"PNG00\", \"PNG48\", \"PNG64\", so it is again possible to request these subformats directly.
* TIFF: For common formats with the required number of channels, but one is an \'unspecified\' channel, promote unspecified alpha to unassociated alpha so that the alpha channel is not ignored.
* \"Magick\" command line emulation: Eliminate duplicate utility name output in error messages New Features:
* BMP: Added the ability to read and write BMP using JPEG compression. Use \'-define bmp:allow-jpeg\' to allow use of JPEG compression.
* BMP: Added support for BI_ALPHABITFIELDS compression
* BMP: Added support for reading BMP with PNG compression.- modified patches % GraphicsMagick-disable-insecure-coders.patch (refreshed)- deleted patches - strlcpy-wrong-sizing.patch (upstreamed)
* Fri Sep 01 2023 pgajdosAATTsuse.com- revert to 1.3.40 [bsc#1214831] https://sourceforge.net/p/graphicsmagick/news/2023/08/because-1341-is-discarded-i-has-been-published-2-builds-for-win32-architecture/- modified patches % GraphicsMagick-disable-insecure-coders.patch (refreshed)- deleted patches - GraphicsMagick-fix-regression-NULL-instead-of-empty-string.patch (not needed) - GraphicsMagick-name-key-return-input-file-base-name.patch (not needed)
* Mon Aug 28 2023 pgajdosAATTsuse.com- fix regression in 1.3.41 https://sourceforge.net/p/graphicsmagick/bugs/722/- added patches fix 17179:91afa18a6161 + GraphicsMagick-fix-regression-NULL-instead-of-empty-string.patch fix 17180:bb42cd90ce6f + GraphicsMagick-name-key-return-input-file-base-name.patch
* Thu Aug 24 2023 pgajdosAATTsuse.com- version update to 1.3.41 Bug fixes:
* Blob: Immediately reject attempts to write blobs to formats which can not support blobs.
* TranslateTextEx(): An empty string argument should return an empty string rather than a NULL string.
* SetImageAttribute(): Fix bounds issue when concatenating string.
* JPEG: Do not set image resolution if the values provided are outside of the valid range.
* Fixes for NaN when reading formats based on floating point.
* HEIF: Fix reading images with rotation/transformation.
* BMP: Do not decode primaries or gamma unless colorspace is LCS_CALIBRATED_RGB. Add/correct bmp_info.size \"biSize\" logic which decides if header chunks are present (or invalid).
* MNG: Fixes for resizing using X_method 5.
* GM command (convert, montage, mogrify): Many command-line parser fixes/checks for invalid command line syntax which causes unexpected behavior, or core dumps.
* TopoL: Given that a writer is now provided, issues found in the reader (and writer) due to continual fuzz-testing have been fixed, as encountered.
* GetImageClippingPathAttribute(): Check for and use clipping path name (ID=2999) to get the real attribute name.
* ReadIPTCProfile(): Fix malformed IPTC data parsing. New Features:
* TopoL: Now provides a writer.
* WPG: Now provides a writer.
* gm batch: Implement simple Test Anything Protocol (TAP) test counting and \"ok N\"/\"not ok N\" messaging.
* TIFF: Support \'-define tiff:photometric=minisblack\' and \'-define tiff:photometric=miniswhite\' to be able to adjust the sense used when writing bilevel TIFF images.
* TIFF: Require that TIFFTAG_EXTRASAMPLES be used appropriately to indicate the intention of extra channels.
* utilities/tests/gen-tiff-images/genimages: Script for writing (and then reading) thousands (5568 permutations) of TIFF format variants.
* EXIF and PNG: Retrieve image orientation from EXIF (if present) and store in image.
* HEIF: Retrieve image orientation from EXIF and store in image. Behavior Changes:
* The ability to extend existing image attribute text by calling SetImageAttribute() multiple times with the same key is now deprecated, and will soon be removed. In the mean time, the annoying message \"SetImageAttribute: Extending attribute value text is deprecated!\" is printed to the standard error output to help expose code which is using this feature.- modified patches % GraphicsMagick-disable-insecure-coders.patch (refreshed)- deleted patches - strlcpy-wrong-sizing.patch (upstreamed)
* Tue Aug 08 2023 Dirk Müller - add strlcpy-wrong-sizing.patch: fix incorrect usages of strlcpy and strlcat detected by glibc 2.38\'s fortify
* Thu Mar 02 2023 pgajdosAATTsuse.com- clean up old conditionals
* Tue Feb 07 2023 pgajdosAATTsuse.com- version update to 1.3.40
* GetMagickGeometry(): Fix a scaling issue where dimensions could be scaled down to zero.
* PCD: Handle writing image with a dimension of 1.
* PNG: When writing, use lower-case raw profile identifiers (e.g. \'Raw profile type xmp\') because exiftool expects that.
* SUN: The sense of monochrome images was inverted. Fix scanline size calculation.
* WPG: Fix 20-year old bug in WPG header reading. New Features:
* JXL: Decode and log extra channel information. This information is not yet used.
* PCX and DCX: Support writing uncompressed format (use -compress none for no compression).
* Added IM1, IM8, and IM24 magick aliases for the Sun Raster format since those are the historically correct extensions. API Updates:
* AppendImageToList() now updates the image list pointer to be the image which was just added. Use GetFirstImageInList() when the pointer to the first image in the list is needed.
* Sun Jan 08 2023 munix9AATTgooglemail.com- version update to 1.3.39 Special Issues:
* GraphicsMagick really does need some additional productive volunteers. For several years now, the burden has entirely been on me (Bob Friesenhahn). I have been sheparding the project for 20 years already (and contributed to ImageMagick and GraphicsMagick combined for 26 years already). It is not reasonable to expect someone with a full time job (and expecting to retire in a few years) to do all of the work. Security Fixes:
* GraphicsMagick is participating in Google\'s oss-fuzz project since February 4 2018 due to the contributions and assistance of Alex Gaynor and Paul Kehrer. The issues list is available at https://bugs.chromium.org/p/oss-fuzz/issues/list under search term \"graphicsmagick\". Issues are available for anyone to view and duplicate if they have been in \"Verified\" status for 30 days, or if they have been in \"New\" status for 90 days. Please consult the GraphicsMagick ChangeLog file, Mercurial repository commit log, and the oss-fuzz issues list for details. Security Fixes:
* oss-fuzz: Several security fixes originating from oss-fuzz testing.
* ALL: Replace strcpy() with strlcpy(), replace strcat() with strlcat(), replace sprintf() with snprintf(). Prefer using bounded string functions. This change is made for the purpose of increasing safety than to address any existing demonstrated concern. Bug fixes:
* Coverity: Several fixes for issues found by Coverity to reduce the number of reported issues back down to zero.
* Clang Analyzer 12: Fix most discovered issues.
* PNG: Fix possible use of uninitialized \'ping_num_trans\' value in ReadOnePNGImage().
* MinGW: Eliminate overwrite of existing _MSC_VER value in MinGW compile.
* MNG: Fix heap-use-after-free in CloseBlob.
* MNG: Fix indirect leak in MagickMallocCleared().
* PS: Assure that \'bounds\' structure is initialized.
* EPT: Assure that \'bounds\' structure is initialized.
* HEIF: If heif_image_handle_get_metadata_size() returns 0, then carrying on with reading image data.
* configure.ac: Fix Bashism in maintainer-mode check.
* TGA: Remove a defective validation of comment length, which blocked reading some sample TGA files from the \"Encyclopedia Of Graphics File Formats\" book. Monochromatic bilevel TGA can now be read and written. TGA \"Footers\" are now read and used when logging as well as converted to Image attributes.
* WebP: Add configure.ac updates to check for libsharpyuv so that builds with the development version work again.
* Visual Studio Build (VisualMagick): Fix project file generation. Improve portability of code for configure.exe.
* Fixed mixed encoding (non-UTF-8) errors in text and source files.
* DrawPrimitive(): Fix composition using \"0,0\" for image size. This became broken in GraphicsMagick 1.3.36.
* Blob API: Fixed SEEK_END validation. SEEK_END was not used before, but now it is. New Features:
* AVIF: Support reading AVIF via libheif if it supports decoding AVIF (still no writer support).
* LOG: Added function IsEventLogged() to report if a particular event will be logged. Us this as much as possible throughout the software to replace use of IsEventLogging(). This avoids a possible performance hit if any logging is enabled at all and logging statements are executed which are filtered and produce no output.
* FITS: Support storing multiple scenes in one file (non-standard extension).
* JPEG: Optionally enable arithmetic coder in JPG images using \'-define jpeg:arithmetic-coding=true\'.
* JPEG: Add support for reading deep gray images.
* HEIF: Support reading ICC color profiles.
* Produce ASCII armored \".asc\" format GPG signature files.
* Support reading directly from .bz2, .gz, .svgz, and .Z files (without creating a temporary file), if possible. API Updates:
* Magick++: Provide a version of Image::colorMapSize() which is a \'const\' method. Continue to provide the non-const version in order to avoid an ABI change. The compiler should choose the appropriate version. Feature improvements:
* HTML documentation generation based on Docutils is significantly updated and improved.
* PerlMagick: Added more sample input files and changed many reader tests to use hash signature rather than comparison to reduce the distribution size.
* Blob: The ReadBlobString() function has been re-written to perform better when reading from files.
* JXL: The JXL coder is updated to compile with what will likely become JXL 0.8.0. Support for 16-bit \'short\' samples, 16-bit \'float\' samples, and 32-bit float samples added. Support for reading and writing ICC, EXIF, and XMP profiles added.
* MIME: GM \"magick\" to MIME mappings have been added for apng, avif, bmp, ico, and webp (regardless of if they are supported).
* XPM: The XPM reader performance is dramatically improved and is observed to be 32x faster when reading a medium-sized XPM file (e.g. the GraphicsMagick logo).
* XPM: Support reading \"deep\" images with more pallete entries than the maximum colormap size. Windows Delegate Updates/Additions:
* Update bundled libjasper to version 1.900.26. Please note that 4.0.0 is the latest version at this time and fixes a great many security and stability issues which are present in 1.900.26.
* Update bundled libjpeg to version 9e.
* Update bundled libtiff to version 4.5.0. Build Changes:
* MSVC: Added porting function to emulate C\'99 snprintf for MSVC older than 2015.
* MSVC: Successfully compiles using Visual Studio 2008 and 2019. Compiles successfully using Visual Studio 2022 if optimization is disabled (otherwise there is an internal compiler error in effect.c).- Enable JPEG-XL on Tumbleweed.
* Tue Apr 12 2022 pgajdosAATTsuse.com- version update to 1.3.38 Special Issues:
* The FTP site ftp.graphicsmagick.org is now shut down due to a lack of bandwith, extremely abusive users (including from Google and customers of Amazon Web Services), and a lack of support from the user community. Another factor is that FTP support has been removed from popular web browsers. This is very unfortunate since the site served multiple usages, including providing a lot of historical data (e.g. related to PNG) which may not be available elsewhere.
* GraphicsMagick really does need some additional productive volunteers. For several years now, the burden has entirely been on me (Bob Friesenhahn). I have been sheparding the project for 20 years already (and contributed to ImageMagick and GraphicsMagick combined for 26 years already). It is not reasonable to expect someone with a full time job (and expecting to retire in a few years) to do all of the work. Security Fixes:
* GraphicsMagick is participating in Google\'s oss-fuzz project due to the contributions and assistance of Alex Gaynor. Since February 4 2018, ??? issues have been opened by oss-fuzz and ?? issues remain open. The issues list is available at https://bugs.chromium.org/p/oss-fuzz/issues/list under search term \"graphicsmagick\". Issues are available for anyone to view and duplicate if they have been in \"Verified\" status for 30 days, or if they have been in \"New\" status for 90 days. Please consult the GraphicsMagick ChangeLog file, Mercurial repository commit log, and the oss-fuzz issues list for details. Bug fixes:
* Documentation: Generator scripts in \'doc\' directory now produce similar results using GNU sed and Solaris/Illumos sed and don\'t produce warnings.
* JNG: Fixes to error handling to avoid temporary file leaks and avoiding returning a broken image.
* JPEG: Always store embedded profiles in image, even if in \'ping\' mode.
* MAT: Change from using \'int\' for sizes/offsets to using \'size_t\' and check all related calculations for overload.
* MIFF: Fix heap buffer overflow which may be provoked in builds with BZLIB support.
* MogrifyImage() and Magick::Image::trim(): Trim requires NorthWestGravity.
* PICT: Fixed a heap overflow.
* PerlMagick: Fix issue that image fill attribute had its opacity reset to transparent so it could not be usefully set at image scope.
* Test Suite: Fixed portability issue related to \'sed\' which broke utilities/tests/convert.tap test script.
* WPG: Fix incorrect TrX and TrY elements in CTM. New Features:
* Added support for a \'Read\' resource limit (e.g. \'-limit read 5mb\'). This allows the user to specify a hard limit for how much data may be read from a file, read from a pipe, or decompressed from a file (e.g gzip or bzip2) before a hard error is reported. This resource limit is a useful alternative to completely disabling support for compressed files using the --disable-compressed-files option and it provides more protections as well.
* Added support for reading HEIF/HEIC format.
* Added support for reading and writing JPEG XL format.
* Support for JasPer 3.0.0 is completed. Upgrading to JasPer 3.0.0 is strongly recommended due to its many security fixes and integration with GraphicsMagick\'s resource-limited memory allocator.
* PNG: Support the define png:chunk-malloc-max=limit in order to allow reading PNG files which report \"chunk data is too large\" or to reduce the default limit.
* compare: Added support for the \'-compress\' option.
* compare: Added support for the \'-auto-orient\' option. This tries to assure that the two images are right-side up before comparing. API Updates:
* Magick++: Support the new \'ReadResource\' enumeration. Feature improvements:
* JPEG: Implement more efficient way to append JPEG profile chunks.
* Resource Limited Memory: The resource limited memory allocator now maintains useful statistics such as a tally of the total number of octets moved by realloc. Windows Delegate Updates/Additions:
* None Build Changes:
* In maintainer mode, the configure script searches for a GnuPG \'gpg\' program to use for signing snapshot releases and uses this to support PGP-signed development snapshots. Behavior Changes:
* None
* fixes CVE-2022-1270 [bsc#1198351]- modified patches % GraphicsMagick-disable-insecure-coders.patch (refreshed)
* Mon Dec 13 2021 pgajdosAATTsuse.com- version update to 1.3.37
* bug fix release, see NEWS.txt- modified patches % GraphicsMagick-disable-insecure-coders.patch (refreshed)- added sources + GraphicsMagick-1.3.37.tar.xz.sig