Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ImageMagick for openSUSE:Factory checked in at 2026-03-18 16:49:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ImageMagick (Old) and /work/SRC/openSUSE:Factory/.ImageMagick.new.8177 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ImageMagick" Wed Mar 18 16:49:15 2026 rev:328 rq:1339577 version:7.1.2.17 Changes: -------- --- /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick.changes 2026-03-11 20:49:41.608085031 +0100 +++ /work/SRC/openSUSE:Factory/.ImageMagick.new.8177/ImageMagick.changes 2026-03-18 16:49:33.578652299 +0100 @@ -1,0 +2,19 @@ +Tue Mar 17 11:03:31 UTC 2026 - Petr Gajdos <[email protected]> + +- version lupdate to 7.1.2.17 + * Add cast to unsigned char helper method to check for out of band data + * eliminate compiler warning + * https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rwgm-46rq-f86h + * ImageMagick/ImageMagick#8609 + * ImageMagick/ImageMagick#8608 + * https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-354p-2qx7-jg9g + * Corrected out of bounds write of a single zero byte (GHSA-gc62-2v5p-qpmp) + * https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-354p-2qx7-jg9g + * ImageMagick/ImageMagick#8603 + * ImageMagick/ImageMagick#5807 + * Apply correct patch for GHSA-cqw9-w2m7-r2m2. +- modified patches + * ImageMagick-library-installable-in-parallel.patch (refreshed) +- fixes CVE-2026-32259 [bsc#1259612] + +------------------------------------------------------------------- @@ -13,0 +33,17 @@ +- fixes CVE-2026-28693 [bsc#1259466] + CVE-2026-30883 [bsc#1259467] + CVE-2026-30929 [bsc#1259468] + CVE-2026-30931 [bsc#1259469] + CVE-2026-28493 [bsc#1259446] + CVE-2026-28494 [bsc#1259447] + CVE-2026-28686 [bsc#1259448] + CVE-2026-28687 [bsc#1259450] + CVE-2026-28691 [bsc#1259455] + CVE-2026-28690 [bsc#1259456] + CVE-2026-28692 [bsc#1259457] + CVE-2026-28688 [bsc#1259451] + CVE-2026-30936 [bsc#1259464] + CVE-2026-28689 [bsc#1259452] + CVE-2026-30937 [bsc#1259463] + CVE-2026-30935 [bsc#1259497] + CVE-2026-31853 [bsc#1259528] Old: ---- ImageMagick-7.1.2-16.tar.xz ImageMagick-7.1.2-16.tar.xz.asc New: ---- ImageMagick-7.1.2-17.tar.xz ImageMagick-7.1.2-17.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ImageMagick.spec ++++++ --- /var/tmp/diff_new_pack.K6nt4u/_old 2026-03-18 16:49:34.998711782 +0100 +++ /var/tmp/diff_new_pack.K6nt4u/_new 2026-03-18 16:49:34.998711782 +0100 @@ -22,7 +22,7 @@ %define debug_build 0 %define asan_build 0 %define mfr_version 7.1.2 -%define mfr_revision 16 +%define mfr_revision 17 %define quantum_depth 16 %define source_version %{mfr_version}-%{mfr_revision} %define clibver 10 ++++++ ImageMagick-7.1.2-16.tar.xz -> ImageMagick-7.1.2-17.tar.xz ++++++ /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick-7.1.2-16.tar.xz /work/SRC/openSUSE:Factory/.ImageMagick.new.8177/ImageMagick-7.1.2-17.tar.xz differ: char 15, line 1 ++++++ ImageMagick-library-installable-in-parallel.patch ++++++ --- /var/tmp/diff_new_pack.K6nt4u/_old 2026-03-18 16:49:35.066714631 +0100 +++ /var/tmp/diff_new_pack.K6nt4u/_new 2026-03-18 16:49:35.070714798 +0100 @@ -1,8 +1,8 @@ -Index: ImageMagick-7.1.2-16/configure +Index: ImageMagick-7.1.2-17/configure =================================================================== ---- ImageMagick-7.1.2-16.orig/configure -+++ ImageMagick-7.1.2-16/configure -@@ -37284,7 +37284,9 @@ fi +--- ImageMagick-7.1.2-17.orig/configure ++++ ImageMagick-7.1.2-17/configure +@@ -37295,7 +37295,9 @@ fi # Subdirectory to place architecture-dependent configuration files
