Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ImageMagick for openSUSE:Factory checked in at 2026-05-20 15:23:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ImageMagick (Old) and /work/SRC/openSUSE:Factory/.ImageMagick.new.1966 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ImageMagick" Wed May 20 15:23:43 2026 rev:336 rq:1353857 version:7.1.2.23 Changes: -------- --- /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick.changes 2026-05-14 21:42:12.572760200 +0200 +++ /work/SRC/openSUSE:Factory/.ImageMagick.new.1966/ImageMagick.changes 2026-05-20 15:24:14.085431288 +0200 @@ -1,0 +2,22 @@ +Mon May 18 14:32:11 UTC 2026 - Petr Gajdos <[email protected]> + +- version update to 7.1.2.23 + * no upstream changelog +- fixes following GH security advisories: + * GHSA-36wm-hprc-mcf5 + * GHSA-3rvp-mpr5-qjm9 + * GHSA-4g75-9r48-jf92 + * GHSA-533m-3wf6-c33v + * GHSA-5r4x-w6p5-222q + * GHSA-6gxq-f64p-5w6f + * GHSA-7gg8-qqx7-92g5 + * GHSA-88wq-x9gc-45h8 + * GHSA-jcqp-6r6f-3mfx + * GHSA-p93h-f2jc-477j + * GHSA-rcr6-g7jc-f57g + * GHSA-xf64-q5rg-85g5 +- modified patches + * ImageMagick-configuration-SUSE.patch (refreshed) + * ImageMagick_policy_etc.patch (refreshed) + +------------------------------------------------------------------- @@ -6 +28 @@ -- seem to fix following GH security advisories: +- fixes following GH security advisories: Old: ---- ImageMagick-7.1.2-22.tar.xz ImageMagick-7.1.2-22.tar.xz.asc New: ---- ImageMagick-7.1.2-23.tar.xz ImageMagick-7.1.2-23.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ImageMagick.spec ++++++ --- /var/tmp/diff_new_pack.NoiOAn/_old 2026-05-20 15:24:15.141474721 +0200 +++ /var/tmp/diff_new_pack.NoiOAn/_new 2026-05-20 15:24:15.145474885 +0200 @@ -21,7 +21,7 @@ %define debug_build 0 %define asan_build 0 %define mfr_version 7.1.2 -%define mfr_revision 22 +%define mfr_revision 23 %define quantum_depth 16 %define source_version %{mfr_version}-%{mfr_revision} %define clibver 10 ++++++ ImageMagick-7.1.2-22.tar.xz -> ImageMagick-7.1.2-23.tar.xz ++++++ /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick-7.1.2-22.tar.xz /work/SRC/openSUSE:Factory/.ImageMagick.new.1966/ImageMagick-7.1.2-23.tar.xz differ: char 15, line 1 ++++++ ImageMagick-configuration-SUSE.patch ++++++ --- /var/tmp/diff_new_pack.NoiOAn/_old 2026-05-20 15:24:15.197477024 +0200 +++ /var/tmp/diff_new_pack.NoiOAn/_new 2026-05-20 15:24:15.197477024 +0200 @@ -1,8 +1,8 @@ -Index: ImageMagick-7.1.2-18/config/policy-SUSE.xml +Index: ImageMagick-7.1.2-23/config/policy-SUSE.xml =================================================================== ---- ImageMagick-7.1.2-18.orig/config/policy-SUSE.xml -+++ ImageMagick-7.1.2-18/config/policy-SUSE.xml -@@ -62,7 +62,7 @@ +--- ImageMagick-7.1.2-23.orig/config/policy-SUSE.xml ++++ ImageMagick-7.1.2-23/config/policy-SUSE.xml +@@ -65,7 +65,7 @@ <policy domain="resource" name="disk" value="2GiB"/> <!-- Set the maximum length of an image sequence. When this limit is exceeded, an exception is thrown. --> @@ -11,7 +11,7 @@ <!-- Set the maximum width of an image. When this limit is exceeded, an exception is thrown. --> <policy domain="resource" name="width" value="8KP"/> -@@ -85,11 +85,11 @@ +@@ -88,11 +88,11 @@ <!-- Replace passphrase for secure distributed processing --> <!-- <policy domain="cache" name="shared-secret" value="secret-passphrase" stealth="true"/> --> <!-- Do not permit any delegates to execute. --> @@ -25,7 +25,7 @@ <policy domain="path" rights="none" pattern="fd:*"/> <!-- Sensitive paths are not permitted. --> <policy domain="path" rights="none" pattern="/etc/*"/> -@@ -112,4 +112,20 @@ +@@ -115,4 +115,20 @@ <policy domain="system" name="max-memory-request" value="256MiB"/> <!-- If the basename of path is a symbolic link, the open fails --> <policy domain="system" name="symlink" rights="none" pattern="follow"/> ++++++ ImageMagick_policy_etc.patch ++++++ --- /var/tmp/diff_new_pack.NoiOAn/_old 2026-05-20 15:24:15.229478340 +0200 +++ /var/tmp/diff_new_pack.NoiOAn/_new 2026-05-20 15:24:15.233478505 +0200 @@ -1,7 +1,8 @@ -diff -ur ImageMagick-7.1.2-15.orig/config/policy-limited.xml ImageMagick-7.1.2-15/config/policy-limited.xml ---- ImageMagick-7.1.2-15.orig/config/policy-limited.xml 2026-02-22 22:26:44.000000000 +0100 -+++ ImageMagick-7.1.2-15/config/policy-limited.xml 2026-02-23 22:27:10.002838088 +0100 -@@ -82,6 +82,8 @@ +Index: ImageMagick-7.1.2-23/config/policy-limited.xml +=================================================================== +--- ImageMagick-7.1.2-23.orig/config/policy-limited.xml ++++ ImageMagick-7.1.2-23/config/policy-limited.xml +@@ -85,6 +85,8 @@ <!-- <policy domain="path" rights="none" pattern="-"/> --> <!-- don't read sensitive paths. --> <policy domain="path" rights="none" pattern="/etc/*"/> @@ -10,10 +11,11 @@ <!-- Indirect reads are not permitted. --> <policy domain="path" rights="none" pattern="@*"/> <!-- These image types are security risks on read, but write is fine --> -diff -ur ImageMagick-7.1.2-15.orig/config/policy-open.xml ImageMagick-7.1.2-15/config/policy-open.xml ---- ImageMagick-7.1.2-15.orig/config/policy-open.xml 2026-02-22 22:26:44.000000000 +0100 -+++ ImageMagick-7.1.2-15/config/policy-open.xml 2026-02-23 22:28:58.555653280 +0100 -@@ -137,6 +137,8 @@ +Index: ImageMagick-7.1.2-23/config/policy-open.xml +=================================================================== +--- ImageMagick-7.1.2-23.orig/config/policy-open.xml ++++ ImageMagick-7.1.2-23/config/policy-open.xml +@@ -140,6 +140,8 @@ <!-- <policy domain="path" rights="none" pattern="-"/> --> <!-- don't read sensitive paths. --> <!-- <policy domain="path" rights="none" pattern="/etc/*"/> --> @@ -22,10 +24,11 @@ <!-- Indirect reads are not permitted. --> <!-- <policy domain="path" rights="none" pattern="@*"/> --> <!-- These image types are security risks on read, but write is fine --> -diff -ur ImageMagick-7.1.2-15.orig/config/policy-secure.xml ImageMagick-7.1.2-15/config/policy-secure.xml ---- ImageMagick-7.1.2-15.orig/config/policy-secure.xml 2026-02-22 22:26:44.000000000 +0100 -+++ ImageMagick-7.1.2-15/config/policy-secure.xml 2026-02-23 22:24:51.662615465 +0100 -@@ -93,6 +93,8 @@ +Index: ImageMagick-7.1.2-23/config/policy-secure.xml +=================================================================== +--- ImageMagick-7.1.2-23.orig/config/policy-secure.xml ++++ ImageMagick-7.1.2-23/config/policy-secure.xml +@@ -96,6 +96,8 @@ <policy domain="path" rights="none" pattern="fd:*"/> <!-- Sensitive paths are not permitted. --> <policy domain="path" rights="none" pattern="/etc/*"/> @@ -34,10 +37,11 @@ <!-- Relative paths are not permitted. --> <policy domain="path" rights="none" pattern="*../*"/> <!-- Indirect reading is not permitted. --> -diff -ur ImageMagick-7.1.2-15.orig/config/policy-websafe.xml ImageMagick-7.1.2-15/config/policy-websafe.xml ---- ImageMagick-7.1.2-15.orig/config/policy-websafe.xml 2026-02-22 22:26:44.000000000 +0100 -+++ ImageMagick-7.1.2-15/config/policy-websafe.xml 2026-02-23 22:25:26.342788070 +0100 -@@ -89,6 +89,8 @@ +Index: ImageMagick-7.1.2-23/config/policy-websafe.xml +=================================================================== +--- ImageMagick-7.1.2-23.orig/config/policy-websafe.xml ++++ ImageMagick-7.1.2-23/config/policy-websafe.xml +@@ -92,6 +92,8 @@ <policy domain="path" rights="none" pattern="fd:*"/> <!-- Sensitive paths are not permitted. --> <policy domain="path" rights="none" pattern="/etc/*"/> @@ -46,10 +50,11 @@ <!-- Relative paths are not permitted. --> <policy domain="path" rights="none" pattern="*../*"/> <!-- Indirect reading is not permitted. --> -diff -ur ImageMagick-7.1.2-15.orig/config/policy-SUSE.xml ImageMagick-7.1.2-15/config/policy-secure.xml ---- ImageMagick-7.1.2-15.orig/config/policy-SUSE.xml 2026-02-22 22:26:44.000000000 +0100 -+++ ImageMagick-7.1.2-15/config/policy-SUSE.xml 2026-02-23 22:24:51.662615465 +0100 -@@ -93,6 +93,8 @@ +Index: ImageMagick-7.1.2-23/config/policy-SUSE.xml +=================================================================== +--- ImageMagick-7.1.2-23.orig/config/policy-SUSE.xml ++++ ImageMagick-7.1.2-23/config/policy-SUSE.xml +@@ -96,6 +96,8 @@ <policy domain="path" rights="none" pattern="fd:*"/> <!-- Sensitive paths are not permitted. --> <policy domain="path" rights="none" pattern="/etc/*"/>
