commit GraphicsMagick for openSUSE:Factory

Sat, 01 Jul 2017 05:06:54 -0700 

Hello community,

here is the log from the commit of package GraphicsMagick for openSUSE:Factory 
checked in at 2017-07-01 14:06:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/GraphicsMagick (Old)
 and      /work/SRC/openSUSE:Factory/.GraphicsMagick.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "GraphicsMagick"

Sat Jul  1 14:06:12 2017 rev:57 rq:507403 version:1.3.25

Changes:
--------
--- /work/SRC/openSUSE:Factory/GraphicsMagick/GraphicsMagick.changes    
2016-09-27 13:45:15.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.GraphicsMagick.new/GraphicsMagick.changes       
2017-07-01 14:06:35.167304852 +0200
@@ -1,0 +2,6 @@
+Mon Jun 26 06:49:55 UTC 2017 - pgaj...@suse.com
+
+- complementary fix for CVE-2017-8350 [bsc#1036985 c13-c21]
+  * GraphicsMagick-CVE-2017-8350.patch
+
+-------------------------------------------------------------------

New:
----
  GraphicsMagick-CVE-2017-8350.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ GraphicsMagick.spec ++++++
--- /var/tmp/diff_new_pack.Dt7xQN/_old  2017-07-01 14:06:35.763220996 +0200
+++ /var/tmp/diff_new_pack.Dt7xQN/_new  2017-07-01 14:06:35.767220433 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package GraphicsMagick
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -36,6 +36,7 @@
 Patch0:         %{name}-perl-link.patch
 Patch2:         %{name}-debian-fixed.patch
 Patch10:        %{name}-include.patch
+Patch11:        GraphicsMagick-CVE-2017-8350.patch
 BuildRequires:  cups-client
 BuildRequires:  dcraw
 BuildRequires:  freetype2-devel
@@ -150,7 +151,6 @@
 %package        devel
 Summary:        Viewer and Converter for Images - files mandatory for 
development
 Group:          Development/Libraries/C and C++
-# These comes from check in AB for 11.4
 Requires:       glibc-devel
 Requires:       libGraphicsMagick-Q%{quant}-%{so_ver} = %{version}
 Requires:       libGraphicsMagickWand-Q%{quant}-%{wand_so_ver} = %{version}
@@ -231,6 +231,7 @@
 %patch0 -p1
 %patch2 -p1
 %patch10
+%patch11 -p1
 
 %build
 export PERLOPTS="PREFIX=%{buildroot}%{_prefix}"

++++++ GraphicsMagick-CVE-2017-8350.patch ++++++
--- a/coders/png.c      Mon Jun 19 08:42:07 2017 -0500
+++ b/coders/png.c      Thu Jun 22 16:20:44 2017 -0400
@@ -3531,6 +3531,7 @@
             Don't throw exception here since ReadImage() will already
             have thrown it.
           */
+          DestroyImage(image);
           return (Image *) NULL;
         }

Reply via email to