Hello community, here is the log from the commit of package ImageMagick for openSUSE:Factory checked in at 2018-09-20 11:39:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ImageMagick (Old) and /work/SRC/openSUSE:Factory/.ImageMagick.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ImageMagick" Thu Sep 20 11:39:41 2018 rev:167 rq:634675 version:7.0.8.11 Changes: -------- --- /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick.changes 2018-08-15 10:30:27.739428741 +0200 +++ /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick.changes 2018-09-20 11:39:47.084915517 +0200 @@ -1,0 +2,25 @@ +Mon Sep 3 08:20:41 UTC 2018 - pgaj...@suse.com + +- update to 7.0.8-11: + * Fixed numerous use of uninitialized values, integer overflow, memory + exceeded, and timeouts (credit to OSS Fuzz). + * Add support for "module" security policy. + +------------------------------------------------------------------- +Wed Aug 22 09:10:19 UTC 2018 - pgaj...@suse.com + +- disable PS, PS2, PS3, XPS and PDF coders in default policy.xml + [bsc#1105592] + +------------------------------------------------------------------- +Fri Aug 17 07:54:19 UTC 2018 - pgaj...@suse.com + +- update to 7.0.8-10: + * Added dcraw coder (dcraw:img.cr2) that can be used to force the use of the + dcraw delegate when libraw is the default raw delegate. + * Restored thread support for the HEIC coder. + * ThumbnailImage function no longer reveals sensitive information (reference + https://github.com/ImageMagick/ImageMagick/issues/1243). +- remove upstreamed ImageMagick-filter.t.patch + +------------------------------------------------------------------- Old: ---- ImageMagick-7.0.8-9.tar.bz2 ImageMagick-7.0.8-9.tar.bz2.asc ImageMagick-filter.t.patch New: ---- ImageMagick-7.0.8-11.tar.bz2 ImageMagick-7.0.8-11.tar.bz2.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ImageMagick.spec ++++++ --- /var/tmp/diff_new_pack.5KBmBO/_old 2018-09-20 11:39:47.944915012 +0200 +++ /var/tmp/diff_new_pack.5KBmBO/_new 2018-09-20 11:39:47.944915012 +0200 @@ -18,7 +18,7 @@ %define maj 7 %define mfr_version %{maj}.0.8 -%define mfr_revision 9 +%define mfr_revision 11 %define quantum_depth 16 %define source_version %{mfr_version}-%{mfr_revision} %define clibver 6 @@ -45,8 +45,6 @@ #%%ifarch s390x s390 ppc64 ppc Patch3: ImageMagick-s390-disable-tests.patch #%%endif -# https://github.com/ImageMagick/ImageMagick/issues/1241 -Patch4: ImageMagick-filter.t.patch BuildRequires: chrpath BuildRequires: dos2unix BuildRequires: fdupes @@ -298,7 +296,6 @@ %ifarch s390x s390 ppc ppc64 %patch3 -p1 %endif -%patch4 -p1 %build # bsc#1088463 ++++++ ImageMagick-7.0.8-9.tar.bz2 -> ImageMagick-7.0.8-11.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick-7.0.8-9.tar.bz2 /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick-7.0.8-11.tar.bz2 differ: char 11, line 1 ++++++ ImageMagick-disable-insecure-coders.patch ++++++ --- /var/tmp/diff_new_pack.5KBmBO/_old 2018-09-20 11:39:47.980914991 +0200 +++ /var/tmp/diff_new_pack.5KBmBO/_new 2018-09-20 11:39:47.980914991 +0200 @@ -1,8 +1,8 @@ -Index: ImageMagick-7.0.6-0/config/policy.xml +Index: ImageMagick-7.0.8-10/config/policy.xml =================================================================== ---- ImageMagick-7.0.6-0.orig/config/policy.xml 2017-06-28 09:11:49.170299620 +0200 -+++ ImageMagick-7.0.6-0/config/policy.xml 2017-06-28 09:13:16.191813685 +0200 -@@ -76,4 +76,15 @@ +--- ImageMagick-7.0.8-10.orig/config/policy.xml 2018-08-13 13:05:28.000000000 +0200 ++++ ImageMagick-7.0.8-10/config/policy.xml 2018-08-22 12:24:40.219828953 +0200 +@@ -74,4 +74,20 @@ <!-- <policy domain="cache" name="memory-map" value="anonymous"/> --> <!-- <policy domain="cache" name="synchronize" value="True"/> --> <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> --> @@ -17,4 +17,9 @@ + <policy domain="coder" rights="none" pattern="SHOW" /> + <policy domain="coder" rights="none" pattern="WIN" /> + <policy domain="coder" rights="none" pattern="PLT" /> ++ <policy domain="coder" rights="none" pattern="PS" /> ++ <policy domain="coder" rights="none" pattern="PS2" /> ++ <policy domain="coder" rights="none" pattern="PS3" /> ++ <policy domain="coder" rights="none" pattern="PDF" /> ++ <policy domain="coder" rights="none" pattern="XPS" /> </policymap>
