commit ImageMagick for openSUSE:Factory

h_root Tue, 10 May 2016 00:27:06 -0700

Hello community,

here is the log from the commit of package ImageMagick for openSUSE:Factory 
checked in at 2016-05-10 09:26:00
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ImageMagick (Old)
 and      /work/SRC/openSUSE:Factory/.ImageMagick.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "ImageMagick"

Changes:
--------
--- /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick.changes  2016-04-30 
23:24:32.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick.changes     
2016-05-10 09:26:03.000000000 +0200
@@ -1,0 +2,16 @@
+Thu May  5 13:31:42 UTC 2016 - vci...@suse.com
+
+- Disable insecure coders [bnc#978061]
+  * ImageMagick-6.8.8-1-disable-insecure-coders.patch
+  * CVE-2016-3714
+  * CVE-2016-3715
+  * CVE-2016-3716
+  * CVE-2016-3717
+  * CVE-2016-3718
+
+-------------------------------------------------------------------
+Thu May  5 09:02:32 UTC 2016 - pgaj...@suse.com
+
+- Update to 6.9.3-10: fix imagetragick
+
+-------------------------------------------------------------------

Old:
----
  ImageMagick-6.9.3-8.tar.xz
  ImageMagick-6.9.3-8.tar.xz.asc

New:
----
  ImageMagick-6.8.8-1-disable-insecure-coders.patch
  ImageMagick-6.9.3-10.tar.xz
  ImageMagick-6.9.3-10.tar.xz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ ImageMagick.spec ++++++
--- /var/tmp/diff_new_pack.WtAFgw/_old  2016-05-10 09:26:04.000000000 +0200
+++ /var/tmp/diff_new_pack.WtAFgw/_new  2016-05-10 09:26:04.000000000 +0200
@@ -63,7 +63,7 @@
 
 %define maj           6
 %define mfr_version   %{maj}.9.3
-%define mfr_revision  8
+%define mfr_revision  10
 %define quantum_depth 16
 %define source_version %{mfr_version}-%{mfr_revision}
 %define clibver   2
@@ -92,6 +92,7 @@
 # bugs
 # will ask upstream if needed, or if other solution exists
 Patch11:        ImageMagick-6.8.4.0-dont-build-in-install.patch
+Patch20:        ImageMagick-6.8.8-1-disable-insecure-coders.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %package -n perl-PerlMagick
@@ -251,6 +252,7 @@
 %patch3  -p1
 %patch4  -p1
 %patch11 -p1
+%patch20 -p1
 
 # remove executeable bits from per demos
 chmod -x PerlMagick/demo/*.pl

++++++ ImageMagick-6.8.8-1-disable-insecure-coders.patch ++++++
Index: ImageMagick-6.8.8-1/config/policy.xml

Disable insecure loaders by default bsc#978061
sfl...@suse.de

===================================================================
--- ImageMagick-6.8.8-1.orig/config/policy.xml
+++ ImageMagick-6.8.8-1/config/policy.xml
@@ -56,4 +56,11 @@
   <!-- <policy domain="resource" name="time" value="3600"/> -->
   <!-- <policy domain="system" name="precision" value="6"/> -->
   <policy domain="cache" name="shared-secret" value="passphrase"/>
+  <!-- Disable insecure coders by default -->
+  <!-- https://bugzilla.suse.com/show_bug.cgi?id=978061 -->
+  <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+  <policy domain="coder" rights="none" pattern="URL" />
+  <policy domain="coder" rights="none" pattern="HTTPS" />
+  <policy domain="coder" rights="none" pattern="MVG" />
+  <policy domain="coder" rights="none" pattern="MSL" />
 </policymap>
++++++ ImageMagick-6.9.3-8.tar.xz -> ImageMagick-6.9.3-10.tar.xz ++++++
/work/SRC/openSUSE:Factory/ImageMagick/ImageMagick-6.9.3-8.tar.xz 
/work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick-6.9.3-10.tar.xz differ: 
char 26, line 1

commit ImageMagick for openSUSE:Factory

Reply via email to