Hello community, here is the log from the commit of package ImageMagick for openSUSE:Factory checked in at 2016-08-05 18:13:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ImageMagick (Old) and /work/SRC/openSUSE:Factory/.ImageMagick.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "ImageMagick" Changes: -------- --- /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick.changes 2016-06-09 15:56:42.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick.changes 2016-08-05 18:13:33.000000000 +0200 @@ -1,0 +2,20 @@ +Mon Aug 1 09:49:06 UTC 2016 - pgajdos@suse.com + +- updated to 6.9.5-4 + * Prevent buffer overflow + +------------------------------------------------------------------- +Fri Jul 29 09:39:56 UTC 2016 - schuetzm@gmx.net + +- updated to 6.9.5-3: + * Fix MVG stroke-opacity (reference + https://github.com/ImageMagick/ImageMagick/issues/229). + * Prevent possible buffer overflow when reading TIFF images (bug report from + Shi Pu of MS509 Team). + * To comply with the SVG standard, use stroke-opacity for transparent strokes. + * The histogram coder now returns the correct extent. + * Use CopyMagickString() rather than CopyMagickMemory() for strings. + * Correct for numerical instability (reference + https://github.com/ImageMagick/ImageMagick/issues/218). + +------------------------------------------------------------------- Old: ---- ImageMagick-6.9.4-7.tar.xz ImageMagick-6.9.4-7.tar.xz.asc New: ---- ImageMagick-6.9.5-4.tar.xz ImageMagick-6.9.5-4.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ImageMagick.spec ++++++ --- /var/tmp/diff_new_pack.tD8DRm/_old 2016-08-05 18:13:35.000000000 +0200 +++ /var/tmp/diff_new_pack.tD8DRm/_new 2016-08-05 18:13:35.000000000 +0200 @@ -62,8 +62,8 @@ BuildRequires: zip %define maj 6 -%define mfr_version %{maj}.9.4 -%define mfr_revision 7 +%define mfr_version %{maj}.9.5 +%define mfr_revision 4 %define quantum_depth 16 %define source_version %{mfr_version}-%{mfr_revision} %define clibver 2 @@ -252,7 +252,7 @@ %patch3 %patch4 %patch11 -%patch20 -p1 +%patch20 # remove executeable bits from per demos chmod -x PerlMagick/demo/*.pl ++++++ ImageMagick-6.8.8-1-disable-insecure-coders.patch ++++++ --- /var/tmp/diff_new_pack.tD8DRm/_old 2016-08-05 18:13:35.000000000 +0200 +++ /var/tmp/diff_new_pack.tD8DRm/_new 2016-08-05 18:13:35.000000000 +0200 @@ -1,10 +1,8 @@ -Index: ImageMagick-6.9.4-5/config/policy.xml -=================================================================== ---- ImageMagick-6.9.4-5.orig/config/policy.xml 2016-05-31 10:30:53.221396378 +0200 -+++ ImageMagick-6.9.4-5/config/policy.xml 2016-05-31 10:31:24.605900830 +0200 -@@ -66,4 +66,15 @@ - <!-- <policy domain="path" rights="none" pattern="@*" /> --> - <!-- <policy domain="path" rights="none" pattern="|*" /> --> +--- config/policy.xml.orig 2016-07-29 11:23:54.608603779 +0200 ++++ config/policy.xml 2016-07-29 11:27:20.327153334 +0200 +@@ -65,4 +65,15 @@ + <!-- <policy domain="delegate" rights="none" pattern="HTTPS" /> --> + <!-- <policy domain="path" rights="none" pattern="@*"/> --> <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> + <!-- Disable insecure coders by default --> + <!-- https://bugzilla.suse.com/show_bug.cgi?id=978061 --> ++++++ ImageMagick-6.9.4-7.tar.xz -> ImageMagick-6.9.5-4.tar.xz ++++++ /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick-6.9.4-7.tar.xz /work/SRC/openSUSE:Factory/.ImageMagick.new/ImageMagick-6.9.5-4.tar.xz differ: char 26, line 1