Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

GraphicsMagick-devel-1.3.28-lp150.2.2 RPM for x86_64

From OpenSuSE Leap 15.0 for x86_64

Name: GraphicsMagick-devel Distribution: openSUSE Leap 15.0
Version: 1.3.28 Vendor: openSUSE
Release: lp150.2.2 Build date: Thu Apr 5 18:00:13 2018
Group: Development/Libraries/C and C++ Build host: lamb27
Size: 349475 Source RPM: GraphicsMagick-1.3.28-lp150.2.2.src.rpm
Summary: Development files for the GraphicsMagick C language API
GraphicsMagick provides an image manipulation and translation utility
and library. It can read and write over 88 image formats, including
JPEG, TIFF, WMF, SVG, PNG, PNM, GIF, andPhoto CD. It also allows to
resize, rotate, sharpen, color reduce, or add special effects to an
image and to save the result to any supported format. GraphicsMagick
may be used to create animated or transparent .gifs, to composite
images, and to create thumbnail images.






* Tue Feb 20 2018
  - Add explicit buildrequires on: pkgconfig(libwebpmux),
    pkgconfig(libpng), pkgconfig(x11), pkgconfig(xext),
    pkgconfig(zlib), libjpeg-devel. all
    of them direct build dependencies but not included in
    the spec file
* Wed Jan 24 2018
  - upate to 1.3.28:
    * Security Fixes:
      BMP: Fix non-terminal loop due to unexpected bit-field mask
      value (DOS opportunity).
      PALM: Fix heap buffer underflow in builds with QuantumDepth=8.
      SetNexus() Fix heap overwrite under certain conditions due to
      using a wrong destination buffer. This issue impacts all
      1.3.X releases.
      TIFF: Fix heap buffer read overflow in LocaleNCompare() when
      parsing NEWS profile.
    * Bug fixes:
      DescribeImage(): Eliminate possible use of null pointer.
      GIF: Fix memory leak of global colormap in error path.
      GZ: Writing to gzip files with the extension ".gz" was
      not working with Zlib 1.2.8.
      JNG: Fix buffer read overflow (a tiny fixed overflow of just
      one byte).
      JPEG: Promoting certain libjpeg warnings to errors caused
      much more problems than expected. The promotion of
      warnings to errors is removed. Claimed pixel dimensions
      are validated by file size before allocating memory for
      the pixels.
      IntegralRotateImage(): Assure that reported error in rotate by
      270 case does immediately terminate processing.
      MNG: Fix possible null pointer reference related to DEFI chunk
      parsing. Fix minor heap read overflow (constrained to just
      one byte) due to an ordering issue in a limit check. Fix
      memory leaks in error path.
      WebP: Fix stack buffer overflow in WriteWEBPImage() which
      occurs with libwebp 0.5.0 or newer due to a structure type
      change in the structure passed to the progress monitor
      WPG: Memory leaks fixed.
    * API Updates:
      InterpolateViewColor(): This function now returns MagickPassFail
      (an unsigned int) rather than void so that errors can be
      efficiently reported.
      The magick/pixel_cache.h header is updated to add deprecation
      attributes such that code using GetPixels(), GetIndexes(),
      and GetOnePixel() will produce deprecation warnings for
      compilers which support them. These functions will not be
      removed in the 1.3.X release series and when they are
      removed, pre-processor macros will be added so a replacement
      function is used instead. There is a long-term objective to
      eliminate functionally-redundant pixel cache functions to
      only the ones with the best properties since this reduces
      maintenance and may reduce the depth of the call stack
      (improving performance).
    * removed unneded GraphicsMagick-release-date-missing-quote.patch
* Wed Jan 10 2018
  - update to 1.3.27:
    * New Features:
      . PNG: Implemented eXIf chunk support.
      . WEBP: Add support for EXIF and ICC metadata provided that at
      least libwebp 0.5.0 is used.
      . Magick++ Image autoOrient(): New Image method to auto-orient an
      image so it looks right-side up by default.
    * Behavior Changes:
      . PALM: PALM writer is disabled.
      . ThrowLoggedException(): Capture the first exception
      at ErrorException level or greater, or only capture exception
      if it is more severe than an already reported exception.
      . DestroyJNG(): This internal function is now declared static
      and is removed from shared library or DLL namespace.
    * lot of security and other bug fixes, see
  - added GraphicsMagick-release-date-missing-quote.patch
* Tue Sep 19 2017
  - builds for sle11
* Mon Sep 11 2017
  - fix perl bindings
    + GraphicsMagick-perl-linkage.patch from fedora
  - turn on perl test suite
* Mon Jul 24 2017
  - Trim descriptions. Redo summaries and RPM groups.
* Fri Jul 21 2017
  - Drop patches not meintioned in the changelog ever:
    * GraphicsMagick-debian-fixed.patch
    * GraphicsMagick-include.patch
    * GraphicsMagick-perl-link.patch
    * The package builds just fine without them and there is no
      refference explaining it
  - Convert the deps to pkgconfig variants where possible.
* Fri Jul 21 2017
  - Version update to 1.3.26:
    * DPX: Fix excessive use of memory (DOS issue) due to file header
      claiming large image dimensions but insufficient backing
      data. (CVE-2017-10799 bsc#1047054).
    * JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350).
    * MAT: Fix excessive use of memory (DOS issue) due to continuing
      processing with insufficient data and claimed large image
      size. Verify each file extent to make sure that it is within range
      of file size. (CVE-2017-10800 bsc#1047044).
    * META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800).
    * PCX: Fix denial of service issue.
    * RLE: Fix abnomally slow operation (denial of service issue) with
      intentionally corrupt colormapped file.
    * PICT: Fix possible buffer overflow vulnerability given suitably
      truncated input file.
    * PNG: Enforce spec requirement that the dimensions of the JPEG
      embedded in a JDAT chunk must match the JHDR dimensions
    * PNG: Avoid NULL dereference when MAGN chunk processing fails.
    * SCT: Fix stack-buffer read overflow (underflow?) while reading SCT
    * SGI: Fix denial of service issues.  Delay large memory allocations
      until file header has fully passed sanity checks.
    * TIFF: Fix out of bounds read when reading CMYKA TIFF which claims to
      have only 2 samples per pixel (CVE-2017-6335 bsc#1027255).
    * TIFF: Fix out of bounds read when reading RGB TIFF which claims to
      have only 1 sample per pixel (CVE-2017-10794).
    * WPG: Fix heap overflow (CVE-2016-7996).  Fix assertion crash
    * DifferenceImage(): Fix Fix all-black difference image if an input
      file is colormapped.
    * EXIF orientation was not being properly detected for some files.
    * -frame: The `import` command -frame handling was improperly
      implemented and was using already freed data.
    * GIF: Fixes for "Excessive LZW string data" problem.
    * Magick++: Bug fixes to PathSmoothCurvetoRel::operator() and
    * PAM: Support writing GRAYSCALE PAM format.
    * PNG: Fix memory leaks.
    * SVG: Fixed a memory leak.  Fixed a possible null pointer dereference.
    * TclMagick: Problem that TkMagick could not resolve functions from
      TclMagick under Linux is fixed.
    * TclMagick: Fix parser validatation in magickCmd() to avoid crash
      given a syntax error.
    * TIFF: Fix for reading old JPEG files (avoids "Improper call to JPEG
      library in state 0. (LibJpeg).").
    * TXT: Fixed memory leak.
    * XCF: Error checking is improved.
    * EXIF rotation: Support is added such that the EXIF orientation tag
      is updated when the image is rotated.
    * MAT: Now support reading multiple images from Matlab V4 format.
    * Magick++: Orientation method now updates orientation in EXIF
      profile, if it exists.
    * Magick++: Added Image attribute method which accepts a 'char *'
      argument, and will remove the attribute if the value argument is
    * -orient: The -orient command line option now also updates the
      orientation in the EXIF profile, if it exists.
    * PGX: Support PGX JPEG 2000 format for reading and writing (within
      the bounds of what JasPer supports).
    * Wand API: Added MagickAutoOrientImage(),
      MagickGetImageOrientation(), MagickSetImageOrientation(),
      MagickRemoveImageOption(), and MagickClearException().
  - Drop merged patch GraphicsMagick-CVE-2017-8350.patch
* Mon Jun 26 2017
  - complementary fix for CVE-2017-8350 [bsc#1036985 c13-c21]
    * GraphicsMagick-CVE-2017-8350.patch
* Mon Sep 26 2016
  - update to 1.3.25:
    * EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
      overflow in EscapeParenthesis() used in the text annotation code.
      While not being able to reproduce the issue, the implementation of
      this function is completely redone.
    * Utah RLE: Reject truncated/absurd files which caused huge memory
      allocations and/or consumed huge CPU.  Problem was reported by
      Agostino Sarubbo based on testing with AFL.
    * SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
      the MVG rendering code (also impacts SVG).
    * TIFF: Fix heap buffer read overflow while copying sized TIFF
      attributes.  Problem was reported by Agostino Sarubbo based on
      testing with AFL.
* Thu Jun 23 2016
  - Build "gm" as position independend executable (PIE).
* Mon Jun 06 2016
  - updated to 1.3.24:
    * many security related changes (incl. CVE-2016-5118), see
  - removed patches:
    * GraphicsMagick-CVE-2016-5118.patch
    * GraphicsMagick-upstream-delegates-safer.patch
    * GraphicsMagick-upstream-disable-mvg-ext.patch
    * GraphicsMagick-upstream-disable-tmp-magick-prefix.patch
    * GraphicsMagick-upstream-image-sanity-check.patch
* Mon May 30 2016
  - security update:
    * CVE-2016-5118 [bsc#982178]
      + GraphicsMagick-CVE-2016-5118.patch
* Mon May 09 2016
  - Multiple security issues in GraphicsMagick/ImageMagick [boo#978061]
    (CVE-2016-3714, CVE-2016-3718, CVE-2016-3715, CVE-2016-3717)
    * GraphicsMagick-upstream-delegates-safer.patch
    * GraphicsMagick-upstream-disable-mvg-ext.patch
    * GraphicsMagick-upstream-disable-tmp-magick-prefix.patch
    * GraphicsMagick-upstream-image-sanity-check.patch
* Sun Nov 08 2015
  - Update to version 1.3.23
    * See included NEWS.txt for details
* Mon Oct 05 2015
  - Update to version 1.3.22
    * See included NEWS.txt for details
* Sat Mar 21 2015
  - Update to version 1.3.21
    * See included NEWS.txt for details
* Wed Sep 17 2014
  - Move library configuration files to separated package
* Tue Sep 16 2014
  - Fix devel package dependencies
* Sat Sep 13 2014
  - Update to version 1.3.20
    * See included NEWS.txt for details
  - Enable quantum depth in shared library names
  - Enable bzip2, jbig, webp support
  - Use LCMSv2
* Tue Feb 25 2014
  - Fix quantum depth in package description
* Thu Jan 02 2014
  - updated to 1.3.19:
    * EPT: Fix crash observed when Ghostscript fails to produce useful
      output.  This was particularly noticeable when Ghostscript was not
      installed.  This crash could be used to cause denial of service.
    * PNG: With libpng 1.6.X, avoid a crash while copying a PNG with a
      "known incorrect ICC profile".  This crash could be used to cause
      denial of service.
    * etc. see NEWS.txt
* Mon Jul 15 2013
  - set quantum depth to 16 [bnc#828380]
* Tue Mar 12 2013
  - updated to 1.3.18:
    * Due to `GCC bug 53967`_, several key agorithms (e.g. convolution)
      may execute much faster (e.g. 2-3X) for x86-64 and/or when SSE is
      enabled for floating point math (`-mfpmath=sse`) if the GCC option
      `-frename-registers` is used. Default 32-bit builds do not
      experience the problem since they use '387 math.  It is not clear
      in what version of GCC this problem started but it was not noticed
      by the developers until the GCC 4.6 timeframe.  Other compilers do
      not suffer from this bug.
    * Fixed bug with format substitutions if input string ends with a
      single '%'.
    * BMP: Fixed an old bug with decoding chromaticity primaries.
    * PNG: Fixed reading of interlaced images.  Fix reading of sub-8-bit
      palette and grayscale images.  Some PNG sub-formats were written
      incorrectly.  Fix crash in PNG8 writer if image colors happened to
      be non-zero but image was not actually colormapped.
    * PNG: Configure script now also searches for libpng versions 16 and
    * TIFF: Fix a crash which was noticed when writing RGBA separated
      (planar) format.
    * `--enable-symbol-prefix` was not prefixing all of the C
      symbols. Some core C library functions were not prefixed.  This
      option applies to the Wand library API as well now.
    * C API: When input is from a user-provided file descriptor, the
      file position is restored after reading the file header bytes.
      Previously the file position was rewound to the beginning of the
      file.  This allows reading embedded image data from the current
      offset in a file, and allows continuing to use the stream after
      GraphicsMagick has returned the image.
    * C API: It is now possible to invoke CloseBlob() multiple times.
    * etc. see NEWS.txt
* Mon Oct 15 2012
  - updated to 1.3.17:
    * PNG: Fix for CVE-2012-3438. The Magick_png_malloc function in
      coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper
      variable type for the allocation size, which might allow remote
      attackers to cause a denial of service (crash) via a crafted PNG
      file that triggers incorrect memory allocation.
    * PNG: Reading sub-8-bit palette images is fixed (images looked
    * SVG: Fixed bug which allowed MVG and SVG files with long vector
      paths to crash the software.
    * SVG: Ignore XML headers rather than rendering them as text.
    * MVG/SVG/WMF/-draw: It is now possible to draw a plain ','
    * etc., see NEWS.txt
* Tue Jul 31 2012
  -  fixed PerlMagick/ [bnc#771540]
* Mon Jun 25 2012
  - updated to 1.3.16:
    Security Fixes:
    * Don't translate 'comment' and 'label' attributes if the request is
      made while a file is being read.  Only translate such attributes
      if they come from the command line or API user.
    Bug fixes:
    * SWT: SWT reader suffered from a number of implementation errors
      which caused it not to work any more.  Works again.
    * XBM: Fix memory leak observed when reading file in 'ping' mode.
    * Support -trim on images which use a consistent (single color)
      transparent background.  In this case, trim is done based on
      opacity rather than foreground color.
    * Include <sys/types.h> in order to assure that 'size_t' and
      'ssize_t' are declared.  This is necessary since
      MagickExtentImage() uses these types as part of its definition.
    * +repage was not working because parser was insisting that it
      should include an argument.
      (i.e. multiplying rather than dividing).
    * PerlMagick: Fix compilation with Perl 5.16.
    * PingBlob(): PingBlob was not working for all cases.  Is now based
      on BlobToImage() for assured reliability.
    Feature improvements:
    * MAT: Animated movies inside 4D matrices are loaded now.
    * PDF: File base name is used as the document title.
    * PNG: Fix issues observed specifically with libpng 1.5.10.
    Performance Improvements:
    * Pixel iterators should be more efficient now if the image uses a
      file-backed cache.
    * Motion blur algorithm does scale well as cores are added so
      include OpenMP support for it by default.
* Mon Jun 04 2012
  - added PerlMagick/typemap to build module with perl 5.16; to be
    removed for 1.4.0
* Wed May 02 2012
  - updated to 1.3.15:
    Bug fixes:
    * PNG - fixed problem with bit depth when the encoder decides to
      write RGBA instead of indexed PNG.
    * Fixed some temporary file leaks which were caused by the temporary
      file name being automatically extended to include a scene number,
      and therefore fail to be deleted.
    New Features:
    * Added '+noise random' and '-operator noise-random' to 'convert'
      and 'mogrify'.  This modulates the existing image data with
      uniformely random noise.
    * Added -strip option in composite, convert, mogrify, and montage to
      remove all profiles and text attributes from the image.
    * Added -repage option to composite, convert, mogrify, and montage
      subcommands to reset or adjust the current image page offsets
      based on a provided geometry specification.
    * New C function StripImage() to remove all profiles and text
      attributes from the image.
    * New C function ResetImagePage() to adjust the current image page
      canvas and position based on a relative page specification.
    * C functions GenerateDifferentialNoise(), AddNoiseImageChannel(),
      QuantumOperatorRegionImage(), AddNoiseImage() updated to support
      RandomNoise enumeration.
    * New C++ Image method strip(), and unary function stripImage() to
      remove all profiles and text attributes from the image.
    * XCF format now respects image subimage and subrange members so
      that returned image layers may be selected.
    * The INFO coder (e.g. output file "info:-") now respects the
    - format option so that its output may be adjusted identically to
      how -format works for 'identify'.
    * TclMagick now supports Random noise.
    Feature improvements:
    * C function ThumbnailImage() now allows the user to override the
      filter used, but still defaults to using the box filter.
    Behavior Changes:
    * No longer add a printf-style scene formatting specification to
      filenames which do not have one and no longer automatically
      operate in 'adjoin' mode in such cases.  If multiple numbered
      files are intended to be output, then add +adjoin to the command
      line and use an output filename specification similar to
      "image-%d.jpg".  Output files are now completely specified and
      predictable but this may break some existing usages which
      anticipate the automatic file numbering.
* Mon Feb 27 2012
  - updated to 1.3.14:
    Bug fixes:
    * TGA format: Assume that 32-bit TGA files have an alpha channel,
      even if they are not marked as such.
    * XCF format: Fix reading XCF which is comprised of different sized
    * JPEG & CineonLog: Convert RGB-compatible colorspaces
      (e.g. CineonLog) to RGB by default since that was the case prior
      to release 1.3.13.
    * RAW formats: Small memory leak in dcraw module was fixed.
    * Resize: ResizeImage() was ignoring its resize filter argument and
      was using the filter setting from the Image structure instead.
    * The mirror virtual pixel method was broken.
    New Features:
    * Open64 Compiler Suite: Version 5.0 is fully supported.
    * Wand API: Added MagickExtentImage().
    * MEF RAW: Mamiya Photo RAW "MEF" format is now supported.
    Feature improvements:
    * DPX format: Original file endianness is preserved by default.
    Performance Improvements:
    * Despeckle algorithm (-despeckle) is many times faster.
    Behavior Changes:
    * DPX format: Original file endianness is preserved by default.
* Tue Dec 27 2011
  - updated to 1.3.13:
    * In I/O blob, don't rewind already open file handle passed to
      OpenBlob() since we don't know the intended state of this file
      handle, and because it prevents appending to an existing file.
    * In AppendImageProfile(), don't leak profile buffer while appending
      a chunk to an existing profile.
    * Fix deadlock in ClonePixelCache() which was caused by using the
      same semaphore pointer in the source and destination images.
    * etc. see NEWS.txt
  - disabled perl.patch
* Mon Apr 11 2011
  - removed dependency of devel packages on the main package
* Wed Dec 22 2010
  - restoring *-config scripts as in upstream version: their removal
    breaks older software
* Tue Dec 14 2010
  - package no longer requires -fno-strict-aliasins
  - fix -devel package dependencies
  - run make check
  - exclude *-config scripts, whatever uses them _must_ use pkgconfig
    to avoid the mess this scripts create.
* Mon Jul 12 2010
  - added xorg-x11-fonts as runtime dependency [bnc#619103]
* Tue Mar 09 2010
  - updated to version 1.3.12:
    * Filter mode (write to stdout) was completely broken.
    * Should now compile with libpng 1.4.
    * DCX output format is only written on request.  Previously the PCX
      coder would automatically switch to DCX format if multiple frames
      would be written.
* Tue Feb 23 2010
  - updated to version 1.3.11:
    * Fixed array underflow on systems using signed char
      which could result in a program crash due to extended
      characters in filenames or in certain file formats.
    * Fixed array underflow on systems using signed char
      which could result in a program crash due to extended
      characters in filenames or in certain file formats.
    * Added a -thumbnail command to 'convert' and 'mogrify'.
      This is a faster way to scale down the image when
      speed is a primary concern.
    * Added a -extent command to 'convert' and 'mogrify'
      which composites the image on top of a backing
      canvas image of solid color.
    * Added support for -compose to the 'convert' and
      'mogrify', which were documented to support it
      (but did not).
    * Requests for 'Over' and 'Atop' composition are
      converted to a request for the (faster) 'Copy'
      composition when both images are opaque.
* Mon Feb 15 2010
  - updated to version 1.3.10:
    * +adjoin was not working correctly for the case when only one image
      frame is present.  With +adjoin and writing one frame to
      "foo%d.jpg" it was outputting "foo%d.jpg" rather than "foo0.jpg".
    * When drawing paths, memory allocation for the points was much
      larger than it needed to be (patch by Vladimir Lukianov).
    * To reiterate the change which first appeared in 1.3.9, there is no
      longer an implicit +adjoin if the output file name happens to
      contain a %d sequence, or there are multiple frames and the output
      file format only supports storing one frame.  Specify +adjoin if
      scene number substition is desired in the output file names.
* Mon Feb 08 2010
  - updated to version 1.3.9:
    * There is no longer an implicit 'adjoin' if an output filename
      contains an apparent scene specification (e.g. foo%02d.tiff) and
      multiple files are not needed to save the image..  It is necessary
      to use +adjoin.  For example ``gm convert foo.pdf +adjoin
    * For formats which support multiple frames, output with +adjoing to
      filenames containing a scene specification (e.g. foo%02d.tiff) was
      resulting in wrong output file names.
    * -flatten now applies the image background color under the first
      image in the list if it is not already opaque.
    * Fix "double free" error when using gm import -frame.
    * XPM does not support RGBA color syntax, so return RGB instead.
    * The display '-update' option was only working in conjunction with
      the '-delay' option with a delay setting of 2 or greater.
    * -convolve was crashing rather than reporting an error.
    * Fixed crash if the number of OpenMP threads was reduced from the
      original value via '-limit threads' or omp_set_num_threads().
    * -blur was not blurring the opacity channel for solid-color images.
    * Several deleted global string constants are restored with
      deprecated status in order to assure that symbols are not removed
      from the ABI.
* Mon Jan 25 2010
  - updated to version 1.3.8:
    Security Fixes:
    * Fix for CVE-2009-1882 "Integer overflow in the XMakeImage
    * Fix lockup due to hanging in loop while parsing malformed
      sub-image specification (SourceForge issue 2886560).
    * Libltdl: Updated libtool to 2.2.6b in order to fix security issue.
      Resolves CVE-2009-3736 as it pertains to GraphicsMagick.
    Bug fixes:
    * -convolve, -recolor: Validate that user-provided matrix is square
      when parsing -convolve and -recolor commands in order to avoid a
      core dump.
    * CALS: Reading images taller than the image width resulted in a
    * ConstituteImage(), DispatchImage(): 'A' and 'T' should indicate
      transparency and 'O' should indicate opacity.  Behavior was
      inconsistent.  In some cases 'O' meant transparency while in other
      cases it meant opacity. Also, in a few cases, matte was not
      getting enabled in the image as it should.
    * DCRAW: Module name was not registered so modules based builds were
      not supporting formats provided via 'dcraw'.
    * GetOptimalKernelWidth1D(), GetOptimalKernelWidth2D(): In the Q32
      build, convolution kernel size was estimated incorrectly for large
      sigmas on 32-bit systems due to arithmetic overflow.  This could
      cause wrong results for -convolve, -blur, -sharpen, and other
      algorithms which use these functions.
    etc., see NEWS.txt
* Mon Nov 23 2009
  - updated to version 1.3.7 (see ChangeLog)
* Tue Nov 03 2009
  - updated patches to apply with fuzz=0
* Tue Aug 04 2009
  - updated to 1.2.7:
    - Bug fixes:
    * VID: Eliminate memory leak.
    * montage: Eliminate use of freed memory.
    * delegates.mgk: Fix hang when co-process is invoked.
    * identify: Return comment text of any size.
    * ConvolveImage: Correctly log the convolution kernel used.
    - Feature improvements:
    * Convert: Re-implement -write so that it works in a useful fashion.
    - Performance improvments:
    * TIFF: Ping mode ('identify') is now really fast.



Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Apr 9 10:08:57 2022