Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libGraphicsMagickWand-Q16-2-1.3.29-lp151.4.20.1 RPM for armv7hl

From OpenSuSE Ports Leap 15.1 updates for armv7hl

Name: libGraphicsMagickWand-Q16-2 Distribution: openSUSE Leap 15.1
Version: 1.3.29 Vendor: openSUSE
Release: lp151.4.20.1 Build date: Wed Jun 3 14:17:00 2020
Group: System/Libraries Build host: obs-arm-5
Size: 178576 Source RPM: GraphicsMagick-1.3.29-lp151.4.20.1.src.rpm
Summary: Runtime library for the GraphicsMagick image conversion library
GraphicsMagick provides an image manipulation and translation utility
and library. It can read and write over 88 image formats, including
JPEG, TIFF, WMF, SVG, PNG, PNM, GIF, andPhoto CD. It also allows to
resize, rotate, sharpen, color reduce, or add special effects to an
image and to save the result to any supported format. GraphicsMagick
may be used to create animated or transparent .gifs, to composite
images, and to create thumbnail images.

This package is compiled with Q16, that means it provides better
performance on 16 and less bit images.






* Tue Jun 02 2020
  - security update
  - added patches
    fix CVE-2020-12672 [bsc#1171271], heap-based buffer overflow in ReadMNGImage in coders/png.c.
    + GraphicsMagick-CVE-2020-12672.patch
* Wed Mar 25 2020
  - security update
  - added patches
    fix CVE-2019-12921 [bsc#1167208], the text filename component potentially allows to read arbitrary files via TranslateTextEx for SVG
    + GraphicsMagick-CVE-2019-12921.patch
    fix CVE-2020-10938 [bsc#1167623], integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c
    + GraphicsMagick-CVE-2020-10938.patch
* Wed Jan 08 2020
  - security update
  - added patches
    CVE-2019-19951 [bsc#1160321]
    + GraphicsMagick-CVE-2019-19951.patch
    CVE-2019-19953 [bsc#1160364]
    + GraphicsMagick-CVE-2019-19953.patch
* Fri Jan 03 2020
  - security update
  - added patches
    CVE-2019-19950 [bsc#1159852]
    + GraphicsMagick-CVE-2019-19950.patch
* Tue Oct 08 2019
  - security update
  - added patches
    CVE-2019-16709 [bsc#1151782]
    + GraphicsMagick-CVE-2019-16709.patch
* Tue Jun 18 2019
  - security update
  - added patches
    disable indirect reads (CVE-2019-12921) [bsc#1138425]
    + GraphicsMagick-disable-indirect-reads.patch
* Tue May 28 2019
  - disable also PCL [bsc#1136183]
  - modified patches
    % GraphicsMagick-disable-insecure-coders.patch
* Tue Apr 30 2019
  - security update
  - modified patches
    CVE-2019-11008 [bsc#1132054], CVE-2019-11009 [bsc#1132053], CVE-2019-11473 [bsc#1133203], CVE-2019-11474 [bsc#1133202]
    % GraphicsMagick-xwd.c-update.patch (refreshed)
  - added patches
    CVE-2019-11506 [bsc#1133498]
    + GraphicsMagick-CVE-2019-11506.patch
    CVE-2019-11505 [bsc#1133501]
    + GraphicsMagick-CVE-2019-11505.patch
* Tue Apr 16 2019
  - security update
  - added patches
    CVE-2019-11005 [bsc#1132058]
    + GraphicsMagick-CVE-2019-11005.patch
    CVE-2019-11006 [bsc#1132061]
    + GraphicsMagick-CVE-2019-11006.patch
    CVE-2019-11010 [bsc#1132055]
    + GraphicsMagick-CVE-2019-11010.patch
    CVE-2019-11007 [bsc#1132060]
    + GraphicsMagick-CVE-2019-11007.patch
    CVE-2019-11008 [bsc#1132054], CVE-2019-11009 [bsc#1132053]
    + GraphicsMagick-xwd.c-update.patch
* Mon Feb 11 2019 Petr Gajdos <>
  - security update (pdf.c):
    * CVE-2019-7397 [bsc#1124366]
      + GraphicsMagick-CVE-2019-7397.patch
* Fri Dec 21 2018 Petr Gajdos <>
  - security update (tga.c):
    * CVE-2018-20184 [bsc#1119822]
      + GraphicsMagick-CVE-2018-20184.patch
* Fri Dec 21 2018 Petr Gajdos <>
  - security update (dib.c):
    * CVE-2018-20189 [bsc#1119790]
      + GraphicsMagick-CVE-2018-20189.patch
* Thu Nov 01 2018 Petr Gajdos <>
  - security update (msl.c):
    * CVE-2018-18544 [bsc#1113064]
      + GraphicsMagick-CVE-2018-18544.patch
* Mon Oct 22 2018 Petr Gajdos <>
  - asan_build: build ASAN included
  - debug_build: build more suitable for debugging
* Mon Sep 10 2018 Petr Gajdos <>
  - security update (pict.c):
    * CVE-2018-16644 [bsc#1107609]
      + GraphicsMagick-CVE-2018-16644.patch
* Mon Sep 10 2018 Petr Gajdos <>
  - security update (bmp.c, dib.c):
    * CVE-2018-16645 [bsc#1107604]
      + GraphicsMagick-CVE-2018-16645.patch
* Wed Aug 22 2018
  - disable PS, PS2, PS3 and PDF coders by default, remove gs calls
    from delegates.mgk
* Wed Jun 20 2018
  - security update (rgb.c, cmyk.c, gray.c)
    * CVE-2018-10805 and similar memory leaks [bsc#1095812]
      + GraphicsMagick-CVE-2018-10805.patch
* Wed Jun 13 2018
  - security update (dcm.c)
    * fix invalid reads in dcm.c [bsc#1075821c#14]
* Wed May 23 2018
  - update to 1.3.29:
    * Security Fixes:
      . GraphicsMagick is now participating in Google's oss-fuzz project
      . JNG: Require that the embedded JPEG image have the same dimensions
      as the JNG image as provided by JHDR. Avoids a heap write overflow.
      . MNG: Arbitrarily limit the number of loops which may be requested by
      the MNG LOOP chunk to 512 loops, and provide the '-define
      mng:maximum-loops=value' option in case the user wants to change the
      limit.  This fixes a denial of service caused by large LOOP
    * Bug fixes:
      . DICOM: Pre/post rescale functions are temporarily disabled (until
      the implementation is fixed).
      . JPEG: Fix regression in last release in which reading some JPEG
      files produces the error "Improper call to JPEG library in state
      . ICON: Some DIB-based Windows ICON files were reported as corrupt to
      an unexpectedly missing opacity mask image.
      . In-memory Blob I/O: Don't implicitly increase the allocation size
      due to seek offsets.
      . MNG: Detect and handle failure to allocate global PLTE. Fix divide
      by zero.
      . DrawGetStrokeDashArray(): Check for failure to allocate memory.
      . BlobToImage(): Now produces useful exception reports to cover the
      cases where 'magick' was not set and the file format could not be
      deduced from its header.
    * API Updates:
      . Wand API: Added MagickIsPaletteImage(), MagickIsOpaqueImage(),
      MagickIsMonochromeImage(), MagickIsGrayImage(), MagickHasColormap()
      based on contributions by Troy Patteson.
      . New structure ImageExtra added and Image 'clip_mask' member is
      replaced by 'extra' which points to private ImageExtra allocation.
      The ImageGetClipMask() function now provides access to the clip mask
      . New structure DrawInfoExtra and DrawInfo 'clip_path' is replaced by
      'extra' which points to private DrawInfoExtra allocation.  The
      DrawInfoGetClipPath() function now provides access to the clip path.
      . New core library functions: GetImageCompositeMask(),
      CompositeMaskImage(), CompositePathImage(), SetImageCompositeMask(),
      ImageGetClipMask(), ImageGetCompositeMask(), DrawInfoGetClipPath(),
      . Deprecated core library functions: RegisterStaticModules(),
    * Feature improvements:
      . Static modules (in static library or shared library without
      dynamically loadable modules) are now lazy-loaded using the same
      external interface as the lazy-loader for dynamic modules.  This
      results in more similarity between the builds and reduces the fixed
      initialization overhead by only initializing the modules which are
      . SVG: The quality of SVG support has been significantly improved due
      to the efforts of Greg Wolfe.
      . FreeType/TTF rendering: Rendering fixes for opacity.
* Tue Feb 20 2018
  - Add explicit buildrequires on: pkgconfig(libwebpmux),
    pkgconfig(libpng), pkgconfig(x11), pkgconfig(xext),
    pkgconfig(zlib), libjpeg-devel. all
    of them direct build dependencies but not included in
    the spec file
* Wed Jan 24 2018
  - update to 1.3.28:
    * Security Fixes:
      BMP: Fix non-terminal loop due to unexpected bit-field mask
      value (DOS opportunity).
      PALM: Fix heap buffer underflow in builds with QuantumDepth=8.
      SetNexus() Fix heap overwrite under certain conditions due to
      using a wrong destination buffer. This issue impacts all
      1.3.X releases.
      TIFF: Fix heap buffer read overflow in LocaleNCompare() when
      parsing NEWS profile.
    * Bug fixes:
      DescribeImage(): Eliminate possible use of null pointer.
      GIF: Fix memory leak of global colormap in error path.
      GZ: Writing to gzip files with the extension ".gz" was
      not working with Zlib 1.2.8.
      JNG: Fix buffer read overflow (a tiny fixed overflow of just
      one byte).
      JPEG: Promoting certain libjpeg warnings to errors caused
      much more problems than expected. The promotion of
      warnings to errors is removed. Claimed pixel dimensions
      are validated by file size before allocating memory for
      the pixels.
      IntegralRotateImage(): Assure that reported error in rotate by
      270 case does immediately terminate processing.
      MNG: Fix possible null pointer reference related to DEFI chunk
      parsing. Fix minor heap read overflow (constrained to just
      one byte) due to an ordering issue in a limit check. Fix
      memory leaks in error path.
      WebP: Fix stack buffer overflow in WriteWEBPImage() which
      occurs with libwebp 0.5.0 or newer due to a structure type
      change in the structure passed to the progress monitor
      WPG: Memory leaks fixed.
    * API Updates:
      InterpolateViewColor(): This function now returns MagickPassFail
      (an unsigned int) rather than void so that errors can be
      efficiently reported.
      The magick/pixel_cache.h header is updated to add deprecation
      attributes such that code using GetPixels(), GetIndexes(),
      and GetOnePixel() will produce deprecation warnings for
      compilers which support them. These functions will not be
      removed in the 1.3.X release series and when they are
      removed, pre-processor macros will be added so a replacement
      function is used instead. There is a long-term objective to
      eliminate functionally-redundant pixel cache functions to
      only the ones with the best properties since this reduces
      maintenance and may reduce the depth of the call stack
      (improving performance).
    * removed unneded GraphicsMagick-release-date-missing-quote.patch
* Wed Jan 10 2018
  - update to 1.3.27:
    * New Features:
      . PNG: Implemented eXIf chunk support.
      . WEBP: Add support for EXIF and ICC metadata provided that at
      least libwebp 0.5.0 is used.
      . Magick++ Image autoOrient(): New Image method to auto-orient an
      image so it looks right-side up by default.
    * Behavior Changes:
      . PALM: PALM writer is disabled.
      . ThrowLoggedException(): Capture the first exception
      at ErrorException level or greater, or only capture exception
      if it is more severe than an already reported exception.
      . DestroyJNG(): This internal function is now declared static
      and is removed from shared library or DLL namespace.
    * lot of security and other bug fixes, see
  - added GraphicsMagick-release-date-missing-quote.patch
* Tue Sep 19 2017
  - builds for sle11
* Mon Sep 11 2017
  - fix perl bindings
    + GraphicsMagick-perl-linkage.patch from fedora
  - turn on perl test suite
* Mon Jul 24 2017
  - Trim descriptions. Redo summaries and RPM groups.
* Fri Jul 21 2017
  - Drop patches not meintioned in the changelog ever:
    * GraphicsMagick-debian-fixed.patch
    * GraphicsMagick-include.patch
    * GraphicsMagick-perl-link.patch
    * The package builds just fine without them and there is no
      refference explaining it
  - Convert the deps to pkgconfig variants where possible.
* Fri Jul 21 2017
  - Version update to 1.3.26:
    * DPX: Fix excessive use of memory (DOS issue) due to file header
      claiming large image dimensions but insufficient backing
      data. (CVE-2017-10799 bsc#1047054).
    * JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350).
    * MAT: Fix excessive use of memory (DOS issue) due to continuing
      processing with insufficient data and claimed large image
      size. Verify each file extent to make sure that it is within range
      of file size. (CVE-2017-10800 bsc#1047044).
    * META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800).
    * PCX: Fix denial of service issue.
    * RLE: Fix abnomally slow operation (denial of service issue) with
      intentionally corrupt colormapped file.
    * PICT: Fix possible buffer overflow vulnerability given suitably
      truncated input file.
    * PNG: Enforce spec requirement that the dimensions of the JPEG
      embedded in a JDAT chunk must match the JHDR dimensions
    * PNG: Avoid NULL dereference when MAGN chunk processing fails.
    * SCT: Fix stack-buffer read overflow (underflow?) while reading SCT
    * SGI: Fix denial of service issues.  Delay large memory allocations
      until file header has fully passed sanity checks.
    * TIFF: Fix out of bounds read when reading CMYKA TIFF which claims to
      have only 2 samples per pixel (CVE-2017-6335 bsc#1027255).
    * TIFF: Fix out of bounds read when reading RGB TIFF which claims to
      have only 1 sample per pixel (CVE-2017-10794).
    * WPG: Fix heap overflow (CVE-2016-7996).  Fix assertion crash
    * DifferenceImage(): Fix Fix all-black difference image if an input
      file is colormapped.
    * EXIF orientation was not being properly detected for some files.
    * -frame: The `import` command -frame handling was improperly
      implemented and was using already freed data.
    * GIF: Fixes for "Excessive LZW string data" problem.
    * Magick++: Bug fixes to PathSmoothCurvetoRel::operator() and
    * PAM: Support writing GRAYSCALE PAM format.
    * PNG: Fix memory leaks.
    * SVG: Fixed a memory leak.  Fixed a possible null pointer dereference.
    * TclMagick: Problem that TkMagick could not resolve functions from
      TclMagick under Linux is fixed.
    * TclMagick: Fix parser validatation in magickCmd() to avoid crash
      given a syntax error.
    * TIFF: Fix for reading old JPEG files (avoids "Improper call to JPEG
      library in state 0. (LibJpeg).").
    * TXT: Fixed memory leak.
    * XCF: Error checking is improved.
    * EXIF rotation: Support is added such that the EXIF orientation tag
      is updated when the image is rotated.
    * MAT: Now support reading multiple images from Matlab V4 format.
    * Magick++: Orientation method now updates orientation in EXIF
      profile, if it exists.
    * Magick++: Added Image attribute method which accepts a 'char *'
      argument, and will remove the attribute if the value argument is
    * -orient: The -orient command line option now also updates the
      orientation in the EXIF profile, if it exists.
    * PGX: Support PGX JPEG 2000 format for reading and writing (within
      the bounds of what JasPer supports).
    * Wand API: Added MagickAutoOrientImage(),
      MagickGetImageOrientation(), MagickSetImageOrientation(),
      MagickRemoveImageOption(), and MagickClearException().
  - Drop merged patch GraphicsMagick-CVE-2017-8350.patch
* Mon Jun 26 2017
  - complementary fix for CVE-2017-8350 [bsc#1036985 c13-c21]
    * GraphicsMagick-CVE-2017-8350.patch
* Mon Sep 26 2016
  - update to 1.3.25:
    * EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
      overflow in EscapeParenthesis() used in the text annotation code.
      While not being able to reproduce the issue, the implementation of
      this function is completely redone.
    * Utah RLE: Reject truncated/absurd files which caused huge memory
      allocations and/or consumed huge CPU.  Problem was reported by
      Agostino Sarubbo based on testing with AFL.
    * SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
      the MVG rendering code (also impacts SVG).
    * TIFF: Fix heap buffer read overflow while copying sized TIFF
      attributes.  Problem was reported by Agostino Sarubbo based on
      testing with AFL.
* Thu Jun 23 2016
  - Build "gm" as position independend executable (PIE).
* Mon Jun 06 2016
  - updated to 1.3.24:
    * many security related changes (incl. CVE-2016-5118), see
  - removed patches:
    * GraphicsMagick-CVE-2016-5118.patch
    * GraphicsMagick-upstream-delegates-safer.patch
    * GraphicsMagick-upstream-disable-mvg-ext.patch
    * GraphicsMagick-upstream-disable-tmp-magick-prefix.patch
    * GraphicsMagick-upstream-image-sanity-check.patch
* Mon May 30 2016
  - security update:
    * CVE-2016-5118 [bsc#982178]
      + GraphicsMagick-CVE-2016-5118.patch
* Mon May 09 2016
  - Multiple security issues in GraphicsMagick/ImageMagick [boo#978061]
    (CVE-2016-3714, CVE-2016-3718, CVE-2016-3715, CVE-2016-3717)
    * GraphicsMagick-upstream-delegates-safer.patch
    * GraphicsMagick-upstream-disable-mvg-ext.patch
    * GraphicsMagick-upstream-disable-tmp-magick-prefix.patch
    * GraphicsMagick-upstream-image-sanity-check.patch
* Sun Nov 08 2015
  - Update to version 1.3.23
    * See included NEWS.txt for details
* Mon Oct 05 2015
  - Update to version 1.3.22
    * See included NEWS.txt for details
* Sat Mar 21 2015
  - Update to version 1.3.21
    * See included NEWS.txt for details



Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Apr 9 11:02:09 2022