Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: ImageMagick-config-7-upstream-secure | Distribution: openSUSE Tumbleweed |
Version: 7.1.1.41 | Vendor: openSUSE |
Release: 1.3 | Build date: Sun Nov 17 11:27:30 2024 |
Group: Development/Libraries/C and C++ | Build host: reproducible |
Size: 367683 | Source RPM: ImageMagick-7.1.1.41-1.3.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://imagemagick.org/ | |
Summary: Secure ImageMagick Security Policy |
This stringent security policy prioritizes the implementation of rigorous controls and restricted resource utilization to establish a profoundly secure setting while employing ImageMagick. It deactivates conceivably hazardous functionalities, including specific coders like SVG or HTTP. The policy promotes the tailoring of security measures to harmonize with the requirements of the local environment and the guidelines of the organization. This protocol encompasses explicit particulars like limitations on memory consumption, sanctioned pathways for reading and writing, confines on image sequences, the utmost permissible duration of workflows, allocation of disk space intended for image data, and even an undisclosed passphrase for remote connections. By adopting this robust policy, entities can elevate their overall security stance and alleviate potential vulnerabilities.
ImageMagick
* Sun Nov 17 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.41 * Fix compiler identification with Clang on Darwin in #7773 * revert map changes breaking ABI in #7768 * Mon Nov 11 2024 Yann BOYER <yann.boyer742@gmail.com> - version update to 7.1.1.40 * .cut (Dr Halo) reading when run count in header #7734 * Bump azure/trusted-signing-action from 0.4.0 to 0.5.0 #7725 * Implement Magic Kernel Sharp 2013 and 2021 #7701 * don't process TIFF image if there is an exception * Corrected check for indexed channels in PSD files. * export exception when undo resource limit exceeded * Sun Oct 06 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.39 * Add missing Threshold command to command array of Region of Interest mode #7606 * uhdr.c: update uhdr coder for gainmap metadata configuration #7635 * uhdr: fix language choice in autoconf #7663 * Fri Sep 13 2024 pgajdos@suse.com - version update to 7.1.1.38 * properly set image byte order 40f6599 * set max colormap size for remap 1ffe565 * beta release 250b748 * deprecate the -respect-paranthesis option 4e7d789 * Build fixes. b80c509 * save IPTC + ICC profiles are profiles, not properties 25d5335 * update copyright year 4caf7d1 * Patch to fix reading of the ICC profile. 18377f9 * prepping framework to interact with X11 clipboard b20dda3 * Build fix. 20a5af3 * More build fixes. c36fdf0 * Another attempt to silence the warnings. 600708c * Use SetImageProfilePrivate to avoid duplicate allocations. f246eab * support clipboard delegate 39a135a * restore clipboard.c 1070b17 * improved rounding 27a0a9c * don't allow negative scenes 8fda05a * eliminate compiler warnings 878daf9 - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) * Tue Aug 27 2024 pgajdos@suse.com - version update to 7.1.1.37 * Bump azure/trusted-signing-action from 0.3.20 to 0.4.0 #7518 * Silence warning and fix HEIC_COMPUTE_NUMERIC_VERSION definition when heic delegate is disabled. #7516 * protect macro arguments with parens 86cb2b1 * eliminate compiler warnings d90d8b4 * correct copyright year 115271e * Ignore multiple exif and xmp profiles for the same jxl frame and fix reading those profiles per frame. c301208 * read/write in chunks fff3058 * optimize fwrite() arguments ada6785 * Renamed Output folder to Artifacts. 2a69677 * cancel interactive window selection with right button press ea2a2db * cosmetic 712bde4 * eliminate compiler warning 9a9a25c * eliminate compiler warning 0bd1687 * Make images mandatory in the issue template. c01fd37 * Added extra header detection for avif files. 9fc0590 * allow SeekBlob() to set an offset beyond the end of the blob 27c3f99 * be less forgiving for invalid image indexes 25db2e5 * Fixed problem with empty macros (#7562) 9fda5f2 * Added missing null checks for RequestOpenCLDevice. f85448e * Added missing null check for AcquireOpenCLCommandQueue. 295e9c8 * persist app1 jpeg profile (ImageMagick/ImageMagick#4713) f0357c7 * Fixed build error. b3dd431 * Remove some of the dependencies for the macos-13 build. d0bce95 * parentheses is the plural of parenthesis 1fac80a * distribute quantization error for -dither FloydSteinberg -depth 5b2825b * release 8a0da9f * properly set image byte order 40f6599 * set max colormap size for remap 1ffe565 * Sat Aug 03 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.36 * uhdr.c: default initialize range field for hdr/sdr intent inputs to enc by @aayushsoni111 in #7482 * Fixed typo in documentation of MagickAdaptiveBlurImage by @JonahEMorgan in #7500 * Silence warning when freetype delegate is disabled. by @niclet in #7515 * Thu Jul 25 2024 pgajdos@suse.com - version update to 7.1.1.35 * Also set dpi-x and dpi-y when running rsvg-convert. eac001f * convert sub-command is deprecated d67039e * only operators should disable "identify ping" (ImageMagick/ImageMagick#7441) a262192 * fix compiler error ecc21c7 * -outdir deprecated 9980efa * Get the correct width and height when heic:preserve-orientation is set to true. ed3a0dd * Set heic image orientation using transform information. ba470aa * Exit earlier when the symlink could not be created when invoking the svg:decode delegate. 8a48edd * Fixed MSYS2 build error. 3b22378 * Also set the DNG properties when pinging the image. fc1c61b * Silence warning when lqr delegate is disabled. ae0d69a * Added version check for the heif_properties.h include. 656b4d2 * Make sure we always use the i64 version of the "file methods" on Windows. b3e8a78 * Changed defines to use method instead of a define. 75b66c4 * Changes due to upgrade of libheif. 841f033 * smooth the rendering of an ellipse (ImageMagick/ImageMagick#7465) 1bfce2a * Sun Jun 23 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.34 * Bump azure/trusted-signing-action from 0.3.18 to 0.3.19 in #7348 * Fix a typo in convert deprecation warning in #7383 * Bump azure/trusted-signing-action from 0.3.19 to 0.3.20 in #7388 * Updated FontConfig query to include font index, fixing (#7374) in #7409 - removed patch (upstreamed) - ImageMagick-update-image-signature.patch * Sat May 25 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.33 * Fix typo in #7294 * Bump azure/trusted-signing-action from 0.3.16 to 0.3.18 in #7325 * Bump caphyon/advinst-github-action from 1.1 to 2.0 in #7326 - added patch + ImageMagick-update-image-signature.patch * Thu May 16 2024 pgajdos@suse.com - reverted update-alternatives usage removal [bsc#1122033][bsc#1220818] * Sun May 05 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.32 * Fix GIF ICC profile reading #7282 * uhdr.c: add support for rgb inputs #7273 * Mon Apr 22 2024 pgajdos@suse.com - version update to 7.1.1.31 * Convert big PDF documents is slow #7263 * Update release.yml #7258 * Update README.md #7245 * uhdr.c: verify the availability of error message before accessing it #7229 - removed patches - ImageMagick-wmflite-detection.patch (upstreamed) ` * Mon Apr 15 2024 pgajdos@suse.com - relax list-length resource limit, fixes build of python-Wand % ImageMagick-configuration-SUSE.patch * Mon Apr 08 2024 pgajdos@suse.com - version update to 7.1.1.30 * install perl module into user-specified prefix by @bugfood in #7192 * Fix bmp option to bypass file size check by @OnTheList-1 in #7194 * add support for encoding/decoding ultrahdr images by @aayushsoni111 in #7198 * Updates to uhdr.c by @aayushsoni111 in #7217 - added patches fix https://github.com/ImageMagick/ImageMagick/issues/7230 + ImageMagick-wmflite-detection.patch * Fri Mar 22 2024 pgajdos@suse.com - allow stdin/stdout - modified patches % ImageMagick-configuration-SUSE.patch * Thu Mar 21 2024 pgajdos@suse.com - allow delegates to be executed, was disabled by default policy - modified patches % ImageMagick-configuration-SUSE.patch (refreshed) % ImageMagick-library-installable-in-parallel.patch (refreshed) * Mon Mar 04 2024 pgajdos@suse.com - enable SVG again - modified patches % ImageMagick-configuration-SUSE.patch (refreshed) * Sat Mar 02 2024 Marcus Rueckert <mrueckert@suse.de> - We can not replace a symlink with a directory on the directly Unregister the whole group manually in %pre with update-alternatives. (boo#1220818) Restore Requires(pre) on update-alternatives for the mean time. * Tue Feb 27 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.29 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Thu Feb 22 2024 Michael Vetter <mvetter@suse.com> - Use %patch -P N instead of deprecated %patchN. * Sun Feb 11 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.28 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Sun Jan 21 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.27 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Tue Jan 16 2024 pgajdos@suse.com - only one configuration again, based on upstream 'secure' policy - other upstream policies packaged in documentation * Mon Jan 15 2024 pgajdos@suse.com - use correct policy.xml * Sun Jan 14 2024 munix9@googlemail.com - Fix incomplete removal of update-alternatives for config - Replace obsolete 'otherproviders(imagick-%{config_spec})' with 'Conflicts: imagick-%{config_spec}' * Fri Jan 12 2024 Arjen de Korte <suse+build@de-korte.org> - version update to 7.1.1.26 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Fri Jan 05 2024 pgajdos@suse.com - drop update-alternatives for config; use exactly one of configuration package provided * Wed Jan 03 2024 pgajdos@suse.com - version update to 7.1.1.25 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Sat Dec 30 2023 Dirk Müller <dmueller@suse.com> - update to 7.1.1.24: * Added extra check for rare case when ImageMagick is build without any delegates. * Corrected order to fix invalid matches. * only fill the alpha channel for alpha floodfill * Make sure we use the lt_ methods like we do elsewhere. * support dng:max-raw-memory define (ImageMagick/ImageMagick#6922) * properly export YUV JP2 images (ImageMagick/ImageMagick#6943) * use : specifier * correct display program name * check for corrupt DJVU images * support UTF-8 comments (ImageMagick/ImageMagick#6949) * do not prefix iTxt key with 'png:' * enhance sampling factor parser (ImageMagick/ImageMagick#6943) * Switch to ubuntu 20.04 in the app-image build. * Corrected packages that need to be install due to ubuntu upgrade. * improve accuracy of image statistics * fx calculations of skewness and kurtosis * Only write comments as itxt when the string contains non ansi chars. * check if the string contains non-Latin1 characters * Corrected patch to check for non-Latin1 characters. * invalid JSON with -ping (ImageMagick/ImageMagick#6966) * throw exception if # of meta channels exceed max https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hx5j-pxvh-rj7r * multiplication result converted to larger type * invalid HTTPS certificates are no longer ignored https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3r24-6m6q-vxmr * multiplication result converted to larger type * eliminate compiler warning * don't include the index channel in the overall image statistics * multiplication result converted to larger type * Thu Dec 21 2023 pgajdos@suse.com - version update to 7.1.1.23 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) - deleted patches - ImageMagick-infinite-resource-time-limit.patch (upstreamed) * Mon Nov 13 2023 pgajdos@suse.com - version update to 7.1.1.21 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md - modified patches [bsc#1217014][bsc#1216811] % ImageMagick-s390x-disable-tests.patch (refreshed) - deleted patches - ImageMagick-correct-time-to-live.patch (upstreamed) - added patches https://github.com/ImageMagick/ImageMagick/commit/8f3c56fabc619c1672865257e5aafe33cbfaaf3e https://github.com/ImageMagick/ImageMagick/commit/3a7b915d9a810ce742987b37c935f6ae8b36df10 + ImageMagick-infinite-resource-time-limit.patch * Fri Oct 13 2023 pgajdos@suse.com - added patches fix https://github.com/ImageMagick/ImageMagick/commit/3c727503c6ae449160dc92cf6222ebe28ef8fb52 + ImageMagick-correct-time-to-live.patch * Thu Oct 12 2023 pgajdos@suse.com - version update to 7.1.1.20 * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Thu Oct 05 2023 pgajdos@suse.com - version update to 7.1.1.19 * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * fixes CVE-2023-5341 [bsc#1215939] * Fri Sep 29 2023 pgajdos@suse.com - allow verbose perl tests - add ImageMagick-s390x-disable-tests.patch, adjust two and disable one failing test on s390x * Fri Sep 29 2023 pgajdos@suse.com - version update to 7.1.1.18 * upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Thu Sep 21 2023 pgajdos@suse.com - version update to 7.1.1.17 * upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-17---2023-09-19 - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) - follow upstream, create open, limited, secure and websafe alternative configuration packages with different policy.xml - removing p7zip redundant dependency * Tue Aug 22 2023 pgajdos@suse.com - version update to 7.1.1.15 * upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-15---2023-07-30 - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) - deleted patches - ImageMagick-CVE-2023-3428.patch (upstreamed) * Thu Jun 29 2023 pgajdos@suse.com - version update to 7.1.1.12 - added patches fix CVE-2023-3428 [bsc#1212847], heap-buffer-overflow in coders/tiff.c + ImageMagick-CVE-2023-3428.patch * Tue May 30 2023 pgajdos@suse.com - version update to 7.1.1.11 * upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-11---2023-05-29 * [bsc#1200389] CVE-2022-32546 * [bsc#1211792] CVE-2023-34153 * [bsc#1211791] CVE-2023-34151 * Thu May 25 2023 pgajdos@suse.com - version update to 7.1.1.10 * fixes CVE-2023-2157 [bsc#1211601] * fixes CVE-2023-34475 [bsc#1212234] * fixes CVE-2023-34474 [bsc#1212237] https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-10---2023-05-21 * Thu May 18 2023 Dirk Müller <dmueller@suse.com> - update to 7.1.1.9: * support for Oklab https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-9---2023-05-14 * Wed May 03 2023 Deepthi Yadabettu Venkatachala <deepthi.venkatachala@suse.com> - version update to 7.1.1.8 - https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-8---2023-04-22 * Thu Apr 13 2023 pgajdos@suse.com - version update to 7.1.1.6 - https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-6---2023-04-02 - fixes CVE-2023-1906 [bsc#1210308] * Thu Mar 30 2023 Dirk Müller <dmueller@suse.com> - update to 7.1.1.5: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-5---2023-03-26 * Tue Mar 14 2023 pgajdos@suse.com - version update to 7.1.1.3 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) - [bsc#1209141] CVE-2023-1289 * Mon Mar 13 2023 Martin Pluskal <mpluskal@suse.com> - Revert last change - it leads to file conflict involving .la files * Thu Mar 09 2023 Martin Pluskal <mpluskal@suse.com> - Build AVX2 enabled hwcaps library for x86_64-v3 * Thu Mar 02 2023 pgajdos@suse.com - cleanup old conditional, really build without djvulibre if requested (now %bcond_without djvu) * Fri Feb 24 2023 pgajdos@suse.com - version update to 7.1.0.62 https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Fri Feb 24 2023 pgajdos@suse.com - add %bcond_without djvulibre * Tue Feb 07 2023 pgajdos@suse.com - version update to 7.1.0.61 * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Mon Jan 30 2023 Paolo Stivanin <info@paolostivanin.com> - Update to 7.1.0.60 * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#710-60 * Sun Jan 08 2023 munix9@googlemail.com - Enable JPEG-XL on Tumbleweed. * Wed Jan 04 2023 Paolo Stivanin <info@paolostivanin.com> - Update to 7.1.0.57: * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#710-57 * Sun Dec 18 2022 Dirk Müller <dmueller@suse.com> - update to 7.1.0.55: * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#710-55---2022-12-17 * Mon Dec 05 2022 pgajdos@suse.com - version update to 7.1.0.53 upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Tue Nov 08 2022 Dirk Müller <dmueller@suse.com> - update to 7.1.0.52: * coders: Enable opening https files in mingw #5727 * utilities: Enable support for unicode paths in mingw #5713 upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#710-52---2022-11-06 * Wed Oct 26 2022 Dirk Müller <dmueller@suse.com> - update to 7.1.0.51: * obtain scene from image structure * prevent undefined shift * Added private api to go through a linked list without using semaphores. * Fixed build. * latest automake configuration * fix undefined-shift in ReadTGAImage @ https://oss-fuzz.com/testcase?key=5129864151957504 * prevent divide by zero exception - [bsc#1207982] CVE-2022-44267 - [bsc#1207983] CVE-2022-44268 * Wed Oct 12 2022 Paolo Stivanin <info@paolostivanin.com> - update to 7.1.0.50: upstream changelog: https://raw.githubusercontent.com/ImageMagick/Website/main/ChangeLog.md - rebae ImageMagick-library-installable-in-parallel.patch - [bsc#1203450] CVE-2022-3213 * Wed Sep 28 2022 Dirk Müller <dmueller@suse.com> - update to 7.1.0.49: * Fixed magnify confusing colorspaces other than linear-RGB. * Mon Sep 12 2022 Dirk Müller <dmueller@suse.com> - update to 7.1.0.48 upstream changelog: https://raw.githubusercontent.com/ImageMagick/Website/main/ChangeLog.md * Tue Aug 30 2022 pgajdos@suse.com - version update to 7.1.0.47 upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Fri Aug 19 2022 pgajdos@suse.com - version update to 7.1.0.46 upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Tue Jul 26 2022 pgajdos@suse.com - version update to 7.1.0.44 upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) * Mon Jul 11 2022 Dirk Müller <dmueller@suse.com> - update to 7.1.0.42: * incorrect pointer update when computing median @ ImageMagick/ImageMagick#5298 * Added extra check because the flag was removed in 0.21-Beta1. * the -transparent-color option accepts colornames @ ImageMagick/ImageMagick#5297 * fix MVG stroke-opacity issues * map channel parameter to pixel channel offset @ ImageMagick/ImageMagick#5308 * beta release * preserve input depth @ ImageMagick/ImageMagick6#188 * update to latest automake/autoconf release * recognize SVG file if it starts with whitespace @ ImageMagick/ImageMagick#5294 * Removed unused stealth flag. * Removed used path field. * Removed unused target field. * Removed unused exempt field. * Added extra option to the skip spaces to the MagicInfo. * Always start at the start of the string when comparing the magic value. * cosmetic * avoid OMP deadlock @ ImageMagick/ImageMagick#5301 * prevent undefined shift * prevent possible buffer overflow * correct copy/paste error * We need to free the stream ourselves when the call to FT_Open_Face fails. * Added missing call to DestroyString. * MVG requires seekable stream * Added extra malloc method to avoid early calls to the policy checks on Windows. * Removed defines. * Only check for dll's in non static build. * Set the client name and path earlier. * fix background opacity rounding @ ImageMagick/ImageMagick#5264 * empty result on conversion from tiff to pdf @ ImageMagick/ImageMagick#5256 * Corrected patch that was made for #5256. * Pass negative interline_spacing to pango * Also check extension to fix possible stack overflow. * eliminate possible buffer overflow * set group 4 photometric to min-is-white * dasharray requires non-zero values * eliminate compiler warning * only permit one rows/columns keyword * Moved allocation back to the correct spot to avoid bypassing SetImageExtent. * Also restore setting quantum_info to null. * eliminate uninitialized value warning * Make sure all text strings are freed when realloc fails. * Reset primitive_info inside RenderMVGContent because this address could point to another address. * Always check if .text is set instead. * eliminate uninitialized alpha pixel * recognize read-mask & write-mask for -channel option * eliminate compiler warning * fix scrambled image @ ImageMagick/ImageMagick#5291 * yikes, misspelled 'level' * Fixed possible memory leak. * support floating point formats * initialize date:precision in private TimerComponentGenesis() method * check for -1 is not required * refactor date:precision flow * eliminate compiler warning * correct formulation of the phash normalization * phash normalization is conventional RMS calculation * only check shread count once * add private ShredMagickMemory() method to hide contents of memory buffers before they are relinquished * system:shred value has precedence over MAGICK_SHRED_PASSES * support shredding memory pools * update memory pointer * Silenced warning. * Corrected documentation. * first pass is fast for performance, second is crytographically strong * recommend shred value of 1 for performance reasons * only set the # of shred passes one time * if enabled, shred streams * unmap mapped pixels * default mapped member to false * don't shred streaming pixels * rework shred passes * optimize performance * change per lint advisement * typecast per lint advisement * eliminate compiler warning * eliminate lint warnings * eliminate lint warnings * support date:timestamp property * eliminate lint warnings * set timestamp from image->timestamp member * eliminate lint warnings * support MAGICK_DATE_PRECISION and registrydateprecision defines * support registry:precision define * need at least one policy defined * eliminate lint warnings * note, system:precision is deprecated * eliminate icc compiler warnings * eliminate icc compiler warnings * eliminate compiler warning * Reverted incorrect patch when doing auto-orient of an image that is right-top or left-bottom.# * Corrected conversion from flip to Orientation. * Only close the file blob when gzopen is successful (#5233). * Added method to add utf8 support for gzopen on Windows. * Only parse SOURCE_DATE_EPOCH once. * Restored check that did not seem to be necessary. * Whitespace * Limit the value of min_channels in the PSDInfo inside the tiff coder to make it possible to read images with a lot of meta channels * Make sure that the creation and modification date have the same value in both places and added option to override this (pdf:create-epoch and pdf:modify-epoch) * Added option to specify the creator (pdf:creator) and use that as xap:CreatorTool instead. * Added WritePDFValue method that can be reused to write other values. * Use the new method to write the other values. * Added option to specify the keywords (pdf:keywords) and use that as pdf:Keywords in the xmp profile. * Only check if magick is PDFA once. * Added option to specify the subject (pdf:subject). * Also fix incorrect fclose for bzlib. * collect VICAR properties * fix improper close when opening zipped file * Restored setting the file to NULL * Also remove date:timestamp when stripping the image. * Tue Jun 07 2022 Dirk Müller <dmueller@suse.com> - update version to 7.1.0.37 * Support Unicode MP4 filenames * set pass when webp:target-size or webp:target-psnr are set to fix #4931 * Corrected rotation angle for right-top and left-bottom in auto-orient. see the upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Tue May 31 2022 pgajdos@suse.com - version update to 7.1.0.36 see the upstream changelog: https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Wed May 18 2022 Paolo Stivanin <info@paolostivanin.com> - version update to 7.1.0.35 see the upstream changelog: * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md * Tue May 10 2022 pgajdos@suse.com - version update to 7.1.0.33 see the upstream changelog: * https://github.com/ImageMagick/Website/blob/main/ChangeLog.md - modified patches % ImageMagick-configuration-SUSE.patch (refreshed) % ImageMagick-library-installable-in-parallel.patch (refreshed) * Tue Apr 19 2022 Dirk Müller <dmueller@suse.com> - version update to 7.1.0.30: * Remove unused EXPLICIT_TEMPLATE_INSTANTIATION * Fixes #4985: 4e+26 is outside the range of representable values of type 'unsigned long' at - fix typo on update-alternatives call - CVE-2022-2719 [bsc#1202250] - [bsc#1199350] CVE-2022-28463 - [bsc#1200387] CVE-2022-32547 * Sun Apr 17 2022 Christian Boltz <suse-beta@cboltz.de> - drop ImageMagick-s390-disable-tests.patch - the tests no longer fail * Thu Apr 07 2022 pgajdos@suse.com - version update to 7.1.0.29 see ChangeLog.md for details (https://github.com/ImageMagick/ImageMagick/blob/main/ChangeLog.md) * CVE-2022-1115 [bsc#1198701] * [bsc#1200389] (CVE-2022-32546 * Wed Mar 23 2022 Dirk Müller <dmueller@suse.com> - update to 7.1.0.28: * support 10-bit AVIF * fix PS and EPS %%BoundingBox not being parsed * fix stack based buffer overflow in _TIFFVGetField (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42549) * fix heap buffer overflow in dcm image reading (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45640) * CVE-2022-1114 [bsc#1198700] * [bsc#1200388] CVE-2022-32545 * Tue Mar 15 2022 pgajdos@suse.com - version update to 7.1.0.27 see ChangeLog.md for details (https://github.com/ImageMagick/ImageMagick/blob/main/ChangeLog.md) * Thu Feb 24 2022 pgajdos@suse.com - version update to 7.1.0.26 * unrecognized color as the color is used before it is defined (reference https://github.com/ImageMagick/ImageMagick/issues/4843). * optimized performance of thumbnail resizing algorithm (reference https://github.com/ImageMagick/ImageMagick/discussions/4755). * Mon Feb 21 2022 pgajdos@suse.com - version update to 7.1.0.25 * incontinuity in straight segment of polyline (reference https://github.com/ImageMagick/ImageMagick/issues/4837). * Mon Feb 14 2022 Dirk Müller <dmueller@suse.com> - update to 7.1.0.24: * optimize reading of XPM properties. * the GIF Netscape block must appear immediately after the global color table. * Mon Feb 07 2022 pgajdos@suse.com - version update to 7.1.0.23 * limit recursion when reading the VID image format. * improperly resizing memory due to errant check (reference https://github.com/ImageMagick/ImageMagick/issues/4807). * https://github.com/ImageMagick/ImageMagick/issues/4790 [bsc#1195321] * Wed Feb 02 2022 pgajdos@suse.com - version update to 7.1.0.22 * limit colorname length to avoid possible DoS * restore MPRI URI in SVG * PDF now shows the correct Unicode title (reference https://github.com/ImageMagick/ImageMagick/issues/4771). * optimize Fx image statistics (reference https://github.com/ImageMagick/ImageMagick/discussions/4533). * Support seamless blending of a foreground and background image. * Support saliency blending of a foreground and background image. * Support QOI image format. * Perist frame delay when converting APNG to Webp (reference https://github.com/ImageMagick/ImageMagick/issues/4704). * -fx performance increase by one or two orders of magnitude (reference https://github.com/ImageMagick/ImageMagick/discussions/4533). * Add support for formatted text (reference https://github.com/ImageMagick/ImageMagick/discussions/4515). * CVE-2022-0284 [bsc#1195563] * Thu Dec 30 2021 Dirk Müller <dmueller@suse.com> - update to 7.1.0.19: * support -integral option. * possible DoS for certain SVG constructs (reference https://github.com/ImageMagick/ImageMagick/issues/4626). * CVE-2021-4219 [bsc#1196337] * Tue Dec 21 2021 Dirk Müller <dmueller@suse.com> - update to 7.1.0.18: * support face index for font collections, e.g. msgothic.ttc[1]. * Improved adjustment of page offset when resizing an image. * Sat Dec 11 2021 Dirk Müller <dmueller@suse.com> - update to 7.1.0.17: * set threads to 1 when using ASAN to avoid false positive memory leaks. * Wed Nov 24 2021 Dirk Müller <dmueller@suse.com> - update to 7.1.0.16: * Fixed an OpenCL build problem. * Added support for reading extra channels in a PSD file (reference * Fix alpha channel calculation of arithmetic divide compose operator. * Mon Nov 15 2021 pgajdos@suse.com - version update to 7.1.0.14 * Support '#' modifier to aspect ratio geometry (e.g., 3:2#). * The profile of a PSD file will no longer be copied to all the images, only the first returned image will contain the profile. To re-enable the old behavior add -define psd:replicate-profile=true. * Sat Nov 13 2021 Dirk Müller <dmueller@suse.com> - update to 7.1.0.13: * Fix stack overflow when parsing malicious ps image file * Fix connected component abort trap * Fix possible unitialized values * Fix stack overflow when parsing malicious tiff image file * Sat Oct 16 2021 Dirk Müller <dmueller@suse.com> - update to 7.1.0.10: * improved algorithm for automatic calculation of pointsize for caption and labels. * support -auto-orient option in the identify utlity. * Mon Oct 04 2021 pgajdos@suse.com - previous version updates fixed also: CVE-2018-10805,CVE-2018-11624,CVE-2018-11625,CVE-2018-12599,CVE-2018-12600, CVE-2018-14434,CVE-2018-14435,CVE-2018-14436,CVE-2018-14437,CVE-2018-16323, CVE-2018-16328,CVE-2018-16329,CVE-2018-16412,CVE-2018-16413,CVE-2018-16640, CVE-2018-16641,CVE-2018-16642,CVE-2018-16643,CVE-2018-16644,CVE-2018-16645, CVE-2018-17966,CVE-2018-18024,CVE-2018-18544,CVE-2018-20467,CVE-2019-10650, CVE-2019-11007,CVE-2019-11008,CVE-2019-11470,CVE-2019-11472,CVE-2019-11505, CVE-2019-11506,CVE-2019-11597,CVE-2019-11598,CVE-2019-12974,CVE-2019-12975, CVE-2019-12976,CVE-2019-12977,CVE-2019-12978,CVE-2019-12979,CVE-2019-13133, CVE-2019-13134,CVE-2019-13135,CVE-2019-13136,CVE-2019-13137,CVE-2019-13295, CVE-2019-13296,CVE-2019-13297,CVE-2019-13298,CVE-2019-13299,CVE-2019-13300, CVE-2019-13301,CVE-2019-13302,CVE-2019-13303,CVE-2019-13304,CVE-2019-13305, CVE-2019-13306,CVE-2019-13307,CVE-2019-13308,CVE-2019-13309,CVE-2019-13310, CVE-2019-13311,CVE-2019-13391,CVE-2019-13454,CVE-2019-14980,CVE-2019-14981, CVE-2019-15139,CVE-2019-15140,CVE-2019-15141,CVE-2019-16708,CVE-2019-16709, CVE-2019-16710,CVE-2019-16711,CVE-2019-16712,CVE-2019-16713,CVE-2019-19948, CVE-2019-19949,CVE-2019-7175,CVE-2019-7395,CVE-2019-7396,CVE-2019-7397, CVE-2019-7398,CVE-2019-9956,CVE-2020-19667,CVE-2020-25664,CVE-2020-25665, CVE-2020-25666,CVE-2020-25674,CVE-2020-25675,CVE-2020-25676,CVE-2020-27560, CVE-2020-27750,CVE-2020-27751,CVE-2020-27752,CVE-2020-27753,CVE-2020-27754, CVE-2020-27755,CVE-2020-27756,CVE-2020-27757,CVE-2020-27758,CVE-2020-27759, CVE-2020-27760,CVE-2020-27761,CVE-2020-27762,CVE-2020-27763,CVE-2020-27764, CVE-2020-27765,CVE-2020-27766,CVE-2020-27767,CVE-2020-27768,CVE-2020-27769, CVE-2020-27770,CVE-2020-27771,CVE-2020-27772,CVE-2020-27773,CVE-2020-27774, CVE-2020-27775,CVE-2020-27776,CVE-2020-29599,CVE-2021-20241,CVE-2021-20311, CVE-2021-20312,CVE-2021-20313,CVE-2021-20241,CVE-2021-20243,CVE-2021-20244, CVE-2021-20246 (bsc#1094741,bsc#1094742,bsc#1094745,bsc#1095812,bsc#1096200,bsc#1096203, bsc#1098545,bsc#1098546,bsc#1102003,bsc#1102004,bsc#1102005,bsc#1102007, bsc#1106254,bsc#1106855,bsc#1106857,bsc#1106858,bsc#1106989,bsc#1106996, bsc#1107604,bsc#1107609,bsc#1107612,bsc#1107616,bsc#1107618,bsc#1107619, bsc#1110746,bsc#1111069,bsc#1111072,bsc#1113064,bsc#1120381,bsc#1124365, bsc#1124366,bsc#1124367,bsc#1124368,bsc#1128649,bsc#1130330,bsc#1131317, bsc#1132054,bsc#1132060,bsc#1133204,bsc#1133205,bsc#1133498,bsc#1133501, bsc#1136732,bsc#1138464,bsc#1139884,bsc#1139885,bsc#1139886,bsc#1140100, bsc#1140102,bsc#1140103,bsc#1140104,bsc#1140105,bsc#1140106,bsc#1140110, bsc#1140111,bsc#1140501,bsc#1140513,bsc#1140520,bsc#1140534,bsc#1140538, bsc#1140543,bsc#1140545,bsc#1140547,bsc#1140549,bsc#1140552,bsc#1140554, bsc#1140664,bsc#1140665,bsc#1140666,bsc#1140667,bsc#1140668,bsc#1140669, bsc#1140673,bsc#1141171,bsc#1146065,bsc#1146068,bsc#1146211,bsc#1146212, bsc#1146213,bsc#1151781,bsc#1151782,bsc#1151783,bsc#1151784,bsc#1151785, bsc#1151786,bsc#1159861,bsc#1160369,bsc#1161194,bsc#1178067,bsc#1179103, bsc#1179202,bsc#1179208,bsc#1179212,bsc#1179221,bsc#1179223,bsc#1179240, bsc#1179244,bsc#1179260,bsc#1179268,bsc#1179269,bsc#1179276,bsc#1179278, bsc#1179281,bsc#1179285,bsc#1179311,bsc#1179312,bsc#1179313,bsc#1179315, bsc#1179317,bsc#1179321,bsc#1179322,bsc#1179327,bsc#1179333,bsc#1179336, bsc#1179338,bsc#1179339,bsc#1179343,bsc#1179345,bsc#1179346,bsc#1179347, bsc#1179361,bsc#1179362,bsc#1179397,bsc#1179753,bsc#1182335,bsc#1184624, bsc#1184626,bsc#1184627,bsc#1184628,bsc#1182335,bsc#1182336,bsc#1182325, bsc#1182337) * Mon Oct 04 2021 pgajdos@suse.com - version update to 7.1.0.9: * Squash a dump truck load of VisualStudio compiler warnings. * improved algorithm for automatic calculation of word breaks and pointsize for caption and labels. * improve wrapping between words and within words (reference https://github.com/ImageMagick/ImageMagick/discussions/4227). - added patches disable Contrast test for i586 on SLE 15 + ImageMagick-filter.t-disable-Contrast.patch * Mon Sep 20 2021 pgajdos@suse.com - version update to 7.1.0.8 * Check for `null` in InvokeDelegate() (reference https://github.com/ImageMagick/ImageMagick/issues/4225). * Fixed incorrect check when module is used as the domain in policy.xml that could allow the use of a disabled module. (reference https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvhr-jj4p-j2qr). * Prevent color reduction merging into one color (reference https://github.com/ImageMagick/ImageMagick/issues/4059) * Tweak the bilevel image type (reference https://github.com/ImageMagick/ImageMagick/issues/4121). * Converting from LAB to RGB leads to wrong colors (reference https://github.com/ImageMagick/ImageMagick/issues/4105). * Added option (-dng:read-thumbnail=true) to read the thumbnail of a raw Image and store it as a profile called dng:thumbnail. * Heap-based buffer overflow in TIFF coder (alert from Hunter Mitchell). * Grayscale image write optimization. * Mon Jul 26 2021 Dirk Müller <dmueller@suse.com> - update to 7.1.0.4: * trim no longer returns an empty image on 1-pixel width input (reference https://github.com/ImageMagick/ImageMagick/issues/3896). * remove virtual canvas offset from difference image. * Added option to set the pixel format option of ffmpeg when reading a video file with -define video:pixel-format=<value>. * system() is not supported under IOS. * accelerate subimage-search with FFT's (contributed by Fred). * malloc() corruption fix * Added option to set the vsync option of ffmpeg when reading or writing a video file with -define video:vsync=<value>. * Mon Jun 21 2021 pgajdos@suse.com - version update to 7.1.0.0 [bsc#1187501] * SVG no longer hangs when handling class in <defs> (reference https://github.com/ImageMagick/ImageMagick/issues/3818). * Bump minor version (reference https://github.com/ImageMagick/ImageMagick/issues/3768) * Raise exception for invalid compose:args geometry (reference https://github.com/ImageMagick/ImageMagick/issues/3765). * Added support for reading and writing 16-bit jxl images. - modified sources % baselibs.conf * Tue May 25 2021 pgajdos@suse.com - version update to 7.0.11.13 * Fixed reading and writing the XMP chunk in a WebP image (reference https://github.com/ImageMagick/ImageMagick/discussions/3617). * label and caption sanity check is too conservative. * Mon May 10 2021 pgajdos@suse.com - version update to 7.0.11.12 * The HEIC depth image will now only be read when the define heic:depth-image is true. * -layers optimize no longer produces broken output (reference https://github.com/ImageMagick/ImageMagick/issues/3520). * Thu May 06 2021 pgajdos@suse.com - version update to 7.0.11.11 * FL32 no longer returns scambled results (reference https://github.com/ImageMagick/ImageMagick/issues/3614). * Ashlar pseudo-image format no longer crops labels in last row of tiles by default (reference https://github.com/ImageMagick/ImageMagick/issues/3618). * Optimize CompareImageBounds(). * Check image is not NULL before dereferencing. * eliminate uninitialized value * Differences in computing linear gray (reference https://github.com/ImageMagick/ImageMagick/issues/3571). * added support for pdf:author, pdf:producer and pdf:title when writing a PDF file. * Thu Apr 29 2021 Ben Greiner <code@bnavigator.de> - force --with-fftw delegate support. FFTW3 is a BuildRequirement but not detected automatically. * Tue Apr 13 2021 pgajdos@suse.com - version update to 7.0.11.7 * constrain sub-image list. * -layers optimize no longer produces broken output (reference https://github.com/ImageMagick/ImageMagick/issues/3520). * Tue Apr 06 2021 Dirk Müller <dmueller@suse.com> - udpate to 7.0.11.6: * fix portable Windows build. * Wed Mar 31 2021 pgajdos@suse.com - version update to 7.0.11.5 * OpenCL will be disable by default, use the environment variable MAGICK_OCL_DEVICE to turn it on or select the device to use. - modified patches % ImageMagick-library-installable-in-parallel.patch (refreshed) * Sat Mar 27 2021 Dirk Müller <dmueller@suse.com> - update to 7.0.11.4: * support caption:split define (reference * avoid an omp deadlock with policy string * Sun Mar 14 2021 Dirk Müller <dmueller@suse.com> - update to 7.0.11.3: * Eliminate multiple division by zero exceptions (reference https://github.com/ImageMagick/ImageMagick/issues/3339 and others). * Use -define filename:literal=true to bypass interpretting embedded formatting characters and instead use the filename literally. * decode HEIC images in sRGB instead of YCbCr. * Division by zero error is possible if crafty file sets film-gamma property * Check for overflow in thumbnail coder * Prevent compiler from optimizing out buffer clearing in cipher * Clone properties from image stack. * Set overall image depth statistic in Composite channel. * Tue Feb 23 2021 pgajdos@suse.com - version update to 7.0.11.1 * bump minor version # * allow reading multichannel PSD files with 1 or 2 channels. * respect masks when computing SSIM metric (reference https://github.com/ImageMagick/ImageMagick/discussions/3212). * Tue Feb 16 2021 pgajdos@suse.com - version update to 7.0.11.0 * bump minor version # * allow reading multichannel PSD files with 1 or 2 channels. * respect masks when computing SSIM metric (reference https://github.com/ImageMagick/ImageMagick/discussions/3212). - build against libraw [bsc#1182229] * Tue Feb 09 2021 pgajdos@suse.com - version update to 7.0.10.62 * -trim not working as expected (reference https://github.com/ImageMagick/ImageMagick/discussions/3172). * possible undefined behavior (reference https://github.com/ImageMagick/ImageMagick/issues/3195). * sanitize buggy ascender and descender values (reference https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980202). * dng:decode element in delegates.xml quoted incorrectly (reference https://github.com/ImageMagick/ImageMagick/issues/3156). * Extract GPS info from TIFF images (reference https://github.com/ImageMagick/ImageMagick/issues/3167). * Revert tieing MagickFloatType to double (reference https://github.com/ImageMagick/ImageMagick/pull/2832). * revert configure script for validating JXL delegate library. * the distributed pixel cache now properly deserializes the image attributes. * Sun Jan 24 2021 Dirk Müller <dmueller@suse.com> - update to 7.0.10.59: * strip EXIF marker from profile * add --enable-opencl to the configure command-line to enable OpenCL support. * generate histograms by comparing pixel components rather than color * Sun Jan 17 2021 Dirk Müller <dmueller@suse.com> - update to 7.0.10.58: * identify the convex hull and minimum bounding box attributes of an image with the -define identify:convex-hull=true define. * set the quality to 100 to produce lossless HEIC images (reference https://github.com/ImageMagick/ImageMagick/pull/3116). * properly identify SVG images (reference https://github.com/ImageMagick/ImageMagick/issues/3117). * duplicate operator: inverse range parameter working again (reference https://github.com/ImageMagick/ImageMagick/issues/3113). * Fix rounding error for CSS colors on i686 (reference https://tracker.debian.org/pkg/imagemagick). * additional checks to prevent integer overflow. * Fix rounding error for CSS colors (reference https://github.com/ImageMagick/ImageMagick6/issues/129). * Mon Jan 04 2021 pgajdos@suse.com - version update to 7.0.10.55 * revert changes to the default max width/height of image. * replaced jxl coder with an implementation that uses the jpeg-xl reference library. * added -define trim:edges=(north,east,south,west) that can be used to trim a single or multiple edges. * Fri Jan 01 2021 Chris Coutinho <chrisbcoutinho@gmail.com> - Add libheif dependency to support HEIC file formats
/etc/ImageMagick-7 /etc/ImageMagick-7-upstream-secure /etc/ImageMagick-7-upstream-secure/colors.xml /etc/ImageMagick-7-upstream-secure/delegates.xml /etc/ImageMagick-7-upstream-secure/english.xml /etc/ImageMagick-7-upstream-secure/francais.xml /etc/ImageMagick-7-upstream-secure/locale.xml /etc/ImageMagick-7-upstream-secure/log.xml /etc/ImageMagick-7-upstream-secure/mime.xml /etc/ImageMagick-7-upstream-secure/policy-secure.xml /etc/ImageMagick-7-upstream-secure/policy.xml /etc/ImageMagick-7-upstream-secure/quantization-table.xml /etc/ImageMagick-7-upstream-secure/thresholds.xml /etc/ImageMagick-7-upstream-secure/type-apple.xml /etc/ImageMagick-7-upstream-secure/type-dejavu.xml /etc/ImageMagick-7-upstream-secure/type-ghostscript.xml /etc/ImageMagick-7-upstream-secure/type-urw-base35-type1.xml /etc/ImageMagick-7-upstream-secure/type-urw-base35.xml /etc/ImageMagick-7-upstream-secure/type-windows.xml /etc/ImageMagick-7-upstream-secure/type.xml /etc/alternatives/ImageMagick-7
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Dec 21 00:22:59 2024