pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/graphics Changes 1.3.17:
details: https://anonhg.NetBSD.org/pkgsrc/rev/935adffa492e
branches: trunk
changeset: 610711:935adffa492e
user: adam <adam%pkgsrc.org@localhost>
date: Sat Nov 03 20:45:46 2012 +0000
description:
Changes 1.3.17:
Security Fixes:
* PNG: Fix for CVE-2012-3438. The Magick_png_malloc function in
coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper
variable type for the allocation size, which might allow remote
attackers to cause a denial of service (crash) via a crafted PNG
file that triggers incorrect memory allocation.
* Automake (derived): Fix for CVE-2012-3386: The "make distcheck"
rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants
world-writable permissions to the extraction directory, which
introduces a race condition that allows local users to execute
arbitrary code via unspecified vectors.
Bug fixes:
* PNG: Reading sub-8-bit palette images is fixed (images looked
stretched).
* SVG: Fixed bug which allowed MVG and SVG files with long vector
paths to crash the software.
* SVG: Ignore XML headers rather than rendering them as text.
* MVG/SVG/WMF/-draw: It is now possible to draw a plain ','
character.
* WMF: Fixed a bug which caused wrong centered-text placement.
* import: Return status was inverted.
* configure: Don't force that liblzma is used just because libtiff
is used.
New Features:
* The configure script now supports a --enable-quantum-library-names
option to enable that shared library name includes quantum depth
to allow shared libraries with different quantum depths to
co-exist in same directory (only one can be used for development).
* JNX: Support is added for reading the Garmin proprietary Image
Format.
* BMP: Support an alpha channel in uncompressed 32-bit BMP.
Feature improvements:
* -lat: The adaptive threshold algorithm is replaced with a new
algorithm which scales linearly (rather than quadratically) with
area size.
* Tests: Test suite is re-written to use TAP-based tests.
* GIF: Reader tries to be better at detecting and reporting
failures.
Performance Improvements:
* -lat: Adaptive threshold is much faster with large area sizes.
Windows Delegate Updates:
* Dcraw 9.16 is now included in the build (with JPEG and JPEG2000
support).
* Libxml2 is updated to the 2.9.0 release.
* Libtiff is updated to the 4.0.3 release.
* Lcms2 is updated to the 2.4 release.
* Libpng is updated to the 1.5.13 release.
Behavior Changes:
* Loading modules is only supported for the modules build.
Previously any build using shared libraries could load modules.
* Bundled libltdl is now configured as 'installable' rather than
'convenience'.
* -enhance: Only filter based on color channels (ignore opacity).
* BrowseDelegate: Web browser (for viewing help information) now
defaults to 'xdg-open', but if it is not found, then configure
will search for firefox, google-chrome, mozilla (in that order).
diffstat:
graphics/GraphicsMagick/Makefile | 35 +++++++----------
graphics/GraphicsMagick/Makefile.common | 15 +++----
graphics/GraphicsMagick/PLIST | 5 +-
graphics/GraphicsMagick/buildlink3.mk | 4 +-
graphics/GraphicsMagick/distinfo | 9 ++--
graphics/GraphicsMagick/patches/patch-coders_png.c | 44 ----------------------
graphics/p5-GraphicsMagick/Makefile | 5 +-
7 files changed, 32 insertions(+), 85 deletions(-)
diffs (228 lines):
diff -r d2a4e1090099 -r 935adffa492e graphics/GraphicsMagick/Makefile
--- a/graphics/GraphicsMagick/Makefile Sat Nov 03 20:33:33 2012 +0000
+++ b/graphics/GraphicsMagick/Makefile Sat Nov 03 20:45:46 2012 +0000
@@ -1,30 +1,29 @@
-# $NetBSD: Makefile,v 1.51 2012/10/06 14:10:39 asau Exp $
-#
+# $NetBSD: Makefile,v 1.52 2012/11/03 20:45:46 adam Exp $
.include "Makefile.common"
-PKGREVISION= 2
-
MAINTAINER= pkgsrc-users%NetBSD.org@localhost
HOMEPAGE= http://www.graphicsmagick.org/
COMMENT= X application for displaying and manipulating images
-#LICENSE= mit AND # see ${WRKSRC}/Copyright.txt
+LICENSE= mit
DEPENDS+= urw-fonts-[0-9]*:../../fonts/urw-fonts
-USE_LANGUAGES= c c++
-USE_LIBTOOL= yes
-USE_TOOLS+= gmake pkg-config gs:run
-USE_FEATURES= vsnprintf # optional but recommended for security
-GNU_CONFIGURE= yes
-
+USE_LANGUAGES= c c++
+USE_LIBTOOL= yes
+USE_TOOLS+= gmake pkg-config gs:run
+USE_FEATURES= vsnprintf # optional but recommended for security
+GNU_CONFIGURE= yes
+CONFIGURE_ARGS+= --enable-shared
CONFIGURE_ARGS+= --with-modules=yes
-CONFIGURE_ARGS+= --enable-shared
CONFIGURE_ARGS+= --with-gs-font-dir=${URW_FONTS_DIR}/share/fonts/urw
+CONFIGURE_ARGS+= --with-ltdl-include=${BUILDLINK_PREFIX.libltdl}/include
+CONFIGURE_ARGS+= --with-ltdl-lib=${BUILDLINK_PREFIX.libltdl}/lib
+CONFIGURE_ARGS+= --without-perl
-PKGCONFIG_OVERRIDE+= magick/GraphicsMagick.pc.in \
- wand/GraphicsMagickWand.pc.in \
- Magick++/lib/GraphicsMagick++.pc.in
+PKGCONFIG_OVERRIDE+= magick/GraphicsMagick.pc.in
+PKGCONFIG_OVERRIDE+= wand/GraphicsMagickWand.pc.in
+PKGCONFIG_OVERRIDE+= Magick++/lib/GraphicsMagick++.pc.in
TEST_TARGET= check
@@ -33,16 +32,12 @@
.include "options.mk"
-CONFIGURE_ARGS+= --without-perl
-CONFIGURE_ARGS+= --with-ltdl-include=${BUILDLINK_PREFIX.libltdl}/include
-CONFIGURE_ARGS+= --with-ltdl-lib=${BUILDLINK_PREFIX.libltdl}/lib
-
.include "../../devel/libltdl/buildlink3.mk"
.include "../../devel/zlib/buildlink3.mk"
.include "../../graphics/freetype2/buildlink3.mk"
.include "../../graphics/jbigkit/buildlink3.mk"
.include "../../mk/jpeg.buildlink3.mk"
-.include "../../graphics/lcms/buildlink3.mk"
+.include "../../graphics/lcms2/buildlink3.mk"
.include "../../graphics/png/buildlink3.mk"
.include "../../graphics/tiff/buildlink3.mk"
.include "../../textproc/libxml2/buildlink3.mk"
diff -r d2a4e1090099 -r 935adffa492e graphics/GraphicsMagick/Makefile.common
--- a/graphics/GraphicsMagick/Makefile.common Sat Nov 03 20:33:33 2012 +0000
+++ b/graphics/GraphicsMagick/Makefile.common Sat Nov 03 20:45:46 2012 +0000
@@ -1,16 +1,15 @@
-# $NetBSD: Makefile.common,v 1.6 2012/06/24 02:03:45 obache Exp $
+# $NetBSD: Makefile.common,v 1.7 2012/11/03 20:45:46 adam Exp $
#
# used by graphics/p5-GraphicsMagick/Makefile
-GM_MAJOR_VER= 1.3
-GM_MINOR_VER= 16
-DISTVERSION= ${GM_MAJOR_VER}.${GM_MINOR_VER}
-DISTNAME= GraphicsMagick-${DISTVERSION}
-
+GM_MAJOR_VER= 1.3
+GM_MINOR_VER= 17
+DISTVERSION= ${GM_MAJOR_VER}.${GM_MINOR_VER}
+DISTNAME= GraphicsMagick-${DISTVERSION}
+CATEGORIES= graphics
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=graphicsmagick/} \
ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/${GM_MAJOR_VER}/
-
-CATEGORIES= graphics
+EXTRACT_SUFX= .tar.xz
DISTINFO_FILE= ${.CURDIR}/../../graphics/GraphicsMagick/distinfo
#FILESDIR= ${.CURDIR}/../../graphics/GraphicsMagick/files
diff -r d2a4e1090099 -r 935adffa492e graphics/GraphicsMagick/PLIST
--- a/graphics/GraphicsMagick/PLIST Sat Nov 03 20:33:33 2012 +0000
+++ b/graphics/GraphicsMagick/PLIST Sat Nov 03 20:45:46 2012 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.17 2012/02/26 12:22:06 obache Exp $
+@comment $NetBSD: PLIST,v 1.18 2012/11/03 20:45:46 adam Exp $
bin/GraphicsMagick++-config
bin/GraphicsMagick-config
bin/GraphicsMagickWand-config
@@ -115,6 +115,7 @@
lib/${PKGNAME}/modules-Q8/coders/identity.la
lib/${PKGNAME}/modules-Q8/coders/info.la
lib/${PKGNAME}/modules-Q8/coders/jbig.la
+lib/${PKGNAME}/modules-Q8/coders/jnx.la
${PLIST.jasper}lib/${PKGNAME}/modules-Q8/coders/jp2.la
lib/${PKGNAME}/modules-Q8/coders/jpeg.la
lib/${PKGNAME}/modules-Q8/coders/label.la
@@ -245,12 +246,10 @@
share/doc/GraphicsMagick/www/Magick++/Enumerations.html
share/doc/GraphicsMagick/www/Magick++/Exception.html
share/doc/GraphicsMagick/www/Magick++/FormatCharacters.html
-share/doc/GraphicsMagick/www/Magick++/Future.html
share/doc/GraphicsMagick/www/Magick++/Geometry.html
share/doc/GraphicsMagick/www/Magick++/Image.html
share/doc/GraphicsMagick/www/Magick++/Image.png
share/doc/GraphicsMagick/www/Magick++/ImageDesign.html
-share/doc/GraphicsMagick/www/Magick++/Install.html
share/doc/GraphicsMagick/www/Magick++/Montage.html
share/doc/GraphicsMagick/www/Magick++/PixelPacket.html
share/doc/GraphicsMagick/www/Magick++/Pixels.html
diff -r d2a4e1090099 -r 935adffa492e graphics/GraphicsMagick/buildlink3.mk
--- a/graphics/GraphicsMagick/buildlink3.mk Sat Nov 03 20:33:33 2012 +0000
+++ b/graphics/GraphicsMagick/buildlink3.mk Sat Nov 03 20:45:46 2012 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.25 2012/05/07 01:53:31 dholland Exp $
+# $NetBSD: buildlink3.mk,v 1.26 2012/11/03 20:45:46 adam Exp $
BUILDLINK_TREE+= GraphicsMagick
@@ -32,7 +32,7 @@
.include "../../devel/zlib/buildlink3.mk"
.include "../../devel/libltdl/buildlink3.mk"
.include "../../graphics/freetype2/buildlink3.mk"
-.include "../../graphics/lcms/buildlink3.mk"
+.include "../../graphics/lcms2/buildlink3.mk"
.include "../../mk/pthread.buildlink3.mk"
.endif # GRAPHICSMAGICK_BUILDLINK3_MK
diff -r d2a4e1090099 -r 935adffa492e graphics/GraphicsMagick/distinfo
--- a/graphics/GraphicsMagick/distinfo Sat Nov 03 20:33:33 2012 +0000
+++ b/graphics/GraphicsMagick/distinfo Sat Nov 03 20:45:46 2012 +0000
@@ -1,6 +1,5 @@
-$NetBSD: distinfo,v 1.31 2012/07/30 09:25:29 wiz Exp $
+$NetBSD: distinfo,v 1.32 2012/11/03 20:45:46 adam Exp $
-SHA1 (GraphicsMagick-1.3.16.tar.gz) = f2ec0392d7a7d5cbe0d5bdff2931edbacedd73e9
-RMD160 (GraphicsMagick-1.3.16.tar.gz) = 75b12d2f0839ea384a3d861da6295995be11bfad
-Size (GraphicsMagick-1.3.16.tar.gz) = 8736761 bytes
-SHA1 (patch-coders_png.c) = 92e145867f767ba069fa5bb63a1b67bad946dbfa
+SHA1 (GraphicsMagick-1.3.17.tar.xz) = 6428eb4bd19635c833750ac9d56c9b89bef4c975
+RMD160 (GraphicsMagick-1.3.17.tar.xz) = 3bcfb555a243c751f15b89d5359e83b888a57456
+Size (GraphicsMagick-1.3.17.tar.xz) = 5403300 bytes
diff -r d2a4e1090099 -r 935adffa492e graphics/GraphicsMagick/patches/patch-coders_png.c
--- a/graphics/GraphicsMagick/patches/patch-coders_png.c Sat Nov 03 20:33:33 2012 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,44 +0,0 @@
-$NetBSD: patch-coders_png.c,v 1.3 2012/07/30 09:25:29 wiz Exp $
-
-Tom Lane (tgl%redhat.com@localhost) found an issue in ImageMagick. Basically
-CVE-2011-3026 deals with libpng memory allocation, limitations have been
-added so that a bad PNG can't cause the system to allocate a lot of
-memory causing a denial of service. However on further investigation of
-ImageMagick Tom Lane found that PNG malloc function (Magick_png_malloc)
-in turn calls AcquireMagickMemory with an improper size argument:
-
-#ifdef PNG_USER_MEM_SUPPORTED
-static png_voidp Magick_png_malloc(png_structp png_ptr,png_uint_32 size)
-{
- (void) png_ptr;
- return((png_voidp) AcquireMagickMemory((size_t) size));
-}
-
-This is incorrect, the size argument should be declared
-png_alloc_size_t according to 1.5, or png_size_t according to 1.2.
-
-"As this function stands, it invisibly does the wrong thing for any
-request over 4GB. On big-endian architectures it very possibly will
-do the wrong thing even for requests less than that. So the reason why
-the hard-wired 4GB limit prevents a core dump is that it masks the ABI
-mismatch here."
-
-So basically we have memory allocations problems that can probably
-lead to a denial of service.
-
-For more information please see:
-
-https://bugzilla.redhat.com/show_bug.cgi?id=844101
-https://bugzilla.redhat.com/show_bug.cgi?id=844105
-
---- coders/png.c.orig 2012-06-23 20:10:10.000000000 +0000
-+++ coders/png.c
-@@ -1360,7 +1360,7 @@ static void PNGWarningHandler(png_struct
- }
-
- #ifdef PNG_USER_MEM_SUPPORTED
--static png_voidp png_IM_malloc(png_structp png_ptr,png_uint_32 size)
-+static png_voidp png_IM_malloc(png_structp png_ptr,png_alloc_size_t size)
- {
- (void) png_ptr;
- return MagickAllocateMemory(png_voidp,(size_t) size);
diff -r d2a4e1090099 -r 935adffa492e graphics/p5-GraphicsMagick/Makefile
--- a/graphics/p5-GraphicsMagick/Makefile Sat Nov 03 20:33:33 2012 +0000
+++ b/graphics/p5-GraphicsMagick/Makefile Sat Nov 03 20:45:46 2012 +0000
@@ -1,19 +1,18 @@
-# $NetBSD: Makefile,v 1.10 2012/10/06 14:11:11 asau Exp $
+# $NetBSD: Makefile,v 1.11 2012/11/03 20:45:46 adam Exp $
.include "../../graphics/GraphicsMagick/Makefile.common"
PKGNAME= p5-GraphicsMagick-${DISTVERSION}
-PKGREVISION= 1
MAINTAINER= pkgsrc-users%NetBSD.org@localhost
HOMEPAGE= http://www.graphicsmagick.org/perl.html
COMMENT= Object-oriented Perl interface to GraphicMagick
+LICENSE= mit
PKG_INSTALLATION_TYPES= overwrite pkgviews
USE_LIBTOOL= yes
GNU_CONFIGURE= yes
-
CONFIGURE_ARGS+= --with-perl=${PERL5:Q}
PERL5_CONFIGURE= no
Home |
Main Index |
Thread Index |
Old Index