[Bug 214511] graphics/ImageMagick7: Update to 7.0.3-6
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Nov 14 18:33:12 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214511
Bug ID: 214511
Summary: graphics/ImageMagick7: Update to 7.0.3-6
Product: Ports & Packages
Version: Latest
Hardware: Any
URL: https://github.com/ImageMagick/ImageMagick/blob/ImageM
agick-6/ChangeLog
OS: Any
Status: New
Keywords: needs-qa, patch, security
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: kwm at FreeBSD.org
Reporter: vlad-fbsd at acheronmedia.com
CC: ports-secteam at FreeBSD.org
Flags: maintainer-feedback?(kwm at FreeBSD.org),
merge-quarterly?
Assignee: kwm at FreeBSD.org
Created attachment 177002
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=177002&action=edit
Bump IM7 to latest
Please bump ImageMagick7 to latest version, 7.0.3-6. There are some security
fixes there as well (no assigned CVEs as of yet, afaik).
Summarized ChangeLog since 7.0.2-9:
* Off by one memory allocation (reference
https://github.com/ImageMagick/ImageMagick/issues/296).
* The -extent option now matches the results of IMv6 (reference
https://www.imagemagick.org/discourse-server/viewtopic.php?f=1&t=30779).
* Prevent fault in MSL interpreter (reference
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30797).
* Mask composite produces proper results for the convert utility (reference
http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29675).
* Added layer RLE compression to the PSD encoder.
* Fixed incorrect parsing with ordered dither. (reference
https://github.com/ImageMagick/ImageMagick/issues/254)
* Unit test pass again after small SUN image patch.
* Fixed incorrect RLE decoding when reading a DCM image that contains
multiple segments.
* Fixed incorrect RLE decoding when reading an SGI image (reference
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30514)
* Added layer RLE compression to the PSD encoder.
* Added define 'psd:preserve-opacity-mask' to preserve the opacity mask
in a PSD file.
* Fixed issue where the display window was used instead of the data window
when reading EXR files (reference
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&p=137849).
* Fixed reading DXT1 images with an alpha channel.
* Fixed incorrect padding calculation in PSD encoder.
* Added define 'psd:additional-info' to preserve the additional information
in a PSD file.
* Prevent buffer overflow in BMP & SGI coders (bug report from
pwchen&rayzhong of tencent).
* Prevent buffer overflow and other problems in SIXEL, PDB, MAP, TIFF and
CALS coders (bug report from Donghai Zhu).
* The -stream option now increments the pixel pointer properly (reference
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30327).
Note that vulnerability to CVE-2016-8866 (incomplete fix to CVE-2016-8862)
still appears unfixed, but at least the bump covers many other fixes.
https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/
Request merge to Quarterly, all the changes are bug or security fixes.
Currently running Poudriere tests.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list