GraphicsMagick-devel-1.3.35-150300.3.3.1<>,̉bVyp9|)2G9p rK3'l?,2 {K\Q$>?d + c$(48Qrv Q Q Q dQ Q Q LQQ%QQ ,  ! (!8!#9"\#:%#FGQHQI$QXxY\Q]Q^ bc=defluQv(wQxDQyzCGraphicsMagick-devel1.3.35150300.3.3.1Development files for the GraphicsMagick C language APIGraphicsMagick provides an image manipulation and translation utility and library. It can read and write over 88 image formats, including JPEG, TIFF, WMF, SVG, PNG, PNM, GIF, andPhoto CD. It also allows to resize, rotate, sharpen, color reduce, or add special effects to an image and to save the result to any supported format. GraphicsMagick may be used to create animated or transparent .gifs, to composite images, and to create thumbnail images.bVynebbiolo-mSUSE Linux Enterprise 15SUSE LLC MIThttps://www.suse.com/Development/Libraries/C and C++http://www.GraphicsMagick.org/linuxppc64le3 !%nD} L/  * .- l'C p{; B-r d / <PhSZDD+ MBDBI V"AA큤A큤AbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxbVxcef6cb917f58d0ca3b8d4f3cf55de2c5811af6cc687fd48ea00ff05f4db96cb09583b86c51aebae23e5522aa87eae55f7950fb40538449e46709ab49319bb48cf53dba19257ee634399e725dbb9d5f9a2c2417841e486e0d9ba8b1b85f07a0251c3a70e98bd9c019b92cfe6b410ca603d9d568cd6f8b5b930b7362c1cc74a19b1546b647b3094697c65ec3bc894b3e89aea08c81b5cf21c1bc1c5cf69ba8f0e045159a98252b67c7f352aebd8a541ab5e421cc83d8dbb98e7af60ff628c074bc920af03552b68f7c4d19cf833ec8eb506bfc36b2c054972f0da924b9053057f1bb7a6c47ef5a5dc073820d6f899452333ddc37dd7356bd30167746372101557d71184af50cb62f8202f0ae29cf4346c298cfe49d5d420b1d0553d86332a1c0c204cff86b7a614e19d5d3465132b6b4ad228979a29e22cf269019d9924f80d443bf6d83408640c59d1fb6df9301777fdcb8af842b524c383cead492af271bd44a379a0757c76c870713cd2993a2e99a10e5f174fda0977922e1a863c8a951b572477e4e29478b50041be6a2ae82f24433cdf11e5397a23ac378c2794d5233efd586a219f3f1aa613df11425ed5bc55fc7e354ca37d65a87e4682117fb58d529094dee84678b73bbc36c5724e427daec9ebdd962547330f4283fdda9bacfc3d6891d1c0762bac96dd3fc7d09366cb674e0a2cd2dc39f1794f06279c63c1ed4ad922b02a9e9d4c782a074a09f258ce593137827099b4b04718884d281819491a0c1cd2e3d0da4522717ae07e47645f8abbc7af74ec3d626d4ad7fec9d877ad5dc0ca79fd20d4aee5f4834c527e62785953d0c465ed921d6e5e2ac491da1bcb4701e2adf850ae21b19688d3c47b13c1697636e9e4e05fd5d4ec772bb245d36f0cb7225129ccfe437193db9edae4788ef1c359c0183c9865c61dda24bae6b222a8606704b436c8e47487ff4aa486a527a46999ad08d2cce96a78f3af5d14d71190112d1b3b434eaf1ff6c02947d1e4bd83060aa418c645f52c0007be032ed63f7d7a2ba2c5f56376c098dd9c076cb285e53f471d90ea5f2003114bb7b869779c9350771de0671a239d22bc4ce3ff3a267c62775084cbc417993e4c33eb3a0fb4edd78c1b85b7eec22b8d8bcc71fb4d239ab50c8ca537bbcf4deae0d4edb1b463a3fe96ab0d5b25c81fe9cd002bfa7c7c31349e3726b5eee6a153373af4a799ef28f78bb94da052eec938eaaf442be77ffc64e03f9f2eeaf7339f21a2e58095ed7b3121d494ca12b1e96cbc4752828aaac15e29440e2fa8bf507794a6149b1a978afbb6a6e9224f8032b1b1e4807b6d066e027a22f581d712dac6bcd1ad9bda329f6e00bdbb379b74ca7dd07fd4e9061e77e5f7d5573aa638a17421d887167be5e3c0729c25d08dd736e4aaf38e41206aee4311dad1cf0549d3ef2c365fafd4af94d6a0bec216f9a58df214b68048a85427616c77a249376d51fc497e3403b67f2f0f102bc1cf69cb96c205738f4a9c7f4eddd6f50847f6518957bf016c998973d9c0245d76cee3fd08896d07e862c379923d26a6b2cf083cdb6d32db90be4a81af0ee99769a47e5db07dee12f7d8caaf5556027ed5b13aed557c82342f22433ba36212b4c7b73517bdb89cbcf301ddfafbb6147cfe7c1eceb6e997256a8c0af44b721e06315100f173b876a57d44bee7a12ae32c160cc2b8619b022287d47d2d4890f9c05ed7910a950a89e64aef5873cf60b5e40bf51399eafcc4653557d6d6c9c9f3ebc1d67aec8ad0d62c5eaa0a94912486b8bdff3d973e9f4ef1a232c379ff5b039ce00913d07e112788f64a9e0cce5d3b54dff665b9246c088cf69beade25bc662660c127e220a01f0b7f7a7ed25ecbc00974cad47c7cb2451efd85ee2af67cb772c7df5384b4d69862ebc220d9f8b81d4d200ac1da2d5c6a086b5928949a4ceb36a173e5a3298bc4ffbdc233c30e3ffa367ba552f9b4ba0051d19f18bbc5cb515323d287fc9d6c21679b0e252c8b6f5d9e6731993a1aeb9b5fcd758452e8c29176569d7fbd1fb466d48167fe46db619ca789a7acb1ec139c75b05189ccc46a1a427dfb272d9c719f8d6b0b18f1fd980a6d84b2d517140ce261f90068c108f683d49c4f2bd47010da56e47ce9531b4bd699f6134d13b36c88e5d11aba838c8a1600fac9284a578ec88943f415432d19b688a7c890a196113d4f20679942109cdf3012965a8099efbe47784dd483813aa31e14dcadff1309d6b67c54badd511862d21bd72f87da7a9dda8a05f5b96b7a54d1905b31a356bd28cb56e4bb9a28c7539927871f6a6d1a1ead2609b7304297ca7c090c5156bf80b96be153bebe540a4627bc45e31e7a7580bf455bccfae6064b73cba7243ece5a70f621d08278bf81cdb41ba04a6043398ebb0583b4742377d5567f65df261ba2cd1e489489f66445811ad7afdf17ac26d7bc37715c972f6db9991913b5fd49de89de04047903c73b2f2a4b8e1110b5218338235f8ce127dce7d5ba526d4c024e58f9559ad808bf374285bd0c74c4aec09728cef5a25f4c3140527a75b0f66e2ab2b1155d9f3cdc955b2ecfd863c566cd0ea179fc032103d98294cb69c1b3de0c4fd79a12dcdd08c15308666b4e129d6ca798e57328de916fdb2357d10bb292846c2c78ea305ef57a7b6eaf65a03f88df53328bceade3c2112ddc7bed87bc3926e6e39cd258b630072c7882e34ac764c7f1b614f805315df248c5a1697436923109e0f0d7ca2023a65a970591ebebef99356e1613ec8d4deb49be374b68b48c628c7f98bbfd87a3ab080931b7025c6dad2dc6ae3c950c91484fd9e32cba906384e6b6319f215fc1254a49a87c30ad0ca448c1aa033b8ea6d5a28b287a36a4103968e4fb960d21ff406b058a87f62bed5ea80ae80c2731fb93e728bf29c1495656f79d59e44ad122d6c2cf6616fde79745f0b57d53c9d2dab0172bfca70e3d98012e235829707c57678f392572cc28346088e447220ac9528e22d700fd7f25d8f279956586e66ee51230e8b16feb16e2d06f9c7c55a6823062f26578ce887e14581a65f2a208b57f4318099b0c586b4ed89fdc5fd0fca6ab2286560d5d32dba63b3de64c26d85567c18fb618954768be2df7ea89bb78c469166d7bbe850b093151f885f85177ae962de86a63d1aa2b9b2f8a51da962eb6a3a125bb6e9a13de226265134c707f203f188fef0922a1db3d2142a312a01fda6c7ac7f885bdfb441de8cde4548223e591cb1a8c8c16a997db922cd64bb12554c8e6016e1911825e7b05b85d36e9628e5d431ecf8dd38687453c8361779a5ea5ac6e8efc6597e41a252cffafd432154998f2d9b39ad1ef97843ea4025a60b5deae3f3bf567b82fd62f8c81ce8552680f16a0flibGraphicsMagick-Q16.so.3.21.0libGraphicsMagickWand-Q16.so.2.9.4rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootGraphicsMagick-1.3.35-150300.3.3.1.src.rpmGraphicsMagick-develGraphicsMagick-devel(ppc-64)pkgconfig(GraphicsMagick)pkgconfig(GraphicsMagickWand)@@@    /bin/sh/usr/bin/pkg-configglibc-devellibGraphicsMagick-Q16-3libGraphicsMagickWand-Q16-2pkgconfig(GraphicsMagick)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)1.3.351.3.353.0.4-14.6.0-14.0-15.2-14.14.3bUi_D@^?@^{G^!@^~@^ @^@^@]z@]]2@],j]@\2\2[}P@[dC[WZ Zhu@ZV@YYzYu@YqYqYP@W Wk@WUeWL+@W0{V?9@Vf@U ]@pgajdos@suse.comcallumjfarmer13@gmail.compgajdos@suse.compgajdos@suse.comstefan.bruens@rwth-aachen.desuse+build@de-korte.orgsuse+build@de-korte.orgsuse+build@de-korte.orgsuse+build@de-korte.orgpgajdos@suse.compgajdos@suse.comstefan.bruens@rwth-aachen.depgajdos@suse.compgajdos@suse.compgajdos@suse.compgajdos@suse.comidonmez@suse.compgajdos@suse.comcrrodriguez@opensuse.orgpgajdos@suse.compgajdos@suse.compgajdos@suse.compgajdos@suse.comjengelh@inai.detchvatal@suse.comtchvatal@suse.compgajdos@suse.compgajdos@suse.commeissner@suse.compgajdos@suse.compgajdos@suse.comsflees@suse.dedmitry_r@opensuse.orgdmitry_r@opensuse.orgdmitry_r@opensuse.org- security update - added patches fix CVE-2022-1270 [bsc#1198351], Heap buffer overflow when parsing MIFF + GraphicsMagick-CVE-2022-1270.patch- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)- security update - added patches fix CVE-2020-12672 [bsc#1171271], heap-based buffer overflow in ReadMNGImage in coders/png.c. + GraphicsMagick-CVE-2020-12672.patch- version update to 1.3.35 Special Issues: * It has been discovered that the 'ICU' library (a perhaps 30MB C++ library) which is now often a libxml2 dependendency causes huge process initialization overhead. This is noticed as unexpected slowness when GraphicsMagick utilities are used to process small to medium sized files. The time to initialize the 'ICU' library is often longer than the time that GraphicsMagick would otherwise require to read the input file, process the image, and write the output file. If the 'ICU' dependency can not be avoided, then make sure to use the modules build so there is only impact for file formats which require libxml2. Please lobby the 'ICU' library developers to change their implementation to avoid long start-up times due to merely linking with the library. Security Fixes: * GraphicsMagick is now participating in Google's oss-fuzz project due to the contributions and assistance of Alex Gaynor. Since February 4 2018, 398 issues have been opened by oss-fuzz (some of which were benign build issues) and 11 issues remain open. The issues list is available at https://bugs.chromium.org/p/oss-fuzz/issues/list under search term "graphicsmagick". Issues are available for anyone to view and duplicate if they have been in "Verified" status for 30 days, or if they have been in "New" status for 90 days. There are too many fixes to list here. Please consult the GraphicsMagick ChangeLog file, Mercurial repository commit log, and the oss-fuzz issues list for details. Bug fixes: * Fix broken definition of ResourceInfinity which resulted in that GetMagickResource() would return -1 rather than the maximum range value for the return type as documented. (problem added by the 1.3.32 release). * ModifyCache(): Re-open the pixel cache if the cache rows/columns do not match the owning image rows/columns. * Fix DisplayImages() return status. The return status was inverted. * HISTOGRAM: Histogram once again includes the histogram as a text comment. This became broken by previous security fixes. * PICT: Fixed heap buffer overuns reported multiple sources. * JNG: Detect when JPEG encoder has failed and throw an exception. * MVG/DrawImage(): Performs even more parsing validations. * Clang static analyzer fixes: A great many fixes were made based on problem reports by the Clang static analyzer. * Visual Studio static analyzer fixes: A great many fixes were made based on problem reports by the Visual Studio 2019 static analyzer. Many of these may improve the robustness of 64-bit code. New Features: * GRADIENT/GradientImage(): Improved accuracy of gradient levels as well as dramaticaly improving performance. Output PseudoClass images if we can. Add support for using the image 'gravity' attribute as well as the "gradient:direction" definition to produce gradient vector directions corresponding to SouthGravity (the previously-existing default), NorthGravity, WestGravity, EastGravity, NorthWestGravity, NorthEastGravity, SouthWestGravity, and SouthEastGravity. API Updates: * InitializeMagickEx(): New function which may be used in place of InitializeMagick() to initialize GraphicsMagick. This initialization function returns an error status value, may update a passed ExceptionInfo structure with error information, and provides an options parameter which supports simple bit-flags to tailor initialization. The signal handler registrations are skipped if the MAGICK_OPT_NO_SIGNAL_HANDER flag is set in the options. Feature improvements: * Replace use of non-reentrant legacy POSIX functions with reentrant equivalents. * Timing of image reads should now be very accurate. The timer was sometimes not stopped as soon as it should be. * PICT: The PICT reader is working pretty good now. It handles all the PICT image files I have available to me. Behavior Changes: * POSIX Signals: Use the normal termination signal handler for SIGXCPU and SIGXFSZ so that ulimit or setrlimit(2) may be used to apply CPU (RLIMIT_CPU) and output file size (RLIMIT_FSIZE) limits with the normal cleanup, and without dumping core. Note that any output files currently being written may be truncated and files being written by external programs (e.g. Ghostscript) might be left behind unless they are to a temporary file assigned by GraphicsMagick. * Some private string and integer constants were removed from the apparent library ABI. Some private functions were marked static and removed from the apparent library ABI. This is mentioned because someone is sure to notice and be concerned about it. * The remaining private content in installed header files was moved into -private.h header files which are not installed. This should not be cause for concern but is mentiond because someone is sure to notice and be concerned about it.- Remove xorg-x11-fonts runtime Requires, gm display no longer fails when it is missing (see boo#619103). - Cleanup, replace $RPM_OPT_FLAGS with %optflags- Revert the change to relinquish resources used by OpenMP on all devices. There are concerns upstream that this might break applications that use OpenMP too and suddenly find their threads closed (remove GraphicsMagick-wait-for-threads-close.patch)- Due to a broken check, it wasn't noticed the typemap file is already provided in the source archive (removed typemap)- Relinquish resources used by OpenMP on all devices (GCC >= 9) + GraphicsMagick-wait-for-threads-close.patch - Set configure options to what is actually build- version update to 1.3.34 * DPS: Eliminate a memory leak. * Debug Trace: Only output text to terminate an XML format log file if XML format is active. * EXIF Parser: Detect non-terminal parsing and report an error. * EXIF Parser: Eliminate heap buffer overflows. * HuffmanDecodeImage(): Fix heap overflow in 32-bit applications. * MAT: Implement subimage/subrange support. * MVG: Address non-terminal loops, excessive run-time, thrown assertions, divide-by-zero, heap overflow, and memory leaks. * OpenModule(): Now properly case-insensitive, as it used to be. * PCX: Verify that pixel region is not negative. Assure that opacity channel is initialized to opaqueOpacity. Update DirectClass representation while PseudoClass representation is updated. Improve read performance with uncompressed PCX. * PICT: Fix heap overflow in PICT writer. * PNG: Fix validation of raw profile length. * PNG: Skip coalescing layers if there is only one layer. * PNM: Fix denial of service opportunity by limiting the length of PNM comment text. * WPG: Avoid Avoid dereferencing a null pointer. * WPG: Implement subimage/subrange support. * WPG: Improve performance when reading an embedded image. * Wand library: In MagickClearException(), destroy any existing exception info before re-initializing the exception info or else there will be a memory leak. * XPM: Rquire that image properties appear in the first 512 bytes of the XPM file header. * Compliles clean using GCC 9. * Python scripts related to the build (enabled by --enable-maintainer-mode) are now compatible with Python 3. * Now supports using Google gperftools tcmalloc library for the memory allocator. This improves performance for certain repetitive work-loads and heavily-threaded algorithms. * Configure now reports the status of zstd (FaceBook Zstandard) compression in its configuration summary. * TclMagick: Address many issues mentioned by SourceForge issue #420 "TclMagick issues and patch". * PNG: Post-processing to convert the image type in the PNG reader based on a specified magick prefix string is now disabled. This can (and should) be done after the image has been returned. * Trace Logging: The compiled-in logging default is always to stderr, which may be over-ridden using log.mgk as soon as it is loaded.- version update to 1.3.33 * It has been discovered that the 'ICU' library (a perhaps 30MB C++ library) which is now often a libxml2 dependendency causes huge process initialization overhead. This is noticed as unexpected slowness when GraphicsMagick utilities are used to process small to medium sized files. The time to initialize is often longer than the time to read the input file, process the image, and write the output file. If the 'ICU' dependency can not be avoided, then make sure to use the modules build. Please lobby the 'ICU' library developers to change their implementation to avoid long start-up times due to merely linking with the library. * GraphicsMagick is now participating in Google's oss-fuzz project due to the contributions and assistance of Alex Gaynor. Since February 4 2018, 353 issues have been opened by oss-fuzz and 338 of those issues have been resolved. The issues list is available at https://bugs.chromium.org/p/oss-fuzz/issues/list under search term "graphicsmagick". Issues are available for anyone to view and duplicate if they have been in "Verified" status for 30 days, or if they have been in "New" status for 90 days. There are too many fixes to list here. Please consult the GraphicsMagick ChangeLog file, Mercurial repository commit log, and the oss-fuzz issues list for details. * Documentation has been added regarding security hazards due to commands which support a '@filename' syntax. * MontageImages(): Fix wrong length argument to strlcat() when building montage directory, which could allow heap overwrite. * PNG: Pass correct size value to strlcat() in module registration code. This bug is noticed to cause problems for Apple's OS X and Linux Alpine with musl libc. This fixes a regression introduced by the 1.3.32 release. * Re-implement command-line utility `'@'` file inclusion support for `-comment`, `-draw`, `-format`, and `-label` which was removed for the 1.3.32 release. The new implementation is isolated to command-line utility implementation code rather than being deeply embedded in the library and exposed in other usage contexts. This fixes a regression introduced by the 1.3.32 release. * CAPTION: The The CAPTION reader did not appear to work at all any more. Now it works again, but still not very well. * MagickXDisplayImage(): Fix heap overwrite of windows->image.name and windows->image.icon_name buffers. This bug has surely existed since early GraphicsMagick releases. * MagickXAnimateImages(): Fix memory leak of scene_info.pixels. * AcquireTemporaryFileDescriptor(): Fix compilation under Cygwin. This fixes a regression introduced by the 1.3.32 release. * PNG: Fix saving to palette when mage has an alpha channel but no color is marked as transparent. * Compilation warnings in the Visual Studio WIN64 build due to the 'long' type being only 32-bits have been addressed.- drop JPEG2000 support [bsc#1144240]- Cleanup BuildRequires: * Remove ghostscript-library (support removed upstream) * Use ghostscript-mini (sufficient for path and feature detection) instead of full ghostscript (implicitly added by ghostscript-library) * Remove ghostscript-fonts-other (unused).- version update to 1.3.32 New Features: * Added support for writing the Braille image format (by Samuel Thibault). * WebP writer: Support WebP 'use_sharp_yuv' option ("if needed, use sharp (and slow) RGB->YUV conversion") via `-define webp:use-sharp-yuv=true`. * The version command output now reports the OpenMP specification number rather than just the integer version identifier. API Updates: * ReallocateImageColormap() added to re-allocate an existing colormap. * Some improperly-exposed globals are now static as they should have been. * The 'benchmark' command now shows 6 digits (microseconds) of elapsed time indication. * The 'time' command now shows 6 digits (microseconds) of elapsed time indication. * The logging facility now shows 6 digits (microseconds) of time resolulution * Dcraw: When QuantumDepth is greater than 8, pass -6 option to dcraw so that it returns a 16-bit/sample image. * Dcraw: If Dcraw supports TIFF format, then request TIFF format in order to be able to acquire more metatdata. * Scale algorithm: Eliminate artifacts when scaling an image with semi-transparent pixels. * Library metrics: The number of shared library relocations and the amount of initialized data has been signficantly reduced by following recommendations from Ulrich Drepper's document `How To Write Shared Libraries `_. (Security) Bug Fixes: * see NEWS.txt * fixes [bsc#1138425]- asan_build: build ASAN included - debug_build: build more suitable for debugging- update to 1.3.31: Special Issues: * Firmware and operating system updates to address the Spectre vulnerability (and possibly to some extent the Meltdown vulnerability) have substantially penalized GraphicsMagick's OpenMP performance. Performance is reduced even with GCC 7 and 8's improved optimizers. There does not appear to be anything we can do about this. Security Fixes: * GraphicsMagick is now participating in Google's oss-fuzz project due to the contributions and assistance of Alex Gaynor. Bug fixes: * See above note about oss-fuzz fixes. * CINEON: Fix unexpected hang on a crafted Cineon image. SourceForge issue 571. * Drawing recursion is limited to 100 and may be tuned via the MAX_DRAWIMAGE_RECURSION pre-processor definition. * Fix reading MIFF files using legacy keyword 'color-profile' for ICC color profile as was used by ImageMagick 4.2.9. * Fix reading/writing files when 'magick' is specified in lower case. This bug was a regression in 1.3.30. New Features: * TIFF: Support Zstd compression in TIFF. This requires libtiff 4.0.10 or later. * TIFF: Support WebP compression in TIFF. This requires libtiff 4.0.10 or later. API Updates: * MagickMonitor() is marked as deprecated. - see NEWS.txt for more details- disable PS, PS2, PS3 and PDF coders by default, remove gs calls from delegates.mgk [bsc#1105592] + GraphicsMagick-disable-insecure-coders.patch- update to 1.3.30: * Security Fixes: . GraphicsMagick is now participating in Google's oss-fuzz project due to the contributions and assistance of Alex Gaynor. Since February 4 2018, 238 issues have been opened by oss-fuzz and 230 of those issues have been resolved. The issues list is available at https://bugs.chromium.org/p/oss-fuzz/issues/list under search term "graphicsmagick". Issues are available for anyone to view and duplicate if they have been in "Verified" status for 30 days, or if they have been in "New" status for 90 days. There are too many fixes to list here. Please consult the GraphicsMagick ChangeLog file, Mercurial repository commit log, and the oss-fuzz issues list for details. . SVG/Rendering: Fix heap write overflow of PrimitiveInfo and PointInfo arrays. This is another manefestation of CVE-2016-2317, which should finally be fixed correctly due to active detection/correction of pending overflow rather than using estimation. * Bug fixes: . Many oss-fuzz fixes are bug fixes. . Drawing/Rendering: Many more fixes by Gregory J Wolfe (see the ChangeLog). . MIFF: Detect end of file while reading image directory. . SVG: Many more fixes by Gregory J Wolfe (see the ChangeLog). . The AlphaCompositePixel macro was producing wrong results when the output alpha value was not 100% opaque. This is a regression introduced in 1.3.29. . TILE: Fix problem with tiling JPEG images because the size request used by the TILE algorithm was also causing re-scaling in the JPEG reader. The problem is solved by stripping the size request before reading the image. * API Updates: . The size of PrimitiveInfo (believed to be an internal/private structure but in a header which is installed, has been increased to store a 'flags' argument. This is intended to be an internal interface but but may be detected as an ABI change. * Behavior Changes: . JPEG: The JPEG reader now allows 3 warnings of any particular type before giving up on reading and throwing an exception. This choice was made after observing files which produce hundreds of warnings and consume massive amounts of memory before reading the image data has even started. It is currently unknown how many files which were previously accepted will be rejected by default. The number of allowed warnings may be adjusted using '-define jpeg:max-warnings='. The default limit will be adjusted based on reported user experiences and may be adjusted prior to compilation via the MaxWarningCount definition in coders/jpeg.c.- update to 1.3.29: * Security Fixes: . GraphicsMagick is now participating in Google's oss-fuzz project . JNG: Require that the embedded JPEG image have the same dimensions as the JNG image as provided by JHDR. Avoids a heap write overflow. . MNG: Arbitrarily limit the number of loops which may be requested by the MNG LOOP chunk to 512 loops, and provide the '-define mng:maximum-loops=value' option in case the user wants to change the limit. This fixes a denial of service caused by large LOOP specifications. * Bug fixes: . DICOM: Pre/post rescale functions are temporarily disabled (until the implementation is fixed). . JPEG: Fix regression in last release in which reading some JPEG files produces the error "Improper call to JPEG library in state 201". . ICON: Some DIB-based Windows ICON files were reported as corrupt to an unexpectedly missing opacity mask image. . In-memory Blob I/O: Don't implicitly increase the allocation size due to seek offsets. . MNG: Detect and handle failure to allocate global PLTE. Fix divide by zero. . DrawGetStrokeDashArray(): Check for failure to allocate memory. . BlobToImage(): Now produces useful exception reports to cover the cases where 'magick' was not set and the file format could not be deduced from its header. * API Updates: . Wand API: Added MagickIsPaletteImage(), MagickIsOpaqueImage(), MagickIsMonochromeImage(), MagickIsGrayImage(), MagickHasColormap() based on contributions by Troy Patteson. . New structure ImageExtra added and Image 'clip_mask' member is replaced by 'extra' which points to private ImageExtra allocation. The ImageGetClipMask() function now provides access to the clip mask image. . New structure DrawInfoExtra and DrawInfo 'clip_path' is replaced by 'extra' which points to private DrawInfoExtra allocation. The DrawInfoGetClipPath() function now provides access to the clip path. . New core library functions: GetImageCompositeMask(), CompositeMaskImage(), CompositePathImage(), SetImageCompositeMask(), ImageGetClipMask(), ImageGetCompositeMask(), DrawInfoGetClipPath(), DrawInfoGetCompositePath() . Deprecated core library functions: RegisterStaticModules(), UnregisterStaticModules(). * Feature improvements: . Static modules (in static library or shared library without dynamically loadable modules) are now lazy-loaded using the same external interface as the lazy-loader for dynamic modules. This results in more similarity between the builds and reduces the fixed initialization overhead by only initializing the modules which are used. . SVG: The quality of SVG support has been significantly improved due to the efforts of Greg Wolfe. . FreeType/TTF rendering: Rendering fixes for opacity.- Add explicit buildrequires on: pkgconfig(libwebpmux), pkgconfig(libpng), pkgconfig(x11), pkgconfig(xext), pkgconfig(zlib), libjpeg-devel. all of them direct build dependencies but not included in the spec file- update to 1.3.28: * Security Fixes: BMP: Fix non-terminal loop due to unexpected bit-field mask value (DOS opportunity). PALM: Fix heap buffer underflow in builds with QuantumDepth=8. SetNexus() Fix heap overwrite under certain conditions due to using a wrong destination buffer. This issue impacts all 1.3.X releases. TIFF: Fix heap buffer read overflow in LocaleNCompare() when parsing NEWS profile. * Bug fixes: DescribeImage(): Eliminate possible use of null pointer. GIF: Fix memory leak of global colormap in error path. GZ: Writing to gzip files with the extension ".gz" was not working with Zlib 1.2.8. JNG: Fix buffer read overflow (a tiny fixed overflow of just one byte). JPEG: Promoting certain libjpeg warnings to errors caused much more problems than expected. The promotion of warnings to errors is removed. Claimed pixel dimensions are validated by file size before allocating memory for the pixels. IntegralRotateImage(): Assure that reported error in rotate by 270 case does immediately terminate processing. MNG: Fix possible null pointer reference related to DEFI chunk parsing. Fix minor heap read overflow (constrained to just one byte) due to an ordering issue in a limit check. Fix memory leaks in error path. WebP: Fix stack buffer overflow in WriteWEBPImage() which occurs with libwebp 0.5.0 or newer due to a structure type change in the structure passed to the progress monitor callback. WPG: Memory leaks fixed. * API Updates: InterpolateViewColor(): This function now returns MagickPassFail (an unsigned int) rather than void so that errors can be efficiently reported. The magick/pixel_cache.h header is updated to add deprecation attributes such that code using GetPixels(), GetIndexes(), and GetOnePixel() will produce deprecation warnings for compilers which support them. These functions will not be removed in the 1.3.X release series and when they are removed, pre-processor macros will be added so a replacement function is used instead. There is a long-term objective to eliminate functionally-redundant pixel cache functions to only the ones with the best properties since this reduces maintenance and may reduce the depth of the call stack (improving performance). * removed unneded GraphicsMagick-release-date-missing-quote.patch- update to 1.3.27: * New Features: . PNG: Implemented eXIf chunk support. . WEBP: Add support for EXIF and ICC metadata provided that at least libwebp 0.5.0 is used. . Magick++ Image autoOrient(): New Image method to auto-orient an image so it looks right-side up by default. * Behavior Changes: . PALM: PALM writer is disabled. . ThrowLoggedException(): Capture the first exception at ErrorException level or greater, or only capture exception if it is more severe than an already reported exception. . DestroyJNG(): This internal function is now declared static and is removed from shared library or DLL namespace. * lot of security and other bug fixes, see https://sourceforge.net/projects/graphicsmagick/files/graphicsmagick/1.3.27/ - added GraphicsMagick-release-date-missing-quote.patch- builds for sle11- fix perl bindings + GraphicsMagick-perl-linkage.patch from fedora - turn on perl test suite- Trim descriptions. Redo summaries and RPM groups.- Drop patches not meintioned in the changelog ever: * GraphicsMagick-debian-fixed.patch * GraphicsMagick-include.patch * GraphicsMagick-perl-link.patch * The package builds just fine without them and there is no refference explaining it - Convert the deps to pkgconfig variants where possible.- Version update to 1.3.26: * DPX: Fix excessive use of memory (DOS issue) due to file header claiming large image dimensions but insufficient backing data. (CVE-2017-10799 bsc#1047054). * JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350). * MAT: Fix excessive use of memory (DOS issue) due to continuing processing with insufficient data and claimed large image size. Verify each file extent to make sure that it is within range of file size. (CVE-2017-10800 bsc#1047044). * META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800). * PCX: Fix denial of service issue. * RLE: Fix abnomally slow operation (denial of service issue) with intentionally corrupt colormapped file. * PICT: Fix possible buffer overflow vulnerability given suitably truncated input file. * PNG: Enforce spec requirement that the dimensions of the JPEG embedded in a JDAT chunk must match the JHDR dimensions (CVE-2016-9830). * PNG: Avoid NULL dereference when MAGN chunk processing fails. * SCT: Fix stack-buffer read overflow (underflow?) while reading SCT header. * SGI: Fix denial of service issues. Delay large memory allocations until file header has fully passed sanity checks. * TIFF: Fix out of bounds read when reading CMYKA TIFF which claims to have only 2 samples per pixel (CVE-2017-6335 bsc#1027255). * TIFF: Fix out of bounds read when reading RGB TIFF which claims to have only 1 sample per pixel (CVE-2017-10794). * WPG: Fix heap overflow (CVE-2016-7996). Fix assertion crash (CVE-2016-7997). * DifferenceImage(): Fix Fix all-black difference image if an input file is colormapped. * EXIF orientation was not being properly detected for some files. * -frame: The `import` command -frame handling was improperly implemented and was using already freed data. * GIF: Fixes for "Excessive LZW string data" problem. * Magick++: Bug fixes to PathSmoothCurvetoRel::operator() and PathSmoothCurvetoRel::operator(). * PAM: Support writing GRAYSCALE PAM format. * PNG: Fix memory leaks. * SVG: Fixed a memory leak. Fixed a possible null pointer dereference. * TclMagick: Problem that TkMagick could not resolve functions from TclMagick under Linux is fixed. * TclMagick: Fix parser validatation in magickCmd() to avoid crash given a syntax error. * TIFF: Fix for reading old JPEG files (avoids "Improper call to JPEG library in state 0. (LibJpeg)."). * TXT: Fixed memory leak. * XCF: Error checking is improved. * EXIF rotation: Support is added such that the EXIF orientation tag is updated when the image is rotated. * MAT: Now support reading multiple images from Matlab V4 format. * Magick++: Orientation method now updates orientation in EXIF profile, if it exists. * Magick++: Added Image attribute method which accepts a 'char *' argument, and will remove the attribute if the value argument is NULL. * -orient: The -orient command line option now also updates the orientation in the EXIF profile, if it exists. * PGX: Support PGX JPEG 2000 format for reading and writing (within the bounds of what JasPer supports). * Wand API: Added MagickAutoOrientImage(), MagickGetImageOrientation(), MagickSetImageOrientation(), MagickRemoveImageOption(), and MagickClearException(). - Drop merged patch GraphicsMagick-CVE-2017-8350.patch- complementary fix for CVE-2017-8350 [bsc#1036985 c13-c21] * GraphicsMagick-CVE-2017-8350.patch- update to 1.3.25: * EscapeParenthesis(): I was notified by Gustavo Grieco of a heap overflow in EscapeParenthesis() used in the text annotation code. While not being able to reproduce the issue, the implementation of this function is completely redone. * Utah RLE: Reject truncated/absurd files which caused huge memory allocations and/or consumed huge CPU. Problem was reported by Agostino Sarubbo based on testing with AFL. * SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in the MVG rendering code (also impacts SVG). * TIFF: Fix heap buffer read overflow while copying sized TIFF attributes. Problem was reported by Agostino Sarubbo based on testing with AFL.- Build "gm" as position independend executable (PIE).- updated to 1.3.24: * many security related changes (incl. CVE-2016-5118), see ChangeLog - removed patches: * GraphicsMagick-CVE-2016-5118.patch * GraphicsMagick-upstream-delegates-safer.patch * GraphicsMagick-upstream-disable-mvg-ext.patch * GraphicsMagick-upstream-disable-tmp-magick-prefix.patch * GraphicsMagick-upstream-image-sanity-check.patch- security update: * CVE-2016-5118 [bsc#982178] + GraphicsMagick-CVE-2016-5118.patch- Multiple security issues in GraphicsMagick/ImageMagick [boo#978061] (CVE-2016-3714, CVE-2016-3718, CVE-2016-3715, CVE-2016-3717) * GraphicsMagick-upstream-delegates-safer.patch * GraphicsMagick-upstream-disable-mvg-ext.patch * GraphicsMagick-upstream-disable-tmp-magick-prefix.patch * GraphicsMagick-upstream-image-sanity-check.patch- Update to version 1.3.23 * See included NEWS.txt for details- Update to version 1.3.22 * See included NEWS.txt for details- Update to version 1.3.21 * See included NEWS.txt for detailsnebbiolo 1649834261  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQ1.3.35-150300.3.3.11.3.35-150300.3.3.11.3.351.3.35 GraphicsMagick-configGraphicsMagickWand-configGraphicsMagickmagickanalyze.hapi.hattribute.haverage.hblob.hcdl.hchannel.hcolor.hcolor_lookup.hcolormap.hcolorspace.hcommand.hcommon.hcompare.hcomposite.hcompress.hconfirm_access.hconstitute.hdecorate.hdelegate.hdeprecate.hdescribe.hdraw.heffect.henhance.herror.hforward.hfx.hgem.hgradient.hhclut.himage.hlist.hlog.hmagic.hmagick.hmagick_config.hmagick_types.hmemory.hmodule.hmonitor.hmontage.hoperator.hpaint.hpixel_cache.hpixel_iterator.hplasma.hprofile.hquantize.hrandom.hregistry.hrender.hresize.hresource.hshear.hsignature.hstatistics.hsymbols.htexture.htimer.htransform.htype.hutility.hversion.hwanddrawing_wand.hmagick_wand.hpixel_wand.hwand_api.hwand_symbols.hmodules-Q16libGraphicsMagick.solibGraphicsMagickWand.soGraphicsMagick.pcGraphicsMagickWand.pcGraphicsMagick-config.1.gzGraphicsMagickWand-config.1.gz/usr/bin//usr/include//usr/include/GraphicsMagick//usr/include/GraphicsMagick/magick//usr/include/GraphicsMagick/wand//usr/lib64/GraphicsMagick-1.3.35//usr/lib64//usr/lib64//usr/lib64/pkgconfig//usr/share/man/man1/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:23717/SUSE_SLE-15-SP3_Update/1677e7a2107a8fbf853649aac4cbf5f3-GraphicsMagick.SUSE_SLE-15-SP3_Updatedrpmxz5ppc64le-suse-linuxPOSIX shell script, ASCII text executabledirectoryC source, ASCII textC source, ISO-8859 textASCII textpkgconfig filetroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)RRPRPRRb[J|źVW utf-859cdad6b6e778d6d85f93c538445205502cbeb62fb920c75c2828c68fae1fb9e? 7zXZ !t/^n]"k%-FB>f F)5VE{kϷ۞}ܱCt( < h= D= f m֩+L^}AuQ'ZװX `qnA*1_SC42t@tz)?,B_56)QL[lgTQ*¹yo9f~'ϳ |hÐ}.u'|*ѧjn*ʱ*먟Ȋ[B¦)DZy03er3_q3͈^a/L6(D|']%ZIΩ Xw텝/S~[O;VPXK՞Yʹo3&c˯9}+O}UbѓؑE@mHEÚq_diVMAר׸`-mY⒓*M:8~J 7'tEЧ̺Z#[%؍x)jXhE1 Xr[C'EOl&[`Q<1 X%szg`{d2![ۍ b !c[)e{xGDDBI]+N۹7;mȊ)0{,PzY;M?2Y%ʫva ,bC1 YZ