diff options
author | adam <adam> | 2012-11-03 20:45:46 +0000 |
---|---|---|
committer | adam <adam> | 2012-11-03 20:45:46 +0000 |
commit | 8e3613a1c6dfd82b117d99182f3671bc466bed41 (patch) | |
tree | ecdd261ad731a3519d3534c0d6f17c39fd8ff451 /graphics/GraphicsMagick | |
parent | 4244ce763f04b29fb42d094c8b31f39f311750ac (diff) | |
download | pkgsrc-8e3613a1c6dfd82b117d99182f3671bc466bed41.tar.gz |
Changes 1.3.17:
Security Fixes:
* PNG: Fix for CVE-2012-3438. The Magick_png_malloc function in
coders/png.c in GraphicsMagick 6.7.8-6 does not use the proper
variable type for the allocation size, which might allow remote
attackers to cause a denial of service (crash) via a crafted PNG
file that triggers incorrect memory allocation.
* Automake (derived): Fix for CVE-2012-3386: The "make distcheck"
rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants
world-writable permissions to the extraction directory, which
introduces a race condition that allows local users to execute
arbitrary code via unspecified vectors.
Bug fixes:
* PNG: Reading sub-8-bit palette images is fixed (images looked
stretched).
* SVG: Fixed bug which allowed MVG and SVG files with long vector
paths to crash the software.
* SVG: Ignore XML headers rather than rendering them as text.
* MVG/SVG/WMF/-draw: It is now possible to draw a plain ','
character.
* WMF: Fixed a bug which caused wrong centered-text placement.
* import: Return status was inverted.
* configure: Don't force that liblzma is used just because libtiff
is used.
New Features:
* The configure script now supports a --enable-quantum-library-names
option to enable that shared library name includes quantum depth
to allow shared libraries with different quantum depths to
co-exist in same directory (only one can be used for development).
* JNX: Support is added for reading the Garmin proprietary Image
Format.
* BMP: Support an alpha channel in uncompressed 32-bit BMP.
Feature improvements:
* -lat: The adaptive threshold algorithm is replaced with a new
algorithm which scales linearly (rather than quadratically) with
area size.
* Tests: Test suite is re-written to use TAP-based tests.
* GIF: Reader tries to be better at detecting and reporting
failures.
Performance Improvements:
* -lat: Adaptive threshold is much faster with large area sizes.
Windows Delegate Updates:
* Dcraw 9.16 is now included in the build (with JPEG and JPEG2000
support).
* Libxml2 is updated to the 2.9.0 release.
* Libtiff is updated to the 4.0.3 release.
* Lcms2 is updated to the 2.4 release.
* Libpng is updated to the 1.5.13 release.
Behavior Changes:
* Loading modules is only supported for the modules build.
Previously any build using shared libraries could load modules.
* Bundled libltdl is now configured as 'installable' rather than
'convenience'.
* -enhance: Only filter based on color channels (ignore opacity).
* BrowseDelegate: Web browser (for viewing help information) now
defaults to 'xdg-open', but if it is not found, then configure
will search for firefox, google-chrome, mozilla (in that order).
Diffstat (limited to 'graphics/GraphicsMagick')
-rw-r--r-- | graphics/GraphicsMagick/Makefile | 35 | ||||
-rwxr-xr-x | graphics/GraphicsMagick/Makefile.common | 15 | ||||
-rw-r--r-- | graphics/GraphicsMagick/PLIST | 5 | ||||
-rw-r--r-- | graphics/GraphicsMagick/buildlink3.mk | 4 | ||||
-rw-r--r-- | graphics/GraphicsMagick/distinfo | 9 | ||||
-rw-r--r-- | graphics/GraphicsMagick/patches/patch-coders_png.c | 44 |
6 files changed, 30 insertions, 82 deletions
diff --git a/graphics/GraphicsMagick/Makefile b/graphics/GraphicsMagick/Makefile index 92ea81705d7..ae30b2dec9f 100644 --- a/graphics/GraphicsMagick/Makefile +++ b/graphics/GraphicsMagick/Makefile @@ -1,30 +1,29 @@ -# $NetBSD: Makefile,v 1.51 2012/10/06 14:10:39 asau Exp $ -# +# $NetBSD: Makefile,v 1.52 2012/11/03 20:45:46 adam Exp $ .include "Makefile.common" -PKGREVISION= 2 - MAINTAINER= pkgsrc-users@NetBSD.org HOMEPAGE= http://www.graphicsmagick.org/ COMMENT= X application for displaying and manipulating images -#LICENSE= mit AND # see ${WRKSRC}/Copyright.txt +LICENSE= mit DEPENDS+= urw-fonts-[0-9]*:../../fonts/urw-fonts -USE_LANGUAGES= c c++ -USE_LIBTOOL= yes -USE_TOOLS+= gmake pkg-config gs:run -USE_FEATURES= vsnprintf # optional but recommended for security -GNU_CONFIGURE= yes - -CONFIGURE_ARGS+= --with-modules=yes +USE_LANGUAGES= c c++ +USE_LIBTOOL= yes +USE_TOOLS+= gmake pkg-config gs:run +USE_FEATURES= vsnprintf # optional but recommended for security +GNU_CONFIGURE= yes CONFIGURE_ARGS+= --enable-shared +CONFIGURE_ARGS+= --with-modules=yes CONFIGURE_ARGS+= --with-gs-font-dir=${URW_FONTS_DIR}/share/fonts/urw +CONFIGURE_ARGS+= --with-ltdl-include=${BUILDLINK_PREFIX.libltdl}/include +CONFIGURE_ARGS+= --with-ltdl-lib=${BUILDLINK_PREFIX.libltdl}/lib +CONFIGURE_ARGS+= --without-perl -PKGCONFIG_OVERRIDE+= magick/GraphicsMagick.pc.in \ - wand/GraphicsMagickWand.pc.in \ - Magick++/lib/GraphicsMagick++.pc.in +PKGCONFIG_OVERRIDE+= magick/GraphicsMagick.pc.in +PKGCONFIG_OVERRIDE+= wand/GraphicsMagickWand.pc.in +PKGCONFIG_OVERRIDE+= Magick++/lib/GraphicsMagick++.pc.in TEST_TARGET= check @@ -33,16 +32,12 @@ FIND_PREFIX:= URW_FONTS_DIR=urw-fonts .include "options.mk" -CONFIGURE_ARGS+= --without-perl -CONFIGURE_ARGS+= --with-ltdl-include=${BUILDLINK_PREFIX.libltdl}/include -CONFIGURE_ARGS+= --with-ltdl-lib=${BUILDLINK_PREFIX.libltdl}/lib - .include "../../devel/libltdl/buildlink3.mk" .include "../../devel/zlib/buildlink3.mk" .include "../../graphics/freetype2/buildlink3.mk" .include "../../graphics/jbigkit/buildlink3.mk" .include "../../mk/jpeg.buildlink3.mk" -.include "../../graphics/lcms/buildlink3.mk" +.include "../../graphics/lcms2/buildlink3.mk" .include "../../graphics/png/buildlink3.mk" .include "../../graphics/tiff/buildlink3.mk" .include "../../textproc/libxml2/buildlink3.mk" diff --git a/graphics/GraphicsMagick/Makefile.common b/graphics/GraphicsMagick/Makefile.common index 7449597cf8d..f8de13f6711 100755 --- a/graphics/GraphicsMagick/Makefile.common +++ b/graphics/GraphicsMagick/Makefile.common @@ -1,16 +1,15 @@ -# $NetBSD: Makefile.common,v 1.6 2012/06/24 02:03:45 obache Exp $ +# $NetBSD: Makefile.common,v 1.7 2012/11/03 20:45:46 adam Exp $ # # used by graphics/p5-GraphicsMagick/Makefile -GM_MAJOR_VER= 1.3 -GM_MINOR_VER= 16 -DISTVERSION= ${GM_MAJOR_VER}.${GM_MINOR_VER} -DISTNAME= GraphicsMagick-${DISTVERSION} - +GM_MAJOR_VER= 1.3 +GM_MINOR_VER= 17 +DISTVERSION= ${GM_MAJOR_VER}.${GM_MINOR_VER} +DISTNAME= GraphicsMagick-${DISTVERSION} +CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=graphicsmagick/} \ ftp://ftp.graphicsmagick.org/pub/GraphicsMagick/${GM_MAJOR_VER}/ - -CATEGORIES= graphics +EXTRACT_SUFX= .tar.xz DISTINFO_FILE= ${.CURDIR}/../../graphics/GraphicsMagick/distinfo #FILESDIR= ${.CURDIR}/../../graphics/GraphicsMagick/files diff --git a/graphics/GraphicsMagick/PLIST b/graphics/GraphicsMagick/PLIST index 81af4f19dd9..89403582f89 100644 --- a/graphics/GraphicsMagick/PLIST +++ b/graphics/GraphicsMagick/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.17 2012/02/26 12:22:06 obache Exp $ +@comment $NetBSD: PLIST,v 1.18 2012/11/03 20:45:46 adam Exp $ bin/GraphicsMagick++-config bin/GraphicsMagick-config bin/GraphicsMagickWand-config @@ -115,6 +115,7 @@ lib/${PKGNAME}/modules-Q8/coders/icon.la lib/${PKGNAME}/modules-Q8/coders/identity.la lib/${PKGNAME}/modules-Q8/coders/info.la lib/${PKGNAME}/modules-Q8/coders/jbig.la +lib/${PKGNAME}/modules-Q8/coders/jnx.la ${PLIST.jasper}lib/${PKGNAME}/modules-Q8/coders/jp2.la lib/${PKGNAME}/modules-Q8/coders/jpeg.la lib/${PKGNAME}/modules-Q8/coders/label.la @@ -245,12 +246,10 @@ share/doc/GraphicsMagick/www/Magick++/Drawable_example_1.png share/doc/GraphicsMagick/www/Magick++/Enumerations.html share/doc/GraphicsMagick/www/Magick++/Exception.html share/doc/GraphicsMagick/www/Magick++/FormatCharacters.html -share/doc/GraphicsMagick/www/Magick++/Future.html share/doc/GraphicsMagick/www/Magick++/Geometry.html share/doc/GraphicsMagick/www/Magick++/Image.html share/doc/GraphicsMagick/www/Magick++/Image.png share/doc/GraphicsMagick/www/Magick++/ImageDesign.html -share/doc/GraphicsMagick/www/Magick++/Install.html share/doc/GraphicsMagick/www/Magick++/Montage.html share/doc/GraphicsMagick/www/Magick++/PixelPacket.html share/doc/GraphicsMagick/www/Magick++/Pixels.html diff --git a/graphics/GraphicsMagick/buildlink3.mk b/graphics/GraphicsMagick/buildlink3.mk index 6c8f5fd6b2b..ec440e61d7d 100644 --- a/graphics/GraphicsMagick/buildlink3.mk +++ b/graphics/GraphicsMagick/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.25 2012/05/07 01:53:31 dholland Exp $ +# $NetBSD: buildlink3.mk,v 1.26 2012/11/03 20:45:46 adam Exp $ BUILDLINK_TREE+= GraphicsMagick @@ -32,7 +32,7 @@ pkgbase := GraphicsMagick .include "../../devel/zlib/buildlink3.mk" .include "../../devel/libltdl/buildlink3.mk" .include "../../graphics/freetype2/buildlink3.mk" -.include "../../graphics/lcms/buildlink3.mk" +.include "../../graphics/lcms2/buildlink3.mk" .include "../../mk/pthread.buildlink3.mk" .endif # GRAPHICSMAGICK_BUILDLINK3_MK diff --git a/graphics/GraphicsMagick/distinfo b/graphics/GraphicsMagick/distinfo index 3fcfd02e885..1cfc91f245c 100644 --- a/graphics/GraphicsMagick/distinfo +++ b/graphics/GraphicsMagick/distinfo @@ -1,6 +1,5 @@ -$NetBSD: distinfo,v 1.31 2012/07/30 09:25:29 wiz Exp $ +$NetBSD: distinfo,v 1.32 2012/11/03 20:45:46 adam Exp $ -SHA1 (GraphicsMagick-1.3.16.tar.gz) = f2ec0392d7a7d5cbe0d5bdff2931edbacedd73e9 -RMD160 (GraphicsMagick-1.3.16.tar.gz) = 75b12d2f0839ea384a3d861da6295995be11bfad -Size (GraphicsMagick-1.3.16.tar.gz) = 8736761 bytes -SHA1 (patch-coders_png.c) = 92e145867f767ba069fa5bb63a1b67bad946dbfa +SHA1 (GraphicsMagick-1.3.17.tar.xz) = 6428eb4bd19635c833750ac9d56c9b89bef4c975 +RMD160 (GraphicsMagick-1.3.17.tar.xz) = 3bcfb555a243c751f15b89d5359e83b888a57456 +Size (GraphicsMagick-1.3.17.tar.xz) = 5403300 bytes diff --git a/graphics/GraphicsMagick/patches/patch-coders_png.c b/graphics/GraphicsMagick/patches/patch-coders_png.c deleted file mode 100644 index 314f42f2413..00000000000 --- a/graphics/GraphicsMagick/patches/patch-coders_png.c +++ /dev/null @@ -1,44 +0,0 @@ -$NetBSD: patch-coders_png.c,v 1.3 2012/07/30 09:25:29 wiz Exp $ - -Tom Lane (tgl@redhat.com) found an issue in ImageMagick. Basically -CVE-2011-3026 deals with libpng memory allocation, limitations have been -added so that a bad PNG can't cause the system to allocate a lot of -memory causing a denial of service. However on further investigation of -ImageMagick Tom Lane found that PNG malloc function (Magick_png_malloc) -in turn calls AcquireMagickMemory with an improper size argument: - -#ifdef PNG_USER_MEM_SUPPORTED -static png_voidp Magick_png_malloc(png_structp png_ptr,png_uint_32 size) -{ - (void) png_ptr; - return((png_voidp) AcquireMagickMemory((size_t) size)); -} - -This is incorrect, the size argument should be declared -png_alloc_size_t according to 1.5, or png_size_t according to 1.2. - -"As this function stands, it invisibly does the wrong thing for any -request over 4GB. On big-endian architectures it very possibly will -do the wrong thing even for requests less than that. So the reason why -the hard-wired 4GB limit prevents a core dump is that it masks the ABI -mismatch here." - -So basically we have memory allocations problems that can probably -lead to a denial of service. - -For more information please see: - -https://bugzilla.redhat.com/show_bug.cgi?id=844101 -https://bugzilla.redhat.com/show_bug.cgi?id=844105 - ---- coders/png.c.orig 2012-06-23 20:10:10.000000000 +0000 -+++ coders/png.c -@@ -1360,7 +1360,7 @@ static void PNGWarningHandler(png_struct - } - - #ifdef PNG_USER_MEM_SUPPORTED --static png_voidp png_IM_malloc(png_structp png_ptr,png_uint_32 size) -+static png_voidp png_IM_malloc(png_structp png_ptr,png_alloc_size_t size) - { - (void) png_ptr; - return MagickAllocateMemory(png_voidp,(size_t) size); |