Updated GraphicsMagick to 1.3.25.

1.3.25 (September 5, 2016)
==========================

Special Issues:

* None

Security Fixes:

* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
  overflow in EscapeParenthesis() used in the text annotation code.
  While not being able to reproduce the issue, the implementation of
  this function is completely redone.

* Utah RLE: Reject truncated/absurd files which caused huge memory
  allocations and/or consumed huge CPU.  Problem was reported by
  Agostino Sarubbo based on testing with AFL.

* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
  the MVG rendering code (also impacts SVG).

* TIFF: Fix heap buffer read overflow while copying sized TIFF
  attributes.  Problem was reported by Agostino Sarubbo based on
  testing with AFL.

Bug fixes:

* GetToken(): Fix obscure bug (read beyond end of string buffer)
  noticed while parsing a MVG file.  This problem was reported by
  Gustavo Grieco.

* MVG rendering: Fix undesired hard errors when some objects were
  drawn outside of the image bounds.  Requests to draw objects
  entirely outside of the image should be silently ignored.

* MVG/SVG rendering: Fix gradient size sanity checks which were
  causing gradient requests to fail.  Due to a design weakness in that
  gradient images allocate resources rather than being computations at
  point of use, the maximum gradient image size is now hard-limited to
  5000x5000 pixels until the design problem is fixed.  Some SVG icons
  (as small as 8x8 pixels) authored using Inkscape request absurdly
  huge gradients.  Gradient sizes as large as 20,000x20,000 have been
  observed in SVG icon files delivered by packages on an Ubuntu Linux
  system.

* SVG: Fix some memory leaks which occur on parsing error.

New Features:

* None

Feature improvements:

* ElapsedTime(): Use clock_gettime() (when available with default
  linkage) to obtain elapsed time.

* DescribeImage(): Provide 6 digits of seconds precision in in elapsed
  time output.  Previously the resolution was rounded up to a full
  second.

Windows Delegate Updates/Additions:

* webp: Updated bundled libwebp to release 0.5.1.

* libxml: Updated bundled libxml2 to release 2.9.4.

* lcms: Updated bundled lcms2 to release 2.8.

* png: Update bundled libpng to release 1.6.24.

Build Changes:

* OpenMP is properly configured for clang 3.8 using its own '-lomp'
  rather than '-lgomp'.

Behavior Changes:

* SVG: Some SVG files may be rejected due to absurdly large gradient
  requests.

* The 'identify' and 'info' functionality only shows the pixel read
  rate if image was not read in 'ping' mode. Provide 6 digits of
  seconds precision in in elapsed time output.

4 files changed, 10 insertions, 10 deletions

diff --git a/graphics/GraphicsMagick/Makefile b/graphics/GraphicsMagick/Makefile
index 94d0fdb7e02..8e984960c41 100644
--- a/graphics/GraphicsMagick/Makefile
+++ b/graphics/GraphicsMagick/Makefile
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.77 2016/07/09 06:38:19 wiz Exp $
+# $NetBSD: Makefile,v 1.78 2016/09/07 06:29:31 wiz Exp $
 
-PKGREVISION= 1
 .include "Makefile.common"
 
 MAINTAINER=	pkgsrc-users@NetBSD.org
diff --git a/graphics/GraphicsMagick/Makefile.common b/graphics/GraphicsMagick/Makefile.common
index 3b8a2f2002d..23648728bda 100755
--- a/graphics/GraphicsMagick/Makefile.common
+++ b/graphics/GraphicsMagick/Makefile.common
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.14 2016/06/06 11:46:04 wiz Exp $
+# $NetBSD: Makefile.common,v 1.15 2016/09/07 06:29:31 wiz Exp $
 # used by graphics/GraphicsMagick/Makefile
 # used by graphics/p5-GraphicsMagick/Makefile
 
 GM_MAJOR_VER=	1.3
-GM_MINOR_VER=	24
+GM_MINOR_VER=	25
 DISTVERSION=	${GM_MAJOR_VER}.${GM_MINOR_VER}
 DISTNAME=	GraphicsMagick-${DISTVERSION}
 CATEGORIES=	graphics
diff --git a/graphics/GraphicsMagick/PLIST b/graphics/GraphicsMagick/PLIST
index bed576d295e..39df7407f23 100644
--- a/graphics/GraphicsMagick/PLIST
+++ b/graphics/GraphicsMagick/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.23 2016/06/06 11:46:04 wiz Exp $
+@comment $NetBSD: PLIST,v 1.24 2016/09/07 06:29:31 wiz Exp $
 bin/GraphicsMagick++-config
 bin/GraphicsMagick-config
 bin/GraphicsMagickWand-config
@@ -367,6 +367,7 @@ share/doc/GraphicsMagick/www/programming.html
 share/doc/GraphicsMagick/www/project.html
 share/doc/GraphicsMagick/www/quantize.html
 share/doc/GraphicsMagick/www/reference.html
+share/doc/GraphicsMagick/www/security.html
 share/doc/GraphicsMagick/www/smile.c
 share/doc/GraphicsMagick/www/time.html
 share/doc/GraphicsMagick/www/tools.html
diff --git a/graphics/GraphicsMagick/distinfo b/graphics/GraphicsMagick/distinfo
index 8bb02f39fa7..7517308cfba 100644
--- a/graphics/GraphicsMagick/distinfo
+++ b/graphics/GraphicsMagick/distinfo
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.41 2016/06/06 11:46:04 wiz Exp $
+$NetBSD: distinfo,v 1.42 2016/09/07 06:29:31 wiz Exp $
 
-SHA1 (GraphicsMagick-1.3.24.tar.xz) = 4f208b7bda9f139ca22d9921758452bb9915334e
-RMD160 (GraphicsMagick-1.3.24.tar.xz) = 1670b2d5712cdff2010d2936ad427977195bfaa2
-SHA512 (GraphicsMagick-1.3.24.tar.xz) = d55f8b7d96bc746e2b501ec6315f174f2ab5f6b31a1d138196bf17b506e6d0c2b91ee19f5dd0a2877cd47910aebdcf11158303e90b1b267c6082d462f8548684
-Size (GraphicsMagick-1.3.24.tar.xz) = 5372048 bytes
+SHA1 (GraphicsMagick-1.3.25.tar.xz) = 0dcf4c1f6f3ead29147ea0392a148ce50cd64bb4
+RMD160 (GraphicsMagick-1.3.25.tar.xz) = 6a4e8c415c3d268a46f1327c819d7ec2afd9bc60
+SHA512 (GraphicsMagick-1.3.25.tar.xz) = d62d6aee96d7b8444f1aa206b0c5cbbed9511612cb71d667af072ea52b68dcd11088699debc58faacbb014ad83fb8c2b3e474220f506069f7b5d22f0340f8ef8
+Size (GraphicsMagick-1.3.25.tar.xz) = 5387880 bytes
 SHA1 (patch-config_delegates.mgk.in) = c7a38daeeccd12e19480d1222e400899da1d4153