Date: Mon, 14 Nov 2016 18:33:11 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 214511] graphics/ImageMagick7: Update to 7.0.3-6 Message-ID: <bug-214511-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214511 Bug ID: 214511 Summary: graphics/ImageMagick7: Update to 7.0.3-6 Product: Ports & Packages Version: Latest Hardware: Any URL: https://github.com/ImageMagick/ImageMagick/blob/ImageM agick-6/ChangeLog OS: Any Status: New Keywords: needs-qa, patch, security Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: kwm@FreeBSD.org Reporter: vlad-fbsd@acheronmedia.com CC: ports-secteam@FreeBSD.org Flags: maintainer-feedback?(kwm@FreeBSD.org), merge-quarterly? Assignee: kwm@FreeBSD.org Created attachment 177002 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D177002&action= =3Dedit Bump IM7 to latest Please bump ImageMagick7 to latest version, 7.0.3-6. There are some security fixes there as well (no assigned CVEs as of yet, afaik). Summarized ChangeLog since 7.0.2-9: * Off by one memory allocation (reference https://github.com/ImageMagick/ImageMagick/issues/296). * The -extent option now matches the results of IMv6 (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=3D1&t=3D30= 779). * Prevent fault in MSL interpreter (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=3D3&t=3D30= 797). * Mask composite produces proper results for the convert utility (referen= ce http://www.imagemagick.org/discourse-server/viewtopic.php?f=3D3&t=3D296= 75). * Added layer RLE compression to the PSD encoder. * Fixed incorrect parsing with ordered dither. (reference https://github.com/ImageMagick/ImageMagick/issues/254) * Unit test pass again after small SUN image patch. * Fixed incorrect RLE decoding when reading a DCM image that contains multiple segments. * Fixed incorrect RLE decoding when reading an SGI image (reference=20 https://www.imagemagick.org/discourse-server/viewtopic.php?f=3D3&t=3D30= 514) * Added layer RLE compression to the PSD encoder. * Added define 'psd:preserve-opacity-mask' to preserve the opacity mask in a PSD file. * Fixed issue where the display window was used instead of the data window when reading EXR files (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=3D3&p=3D13= 7849). * Fixed reading DXT1 images with an alpha channel. * Fixed incorrect padding calculation in PSD encoder. * Added define 'psd:additional-info' to preserve the additional informati= on in a PSD file. * Prevent buffer overflow in BMP & SGI coders (bug report from pwchen&rayzhong of tencent). * Prevent buffer overflow and other problems in SIXEL, PDB, MAP, TIFF and CALS coders (bug report from Donghai Zhu). * The -stream option now increments the pixel pointer properly (reference https://www.imagemagick.org/discourse-server/viewtopic.php?f=3D3&t=3D30= 327). Note that vulnerability to CVE-2016-8866 (incomplete fix to CVE-2016-8862) still appears unfixed, but at least the bump covers many other fixes. https://blogs.gentoo.org/ago/2016/10/20/imagemagick-memory-allocation-failu= re-in-acquiremagickmemory-memory-c-incomplete-fix-for-cve-2016-8862/ Request merge to Quarterly, all the changes are bug or security fixes. Currently running Poudriere tests. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-214511-13>