From: Andrey Rahmatullin <wrar@altlinux.ru> To: devel@lists.altlinux.org Subject: Re: [devel] [cyber] I: Sisyphus-20080507 packages: +20! -5 +153 (7765) Date: Wed, 7 May 2008 11:08:24 +0600 Message-ID: <20080507050824.GP5811@wrars-comp.wrarsdomain> (raw) In-Reply-To: <20080507004124.GA19708@granary.armor.altlinux.org> [-- Attachment #1: Type: text/plain, Size: 9963 bytes --] Я хочу changelog policy. GraphicsMagick - An X application for displaying and manipulating images * Thu May 01 2008 Slava Dubrovskiy <dubrsl@altlinux> 1.2-alt1 - New version - Remove all patches - Update spec - Security fixes: + Fixes for CERT security alert TA04-217A described at "http://www.us-cert.gov/cas/techalerts/TA04-217A.html". + AVI, BMP, & DIB security fixes. + PSD security fixes. + P7 format security fix. + Fix EXIF IFD stack overflow vulnerability. + SGI security fix for RLE encoding (CVE-2006-4144) + XCF security fix (CVE-2006-3743) + PALM heap overflow fix (CVE-2006-5456) + DCM security fix (CVE-2006-5456) + Fix for shell command injection in delegate code via file names) (CVE-2005-4601). Delegate execution is much more secure now. + Don't use filenames as printf specifications (CVE-2006-0082). + Fix integer overflow in DCM coder (CVE-2007-1797). + XWD integer overflow fix (CVE-2007-1797). + Implementation has replaced usage of strcpy, strcat, and strncat with the more security conscious strlcat and strlcpy. + DCM, DIB, XCF, XBM, and XWD security fix for integer overflow vulnerability (IDefense 09.19.07). + Do not access X11 or invoke convenience or stealth delegate programs based on the file extension. In particular, these file extensions are rejected for consideration as a format specifier: 'autotrace', 'browse', 'dcraw', 'edit', 'gs-color', 'gs-color+alpha', 'gs-gray', 'gs-mono', 'launch', 'mpeg-encode', 'print', 'scan', 'show', 'win', 'xc', and 'x'. - Bug fixes: + Ghostscript sometimes displays an error message and fails, yet it returns a success error code to GraphicsMagick. Verify that Ghostscript has updated the output file before attempting to use it. + Fixed a configure script syntax error when testing for trio. + When requesting a list of formats, all of the modules in the module search path are considered. Previously only the modules in the same directory as the LOGO module were listed. + Ensure that an image clip mask is respected by the negate algorithm. + The BMP writer was sometimes writing incorrect BMP v4 files. + Support reading and writing large PCX files. + Fixed a bug which could cause possible truncation while cloning the image cache. + Ensure that MIFF files indicate the compression which was actually used. + Properly handle errors from libtiff so that corrupted images are not output. + Fix for stripped-TIFF reader. Discard extra samples beyond alpha in scanline TIFFs. + Endian option now controls TIFF byte-order rather than bit-order. + TIFF writer can now write to pipes and other non-seekable output destinations. + JBIG writer was writing empty files for some libjbig releases. + Improved handling of corrupt GIF files. + Handle large SUN format images. + Properly compute image depth for 16-bit SGI image files. + For the gmdisplay program, ensure that only RGB data is sent to Windows. + Many memory leak fixes. + PDF writer is fixed so that Ghoscript 8.5 doesn't warn about the output. + PDF writer now writes proper output with CCITT compression. + Properly use fseeko() and ftello() if they are available. + Fixed a infinite loop bug in the XWD reader. + Fix minor memory leak in ProfileImage(). + Fixed -level command parsing when a percent symbol is supplied within the argument rather than at the end. + Fix pixel scaling problem caused by floating point rounding error (noticed under AIX). + Fixed a memory leak in the GIF coder in the error return path. + Fix for SourceForge bug id 1353744 "MagickGetQuantumDepth doesn't work". + Fix for SourceForge bug id 1315109 "segfault in InitializeMagick(NULL)". + Fix for SourceForge bug id 1391421 "problem doing resize on 273x1 JPEG". + Fix for SourceForge bug id 1510075 "Failed to write PDF with JPEG compression". + Fix for SourceForge bug id 1572357 "GetOnePixel definition appears incorrect". + Fix for SourceForge bug id 1576616 Fix includedir variable in pkg-config files". + Fix for SourceForge bug id 1173713 "segfault in ModifyCache". + Fix for SourceForge bug id 1431805 "clip art wpg files cause access violation in graphics magick". + Fix for SourceForge bug id 1743141 "Affine matrix option parsing". + Fix for SourceForge bug id 1625477 "Memory leak reading layered PSD Image". + Fix for SourceForge bug id 1878992 "literal square brackets in file name cause large delay and bug id 1783209 "converting runs slowly when subimage is specified". + Fix for SourceForge bug id 1883527 "compression of tiff-file has no effect". + Successfully read files in the form "file[123]". + Fix reading 12-bit grayscale JPEG. + Set image depth appropriately when importing image from X11 display. + Fix map resource tracking. + Fix reading recent variants of ImageMagick's MIFF format. + Output bilevel TIFF meeting the TIFF Class F specification. - New Utilities: + A 'benchmark' subcommand is now available to benchmark the performance of any other arbitrary subcommand (e.g. 'convert'). - Feature improvements: + LZW compression is now enabled by default. + Support industry-standard subsampling notation like "4:2:2". + If gm is executed under a traditional alternate name (e.g. convert), it will invoke the appropriate sub-command. This allows use of hard links, symbolic links, or just copying 'gm' to the desired sub-command name in order to achieve 100% ImageMagick 5.5.2 utility compatibility. + Provide the --enable-magick-compat option when configuring to install ImageMagick utilities compatibility links. + Identify -verbose output includes normalized (0.0-1.0) statistics. + Identify and convert now print "pixels per second" rates to help evaluate performance. + Added the identify +ping option to force reading the complete file. + The display program now supports the +progress option to disable any visual progress indication (and hourglass cursor) while loading images. + Support writing grayscale TGA files. + Provide explicit support for Rec 601 and Rec 709 grayscale spaces. + Include some support for a log RGB space based on the 2.048 density range as defined for the Cineon Digital Film System. + Added utilities command-line support for industry standard subsampling notation like 4:4:4 and 4:2:2. + Use MAGICK_IOBUF_SIZE to tune the size of the I/O buffer. + Use -type Bilevel, Grayscale, TrueColor, or TrueColorMatte to influence the type of image that Ghostscript returns. + Use '-define tiff:fill-order={msb2lsb|lsb2msb}' to control TIFF bit fill order. + The -version option now dumps a feature list as well as the build options. + The -endian option now supports the option 'native'. + A -monitor is added to enable progress monitoring for the command line utilities. + Use the -output-directory option to 'mogrify' to send output files to the specified directory. + Use the -create-directories option in conjunction with -output-directory and 'mogrify' to create any necessary subdirectories. + A Pixels resource limit is added. Use '-limit Pixels value' to limit the maximum number of pixels in an image to 'value'. + The already supported option '-type Optimize' is now honored by formats that need to choose a subformat based on the properties of the image. Grueling tests of many/all pixels are not performed unless '-type Optimize' is supplied. + Added a a -set option to the composite, convert, display, mogrify, import commands in order to allow setting an image attribute. + Display utility no longer defaults to reading from standard input if stdin is not a tty. + May now be configured to use the umem memory allocation library available in Solaris 9, Update 3 and later, or from the portable umem project. - Coder additions/improvements: + Replaced existing DPX "support" with all-new DPX support conforming to the SMPTE 268M-2003 standard. + Cineon reader completely rewritten. + TIFF coder is completely re-written. Now supports reading and writing RGB, CMYK, and grayscale, scanline-oriented TIFF images with arbitrary (1 to 32 bits) depth. Includes support for tiled TIFF, floating point TIFF, LogLuv TIFF, BigTIFF, arbitrary depths, and associated alpha. + TIFF coder now supports retrieving and saving XMP profiles. + MATLAB support is much improved and supports writing as well. + WPG reader now supports CTM translations. + ART format now supports writing. + Support 32-bit raw RGB images. + Support 32-bit raw CMYK images. + Support 32-bit raw gray images. + JP2 coder reads images in YCbCr colorspace and retrieves an embedded ICC ICM color profile if present. - Performance improvments: + The DispatchImage() and ConstituteImage() functions incorporate special case code for BGR, BGRO, BGRP, RGB, RGBO, and I formats (8 bit only) in order to improve performance dramatically. + When writing very large JPEG images, don't enable Huffman compression since doing so requires libjpeg to buffer the entire image in memory. + When using the 'identify' -verbose option, -verbose must be specified twice in order to obtain the color count. This makes normal use of -verbose much faster. + Significantly improved read/write speed for bilevel and gray images. + TIFF I/O is considerably faster. + Postscript writer is 10-15X faster. + PNM formats writer is 10-100X faster. + Rotate by 90 or 270 degrees is 2-9X faster. -- WBR, wRAR (ALT Linux Team) Powered by the ALT Linux fortune(8): Эх, дайте мне ещё пару часов в сутки ;) -- inger in devel@ [-- Attachment #2: Digital signature --] [-- Type: application/pgp-signature, Size: 197 bytes --]
next parent reply other threads:[~2008-05-07 5:08 UTC|newest] Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top 2008-05-07 5:08 ` Andrey Rahmatullin [this message] 2008-05-11 18:34 ` Michael Shigorin 2008-05-07 16:28 ` Michael Shigorin 2008-05-07 21:37 ` Vitaly Lipatov 2008-05-08 4:41 ` Хихин Руслан 2008-05-08 6:49 ` [devel] uniconvertor in backports Michael Shigorin
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20080507050824.GP5811@wrars-comp.wrarsdomain \ --to=wrar@altlinux.ru \ --cc=devel@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Team development discussions This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \ devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru public-inbox-index devel Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.devel AGPL code for this site: git clone https://public-inbox.org/public-inbox.git