./graphics/ImageMagick6, Package for display and interactive manipulation of images

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q2, Version: 6.9.9.38nb5, Package name: ImageMagick6-6.9.9.38nb5, Maintainer: pkgsrc-users

ImageMagick TM, is a package for display and interactive manipulation
of images for the X Window System. It is written in C and interfaces
to the X library, and therefore does not require any proprietary
toolkit in order to compile. Although the software is copyrighted, it
is available for free and can be redistributed without fee.

The ImageMagick image display program can display an image on any
workstation screen running an X server. It can read and write many of
the more popular image formats including JPEG, TIFF, PNM, GIF, and
Photo CD. In addition you can interactively resize, rotate, sharpen,
color reduce, or add special effects to an image and save your
completed work in the same or differing image format.

This package tracks 6 release branch for backward compatibility.


Required to run:
[devel/libltdl] [devel/pkgconf] [graphics/libwebp] [graphics/freetype2] [graphics/lcms2] [graphics/png] [graphics/tiff] [graphics/openjpeg] [fonts/fontconfig] [print/ghostscript] [textproc/libxml2] [math/fftw]

Required to build:
[pkgtools/x11-links] [pkgtools/cwrappers]

Package options: jp2, x11

Master sites: (Expand)

SHA1: 2dc6b3c415b342efb7ab64d18bb801c7f1881212
RMD160: 50008946057cde9fc7a6d0149414e870a2a351b0
Filesize: 8704.945 KB

Version history: (Expand)

CVS history: (Expand)


   2018-08-25 21:26:01 by Benny Siegert | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket #5819 - requested by leot
graphics/ImageMagick6: security fix

Revisions pulled up:
- graphics/ImageMagick6/Makefile                                1.18-1.19
- graphics/ImageMagick6/distinfo                                1.10-1.11
- graphics/ImageMagick6/patches/patch-config_policy.xml         1.1-1.2

---
   Module Name:	pkgsrc
   Committed By:	leot
   Date:		Wed Aug 22 13:38:00 UTC 2018

   Modified Files:
   	pkgsrc/graphics/ImageMagick6: Makefile distinfo
   Added Files:
   	pkgsrc/graphics/ImageMagick6/patches: patch-config_policy.xml

   Log message:
   ImageMagick6: Disable ghostscript coders by default in policy.xml

   Disable ghostscript coders in policy.xml as a workaround for
   VU#332928 (<https://www.kb.cert.org/vuls/id/332928>).

   Please note that apart commenting/removing lines added in policy.xml,
   the ghostscript coders can be enabled per-user by copying policy.xml
   to ~/.config/ImageMagick/policy.xml and adjusting it with the
   following lines:

     | [...]
     | <policy domain=3D"coder" rights=3D"read|write" \ 
pattern=3D"PS" />
     | <policy domain=3D"coder" rights=3D"read|write" \ 
pattern=3D"EPS" />
     | <policy domain=3D"coder" rights=3D"read|write" \ 
pattern=3D"PDF" />
     | <policy domain=3D"coder" rights=3D"read|write" \ 
pattern=3D"XPS" />
     | [...]

   Bump PKGREVISION

---
   Module Name:	pkgsrc
   Committed By:	leot
   Date:		Thu Aug 23 14:54:21 UTC 2018

   Modified Files:
   	pkgsrc/graphics/ImageMagick6: Makefile distinfo
   	pkgsrc/graphics/ImageMagick6/patches: patch-config_policy.xml

   Log message:
   ImageMagick6: Also block PS2 and PS3 coders in policy.xml

   At least when reading PS2 and PS3 files via
   `convert PS2:<input> <output>' and `convert PS3:<input> \ 
<output>'
   gslib/ghostscript will be invoked and hence subject to VU#332928.

   Pointed out by Bob Friesenhahn via oss-security@ ML (and follow up from
   VU#332928 update).