Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
{p5-}GraphicsMagick: Update to 1.3.33
1.3.33 (July 20, 2019)
==========================
Special Issues:
* It has been discovered that the 'ICU' library (a perhaps 30MB C++
library) which is now often a libxml2 dependendency causes huge
process initialization overhead. This is noticed as unexpected
slowness when GraphicsMagick utilities are used to process small to
medium sized files. The time to initialize is often longer than the
time to read the input file, process the image, and write the output
file. If the 'ICU' dependency can not be avoided, then make sure to
use the modules build. Please lobby the 'ICU' library developers to
change their implementation to avoid long start-up times due to
merely linking with the library.
Security Fixes:
* GraphicsMagick is now participating in Google's oss-fuzz project due
to the contributions and assistance of Alex Gaynor. Since February 4
2018, 353 issues have been opened by oss-fuzz and 338 of those
issues have been resolved. The issues list is available at
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
"graphicsmagick". Issues are available for anyone to view and
duplicate if they have been in "Verified" status for 30 days, or if
they have been in "New" status for 90 days. There are too many
fixes to list here. Please consult the GraphicsMagick ChangeLog
file, Mercurial repository commit log, and the oss-fuzz issues list
for details.
* Documentation has been added regarding security hazards due to
commands which support a '@filename' syntax.
* MontageImages(): Fix wrong length argument to strlcat() when
building montage directory, which could allow heap overwrite.
Bug fixes:
* PNG: Pass correct size value to strlcat() in module registration
code. This bug is noticed to cause problems for Apple's OS X and
Linux Alpine with musl libc. This fixes a regression introduced by
the 1.3.32 release.
* Re-implement command-line utility `'@'` file inclusion support for
`-comment`, `-draw`, `-format`, and `-label` which was removed for
the 1.3.32 release. The new implementation is isolated to
command-line utility implementation code rather than being deeply
embedded in the library and exposed in other usage contexts. This
fixes a regression introduced by the 1.3.32 release.
* CAPTION: The The CAPTION reader did not appear to work at all any
more. Now it works again, but still not very well.
* MagickXDisplayImage(): Fix heap overwrite of windows->image.name and
windows->image.icon_name buffers. This bug has surely existed since
early GraphicsMagick releases.
* MagickXAnimateImages(): Fix memory leak of scene_info.pixels.
* AcquireTemporaryFileDescriptor(): Fix compilation under Cygwin. This
fixes a regression introduced by the 1.3.32 release.
* PNG: Fix saving to palette when mage has an alpha channel but no
color is marked as transparent.
* Compilation warnings in the Visual Studio WIN64 build due to the
'long' type being only 32-bits have been addressed.
New Features:
* None
API Updates:
* None
Feature improvements:
* None
Windows Delegate Updates/Additions:
* None
Build Changes:
* None
Behavior Changes:
* Support for `'@'` file inclusion support for `-comment`, `-draw`,
`-format`, and `-label` has been restored.