./graphics/GraphicsMagick, Tools and libraries for reading, writing, and manipulating images

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.3.35, Package name: GraphicsMagick-1.3.35, Maintainer: pkgsrc-users

GraphicsMagick(TM) provides a powerful image manipulation and
translation utility. It is capable of displaying still images and
animations using the X Window system, provides a simple interface for
interactively editing images, and is capable of importing selected
windows or the entire desktop. GraphicsMagick can read and write over
88 image formats, including JPEG, TIFF, WMF, SVG, PNG, PNM, GIF, and
Photo CD. It can resize, rotate, sharpen, color reduce, or add
special effects to the image and save the result to any supported
format. GraphicsMagick may be used to create animated or transparent
.gifs, create composite images, create thumbnail images, and much,
much, more.

GraphicsMagick is one of your choices if you need a program to
manipulate and display images. If you want to develop your own
applications which use GraphicsMagick code or APIs, you need to
install GraphicsMagick-devel as well.


Required to run:
[textproc/libxml2] [graphics/tiff] [graphics/freetype2] [graphics/png] [graphics/jpeg] [devel/libltdl] [graphics/jbigkit] [fonts/urw-fonts] [graphics/lcms2] [graphics/libwebp] [devel/pkgconf] [archivers/zstd]

Required to build:
[pkgtools/x11-links] [pkgtools/cwrappers]

Package options: x11

Master sites:

SHA1: b0460d7fb8b2d542a44446322ea62c053bc54b0c
RMD160: 5f0ae6461cbcb0aece88e9e1430e6085351b747e
Filesize: 5413.305 KB

Version history: (Expand)


CVS history: (Expand)


   2020-02-26 16:19:20 by Nia Alarie | Files touched by this commit (3) | Package updated
Log message:
graphicsmagick: Update to 1.3.35

1.3.35 (February 23, 2020)
==========================

Special Issues:

* It has been discovered that the 'ICU' library (a perhaps 30MB C++
  library) which is now often a libxml2 dependendency causes huge
  process initialization overhead.  This is noticed as unexpected
  slowness when GraphicsMagick utilities are used to process small to
  medium sized files.  The time to initialize the 'ICU' library is
  often longer than the time that GraphicsMagick would otherwise
  require to read the input file, process the image, and write the
  output file.  If the 'ICU' dependency can not be avoided, then make
  sure to use the modules build so there is only impact for file
  formats which require libxml2.  Please lobby the 'ICU' library
  developers to change their implementation to avoid long start-up
  times due to merely linking with the library.

Security Fixes:

* GraphicsMagick is now participating in Google's oss-fuzz project due
  to the contributions and assistance of Alex Gaynor. Since February 4
  2018, 398 issues have been opened by oss-fuzz (some of which were
  benign build issues) and 11 issues remain open.
  The issues list is available at
  https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
  "graphicsmagick".  Issues are available for anyone to view and
  duplicate if they have been in "Verified" status for 30 days, or if
  they have been in "New" status for 90 days.  There are too many
  fixes to list here.  Please consult the GraphicsMagick ChangeLog
  file, Mercurial repository commit log, and the oss-fuzz issues list
  for details.

Bug fixes:

* Fix broken definition of ResourceInfinity which resulted in that
  GetMagickResource() would return -1 rather than the maximum range
  value for the return type as documented. (problem added by the
  1.3.32 release).

* ModifyCache(): Re-open the pixel cache if the cache rows/columns do
  not match the owning image rows/columns.

* Fix DisplayImages() return status.  The return status was inverted.

* HISTOGRAM: Histogram once again includes the histogram as a text
  comment.  This became broken by previous security fixes.

* PICT: Fixed heap buffer overuns reported multiple sources.

* JNG: Detect when JPEG encoder has failed and throw an exception.

* MVG/DrawImage(): Performs even more parsing validations.

* Clang static analyzer fixes: A great many fixes were made based on
  problem reports by the Clang static analyzer.

* Visual Studio static analyzer fixes: A great many fixes were made
  based on problem reports by the Visual Studio 2019 static analyzer.
  Many of these may improve the robustness of 64-bit code.

New Features:

* GRADIENT/GradientImage(): Improved accuracy of gradient levels as
  well as dramaticaly improving performance.  Output PseudoClass
  images if we can.  Add support for using the image 'gravity'
  attribute as well as the "gradient:direction" definition to produce
  gradient vector directions corresponding to SouthGravity (the
  previously-existing default), NorthGravity, WestGravity,
  EastGravity, NorthWestGravity, NorthEastGravity, SouthWestGravity,
  and SouthEastGravity.

API Updates:

* InitializeMagickEx(): New function which may be used in place of
  InitializeMagick() to initialize GraphicsMagick.  This
  initialization function returns an error status value, may update a
  passed ExceptionInfo structure with error information, and provides
  an options parameter which supports simple bit-flags to tailor
  initialization.  The signal handler registrations are skipped if the
  MAGICK_OPT_NO_SIGNAL_HANDER flag is set in the options.

Feature improvements:

* Replace use of non-reentrant legacy POSIX functions with reentrant
  equivalents.

* Timing of image reads should now be very accurate.  The timer was
  sometimes not stopped as soon as it should be.

* PICT: The PICT reader is working pretty good now.  It handles all
  the PICT image files I have available to me.

Windows Delegate Updates/Additions:

* None

Build Changes:

* Visual Studio Build: Configure program now provides a checkbox to
  enable common optimizations for better performance.

Behavior Changes:

* POSIX Signals: Use the normal termination signal handler for SIGXCPU
  and SIGXFSZ so that ulimit or setrlimit(2) may be used to apply CPU
  (RLIMIT_CPU) and output file size (RLIMIT_FSIZE) limits with the
  normal cleanup, and without dumping core. Note that any output files
  currently being written may be truncated and files being written by
  external programs (e.g. Ghostscript) might be left behind unless
  they are to a temporary file assigned by GraphicsMagick.

* Some private string and integer constants were removed from the
  apparent library ABI.  Some private functions were marked static and
  removed from the apparent library ABI.  This is mentioned because
  someone is sure to notice and be concerned about it.

* The remaining private content in installed header files was moved
  into -private.h header files which are not installed.  This should
  not be cause for concern but is mentiond because someone is sure to
  notice and be concerned about it.
   2020-01-08 18:32:15 by Nia Alarie | Files touched by this commit (1) | Package updated
Log message:
GraphicsMagick: Update COMMENT
   2020-01-08 13:11:36 by Nia Alarie | Files touched by this commit (4) | Package updated
Log message:
GraphicsMagick: Update to 1.3.34

1.3.34 (December 24, 2019)
==========================

Special Issues:

* It has been discovered that the 'ICU' library (a perhaps 30MB C++
  library) which is now often a libxml2 dependendency causes huge
  process initialization overhead.  This is noticed as unexpected
  slowness when GraphicsMagick utilities are used to process small to
  medium sized files.  The time to initialize the 'ICU' library is
  often longer than the time that GraphicsMagick would otherwise
  require to read the input file, process the image, and write the
  output file.  If the 'ICU' dependency can not be avoided, then make
  sure to use the modules build so there is only impact for file
  formats which require libxml2.  Please lobby the 'ICU' library
  developers to change their implementation to avoid long start-up
  times due to merely linking with the library.

Security Fixes:

* GraphicsMagick is now participating in Google's oss-fuzz project due
  to the contributions and assistance of Alex Gaynor. Since February 4
  2018, 386 issues have been opened by oss-fuzz (some of which were
  benign build issues) and 376 of those issues have been resolved.
  The issues list is available at
  https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
  "graphicsmagick".  Issues are available for anyone to view and
  duplicate if they have been in "Verified" status for 30 days, or if
  they have been in "New" status for 90 days.  There are too many
  fixes to list here.  Please consult the GraphicsMagick ChangeLog
  file, Mercurial repository commit log, and the oss-fuzz issues list
  for details.

Bug fixes:

* DPS: Eliminate a memory leak.

* Debug Trace: Only output text to terminate an XML format log file if
  XML format is active.

* EXIF Parser: Detect non-terminal parsing and report an error.

* EXIF Parser: Eliminate heap buffer overflows.

* HuffmanDecodeImage(): Fix heap overflow in 32-bit applications.

* MAT: Implement subimage/subrange support.

* MVG: Address non-terminal loops, excessive run-time, thrown
  assertions, divide-by-zero, heap overflow, and memory leaks.

* OpenModule(): Now properly case-insensitive, as it used to be.

* PCX: Verify that pixel region is not negative. Assure that opacity
  channel is initialized to opaqueOpacity.  Update DirectClass
  representation while PseudoClass representation is updated.  Improve
  read performance with uncompressed PCX.

* PICT: Fix heap overflow in PICT writer.

* PNG: Fix validation of raw profile length.

* PNG: Skip coalescing layers if there is only one layer.

* PNM: Fix denial of service opportunity by limiting the length of PNM
  comment text.

* WPG: Avoid Avoid dereferencing a null pointer.

* WPG: Implement subimage/subrange support.

* WPG: Improve performance when reading an embedded image.

* Wand library: In MagickClearException(), destroy any existing
  exception info before re-initializing the exception info or else
  there will be a memory leak.

* XPM: Rquire that image properties appear in the first 512 bytes of
  the XPM file header.

New Features:

* Visual Studio build supports JBIG and WebP compression in TIFF format.

API Updates:

* None

Feature improvements:

* Compliles clean using GCC 9.

Windows Delegate Updates/Additions:

* bzlib: bzip is updated to 1.0.8 release.

* jbig: jbigkit is updated to 2.1 release.

* lcms: lcms2 is updated to 2.9 release.

* libxml: libxml2 is updated to 2.9.10 release.

* png: libpng is updated to 1.6.37 release.

* tiff: libtiff is updated to 4.1.0 release.

* webp: libwebp is updated to the 1.0.3 release.

* zlib: zlib is updated to 1.2.11 release.

* TIFF: Now also supports reading JBIG-compressed TIFF, and
  reading/writing WebP-compressed TIFF.  A number of libtiff feature
  options which are now commonly enabled were disabled and are now
  enabled by default.

Build Changes:

* MinGW: Static and shared library builds were not working.  Only the
  modules build was actually working!

* Python scripts related to the build (enabled by
  --enable-maintainer-mode) are now compatible with Python 3.

* Now supports using Google gperftools tcmalloc library for the memory
  allocator.  This improves performance for certain repetitive
  work-loads and heavily-threaded algorithms.

* Configure now reports the status of zstd (FaceBook Zstandard)
  compression in its configuration summary.

* TclMagick: Address many issues mentioned by SourceForge issue #420
  "TclMagick issues and patch".

Behavior Changes:

* PNG: Post-processing to convert the image type in the PNG reader
  based on a specified magick prefix string is now disabled.  This can
  (and should) be done after the image has been returned.

* Trace Logging: The compiled-in logging default is always to stderr,
  which may be over-ridden using log.mgk as soon as it is loaded.

* Windows Build: Search registry key HKEY_CURRENT_USER as well as
  HKEY_LOCAL_MACHINE when searching for Ghostscript.  By following the
  procedure documented in SourceForge bug 615 "GhostScript
  installation check", this allows for local user installations
  without "administrator" privileges.
   2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557) | Package updated
Log message:
Bump PKGREVISIONs for perl 5.30.0
   2019-08-08 22:56:40 by Nia Alarie | Files touched by this commit (4) | Package updated
Log message:
{p5-}GraphicsMagick: Update to 1.3.33

1.3.33 (July 20, 2019)
==========================

Special Issues:

* It has been discovered that the 'ICU' library (a perhaps 30MB C++
  library) which is now often a libxml2 dependendency causes huge
  process initialization overhead.  This is noticed as unexpected
  slowness when GraphicsMagick utilities are used to process small to
  medium sized files.  The time to initialize is often longer than the
  time to read the input file, process the image, and write the output
  file.  If the 'ICU' dependency can not be avoided, then make sure to
  use the modules build.  Please lobby the 'ICU' library developers to
  change their implementation to avoid long start-up times due to
  merely linking with the library.

Security Fixes:

* GraphicsMagick is now participating in Google's oss-fuzz project due
  to the contributions and assistance of Alex Gaynor. Since February 4
  2018, 353 issues have been opened by oss-fuzz and 338 of those
  issues have been resolved.  The issues list is available at
  https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
  "graphicsmagick".  Issues are available for anyone to view and
  duplicate if they have been in "Verified" status for 30 days, or if
  they have been in "New" status for 90 days.  There are too many
  fixes to list here.  Please consult the GraphicsMagick ChangeLog
  file, Mercurial repository commit log, and the oss-fuzz issues list
  for details.

* Documentation has been added regarding security hazards due to
  commands which support a '@filename' syntax.

* MontageImages(): Fix wrong length argument to strlcat() when
  building montage directory, which could allow heap overwrite.

Bug fixes:

* PNG: Pass correct size value to strlcat() in module registration
  code.  This bug is noticed to cause problems for Apple's OS X and
  Linux Alpine with musl libc.  This fixes a regression introduced by
  the 1.3.32 release.

* Re-implement command-line utility `'@'` file inclusion support for
  `-comment`, `-draw`, `-format`, and `-label` which was removed for
  the 1.3.32 release.  The new implementation is isolated to
  command-line utility implementation code rather than being deeply
  embedded in the library and exposed in other usage contexts.  This
  fixes a regression introduced by the 1.3.32 release.

* CAPTION: The The CAPTION reader did not appear to work at all any
  more.  Now it works again, but still not very well.

* MagickXDisplayImage(): Fix heap overwrite of windows->image.name and
  windows->image.icon_name buffers.  This bug has surely existed since
  early GraphicsMagick releases.

* MagickXAnimateImages(): Fix memory leak of scene_info.pixels.

* AcquireTemporaryFileDescriptor(): Fix compilation under Cygwin. This
  fixes a regression introduced by the 1.3.32 release.

* PNG: Fix saving to palette when mage has an alpha channel but no
  color is marked as transparent.

* Compilation warnings in the Visual Studio WIN64 build due to the
  'long' type being only 32-bits have been addressed.

New Features:

* None

API Updates:

* None

Feature improvements:

* None

Windows Delegate Updates/Additions:

* None

Build Changes:

* None

Behavior Changes:

* Support for `'@'` file inclusion support for `-comment`, `-draw`,
  `-format`, and `-label` has been restored.
   2019-07-22 00:26:08 by Thomas Klausner | Files touched by this commit (1256)
Log message:
*: recursive bump for gdk-pixbuf2-2.38.1
   2019-07-21 00:46:59 by Thomas Klausner | Files touched by this commit (595)
Log message:
*: recursive bump for nettle 3.5.1
   2019-07-16 21:31:16 by Nia Alarie | Files touched by this commit (2) | Package updated
Log message:
GraphicsMagick: Disable jp2 support by default

Re-enable it with the 'jasper' option.

Part of the process of trying to minimize the potential impact of a
vulnerable jasper.

Bump PKGREVISION