Log message:
Bump PKGREVISION for gdbm shlib major bump

Log message:
GraphicsMagick: update to 1.3.28.

1.3.28 (January 20, 2017)
=========================

Security Fixes:

* BMP: Fix non-terminal loop due to unexpected bit-field mask value
  (DOS opportunity).

* PALM: Fix heap buffer underflow in builds with QuantumDepth=8.

* SetNexus() Fix heap overwrite under certain conditions due to using
  a wrong destination buffer.  This issue impacts all 1.3.X releases.

* TIFF: Fix heap buffer read overflow in LocaleNCompare() when parsing
  NEWS profile.

Bug fixes:

* DescribeImage(): Eliminate possible use of null pointer.

* GIF: Fix memory leak of global colormap in error path.

* GZ: Writing to gzip files with the extension ".gz" was not working
  with Zlib 1.2.8.

* JNG: Fix buffer read overflow (a tiny fixed overflow of just one byte).

* JPEG: Promoting certain libjpeg warnings to errors caused much more
  problems than expected.  The promotion of warnings to errors is
  removed.  Claimed pixel dimensions are validated by file size before
  allocating memory for the pixels.

* IntegralRotateImage(): Assure that reported error in rotate by 270
  case does immediately terminate processing.

* MNG: Fix possible null pointer reference related to DEFI chunk
  parsing.  Fix minor heap read overflow (constrained to just one
  byte) due to an ordering issue in a limit check.  Fix memory leaks
  in error path.

* WebP: Fix stack buffer overflow in WriteWEBPImage() which occurs
  with libwebp 0.5.0 or newer due to a structure type change in the
  structure passed to the progress monitor callback.

* WPG: Memory leaks fixed.

API Updates:

* InterpolateViewColor(): This function now returns MagickPassFail (an
  unsigned int) rather than void so that errors can be efficiently
  reported.

* The magick/pixel_cache.h header is updated to add deprecation
  attributes such that code using GetPixels(), GetIndexes(), and
  GetOnePixel() will produce deprecation warnings for compilers which
  support them.  These functions will not be removed in the 1.3.X
  release series and when they are removed, pre-processor macros will
  be added so a replacement function is used instead.  There is a
  long-term objective to eliminate functionally-redundant pixel cache
  functions to only the ones with the best properties since this
  reduces maintenance and may reduce the depth of the call stack
  (improving performance).

Build Changes:

* PerlMagick: Sanitize PACKAGE_VERSION so that Perl is not confused by
  any trailing alpha character.

* Improved symbol renaming due to adding --enable-symbol-prefix.  Some
  symbols (for static const strings) were not being included in the
  renaming.

Log message:
GraphicsMagick: updated to 1.3.27a

1.3.27:
Security Fixes:
* CMYK: Fix heap overwrites in raw CMYK writer.  Fix heap overwrites
  in raw CMYK reader (noticed when doing montage).
* GIF: Assure that global colormap is initialized.
* DescribeImage(): Fix possible heap write overflow when describing
  visual image directory. Fix possible heap read overflow while
  accessing heap data, and possible information disclosure while
  describing the IPTC profile.
* DICOM: Fix huge memory allocation based on bogus length value (DOS
  opportunity).
* DrawDashPolygon(): Fix heap out of bounds read in render code.
* GRAY: Fix heap overwrites in raw GRAY reader (noticed when doing
  montage).
* JNG: Fix heap overruns.  Fix assertions.
* JNG: Prevent a crash due to zero-length color_image while reading a
  JNG image. (CVE-2017-11102).  Reject JNG files with unreasonable
  dimensions given the file size (avoid DOS).
* JNX: Fix DOS due to excessive memory allocations with corrupt file.
* JPEG: Do not allocate backing image pixels until a scanline has been
  successfully read.  Avoids DOS opportunity with suitably
  manufactured file.
* MAP: Fix null pointer dereference or segmentation violation.
* MAT: Fix heap write overflow.
* MNG: Reject over-large (65k by 65k) image.  Fix heap overwrites.
* PAM: Fix heap buffer overflow in PAM writer for 1 bit/sample + alpha.
* PICT: Fix excessive memory allocation due to malformed image file.
* PNG: Fix heap buffer overflow in PNG writer when promoting from
  indexed PNG to RGBA.
* PNM: Fix DOS due to excessive memory allocations with corrupt file.
* RGB: Fix heap overwrite in raw RGB writer. Fix heap overwrites in
  raw RGB reader (noticed when doing montage).
* RLE: Fix DOS opportunities due to false claims in image header.  Fix
  heap out of bounds read.
* SFW: Avoid possible heap write overflow.
* SUN: Fix heap read overflow.  Fix DOS due to excessive memory
  allocations with corrupt file.
* SVG: Fix heap write overflow.
* TIFF: Use heuristics to avoid DOS (excessive memory use) due to
  false claims by input file.  It is possible that this may reject
  some valid files.  Fix possible small heap overwrite beyond the
  allocated scanline buffer due to the NumberOfObjectsInArray() macro
  rounding up rather than down.
* UIL: Fix heap overwrite in writer.
* WPG: Fix DOS issues (memory, disk space, CPU time) due to
  insufficient validations.  Fix heap overwrites.
* XBM: Fix DOS issue where code remains stuck in loop and does not
  return.
* XV 332 (PNM): Fix null pointer dereference due to malformed file.
* TracePSClippingPath()/TraceSVGClippingPath(): Fix heap out of bounds
  read.
* Validate path entries in the MAGICK_CODER_MODULE_PATH and
  MAGICK_FILTER_MODULE_PATH environment variables and convert all
  paths to real paths if possible. This avoids possible use of
  relative paths to load modules (a possible security issue), or the
  possibility of adding a directory which was in the path, but
  missing, and may improve efficiency by removing non-existent paths.

Bug fixes:
* AVS: Memory leaks eliminated.
* CINEON: Fix possible use of NULL pointer.
* CMYK: Memory leaks eliminated.
* CUT: Memory leaks eliminated.  Fix possible use of NULL pointer.
* DCM: Fix possible use of NULL pointer.
* DrawImage(): Avoid "negative" strncpy().  This seems to be benign
  with glibc but perhaps not with other implementations.
* DPX: Memory leaks eliminated.
* EMF: Fix possible use of NULL pointer.
* FindMagickModule(): Fix possible use of NULL pointer.
* FITS: Fix memory leak.
* GIF: Fix memory leak.
* HDF: Memory leaks eliminated.
* HISTOGRAM: Fix memory leak.
* JNG: Memory leaks eliminated. Memory use after free and double-free
  issues eliminated.  Error reporting fixes.
* Magick::Options::strokeDashArray(): Fix possible use of NULL pointer.
* MagickXFileBrowserWidget(): Fix possible use of NULL pointer.
* MAT: Memory leaks eliminated.
* MagickMapCloneMap(): Fix possible assertion failure.
* MNG: Memory use after free issues eliminated.  Fix possible use of
  NULL pointer.  Fix memory leaks.
* MontageImageCommand(): Fix memory leaks.
* MPC: Fix memory leak in writer.
* MPEG: Fix memory leaks in writer.
* MTV: Memory leaks eliminated.
* NTRegistryKeyLookup(): Fix possible use of NULL pointer.
* NTGetTypeList(): Fix possible use of NULL pointer.
* PCD: Memory leaks eliminated.
* PCL: Fix null pointer dereference in PCL writer.
* PCX: Memory leaks eliminated.
* PALM: Fix possible use of NULL pointer. Fix memory leak.
* PICT: Memory leaks eliminated.
* PNG: Fix small (one-off) heap read overflow.
* PNM: Fix memory leaks.
* PS: Fix use of null pointer in error path.
* PWP: Fix possible use of null pointer.
* ReplaceImageColormap(): Throw an exception rather than assertion if
  the input image is not colormapped.
* RGB: Fix memory leak.
* SegmentImage(): Fix possible use of NULL pointer.
* SetImageProfile(): Fix possible assertion failure.
* SGI: Check for EOF while reading SGI file header.
* SUN: Fix memory leak.
* TIFF: Fix possible use of NULL pointer.  Fix memory leaks in writer.
* TIM: Fix memory leak.
* TOPOL: Fix possible use of NULL pointer.  Fix memory leaks.
* VIFF: Fix memory leak.
* WEBP: Detect partial write to output file.
* WPG: Fix possible use of null pointer. Fix excessive use of disk
  resources due to insufficient validations.
* WriteImage(): Restore use of GetBlobStatus() to test if an I/O error
  was encountered while writing output file. This assures that I/O
  failure in writers which do not themselves verify writes is assured
  to be reported.
* WMF: Memory use after free issues eliminated.
* YUV: Fix memory leaks.

New Features:
* PNG: Implemented eXIf chunk support.
* WEBP: Add support for EXIF and ICC metadata provided that at least
  libwebp 0.5.0 is used.
* Magick++ Image autoOrient(): New Image method to auto-orient an
  image so it looks right-side up by default.

Windows Delegate Updates/Additions:
* Libtiff is updated to libtiff 4.0.9.

Build Changes:
* JPEG/PNG: The SETJMP_IS_THREAD_SAFE definition is used to determine
  if setjmp/longjmp are thread safe.  If these interfaces are thread
  safe, then concurrent reads/writes are possible.  This definition is
  false for Solaris but true for Linux.  JPEG and PNG will be fully
  concurrent if this definition is enabled.

Behavior Changes:
* PALM: PALM writer is disabled.
* ThrowLoggedException(): Capture the first exception at
  ErrorException level or greater, or only capture exception if it is
  more severe than an already reported exception.
* DestroyJNG(): This internal function is now declared static and is
  removed from shared library or DLL namespace.

Log message:
recursive bump for libxkbcommon removal from at-spi2-core

Log message:
1.3.26:

Security Fixes:
---------------
DPX: Fix excessive use of memory (DOS issue) due to file header claiming large \ 
image dimensions but insufficient backing data. (CVE-2017-10799).
JNG: Fix memory leak when reading invalid JNG image (CVE-2017-8350).
MAT: Fix excessive use of memory (DOS issue) due to continuing processing with \ 
insufficient data and claimed large image size. Verify each file extent to make \ 
sure that it is within range of file size. (CVE-2017-10800).
META: Fix heap overflow while parsing 8BIM chunk (CVE-2016-7800).
PCX: Fix denial of service issue.
RLE: Fix abnomally slow operation (denial of service issue) with intentionally \ 
corrupt colormapped file.
PICT: Fix possible buffer overflow vulnerability given suitably truncated input file.
PNG: Enforce spec requirement that the dimensions of the JPEG embedded in a JDAT \ 
chunk must match the JHDR dimensions (CVE-2016-9830).
PNG: Avoid NULL dereference when MAGN chunk processing fails.
SCT: Fix stack-buffer read overflow (underflow?) while reading SCT header.
SGI: Fix denial of service issues. Delay large memory allocations until file \ 
header has fully passed sanity checks.
TIFF: Fix out of bounds read when reading CMYKA TIFF which claims to have only 2 \ 
samples per pixel (CVE-2017-6335).
TIFF: Fix out of bounds read when reading RGB TIFF which claims to have only 1 \ 
sample per pixel (CVE-2017-10794).
WPG: Fix heap overflow (CVE-2016-7996). Fix assertion crash (CVE-2016-7997).

Bug fixes:
----------
DifferenceImage(): Fix Fix all-black difference image if an input file is \ 
colormapped.
EXIF orientation was not being properly detected for some files.
-frame: The import command -frame handling was improperly implemented and was \ 
using already freed data.
GIF: Fixes for "Excessive LZW string data" problem.
Magick++: Bug fixes to PathSmoothCurvetoRel::operator() and \ 
PathSmoothCurvetoRel::operator().
PAM: Support writing GRAYSCALE PAM format.
PNG: Fix memory leaks.
SVG: Fixed a memory leak. Fixed a possible null pointer dereference.
TclMagick: Problem that TkMagick could not resolve functions from TclMagick \ 
under Linux is fixed.
TclMagick: Fix parser validatation in magickCmd() to avoid crash given a syntax \ 
error.
TIFF: Fix for reading old JPEG files (avoids "Improper call to JPEG library \ 
in state 0. (LibJpeg).").
TXT: Fixed memory leak.
XCF: Error checking is improved.

New Features:
-------------
EXIF rotation: Support is added such that the EXIF orientation tag is updated \ 
when the image is rotated.
MAT: Now support reading multiple images from Matlab V4 format.
Magick++: Orientation method now updates orientation in EXIF profile, if it exists.
Magick++: Added Image attribute method which accepts a 'char *' argument, and \ 
will remove the attribute if the value argument is NULL.
-orient: The -orient command line option now also updates the orientation in the \ 
EXIF profile, if it exists.
PGX: Support PGX JPEG 2000 format for reading and writing (within the bounds of \ 
what JasPer supports).
Wand API: Added MagickAutoOrientImage(), MagickGetImageOrientation(), \ 
MagickSetImageOrientation(), MagickRemoveImageOption(), and \ 
MagickClearException().

Log message:
Make pkg-config a runtime dependency so GraphicsMagick*config work.

Bump PKGREVISION.

Log message:
Recursive revbump from graphics/libwebp

Log message:
Convert all occurrences (353 by my count) of

	MASTER_SITES= 	site1 \
			site2

style continuation lines to be simple repeated

	MASTER_SITES+= site1
	MASTER_SITES+= site2

lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.

Log message:
Updated GraphicsMagick to 1.3.25.

1.3.25 (September 5, 2016)
==========================

Special Issues:

* None

Security Fixes:

* EscapeParenthesis(): I was notified by Gustavo Grieco of a heap
  overflow in EscapeParenthesis() used in the text annotation code.
  While not being able to reproduce the issue, the implementation of
  this function is completely redone.

* Utah RLE: Reject truncated/absurd files which caused huge memory
  allocations and/or consumed huge CPU.  Problem was reported by
  Agostino Sarubbo based on testing with AFL.

* SVG/MVG: Fix another case of CVE-2016-2317 (heap buffer overflow) in
  the MVG rendering code (also impacts SVG).

* TIFF: Fix heap buffer read overflow while copying sized TIFF
  attributes.  Problem was reported by Agostino Sarubbo based on
  testing with AFL.

Bug fixes:

* GetToken(): Fix obscure bug (read beyond end of string buffer)
  noticed while parsing a MVG file.  This problem was reported by
  Gustavo Grieco.

* MVG rendering: Fix undesired hard errors when some objects were
  drawn outside of the image bounds.  Requests to draw objects
  entirely outside of the image should be silently ignored.

* MVG/SVG rendering: Fix gradient size sanity checks which were
  causing gradient requests to fail.  Due to a design weakness in that
  gradient images allocate resources rather than being computations at
  point of use, the maximum gradient image size is now hard-limited to
  5000x5000 pixels until the design problem is fixed.  Some SVG icons
  (as small as 8x8 pixels) authored using Inkscape request absurdly
  huge gradients.  Gradient sizes as large as 20,000x20,000 have been
  observed in SVG icon files delivered by packages on an Ubuntu Linux
  system.

* SVG: Fix some memory leaks which occur on parsing error.

New Features:

* None

Feature improvements:

* ElapsedTime(): Use clock_gettime() (when available with default
  linkage) to obtain elapsed time.

* DescribeImage(): Provide 6 digits of seconds precision in in elapsed
  time output.  Previously the resolution was rounded up to a full
  second.

Windows Delegate Updates/Additions:

* webp: Updated bundled libwebp to release 0.5.1.

* libxml: Updated bundled libxml2 to release 2.9.4.

* lcms: Updated bundled lcms2 to release 2.8.

* png: Update bundled libpng to release 1.6.24.

Build Changes:

* OpenMP is properly configured for clang 3.8 using its own '-lomp'
  rather than '-lgomp'.

Behavior Changes:

* SVG: Some SVG files may be rejected due to absurdly large gradient
  requests.

* The 'identify' and 'info' functionality only shows the pixel read
  rate if image was not read in 'ping' mode. Provide 6 digits of
  seconds precision in in elapsed time output.

Log message:
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl.