Here is an update to GraphicsMagick 1.3.38.
1.3.38 (March 26, 2022)
==========================
Security Fixes:
* GraphicsMagick is participating in Google's oss-fuzz project due to
the contributions and assistance of Alex Gaynor. Since February 4
2018, ??? issues have been opened by oss-fuzz and ?? issues remain
open. The issues list is available at
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term
"graphicsmagick". Issues are available for anyone to view and
duplicate if they have been in "Verified" status for 30 days, or if
they have been in "New" status for 90 days. Please consult the
GraphicsMagick ChangeLog file, Mercurial repository commit log, and
the oss-fuzz issues list for details.
Bug fixes:
* Documentation: Generator scripts in 'doc' directory now produce
similar results using GNU sed and Solaris/Illumos sed and don't
produce warnings.
* JNG: Fixes to error handling to avoid temporary file leaks and
avoiding returning a broken image.
* JPEG: Always store embedded profiles in image, even if in 'ping'
mode.
* MAT: Change from using 'int' for sizes/offsets to using 'size_t' and
check all related calculations for overload.
* MIFF: Fix heap buffer overflow which may be provoked in builds with
BZLIB support.
* MogrifyImage() and Magick::Image::trim(): Trim requires
NorthWestGravity.
* PICT: Fixed a heap overflow.
* PerlMagick: Fix issue that image fill attribute had its opacity
reset to transparent so it could not be usefully set at image scope.
* Test Suite: Fixed portability issue related to 'sed' which broke
utilities/tests/convert.tap test script.
* WPG: Fix incorrect TrX and TrY elements in CTM.
New Features:
* Added support for a 'Read' resource limit (e.g. '-limit read 5mb').
This allows the user to specify a hard limit for how much data may
be read from a file, read from a pipe, or decompressed from a file
(e.g gzip or bzip2) before a hard error is reported. This resource
limit is a useful alternative to completely disabling support for
compressed files using the --disable-compressed-files option and it
provides more protections as well.
* Added support for reading HEIF/HEIC format.
* Added support for reading and writing JPEG XL format.
* Support for JasPer 3.0.0 is completed. Upgrading to JasPer 3.0.0 is
strongly recommended due to its many security fixes and integration
with GraphicsMagick's resource-limited memory allocator.
* PNG: Support the define png:chunk-malloc-max=limit in order to allow
reading PNG files which report "chunk data is too large" or to
reduce the default limit.
* compare: Added support for the '-compress' option.
* compare: Added support for the '-auto-orient' option. This tries to
assure that the two images are right-side up before comparing.
API Updates:
* Magick++: Support the new 'ReadResource' enumeration.
Feature improvements:
* JPEG: Implement more efficient way to append JPEG profile chunks.
* Resource Limited Memory: The resource limited memory allocator now
maintains useful statistics such as a tally of the total number of
octets moved by realloc.
Index: Makefile
===================================================================
RCS file: /home/cvs/ports/graphics/GraphicsMagick/Makefile,v
retrieving revision 1.67
diff -u -p -u -p -r1.67 Makefile
--- Makefile 11 Mar 2022 19:22:04 -0000 1.67
+++ Makefile 24 Apr 2022 20:10:45 -0000
@@ -1,6 +1,6 @@
COMMENT= image processing tools with stable ABI
-DISTNAME= GraphicsMagick-1.3.37
+DISTNAME= GraphicsMagick-1.3.38
CATEGORIES= graphics devel
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=graphicsmagick/}
EXTRACT_SUFX= .tar.xz
@@ -16,9 +16,10 @@ MAINTAINER= Brad Smith <brad@comstyle.co
# http://www.graphicsmagick.org/www/Copyright.html
PERMIT_PACKAGE= Yes
-WANTLIB += ${COMPILER_LIBCXX} ICE SM X11 Xau Xdmcp Xext bz2 c
-WANTLIB += freetype iconv jasper jbig jpeg lcms2 ltdl lzma m png
-WANTLIB += tiff webp webpmux wmflite-0.2 xcb xml2 z zstd
+WANTLIB += ${COMPILER_LIBCXX} ICE SM X11 Xau Xdmcp Xext aom bz2 c
+WANTLIB += dav1d de265 freetype heif iconv jasper jbig jpeg lcms2
+WANTLIB += ltdl lzma m png tiff webp webpmux wmflite-0.2 x265 xcb
+WANTLIB += xml2 z zstd
WANTLIB += perl # uses perl ABI
@@ -36,6 +37,7 @@ LIB_DEPENDS= archivers/bzip2 \
graphics/libwmf \
graphics/png \
graphics/tiff \
+ multimedia/libheif \
textproc/libxml
RUN_DEPENDS= print/ghostscript/gnu \
print/transfig
Index: distinfo
===================================================================
RCS file: /home/cvs/ports/graphics/GraphicsMagick/distinfo,v
retrieving revision 1.31
diff -u -p -u -p -r1.31 distinfo
--- distinfo 14 Jan 2022 20:44:09 -0000 1.31
+++ distinfo 24 Apr 2022 19:16:33 -0000
@@ -1,2 +1,2 @@
-SHA256 (GraphicsMagick-1.3.37.tar.xz) = kNwi8ae9JA5MkGWpQJYr8T2kPJm8w2yxEcw8Gg10d9Q=
-SIZE (GraphicsMagick-1.3.37.tar.xz) = 5623688
+SHA256 (GraphicsMagick-1.3.38.tar.xz) = 1gzZ21k1HSucsZvrRDFwrKoo8HPRPSWPZ7NidjXjJnU=
+SIZE (GraphicsMagick-1.3.38.tar.xz) = 5958352
Index: pkg/PLIST
===================================================================
RCS file: /home/cvs/ports/graphics/GraphicsMagick/pkg/PLIST,v
retrieving revision 1.26
diff -u -p -u -p -r1.26 PLIST
--- pkg/PLIST 11 Mar 2022 19:22:04 -0000 1.26
+++ pkg/PLIST 24 Apr 2022 20:07:09 -0000
@@ -137,6 +137,8 @@ lib/GraphicsMagick/modules-Q16/coders/gr
@so lib/GraphicsMagick/modules-Q16/coders/gradient.so
lib/GraphicsMagick/modules-Q16/coders/gray.la
@so lib/GraphicsMagick/modules-Q16/coders/gray.so
+lib/GraphicsMagick/modules-Q16/coders/heif.la
+@so lib/GraphicsMagick/modules-Q16/coders/heif.so
lib/GraphicsMagick/modules-Q16/coders/histogram.la
@so lib/GraphicsMagick/modules-Q16/coders/histogram.so
lib/GraphicsMagick/modules-Q16/coders/hrz.la
@@ -371,6 +373,7 @@ share/doc/GraphicsMagick/www/ChangeLog-2
share/doc/GraphicsMagick/www/ChangeLog-2018.html
share/doc/GraphicsMagick/www/ChangeLog-2019.html
share/doc/GraphicsMagick/www/ChangeLog-2020.html
+share/doc/GraphicsMagick/www/ChangeLog-2021.html
share/doc/GraphicsMagick/www/Changelog.html
share/doc/GraphicsMagick/www/Changes.html
share/doc/GraphicsMagick/www/Copyright.html
No comments:
Post a Comment