------------------------------------------------------------------- Wed Feb 21 13:10:00 UTC 2018 - pgajdos@suse.com - security update (icon.c): * CVE-2017-9405 [bsc#1042911] + GraphicsMagick-CVE-2017-9405.patch ------------------------------------------------------------------- Wed Feb 21 12:31:44 UTC 2018 - pgajdos@suse.com - security update (dib.c): * CVE-2017-11528 [bsc#1050119] + GraphicsMagick-CVE-2017-11528.patch ------------------------------------------------------------------- Tue Feb 20 21:11:07 UTC 2018 - pgajdos@suse.com - security update (uil.c): * CVE-2017-11533 [bsc#1050132] + GraphicsMagick-CVE-2017-11533.patch ------------------------------------------------------------------- Tue Feb 20 20:38:53 UTC 2018 - pgajdos@suse.com - security update (map.c): * CVE-2017-12663 [bsc#1052754] + GraphicsMagick-CVE-2017-12663.patch ------------------------------------------------------------------- Tue Feb 20 18:11:58 UTC 2018 - pgajdos@suse.com - security update (wpg.c): * CVE-2017-17682 [bsc#1072898] + GraphicsMagick-CVE-2017-17682.patch ------------------------------------------------------------------- Tue Feb 20 13:37:10 UTC 2018 - pgajdos@suse.com - security update (rgb.c): * CVE-2017-17500 [bsc#1077737] + GraphicsMagick-rgb.c-update.patch ------------------------------------------------------------------- Fri Feb 16 13:40:24 UTC 2018 - pgajdos@suse.com - security update (msl.c): * CVE-2017-12427 [bsc#1052248] + GraphicsMagick-CVE-2017-12427.patch ------------------------------------------------------------------- Fri Feb 16 06:57:56 UTC 2018 - pgajdos@suse.com - security update (mvg.c): * CVE-2017-12566 [bsc#1052472] + GraphicsMagick-CVE-2017-12566.patch ------------------------------------------------------------------- Thu Feb 15 07:34:59 UTC 2018 - pgajdos@suse.com - security update (pcl.c): * CVE-2017-11637 [bsc#1050669] + GraphicsMagick-CVE-2017-11637.patch ------------------------------------------------------------------- Wed Feb 14 09:51:06 UTC 2018 - pgajdos@suse.com - security update (map.c): * CVE-2017-11638, CVE-2017-11642 [bsc#1050617] + GraphicsMagick-CVE-2017-11638,11642.patch ------------------------------------------------------------------- Wed Feb 14 08:20:41 UTC 2018 - pgajdos@suse.com - security update (gray.c): * CVE-2017-17503 [bsc#1072934] + GraphicsMagick-CVE-2017-17503.patch ------------------------------------------------------------------- Tue Feb 13 15:49:56 UTC 2018 - pgajdos@suse.com - security update (miff.c): * CVE-2017-13131 [bsc#1055229] + GraphicsMagick-CVE-2017-13131.patch ------------------------------------------------------------------- Fri Feb 9 11:57:10 UTC 2018 - pgajdos@suse.com - security update (cmyk.c): * CVE-2017-17502 [bsc#1073081] + GraphicsMagick-cmyk.c-update.patch ------------------------------------------------------------------- Fri Feb 9 09:34:14 UTC 2018 - pgajdos@suse.com - security update (dcm.c): * CVE-2018-6405 [bsc#1078433] + GraphicsMagick-CVE-2018-6405.patc ------------------------------------------------------------------- Wed Feb 7 12:24:07 UTC 2018 - pgajdos@suse.com - security update (jpeg.c): * CVE-2017-11450 [bsc#1049374] + GraphicsMagick-CVE-2017-11450.patch * CVE-2017-11448 [bsc#1049375] + GraphicsMagick-CVE-2017-11448.patch * CVE-2017-11140 [bsc#1047900] + GraphicsMagick-CVE-2017-11140.patch ------------------------------------------------------------------- Tue Feb 6 16:22:42 UTC 2018 - pgajdos@suse.com - security update (pcx.c): * CVE-2017-12432 [bsc#1052254] + ImageMagick-CVE-2017-12432.patch * CVE-2017-12668 [bsc#1052688] + ImageMagick-CVE-2017-12668.patch * CVE-2017-14224 [bsc#1058009] + ImageMagick-CVE-2017-14224.patch * CVE-2017-13058 [bsc#1055069] + ImageMagick-CVE-2017-13058.patch ------------------------------------------------------------------- Wed Jan 31 12:51:45 UTC 2018 - pgajdos@suse.com - security update (palm.c): * CVE-2017-9407 [bsc#1042824] + GraphicsMagick-CVE-2017-9407.patch ------------------------------------------------------------------- Mon Jan 29 12:02:02 UTC 2018 - pgajdos@suse.com - security update (tiff.c): * CVE-2017-17912 [bsc#1074307] + GraphicsMagick-CVE-2017-17912.patch * CVE-2017-18028 [bsc#1076182] + GraphicsMagick-CVE-2017-18028.patch ------------------------------------------------------------------- Fri Jan 26 14:37:11 UTC 2018 - pgajdos@suse.com - GraphicsMagick-CVE-2017-13063,13064.patch a renamed to GraphicsMagick-CVE-2017-13063,13064,13065.patch as it also fixes CVE-2017-13065 [bsc#1055038] ------------------------------------------------------------------- Wed Jan 24 12:14:33 UTC 2018 - pgajdos@suse.com - security update (bmp.c): * CVE-2018-5685 [bsc#1075939] + GraphicsMagick-CVE-2018-5685.patch ------------------------------------------------------------------- Mon Jan 22 11:01:10 UTC 2018 - pgajdos@suse.com - GraphicsMagick-CVE-2014-9811.patch: * use MagickFreeMemory() instead of unknown RelinquishMagickMemory() - GraphicsMagick-CVE-2017-14174.patch * use MagickFreeMemory() instead of unknown FreeMagickMemory() - GraphicsMagick-CVE-2017-16669.patch: * use 2xMagickFreeMemory() equivalent instead of unknown FreeUnpackWPG2RasterAllocs() - GraphicsMagick-CVE-2017-8352.patch * use MagickFreeMemory() instead of unknown RelinquishMagickMemory() ------------------------------------------------------------------- Wed Jan 17 11:55:25 UTC 2018 - pgajdos@suse.com - security update (png.c): * CVE-2017-9262 [bsc#1043353] * CVE-2017-9261 [bsc#1043354] * CVE-2017-10995 [bsc#1047908] * CVE-2017-11102 [bsc#1047910] * CVE-2017-11539 [bsc#1050037] * CVE-2017-11505 [bsc#1050072] * CVE-2017-11526 [bsc#1050100] * CVE-2017-11750 [bsc#1051442] * CVE-2017-12565 [bsc#1052470] * CVE-2017-12676 [bsc#1052708] * CVE-2017-12673 [bsc#1052717] * CVE-2017-12643 [bsc#1052768] * CVE-2017-12641 [bsc#1052777] * CVE-2017-12640 [bsc#1052781] * CVE-2017-12935 [bsc#1054600] * CVE-2017-13147 [bsc#1055374] * CVE-2017-13142 [bsc#1055455] * CVE-2017-13141 [bsc#1055456] * CVE-2017-14103 [bsc#1057000] * CVE-2017-14649 [bsc#1060162] * CVE-2017-15218 [bsc#1062752] * CVE-2017-15238 [bsc#1067198] * CVE-2017-17504 [bsc#1072362] * CVE-2017-17782 [bsc#1073690] * CVE-2017-17501 [bsc#1074023] * CVE-2017-17884 [bsc#1074120] * CVE-2017-17879 [bsc#1074125] * CVE-2017-17915 [bsc#1074175] - added patches: + GraphicsMagick-CVE-2017-14649.patch + GraphicsMagick-CVE-2017-17782.patch + GraphicsMagick-CVE-2017-14103.patch + GraphicsMagick-CVE-2017-17915.patch + GraphicsMagick-CVE-2017-13147.patch + GraphicsMagick-CVE-2017-17501.patch + GraphicsMagick-CVE-2017-15238.patch + GraphicsMagick-CVE-2017-11102.patch + GraphicsMagick-png.c-update.patch ------------------------------------------------------------------- Tue Jan 9 12:16:29 UTC 2018 - pgajdos@suse.com - security update (core): * CVE-2017-18022 [bsc#1074975] + GraphicsMagick-CVE-2017-18022.patch ------------------------------------------------------------------- Tue Jan 9 12:13:38 UTC 2018 - pgajdos@suse.com - security update (rla.c): * CVE-2018-5247 [bsc#1074969] + GraphicsMagick-CVE-2018-5247.patch ------------------------------------------------------------------- Mon Jan 8 13:19:50 UTC 2018 - pgajdos@suse.com - security update (mat.c): * CVE-2017-10800 [bsc#1047044] + GraphicsMagick-CVE-2017-10800.patch ------------------------------------------------------------------- Wed Jan 3 10:18:00 UTC 2018 - pgajdos@suse.com - security update (mpc.c): * CVE-2017-11449 [bsc#1049373] + GraphicsMagick-CVE-2017-11449.patch * CVE-2017-11532 [bsc#1050129] + GraphicsMagick-CVE-2017-11532.patch * CVE-2017-12430 [bsc#1052252], CVE-2017-12429 [bsc#1052251] + GraphicsMagick-CVE-2017-12430,12429.patch * CVE-2017-12642 [bsc#1052771] + GraphicsMagick-CVE-2017-12642.patch * CVE-2017-14249 [bsc#1058082] + GraphicsMagick-CVE-2017-14249.patch ------------------------------------------------------------------- Tue Jan 2 14:32:48 UTC 2018 - pgajdos@suse.com - security update (render.c): * CVE-2017-16547 [bsc#1067177] + GraphicsMagick-CVE-2017-16547.patch ------------------------------------------------------------------- Tue Jan 2 11:42:32 UTC 2018 - pgajdos@suse.com - security update (pwp.c): * memory leak in pwp.c [bsc#1051412] + GraphicsMagick-pwp.c-memory-leak.patch ------------------------------------------------------------------- Thu Dec 14 10:44:06 UTC 2017 - pgajdos@suse.com - security update (xcf.c): * CVE-2017-14343, CVE-2017-12691 [bsc#1058422] GraphicsMagick-CVE-2017-14343,12691.patch ------------------------------------------------------------------- Wed Dec 13 14:58:49 UTC 2017 - pgajdos@suse.com - security update (pnm.c): * CVE-2017-14042 [bsc#1056550] + GraphicsMagick-CVE-2017-14042.patch ------------------------------------------------------------------- Tue Dec 12 15:32:06 UTC 2017 - pgajdos@suse.com - security update (psd.c): * CVE-2017-13061 [bsc#1055063] + GraphicsMagick-CVE-2017-13061.patch * CVE-2017-12563 [bsc#1052460] + GraphicsMagick-CVE-2017-12563.patch * CVE-2017-14174 [bsc#1057723] + GraphicsMagick-CVE-2017-14174.patch ------------------------------------------------------------------- Mon Dec 11 13:47:44 UTC 2017 - pgajdos@suse.com - security update (gif.c): * CVE-2017-15277 [bsc#1063050] + GraphicsMagick-CVE-2017-15277.patch ------------------------------------------------------------------- Wed Dec 6 09:24:49 UTC 2017 - pgajdos@suse.com - security update (rle.c): * CVE-2017-14733 [bsc#1060577] + GraphicsMagick-CVE-2017-14733.patch ------------------------------------------------------------------- Tue Dec 5 13:32:19 UTC 2017 - pgajdos@suse.com - security update (pdf.c): * CVE-2017-12662 [bsc#1052758] + GraphicsMagick-CVE-2017-12662.patch ------------------------------------------------------------------- Mon Dec 4 16:57:11 UTC 2017 - pgajdos@suse.com - security update (dcm.c): * CVE-2017-14994 [bsc#1061587] + GraphicsMagick-CVE-2017-14994.patch * CVE-2017-12140, CVE-2017-12644 [bsc#1052764] [bsc#1051847] + GraphicsMagick-CVE-2017-12140,12644.patch ------------------------------------------------------------------- Mon Dec 4 14:05:46 UTC 2017 - pgajdos@suse.com - security update (dpx.c): * CVE-2017-11188 [bsc#1048457] + GraphicsMagick-CVE-2017-11188.patch * CVE-2017-10799 [bsc#1047054] + GraphicsMagick-CVE-2017-10799.patch ------------------------------------------------------------------- Wed Nov 29 10:25:56 UTC 2017 - pgajdos@suse.com - security update (tiff.c): * CVE-2017-11640 [bsc#1050632] + GraphicsMagick-CVE-2017-11640.patch ------------------------------------------------------------------- Tue Nov 21 11:21:18 UTC 2017 - pgajdos@suse.com - security update (wpg.c): * CVE-2017-14342 [bsc#1058485] + GraphicsMagick-CVE-2017-14342.patch * CVE-2017-14341 [bsc#1058637] + GraphicsMagick-CVE-2017-14341.patch * CVE-2017-16546 [bsc#1067181] + GraphicsMagick-CVE-2017-16546.patch * CVE-2017-16545 [bsc#1067184] + GraphicsMagick-CVE-2017-16545.patch * CVE-2017-16669 [bsc#1067409] + GraphicsMagick-CVE-2017-16669.patch - fix GraphicsMagick-CVE-2016-7996,7997.patch (conditional jump depends on unitialized value) ------------------------------------------------------------------- Tue Nov 7 11:17:25 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-13776, CVE-2017-13777 [bsc#1056429], [bsc#1056426] + GraphicsMagick-CVE-2017-13776,13777.patch ------------------------------------------------------------------- Mon Nov 6 15:11:34 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-13134 [bsc#1055214] + GraphicsMagick-CVE-2017-13134.patch ------------------------------------------------------------------- Mon Nov 6 12:45:02 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-15930 [bsc#1066003] + GraphicsMagick-CVE-2017-15930.patch ------------------------------------------------------------------- Fri Nov 3 09:04:51 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-12983 [bsc#1054757] + use after free + GraphicsMagick-CVE-2017-12983.patch ------------------------------------------------------------------- Wed Nov 1 12:29:52 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-14165 [bsc#1057508] + GraphicsMagick-CVE-2017-14165.patch ------------------------------------------------------------------- Wed Nov 1 12:29:41 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-12587 [bsc#1052450] + GraphicsMagick-CVE-2017-12587.patch ------------------------------------------------------------------- Tue Oct 24 15:11:26 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-11534 [bsc#1050135] + GraphicsMagick-CVE-2017-11534.patch ------------------------------------------------------------------- Tue Oct 24 08:51:54 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-12936 [bsc#1054598] + GraphicsMagick-CVE-2017-12936.patch ------------------------------------------------------------------- Mon Oct 23 12:01:10 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-13139 [bsc#1055430] + GraphicsMagick-CVE-2017-13139.patch ------------------------------------------------------------------- Mon Oct 23 10:27:19 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-12937 [bsc#1054596] + GraphicsMagick-CVE-2017-12937.patch ------------------------------------------------------------------- Fri Oct 20 11:48:42 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-13063 [bsc#1055050], CVE-2017-13064 [bsc#1055042] + GraphicsMagick-CVE-2017-13063,13064.patch ------------------------------------------------------------------- Mon Oct 9 10:03:50 UTC 2017 - pgajdos@suse.com - ThrowException does not return [bsc#1061873c#6] + amended GraphicsMagick-CVE-2017-15033.patch ------------------------------------------------------------------- Fri Oct 6 13:30:58 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-15033 [bsc#1061873] + GraphicsMagick-CVE-2017-15033.patch ------------------------------------------------------------------- Tue Aug 15 09:02:59 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-11643 [bsc#1050611] + GraphicsMagick-CVE-2017-11643.patch * CVE-2017-11636 [bsc#1050674] + GraphicsMagick-CVE-2017-11636.patch ------------------------------------------------------------------- Mon Aug 14 12:24:25 UTC 2017 - pgajdos@suse.com - complementary fix for CVE-2017-11403 [bsc#1049072 c8-c13] ------------------------------------------------------------------- Fri Jul 21 14:40:16 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-11403 [bsc#1049072] + GraphicsMagick-CVE-2017-11403.patch ------------------------------------------------------------------- Wed Jun 28 15:26:31 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-9439 [bsc#1042826] + ImageMagick-CVE-2017-9439.patch * CVE-2017-9501 [bsc#1043289] + ImageMagick-CVE-2017-9501.patch ------------------------------------------------------------------- Mon Jun 26 07:45:40 UTC 2017 - pgajdos@suse.com - complementary fix for CVE-2017-8350 [bsc#1036985 c13-c21] ------------------------------------------------------------------- Tue Jun 13 10:21:51 UTC 2017 - pgajdos@suse.com - really fix CVE-2014-9847 (in ReadJNGImage()) [bsc#1040304c#12] * amended GraphicsMagick-CVE-2014-9847.patch ------------------------------------------------------------------- Mon May 22 10:34:16 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-9098 [bsc#1040025] + GraphicsMagick-CVE-2017-9098.patch * CVE-2017-9142 [bsc#1040304] + ImageMagick-CVE-2017-9142.patch * CVE-2017-9144 [bsc#1040332] + ImageMagick-CVE-2017-9144.patch ------------------------------------------------------------------- Tue May 2 13:29:17 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-8344 [bsc#1036978] + GraphicsMagick-CVE-2017-8344.patch * CVE-2017-8345, CVE-2017-8350 [bsc#1036980] [bsc#1036985] + GraphicsMagick-CVE-2017-8345,8350.patch * CVE-2017-8346 [bsc#1036981] + GraphicsMagick-CVE-2017-8346.patch * CVE-2017-8349 [bsc#1036984] + ImageMagick-CVE-2017-8349.patc * CVE-2017-8351 [bsc#1036986] + ImageMagick-CVE-2017-8351.patch * CVE-2017-8352 [bsc#1036987] + ImageMagick-CVE-2017-8352.patch * CVE-2017-8353 [bsc#1036988] + GraphicsMagick-CVE-2017-8353.patch * CVE-2017-8355 [bsc#1036990] + GraphicsMagick-CVE-2017-8355.patch * CVE-2017-7606 [bsc#1033091] + GraphicsMagick-CVE-2017-7606.patch * CVE-2017-8765 [bsc#1037527] + GraphicsMagick-CVE-2017-8765.patch * CVE-2017-8830 [bsc#1038000] + ImageMagick-CVE-2017-8830.patch ------------------------------------------------------------------- Tue Apr 25 14:41:35 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-7941 [bsc#1034876] + GraphicsMagick-CVE-2017-7941.patch ------------------------------------------------------------------- Tue Mar 21 17:00:45 UTC 2017 - pgajdos@suse.com - security update: * CVE-2017-6335 [bsc#1027255] + GraphicsMagick-CVE-2017-6335.patch ------------------------------------------------------------------- Tue Jan 17 10:27:59 UTC 2017 - pgajdos@suse.com - security update: * CVE-2016-10049 [bsc#1017311] + GraphicsMagick-CVE-2016-10049.patch * CVE-2016-10050 [bsc#1017312] + GraphicsMagick-CVE-2016-10050.patch * CVE-2016-10051 [bsc#1017313] + GraphicsMagick-CVE-2016-10051.patch * CVE-2016-10059 [bsc#1017318] + GraphicsMagick-CVE-2016-10059.patch * CVE-2016-10046 [bsc#1017308] + GraphicsMagick-CVE-2016-10046.patch * CVE-2016-10048 [bsc#1017310] + GraphicsMagick-CVE-2016-10048.patch * CVE-2016-10146 [bsc#1020443] + GraphicsMagick-CVE-2016-10146.patch * CVE-2016-10065 [bsc#1017322] + GraphicsMagick-CVE-2016-10065.patch * CVE-2017-5511 [bsc#1020448] + GraphicsMagick-CVE-2017-5511.patch * CVE-2016-10064 [bsc#1017321] + GraphicsMagick-CVE-2016-10064.patch * CVE-2016-10068 [bsc#1017324] + GraphicsMagick-CVE-2016-10068.patch * CVE-2016-10070 [bsc#1017326] + GraphicsMagick-CVE-2016-10070.patch - GraphicsMagick-buffer-overflow-pdb.patch corrected to GraphicsMagick-buffer-overflow-map.patch name ------------------------------------------------------------------- Tue Jan 3 12:58:22 UTC 2017 - pgajdos@suse.com - revert bogus GraphicsMagick-CVE-2016-9773.patch, GraphicsMagick is not affected by CVE-2016-9773 [bsc#1017421] ------------------------------------------------------------------- Mon Dec 12 15:04:16 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-8866 [bsc#1009318] + GraphicsMagick-CVE-2016-8866.patch * CVE-2016-9773 [bsc#1013376] + GraphicsMagick-CVE-2016-9773.patch * CVE-2016-9830 [bsc#1013640] + GraphicsMagick-CVE-2016-9830.patch ------------------------------------------------------------------- Mon Nov 28 12:08:45 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-9556 [bsc#1011130] + GraphicsMagick-CVE-2016-9556.patch * CVE-2016-9559 [bsc#1011136] + GraphicsMagick-CVE-2016-9559.patch ------------------------------------------------------------------- Wed Nov 9 21:14:57 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-8862 [bsc#1007245] + GraphicsMagick-CVE-2016-8862.patch ------------------------------------------------------------------- Mon Nov 7 06:38:12 UTC 2016 - pgajdos@suse.com - make check ------------------------------------------------------------------- Tue Oct 18 11:45:08 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-8684 [bsc#1005123] + GraphicsMagick-CVE-2016-8684.patch * CVE-2016-8682 [bsc#1005125] + GraphicsMagick-CVE-2016-8682.patch * CVE-2016-8683 [bsc#1005127] + GraphicsMagick-CVE-2016-8683.patch ------------------------------------------------------------------- Mon Sep 26 14:52:53 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-7529 [bsc#1000399] + GraphicsMagick-CVE-2016-7529.patch * CVE-2016-7528 [bsc#1000434] + GraphicsMagick-CVE-2016-7528.patch * removed GraphicsMagick-CVE-2016-5688.patch [bsc#985442] * CVE-2016-7526 [bsc#1000436] + GraphicsMagick-CVE-2016-7526.patch * CVE-2016-7515 [bsc#1000689] + GraphicsMagick-CVE-2016-7515.patch * CVE-2015-8957, CVE-2015-8958 [bsc#1000690] [bsc#1000691] + GraphicsMagick-CVE-2014-9818,9829,9830-CVE-2015-8957.patch - GraphicsMagick-CVE-2014-9818,9829.patch - GraphicsMagick-CVE-2014-9830.patch * CVE-2016-7446 [bsc#999673] + GraphicsMagick-CVE-2016-7446.patch * CVE-2016-7447 [bsc#999673] + GraphicsMagick-CVE-2016-7447.patch * CVE-2016-7448 [bsc#999673] + GraphicsMagick-CVE-2016-7448.patch * CVE-2016-7516 [bsc#1000692] + GraphicsMagick-CVE-2016-7516.patch * CVE-2016-7517 [bsc#1000693] + GraphicsMagick-CVE-2016-7517.patch * CVE-2016-7519 [bsc#1000695] + GraphicsMagick-CVE-2016-7519.patch * CVE-2016-7522 [bsc#1000698] + GraphicsMagick-CVE-2016-7522.patch * CVE-2016-7524 [bsc#1000700] + GraphicsMagick-CVE-2016-7524.patch * CVE-2016-7531 [bsc#1000704] + GraphicsMagick-CVE-2016-7531.patch * CVE-2016-7533 [bsc#1000707] + GraphicsMagick-CVE-2016-7533.patch * CVE-2016-7537 [bsc#1000711] + GraphicsMagick-CVE-2016-7537.patch * CVE-2016-6823 [bsc#1001066] + GraphicsMagick-CVE-2016-6823.patch * CVE-2016-7101 [bsc#1001221] + GraphicsMagick-CVE-2016-7101.patch * do not divide by zero in WriteTIFFImage [bsc#1002206] + GraphicsMagick-write-tiff-div-by-zero.patch * fix buffer overflow [bsc#1002209] + Graphics-buffer-overflow-pdb.patch * CVE-2016-7800 [bsc#1002422] + GraphicsMagick-CVE-2016-7800.patch * CVE-2016-7996, CVE-2016-7997 [bsc#1003629] + ImageMagick-CVE-2016-7996,7997.patch ------------------------------------------------------------------- Tue Jun 7 13:53:28 UTC 2016 - pgajdos@suse.com - security update: * CVE-2015-8901 [bsc#983234] + GraphicsMagick-CVE-2015-8901.patch * CVE-2015-8903 [bsc#983259] + GraphicsMagick-CVE-2015-8903.patch * CVE-2016-5240 [bsc#983309] + GraphicsMagick-CVE-2016-5240.patch * CVE-2016-5241 [bsc#983455] + GraphicsMagick-CVE-2016-5241.patch * CVE-2014-9846 [bsc#983521] + GraphicsMagick-CVE-2014-9846.patch * CVE-2015-8894 [bsc#983523] + GraphicsMagick-CVE-2015-8894.patch * CVE-2015-8896 [bsc#983533] + GraphicsMagick-CVE-2015-8896.patch * CVE-2014-9805 [bsc#983752] + GraphicsMagick-CVE-2014-9805.patch * CVE-2014-9807 [bsc#983794] + GraphicsMagick-CVE-2014-9807.patch * CVE-2014-9808 [bsc#983796] + GraphicsMagick-CVE-2014-9808.patch * CVE-2014-9809 [bsc#983799] + GraphicsMagick-CVE-2014-9809.patch * CVE-2014-9810 [bsc#983803] + GraphicsMagick-CVE-2014-9810.patch * CVE-2014-9828 [bsc#984028] + GraphicsMagick-CVE-2014-9828.patch * CVE-2014-9813 [bsc#984035] + GraphicsMagick-CVE-2014-9813.patch * CVE-2014-9830 [bsc#984135] + GraphicsMagick-CVE-2014-9830.patch * CVE-2014-9811 [bsc#984032] + GraphicsMagick-CVE-2014-9811.patch * CVE-2014-9819 [bsc#984142] + GraphicsMagick-CVE-2014-9819.patch * CVE-2014-9847 [bsc#984144] + GraphicsMagick-CVE-2014-9847.patch * CVE-2014-9835, CVE-2014-9831 [bsc#984145] [bsc#984375] + GraphicsMagick-CVE-2014-9835,9831.patch * CVE-2014-9820 [bsc#984150] + GraphicsMagick-CVE-2014-9820.patch * CVE-2014-9837 [bsc#984166] + GraphicsMagick-CVE-2014-9837.patch * CVE-2014-9818, CVE-2014-9829 [bsc#984181] [bsc#984409] + GraphicsMagick-CVE-2014-9818,9829.patch * CVE-2014-9814 [bsc#984193] + GraphicsMagick-CVE-2014-9814.patch * CVE-2014-9815 [bsc#984372] + GraphicsMagick-CVE-2014-9815.patch * CVE-2014-9844 [bsc#984373] + GraphicsMagick-CVE-2014-9844.patch * CVE-2014-9839 [bsc#984379] + GraphicsMagick-CVE-2014-9839.patch * CVE-2014-9845 [bsc#984394] + GraphicsMagick-CVE-2014-9845.patch * CVE-2014-9816 [bsc#984398] + GraphicsMagick-CVE-2014-9816.patch * CVE-2014-9817 [bsc#984400] + GraphicsMagick-CVE-2014-9817.patch * CVE-2014-9853 [bsc#984408] + GraphicsMagick-CVE-2014-9853.patch * CVE-2014-9840 [bsc#984433] + ImageMagick-CVE-2014-9840.patch * CVE-2014-9834 [bsc#984436] + GraphicsMagick-CVE-2014-9834.patch * CVE-2016-5688 [bsc#985442] + GraphicsMagick-CVE-2016-5688.patch * CVE-2016-2317 [bsc#965853] + GraphicsMagick-CVE-2016-2317.patch * CVE-2016-2318 [bsc#965853] + GraphicsMagick-CVE-2016-2318.patch ------------------------------------------------------------------- Mon May 30 14:21:41 UTC 2016 - pgajdos@suse.com - security update: * CVE-2016-5118 [bsc#982178] + GraphicsMagick-CVE-2016-5118.patch * CVE-2013-4589 [bsc#851064] + GraphicsMagick-CVE-2013-4589.patch * CVE-2015-8808 [bsc#965574] + GraphicsMagick-CVE-2015-8808.patch ------------------------------------------------------------------- Mon May 9 06:25:03 UTC 2016 - sflees@suse.de - Security update Remote Code Execution / Local File read [bnc#978061] CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, CVE-2016-3718 * GraphicsMagick-upstream-delegates-safer.patch * GraphicsMagick-upstream-disable-mvg-ext.patch * GraphicsMagick-upstream-disable-tmp-magick-prefix.patch * GraphicsMagick-upstream-image-sanity-check.patch ------------------------------------------------------------------- Mon Mar 18 13:41:27 UTC 2013 - pgajdos@suse.com - security update: * CVE-2012-3438.patch [bnc#773612] ------------------------------------------------------------------- Thu Jun 4 15:44:15 CEST 2009 - nadvornik@suse.cz - fixed integer overflow in XMakeImage [SA35216, bnc#507728] ------------------------------------------------------------------- Wed Oct 15 11:35:47 CEST 2008 - nadvornik@suse.cz - renamed libGraphicsMagick1 -> libGraphicsMagick2 ------------------------------------------------------------------- Fri Sep 12 15:05:31 CEST 2008 - nadvornik@suse.cz - updated to 1.2.5 * many fixes and improvements * see NEWS.txt for details - renamed libGraphicsMagickWand0 -> libGraphicsMagickWand1 - renamed libGraphicsMagick++1 -> libGraphicsMagick++2 ------------------------------------------------------------------- Fri May 23 15:51:33 CEST 2008 - nadvornik@suse.cz - fixed CVE-2008-1097 PCX buffer overflow [bnc#391366] - fixed CVE-2008-1096 XCF Buffer overflow [bnc#391364] ------------------------------------------------------------------- Tue Mar 11 17:02:23 CET 2008 - nadvornik@suse.cz - updated to 1.1.11: * security fixes merged upstream * BMP, DIB: Support large files * TIFF: Endian option (-endian) now controls TIFF byte endian order rather than bit fill order ------------------------------------------------------------------- Tue Oct 23 17:13:42 CEST 2007 - nadvornik@suse.cz - updated to 1.1.10: Bugs Fixed: o Image rotate by -90/270 degrees was producing wrong output. o In mogrify command, don't remove file name based on random junk in memory. o Fixed memory leak when reading MPC files. o Fixed crash when writing MIFF format and depth is not expected 8/16/32/. o In mogrify command, don't leak memory in the case where the image file contains multiple frames. o Fixed crash in PNG and JPEG coders when the image to be written is part of an image list. o PNG reader errors are now properly reported to the user. o TIFF output can now be written to a pipe or other non-seekable destination. o Support writing PDF with CCITT compression. Feature Improvements: o Added a new 'benchmark' command which can be used to perform benchmarking on any other command. o Image rotate in clockwise (90 degrees) or counter-clockwise (270 degrees) direction is now 2-9X faster than before. o The -version option now includes a list of supported features. - fixed interger overflows: CVE-2007-4985, CVE-2007-4986, CVE-2007-4988 [#327021] - fixed to build with GCC 4.3 ------------------------------------------------------------------- Mon Aug 6 16:53:26 CEST 2007 - nadvornik@suse.cz - updated to 1.1.8: * security fixes merged upstream * a lot of other bugfixes ------------------------------------------------------------------- Wed Jul 25 13:41:10 CEST 2007 - nadvornik@suse.cz - adjusted to Shared Library Policy: * new subpackages libGraphicsMagick1, libGraphicsMagickWand0 * GraphicsMagick-c++ -> libGraphicsMagick++1 * GraphicsMagick-c++-devel -> libGraphicsMagick++-devel - fixed to build ------------------------------------------------------------------- Thu Apr 19 14:15:49 CEST 2007 - nadvornik@suse.cz - fixed various crashes on malformed input, including CVE-2007-1797 and CVE-2007-1667 [#258253] - adjusted BuildRequires for libjasper-devel ------------------------------------------------------------------- Tue Feb 27 22:49:43 CET 2007 - dmueller@suse.de - reduce buildrequires ------------------------------------------------------------------- Thu Feb 22 17:32:48 CET 2007 - nadvornik@suse.cz - fixed patch for palm codec CVE-2006-5456 [#215685] - fixed palm patch for palm codec [#215685] - fixed PerlMagic module library dependencies [#243002] - fixed broken code that caused compiler warnings [#243012] ------------------------------------------------------------------- Thu Nov 16 18:35:03 CET 2006 - dmueller@suse.de - fix c++-devel package requires ------------------------------------------------------------------- Mon Oct 30 16:27:15 CET 2006 - nadvornik@suse.cz - applied debian patch for CVE-2006-5456, CVE-2006-3743, CVE-2006-3744, CAN-2005-0397, CVE-2005-4601 ------------------------------------------------------------------- Thu Sep 21 18:47:45 CEST 2006 - nadvornik@suse.cz - minor adjustments in spec file ------------------------------------------------------------------- Thu Sep 14 18:20:05 CEST 2006 - lmichnovic@suse.cz - initial version 1.1.7