[ImageMagick/f22: 5/5] Fix 4 more security bugs: bz#1195263, bz#1195265, bz#1195269, bz#1195271
Pavel Alexeev
hubbitus at fedoraproject.org
Tue Mar 10 23:27:57 UTC 2015
commit 6d27c89aa1b2584caede039f4f0a10e7d837fe98
Merge: a572195 a758163
Author: Hubbitus <pahan at hubbitus.info>
Date: Wed Mar 11 02:27:21 2015 +0300
Fix 4 more security bugs: bz#1195263, bz#1195265, bz#1195269, bz#1195271
Merge remote-tracking branch 'origin/f21' into f22
o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263
Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch
o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265
Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch
o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269
Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch
o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271
Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch
Conflicts:
ImageMagick.spec
ImageMagick-6.8.6-CVE-2014-8354.patch | 18 +++++
ImageMagick-6.8.6-CVE-2014-8355.patch | 109 +++++++++++++++++++++++++++++++
ImageMagick-6.8.6-hdr-bz#1195263.patch | 69 +++++++++++++++++++
ImageMagick-6.8.6-miff-bz#1195265.patch | 54 +++++++++++++++
ImageMagick-6.8.6-pdb-bz#1195269.patch | 19 ++++++
ImageMagick-6.8.6-vicar-bz#1195271.patch | 11 ++++
ImageMagick-6.8.7-psd-CVE.patch | 25 +++++++
ImageMagick.spec | 73 ++++++++++++++-------
8 files changed, 353 insertions(+), 25 deletions(-)
---
diff --cc ImageMagick.spec
index c1f5840,ef14ca4..dc1a16e
--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@@@ -3,7 -3,7 +3,7 @@@
Name: ImageMagick
Version: %{VER}.%{Patchlevel}
- Release: 8%{?dist}
-Release: 6%{?dist}
++Release: 9%{?dist}
Summary: An X application for displaying and manipulating images
Group: Applications/Multimedia
License: ImageMagick
@@@ -319,16 -339,23 +339,33 @@@ rm -rf %{buildroot
%doc PerlMagick/demo/ PerlMagick/Changelog PerlMagick/README.txt
%changelog
-* Tue Mar 10 2015 Pavel Alexeev <Pahan at Hubbitus.info> - 6.8.8.10-6
-- Merge fixes from f20 branch (some rabased):
++* Tue Mar 10 2015 Pavel Alexeev <Pahan at Hubbitus.info> - 6.8.8.10-9
++- Merge fixes from f21 branch:
+ o Backport upstream fix http://trac.imagemagick.org/changeset/16765 (bz#1158520) for CVE-2014-8354
+ Add Patch1: ImageMagick-6.8.7-CVE-2014-8354.patch
+ o Backport upstream fix http://trac.imagemagick.org/changeset/16774 (bz#1158524) for CVE-2014-8355
+ Add Patch2: ImageMagick-6.8.6-CVE-2014-8355.patch
+ - Concretize soname versions.
+ - Fix 4 more security bags:
+ o Backport upstream fix http://trac.imagemagick.org/changeset/17846 - bz#1195263
+ Add Patch3: ImageMagick-6.8.6-hdr-bz#1195263.patch
+ o Backport upstream fix http://trac.imagemagick.org/changeset/17854 - bz#1195265
+ Add Patch4: ImageMagick-6.8.6-miff-bz#1195265.patch
+ o Backport upstream fix http://trac.imagemagick.org/changeset/17855 - bz#1195269
+ Add Patch5: ImageMagick-6.8.6-pdb-bz#1195269.patch
+ o Backport upstream fix http://trac.imagemagick.org/changeset/17856 - bz#1195271
+ Add Patch6: ImageMagick-6.8.6-vicar-bz#1195271.patch
+
+* Wed Nov 26 2014 Rex Dieter <rdieter at fedoraproject.org> 6.8.8.10-8
+- revert workaround
+
+* Tue Nov 25 2014 Rex Dieter <rdieter at fedoraproject.org> 6.8.8.10-7
+- rebuild (openexr)
+- 'make check' non-fatal as temp workaround for FTBFS (#1142784)
+
+* Tue Aug 26 2014 Jitka Plesnikova <jplesnik at redhat.com> - 6.8.8.10-6
+- Perl 5.20 rebuild
+
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 6.8.8.10-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
More information about the scm-commits
mailing list