| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Signed-off-by: "Yann E. MORIN" <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
|
|
|
|
|
|
|
|
|
|
|
| |
This patch add an explicitly dependency to fftw-double (the only compatible
fftw's flavor) instead of default behavior where the package do assumption
about the compatible version.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds the host package for imagemagick.
It comes with a minimal selection of configure options to
compile fast cause it is used only to convert
the image files for the custom linux logo.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Peter: explicitly disable other configure options like it is done for the
target variant, add host-pkgconf]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
>From the release notes:
2018-06-06 7.0.7-39 <quetzlzacatenango@image...>
* Fixed numerous use of uninitialized values, integer overflow, memory
exceeded, and timeouts (credit to OSS Fuzz).
The most critical of these are:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8772
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8782
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
| |
Fixes CVE-2018-11625, CVE-2018-11624 & CVE-2018-10177.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2018-6405 (upstream Github PR 964) and many others:
http://www.imagemagick.org/script/changelog.php
Added license hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
|
|
|
| |
Version 7.0.7-3 fixes CVE-2017-15218:
Stop potential leaks in the JNG decoder
Changelog: https://www.imagemagick.org/script/changelog.php
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Quoting CVE-related issues from
https://github.com/ImageMagick/ImageMagick/blob/master/ChangeLog
2017-07-29 7.0.6-5 Glenn Randers-Pehrson <glennrp@image...>
* Fix improper use of NULL in the JNG decoder (CVE-2017-11750, Reference
https://github.com/ImageMagick/ImageMagick/issues/632).
2017-07-24 7.0.6-4 Cristy <quetzlzacatenango@image...>
* Fixed numerous memory leaks (reference
https://github.com/ImageMagick/ImageMagick/issues) including
https://github.com/ImageMagick/ImageMagick/issues/618 (CVE-2017-12676).
2017-07-23 7.0.6-3 Glenn Randers-Pehrson <glennrp@image...>
* Fix memory leaks when reading a malformed JNG image:
https://github.com/ImageMagick/ImageMagick/issues/600 (CVE-2017-13141),
https://github.com/ImageMagick/ImageMagick/issues/602 (CVE-2017-12565).
2017-07-19 7.0.6-2 Cristy <quetzlzacatenango@image...>
* coders/png.c: fixed memory leak of quantum_info (CVE-2017-11539, reference
https://github.com/ImageMagick/ImageMagick/issues/582
* coders/png.c: fixed NULL dereference when trying to write an empty MNG
(CVE-2017-11522, reference
https://github.com/ImageMagick/ImageMagick/issues/586).
2017-06-22 7.0.6-1 Glenn Randers-Pehrson <glennrp@image...>
* Stop a memory leak in read_user_chunk_callback() (reference
https://github.com/ImageMagick/ImageMagick/issues/517,
CVE 2017-11310).
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The check-package script when ran gives warnings on text wrapping
on all of these Config files. This patch cleans up all warnings
related to the text wrapping for the Config files starting with
the letter i in the package directory.
The appropriate indentation is: <tab><2 spaces><62 chars>
See http://nightly.buildroot.org/#writing-rules-config-in for more
information.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream quickly removes old versions from
http://www.imagemagick.org/download/releases
For our LTS versions we should switch to a stable upstream repo which
provides all released versions.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
| |
Fixes
http://autobuild.buildroot.net/results/8d9/8d94627ccce15ae1f348a7a9f54621b2b5a74321/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
| |
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
|
| |
0001 patch already included in this release:
https://github.com/ImageMagick/ImageMagick/commit/b218117cad34d39b9ffb587b45c71c5a49b12bde
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is not yet part of any release.
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of
representable values of type unsigned char" undefined behavior issue, which
might allow remote attackers to cause a denial of service (application
crash) or possibly have unspecified other impact via a crafted image.
For more details, see:
https://blogs.gentoo.org/ago/2017/04/02/imagemagick-undefined-behavior-in-codersrle-c/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
| |
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Fixed memory leak when creating nested exceptions in Magick++
https://www.imagemagick.org/discourse-server/viewtopic.php?f=23&p=142634
- Fixed fd leak for webp coder
https://github.com/ImageMagick/ImageMagick/pull/382
- Fixed Spurious memory allocation message
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=31438
Full changelog: http://imagemagick.org/script/changelog.php
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
http://autobuild.buildroot.net/results/d20/d20eecec8e7b947759185f77a6c8e610dd7393f3/
http://autobuild.buildroot.net/results/ee1/ee15efa8ae3f95244980810155ff7ba9f885a59d/
http://autobuild.buildroot.net/results/aa8/aa80f2fd4c7dd884ea8a1b55ad15a40c7bf40501/
http://autobuild.buildroot.net/results/9aa/9aaa044f78115d7f599ea09669c0d6bface5633e/
This combination is broken since 7.0.4-6.
Since commit a9e228f8ac26 (Implemented a private PNG caNv (canvas) chunk),
PNGsLong gets called unconditionally, but it is only defined if JPEG
support is enabled (which defines JNG_SUPPORTED), breaking the build:
MagickCore/.libs/libMagickCore-7.Q16HDRI.a(MagickCore_libMagickCore_7_Q16HDRI_la-png.o): In function `WriteOnePNGImage':
png.c:(.text+0x748d): undefined reference to `PNGsLong'
png.c:(.text+0x74b7): undefined reference to `PNGsLong'
Fix it by adding a patch unconditionally defining the helper function.
Patch submitted upstream.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an use of uninitialized data issue in MAT image format that may have
security impact:
https://github.com/ImageMagick/ImageMagick/issues/362
[Peter: extend commit message, mention (potential) security impact]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
| |
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
| |
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2016-8707 (Fix possible buffer overflow when writing
compressed TIFFS). This CVE fix is included since 7.0.3-9:
http://git.imagemagick.org/repos/ImageMagick/commit/fde5f55af94f189f16958535a9c22b439d71ac93
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
| |
Fixes CVE-2016-9556 (Heap buffer overflow in IsPixelGray).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
| |
oss-security reference:
http://www.openwall.com/lists/oss-security/2016/11/13/1
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
| |
7.0.3-3 is no longer available upstream and has instead been replaced by -4,
so use that instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
memory allocate failure in AcquireQuantumPixels (quantum.c)
heap-based buffer overflow in IsPixelMonochrome (pixel-accessor.h)
No CVEs assigned yet.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a number of buffer overflows / use-after-free issues:
http://git.imagemagick.org/repos/ImageMagick/blob/master/ChangeLog
* Prevent buffer overflow in BMP & SGI coders (bug report from
pwchen&rayzhong of tencent).
* Prevent buffer overflow and other problems in SIXEL, PDB, MAP, TIFF and
CALS coders (bug report from Donghai Zhu).
* Prevent buffer overflow (bug report from Max Thrane).
* Prevent memory use after free (reference
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30245).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
| |
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
| |
Option --without-jp2 removed as it doesn't exist anymore.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It appears that Imagemagick needs to be configured with
--with-gs-font-dir=/usr/share/fonts/gs else it will not find
the ghostscript fonts and /etc/ImageMagick-6/type-ghostscript.xml
will contain the wrong font paths. You end up with messages like:
Magick: unable to read font `(null)' @ error/annotate.c/RenderFreetype/1153
They are non-fatal but could get annoying fast if you are using 'convert'
on a lot of files.
Without patch we end up with (depending on what is available on the host):
Font Configuration:
Apple fonts --with-apple-font-dir=default
Dejavu fonts --with-dejavu-font-dir=default none
Ghostscript fonts --with-gs-font-dir=default /usr/share/fonts/type1/gsfonts/
Windows fonts --with-windows-font-dir=default none
And with the patch:
Font Configuration:
Apple fonts --with-apple-font-dir=default
Dejavu fonts --with-dejavu-font-dir=default none
Ghostscript fonts --with-gs-font-dir=/usr/share/fonts/gs /usr/share/fonts/gs/
Windows fonts --with-windows-font-dir=default none
[Peter: reworked/extended commit message]
Signed-off-by: Robert Sohn <grepper@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
| |
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
| |
Add new disables for libraries that aren't supported in buildroot and
sort them for ease of maintenance.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
Fix GetNextToken() off by one error.
Check for buffer overflow in magick/draw.c/DrawStrokePolygon().
Remove support for internal ephemeral coder.
These are all related to the recent ImageTragick bundle that were
partially fixed in 6.9.3-10 as well.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
| |
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When webp was compiled before, imagemagick will use it as optional
dependency:
$ output/host/usr/bin/x86_64-linux-readelf -a output/target/usr/bin/stream | grep NEEDED
0x0000000000000001 (NEEDED) Shared library: [libMagickCore-6.Q16.so.2]
0x0000000000000001 (NEEDED) Shared library: [libMagickWand-6.Q16.so.2]
0x0000000000000001 (NEEDED) Shared library: [libjpeg.so.8]
0x0000000000000001 (NEEDED) Shared library: [libwebp.so.5]
[...]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When lcms2 was compiled before, imagemagick will use it as optional
dependency:
$ output/host/usr/bin/x86_64-linux-readelf -a output/target/usr/bin/identify | grep NEEDED
0x0000000000000001 (NEEDED) Shared library: [libMagickCore-6.Q16.so.2]
0x0000000000000001 (NEEDED) Shared library: [libMagickWand-6.Q16.so.2]
0x0000000000000001 (NEEDED) Shared library: [liblcms2.so.2]
[...]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Reviewed-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Tested-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
|
|
|
|
| |
Signed-off-by: Jerzy Grzegorek <jerzy.grzegorek@trzebnica.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
|
|
|
|
| |
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|