diff --git a/CVE-2023-5341.patch b/CVE-2023-5341.patch deleted file mode 100644 index 5ab101d84153fd6e5380ad0a540bfccec17a63e4..0000000000000000000000000000000000000000 --- a/CVE-2023-5341.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 97b99a741321c9a89491ebb6dab66d1215413595 Mon Sep 17 00:00:00 2001 -From: Cristy -Date: Sat, 7 Oct 2023 10:22:57 +0800 -Subject: [PATCH] check for BMP file size, poc provided by Hardik Shah of - Vehere (Dawn Treaders team) - ---- - coders/bmp.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/coders/bmp.c b/coders/bmp.c -index 8ff76bb..bb9ce2f 100644 ---- a/coders/bmp.c -+++ b/coders/bmp.c -@@ -629,6 +629,9 @@ static Image *ReadBMPImage(const ImageInfo *image_info,ExceptionInfo *exception) - " BMP header size: %u",bmp_info.size); - if (bmp_info.size > 124) - ThrowReaderException(CorruptImageError,"ImproperImageHeader"); -+ if ((bmp_info.file_size != 0) && -+ ((MagickSizeType) bmp_info.file_size > GetBlobSize(image))) -+ ThrowReaderException(CorruptImageError,"ImproperImageHeader"); - if (bmp_info.offset_bits < bmp_info.size) - ThrowReaderException(CorruptImageError,"ImproperImageHeader"); - bmp_info.offset_bits=MagickMax(14+bmp_info.size,bmp_info.offset_bits); --- -2.27.0 - diff --git a/7.1.1-15.tar.gz b/ImageMagick-7.1.1-35.tar.xz similarity index 51% rename from 7.1.1-15.tar.gz rename to ImageMagick-7.1.1-35.tar.xz index cc2953741186fb6ae604a573fd59845dd1c26851..d2128b99b1df76694175b10b5628ccdbe73a6700 100644 Binary files a/7.1.1-15.tar.gz and b/ImageMagick-7.1.1-35.tar.xz differ diff --git a/ImageMagick.spec b/ImageMagick.spec index affadea0895d1d1e1d27701684c69c740869c471..af6e65eb198d0d67da3a40391b369c1e512866a2 100644 --- a/ImageMagick.spec +++ b/ImageMagick.spec @@ -1,14 +1,16 @@ +# Disable automatic .la file removal +%global __brp_remove_la_files %nil + Name: ImageMagick Epoch: 1 -Version: 7.1.1.15 -Release: 2 +Version: 7.1.1.35 +Release: 1 Summary: Create, edit, compose, or convert bitmap images License: ImageMagick and MIT -Url: http://www.imagemagick.org/ -Source0: https://github.com/ImageMagick/ImageMagick/archive/refs/tags/7.1.1-15.tar.gz -Patch1: CVE-2023-5341.patch -Patch2: drop-backported-ac_func_fseeko.m4-for-autoconf-2.72-compatibility.patch -Patch3: fixup-LFS-check-for-autoconf-2.72.patch +Url: https://www.imagemagick.org/ +%global VER %(foo=%{version}; echo ${foo:0:5}) +%global Patchlevel %(foo=%{version}; echo ${foo:6}) +Source0: https://imagemagick.org/archive/releases/%{name}-%{VER}-%{Patchlevel}.tar.xz BuildRequires: bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators BuildRequires: libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel @@ -75,11 +77,13 @@ Requires: ImageMagick-devel = %{epoch}:%{version}-%{release} Development files for ImageMagick-c++. %prep -%autosetup -n ImageMagick-7.1.1-15 -p1 +%autosetup -n %{name}-%{VER}-%{Patchlevel} -p1 install -d Magick++/examples cp -p Magick++/demo/*.cpp Magick++/demo/*.miff Magick++/examples +sed -e '/INSTALL_BASE/d' -i PerlMagick/Makefile.PL* + %build autoconf -f -i export CFLAGS="%{optflags} -DIMPNG_SETJMP_IS_THREAD_SAFE" @@ -87,6 +91,7 @@ export CFLAGS="%{optflags} -DIMPNG_SETJMP_IS_THREAD_SAFE" --with-threads --with-magick_plus_plus --with-gslib --with-wmf --with-webp \ --with-openexr --with-rsvg --with-xml --without-dps --without-gcc-arch \ --with-jbig --with-openjp2 \ + --with-perl \ --with-perl-options="INSTALLDIRS=vendor %{?perl_prefix} CC='%__cc -L$PWD/magick/.libs' LDDLFLAGS='-shared -L$PWD/magick/.libs'" %make_build @@ -95,29 +100,37 @@ export CFLAGS="%{optflags} -DIMPNG_SETJMP_IS_THREAD_SAFE" cp -a www/source %{buildroot}%{_datadir}/doc/ImageMagick-7.1.1 rm %{buildroot}%{_libdir}/*.la -%{__perl} -MExtUtils::MakeMaker -e 'MY->fixin(@ARGV)' PerlMagick/demo/*.pl +# fix weird perl module permissions +chmod 755 %{buildroot}%{perl_vendorarch}/auto/Image/Magick/Q16HDRI/Q16HDRI.so -find %{buildroot} -name "*.bs" -exec rm {} \; -find %{buildroot} -name ".packlist" -exec rm {} \; -find %{buildroot} -name "perllocal.pod" -exec rm {} \; +# perlmagick: fix perl path of demo files +%{__perl} -MExtUtils::MakeMaker -e 'MY->fixin(@ARGV)' PerlMagick/demo/*.pl -printf "%defattr(-,root,root,-)\n" > perl-pkg-files -find %{buildroot}/%{_libdir}/perl* -type f -print | sed "s@^%{buildroot}@@g" > perl-pkg-files -find %{buildroot}%{perl_vendorarch} -type d -print | sed "s@^%{buildroot}@%dir @g" \ - | grep -v '^%dir %{perl_vendorarch}$' | grep -v '/auto$' >> perl-pkg-files +# perlmagick: cleanup various perl tempfiles from the build which get installed +find %{buildroot} -name "*.bs" |xargs rm -f +find %{buildroot} -name ".packlist" |xargs rm -f +find %{buildroot} -name "perllocal.pod" |xargs rm -f + +# perlmagick: build files list +find %{buildroot}/%{_libdir}/perl* -type f -print \ + | sed "s@^%{buildroot}@@g" > perl-pkg-files +find %{buildroot}%{perl_vendorarch} -type d -print \ + | sed "s@^%{buildroot}@%dir @g" \ + | grep -v '^%dir %{perl_vendorarch}$' \ + | grep -v '/auto$' >> perl-pkg-files +if [ -z perl-pkg-files ] ; then + echo "ERROR: EMPTY FILE LIST" + exit -1 +fi %check export LD_LIBRARY_PATH=%{buildroot}/%{_libdir} -make %{?_smp_mflags} check +%make_build check rm PerlMagick/demo/Generic.ttf -%post -/sbin/ldconfig -%postun -/sbin/ldconfig - %files -%doc LICENSE NOTICE AUTHORS.txt +%license LICENSE +%doc NOTICE AUTHORS.txt %{_bindir}/[a-z]* %{_libdir}/libMagickCore-7.Q16HDRI.so.10* %{_libdir}/libMagickWand-7.Q16HDRI.so.10* @@ -135,27 +148,25 @@ rm PerlMagick/demo/Generic.ttf %{_libdir}/pkgconfig/ImageMagick*.pc %{_libdir}/pkgconfig/MagickWand* %dir %{_includedir}/ImageMagick-7 -%{_includedir}/%{name}-7/MagickWand/* -%{_includedir}/%{name}-7/MagickCore/* +%{_includedir}/%{name}-7/MagickWand +%{_includedir}/%{name}-7/MagickCore %files help -%doc README.txt NEWS.txt QuickStart.txt +%doc README.md %doc %{_datadir}/doc/ImageMagick-7 %doc %{_datadir}/doc/ImageMagick-7.1.1 -%{_mandir}/man[145]/[a-z]* -%{_mandir}/man1/* -%{_mandir}/man3/* +%{_mandir}/man?/* %files perl -f perl-pkg-files %doc PerlMagick/demo/ PerlMagick/Changelog PerlMagick/README.txt %files c++ -%doc Magick++/AUTHORS Magick++/ChangeLog Magick++/NEWS Magick++/README -%doc www/Magick++/COPYING +%license Magick++/LICENSE +%doc Magick++/AUTHORS %{_libdir}/libMagick++-7.Q16HDRI.so.5* %files c++-devel -%doc Magick++/examples +%doc Magick++/demo %{_bindir}/Magick++-config %{_includedir}/ImageMagick-7/Magick++* %{_libdir}/libMagick++-7.Q16HDRI.so @@ -163,6 +174,9 @@ rm PerlMagick/demo/Generic.ttf %{_libdir}/pkgconfig/ImageMagick* %changelog +* Thu Jul 25 2024 Funda Wang - 1:7.1.1.35-1 +- Update to 7.1.1-35 + * Thu Jul 18 2024 wangkai <13474090681@163.com> - 1:7.1.1.15-2 - Fix build error for autoconf-2.72 diff --git a/drop-backported-ac_func_fseeko.m4-for-autoconf-2.72-compatibility.patch b/drop-backported-ac_func_fseeko.m4-for-autoconf-2.72-compatibility.patch deleted file mode 100644 index 5bbab2df8011052cad9fca3e1cd0e97272cdaef4..0000000000000000000000000000000000000000 --- a/drop-backported-ac_func_fseeko.m4-for-autoconf-2.72-compatibility.patch +++ /dev/null @@ -1,246 +0,0 @@ -Origin:https://github.com/ImageMagick/ImageMagick/commit/b2fb6f1872629aeecc09769e7b813bc1b967f61c - -From b2fb6f1872629aeecc09769e7b813bc1b967f61c Mon Sep 17 00:00:00 2001 -From: Sam James -Date: Mon, 25 Dec 2023 13:32:34 +0000 -Subject: [PATCH] =?UTF-8?q?configure:=20drop=20backported=20ac=5Ffunc=5Ffs?= - =?UTF-8?q?eeko.m4=20for=20autoconf-2.72=20compat=E2=80=A6=20(#6970)?= -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -* configure: drop backported ac_func_fseeko.m4 for autoconf-2.72 compatibility - -Drop the bundled / backported ac_func_fseeko.m4 as it breaks compatibility -with autoconf-2.72: -``` -./lib/autoconf/c.m4:1676: AC_PROG_GCC_TRADITIONAL is expanded from... -configure.ac:932: the top level -configure:11706: error: possibly undefined macro: _AC_SYS_LARGEFILE_MACRO_VALUE - If this token and others are legitimate, please use m4_pattern_allow. - See the Autoconf documentation. -``` - -m4/ac_func_fseeko.m4 was added in 3ed852eea50f9d4cd633efb8c2b054b8e33c2530 (which -is a huge VCS import commit, so it goes back way further than even 2009). - -From what I can tell, it was added to backport a fix to the fseeko detection -which later landed in autoconf-2.69 (which IM already requires nowadays in configure.ac): -``` -commit f0c325537a22105536ac8c4e88656e50f9946486 -Author: Paul Eggert -Date: Mon Dec 4 23:54:25 2006 +0000 - - * lib/autoconf/functions.m4 (AC_FUNC_FSEEKO): Check that fseeko - can be assigned to a function pointer. Problem reported by - Peter Palfrader in . Based on - part of a patch by Ralf Wildenhues in that same bug report. - -commit 7736fa2754db830a05eea6c21b9449cdddc412be -Author: Paul Eggert -Date: Tue Oct 24 19:34:09 2006 +0000 - - * lib/autoconf/specific.m4 (_AC_SYS_LARGEFILE_MACRO_VALUE): - If FUNCTION-BODY is nonempty, use AC_LINK_IFELSE rather than - AC_COMPILE_IFELSE, to work around problem with OSF/1 4.0F fseeko - reported by Nelson H. F. Beebe for Coreutils 6.4. - -commit 90fcd46f016bac1f427e91040f2dfd8319d382bc -Author: Paul Eggert -Date: Tue Sep 26 20:57:16 2006 +0000 - - * lib/autoconf/functions.m4 (AC_FUNC_FSEEKO): Don't compile the - fseeko testing program twice; just use the earlier result. - * lib/autoconf/specific.m4 (_AC_SYS_LARGEFILE_MACRO_VALUE): - Set cache var to 'unknown' (not 'no') if leaving the macro unset - still doesn't let the program compile. - (AC_SYS_LARGEFILE): Test for _LARGE_FILES only if earlier tests - failed. - - * lib/autoconf/functions.m4: Fix problems reported by Ralf Wildenhues. - (AC_FUNC_ERROR_AT_LINE): Don't bother to check for error.h. Just - include it, without including anything else. - (AC_FUNC_FSEEKO): Avoid gcc -Wall warnings about constant - expressions. - (AC_FUNC_STRNLEN): Require AC_USE_SYSTEM_EXTENSIONS. - - * lib/autoconf/functions.m4 (AC_FUNC_ERROR_AT_LINE): Check for - `error.h', and include it, for a `error_at_line' prototype. - Use a nonempty format string in the link test. - * lib/autoconf/functions.m4 (AC_FUNC_WAIT3): Include , - for a declaration of wait3. -``` - -The backported version (which was relying on autoconf internals) ended up -breaking with autoconf-2.72: -``` -commit cf09f48841b66fe76f606dd6018bb3a93242a7c9 -Author: Zack Weinberg -Date: Sat Dec 24 23:24:51 2022 -0800 - - AC_SYS_LARGEFILE: Don’t enlarge time_t by default -[...] - * lib/autoconf/functions.m4 (AC_FUNC_FSEEKO): Rewrite to avoid dependency - on internal subroutines of AC_SYS_LARGEFILE. -``` - -So, rely on the fixed version which is already in 2.69, and drop the backport -which is poking around with internals. - -Signed-off-by: Sam James - -* ax_pthread.m4: sync with autoconf-archive - -Signed-off-by: Sam James - -* configure.ac: drop AC_PROG_GCC_TRADITIONAL - -This was marked obsolescent in 2.60 even. GCC hasn't supported -traditional -in over 20 years anyway. - -This isn't strictly required for autoconf-2.72 compatibility so can be dropped -if desired but I think it's likely to be removed soon. - -Signed-off-by: Sam James - ---------- - -Signed-off-by: Sam James ---- - aclocal.m4 | 1 - - configure.ac | 3 -- - m4/Makefile.am | 1 - - m4/ac_func_fseeko.m4 | 72 -------------------------------------------- - m4/ax_pthread.m4 | 2 +- - 5 files changed, 1 insertion(+), 78 deletions(-) - delete mode 100644 m4/ac_func_fseeko.m4 - -diff --git a/aclocal.m4 b/aclocal.m4 -index 10de731ae6a..170e104cc5d 100644 ---- a/aclocal.m4 -+++ b/aclocal.m4 -@@ -1267,7 +1267,6 @@ AC_SUBST([am__tar]) - AC_SUBST([am__untar]) - ]) # _AM_PROG_TAR - --m4_include([m4/ac_func_fseeko.m4]) - m4_include([m4/ax_c___attribute__.m4]) - m4_include([m4/ax_cflags_warn_all.m4]) - m4_include([m4/ax_check_compile_flag.m4]) -diff --git a/configure.ac b/configure.ac -index 0b7042f1d18..57c21edb772 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -929,9 +929,6 @@ if test "$with_libstdc" != ''; then - fi - AC_SUBST([LIBSTDCLDFLAGS]) - --# Does gcc required -traditional? --AC_PROG_GCC_TRADITIONAL -- - ######## - # - # Set defines required to build DLLs and modules using MinGW -diff --git a/m4/Makefile.am b/m4/Makefile.am -index 735d4fd1b5b..f70619ddcfd 100644 ---- a/m4/Makefile.am -+++ b/m4/Makefile.am -@@ -15,7 +15,6 @@ - # Makefile for building ImageMagick m4 macros. - - M4_EXTRA_DIST = \ -- ac_func_fseeko.m4 \ - ax_append_flag.m4 \ - ax_c___attribute__.m4 \ - ax_cflags_warn_all.m4 \ -diff --git a/m4/ac_func_fseeko.m4 b/m4/ac_func_fseeko.m4 -deleted file mode 100644 -index eaeabb978b4..00000000000 ---- a/m4/ac_func_fseeko.m4 -+++ /dev/null -@@ -1,72 +0,0 @@ --# This file is part of Autoconf. -*- Autoconf -*- --# Checking for functions. --# Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software --# Foundation, Inc. --# --# This program is free software; you can redistribute it and/or modify --# it under the terms of the GNU General Public License as published by --# the Free Software Foundation; either version 3, or (at your option) --# any later version. --# --# This program is distributed in the hope that it will be useful, --# but WITHOUT ANY WARRANTY; without even the implied warranty of --# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --# GNU General Public License for more details. --# --# You should have received a copy of the GNU General Public License --# along with this program; if not, write to the Free Software --# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA --# 02110-1301, USA. --# --# As a special exception, the Free Software Foundation gives unlimited --# permission to copy, distribute and modify the configure scripts that --# are the output of Autoconf. You need not follow the terms of the GNU --# General Public License when using or distributing such scripts, even --# though portions of the text of Autoconf appear in them. The GNU --# General Public License (GPL) does govern all other use of the material --# that constitutes the Autoconf program. --# --# Certain portions of the Autoconf source text are designed to be copied --# (in certain cases, depending on the input) into the output of --# Autoconf. We call these the "data" portions. The rest of the Autoconf --# source text consists of comments plus executable code that decides which --# of the data portions to output in any given case. We call these --# comments and executable code the "non-data" portions. Autoconf never --# copies any of the non-data portions into its output. --# --# This special exception to the GPL applies to versions of Autoconf --# released by the Free Software Foundation. When you make and --# distribute a modified version of Autoconf, you may extend this special --# exception to the GPL to apply to your modified version as well, *unless* --# your modified version has the potential to copy into its output some --# of the text that was the non-data portion of the version that you started --# with. (In other words, unless your change moves or copies text from --# the non-data portions to the data portions.) If your modification has --# such potential, you must delete any notice of this special exception --# to the GPL from your modified version. --# --# Written by David MacKenzie, with help from --# Franc,ois Pinard, Karl Berry, Richard Pixley, Ian Lance Taylor, --# Roland McGrath, Noah Friedman, david d zuhn, and many others. -- --# AC_FUNC_FSEEKO --# -------------- --AN_FUNCTION([ftello], [AC_FUNC_FSEEKO]) --AN_FUNCTION([fseeko], [AC_FUNC_FSEEKO]) --AC_DEFUN([AC_FUNC_FSEEKO], --[_AC_SYS_LARGEFILE_MACRO_VALUE(_LARGEFILE_SOURCE, 1, -- [ac_cv_sys_largefile_source], -- [Define to 1 to make fseeko visible on some hosts (e.g. glibc 2.2).], -- [[#include /* for off_t */ -- #include ]], -- [[int (*fp) (FILE *, off_t, int) = fseeko; -- return fseeko (stdin, 0, 0) && fp (stdin, 0, 0);]]) -- --# We used to try defining _XOPEN_SOURCE=500 too, to work around a bug --# in glibc 2.1.3, but that breaks too many other things. --# If you want fseeko and ftello with glibc, upgrade to a fixed glibc. --if test $ac_cv_sys_largefile_source != unknown; then -- AC_DEFINE(HAVE_FSEEKO, 1, -- [Define to 1 if fseeko (and presumably ftello) exists and is declared.]) --fi --])# AC_FUNC_FSEEKO -diff --git a/m4/ax_pthread.m4 b/m4/ax_pthread.m4 -index 39a7a5ed4b9..9f35d139149 100644 ---- a/m4/ax_pthread.m4 -+++ b/m4/ax_pthread.m4 -@@ -244,7 +244,7 @@ AS_IF([test "x$ax_pthread_clang" = "xyes"], - [ax_pthread_flags="-pthread,-lpthread -pthread"]) - - --# The presence of a feature test macro requesting reentrant function -+# The presence of a feature test macro requesting re-entrant function - # definitions is, on some systems, a strong hint that pthreads support is - # correctly enabled - diff --git a/fixup-LFS-check-for-autoconf-2.72.patch b/fixup-LFS-check-for-autoconf-2.72.patch deleted file mode 100644 index 3cea9f73b95199c8fbd6a6f1f6e29acb6342c336..0000000000000000000000000000000000000000 --- a/fixup-LFS-check-for-autoconf-2.72.patch +++ /dev/null @@ -1,47 +0,0 @@ -Origin:https://github.com/ImageMagick/ImageMagick/commit/e119d19f1bae4c75f381544a33759b15e2dca4b5 - -From e119d19f1bae4c75f381544a33759b15e2dca4b5 Mon Sep 17 00:00:00 2001 -From: Sam James -Date: Thu, 28 Dec 2023 03:08:02 +0000 -Subject: [PATCH] configure.ac: fixup LFS check for autoconf-2.72 (#6978) - -There are two problems with the check: -1) The 'unknown' case has a problem which is rejected by stricter C compilers -because it has -Wimplicit-int and -Wimplicit-function-declaration warnings. Fix that. - -2) For the 'other' case, we were using the value of ac_cv_sys_file_offset_bits for --D_FILE_OFFSET_BITS to pass down into the Perl module build, but autoconf-2.72 -drops the use of ac_cv_sys_file_offset_bits in cf09f48841b66fe76f606dd6018bb3a93242a7c9, -so this ends up defining '-D_FILE_OFFSET_BITS=' which then breaks the build. - -I've added a hack for 2) to preserve the old behavior. - -Signed-off-by: Sam James ---- - configure.ac | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 57c21edb772..99aa9c21af3 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -503,7 +503,8 @@ if test "$enable_largefile" != no; then - unknown) - AC_MSG_CHECKING([for native large file support]) - AC_RUN_IFELSE([AC_LANG_PROGRAM([#include -- main () { -+ #include -+ int main () { - exit(!(sizeof(off_t) == 8)); - }])], - [ac_cv_sys_file_offset_bits=64; AC_DEFINE(_FILE_OFFSET_BITS,64) -@@ -511,6 +512,9 @@ if test "$enable_largefile" != no; then - [AC_MSG_RESULT([no])]) - ;; - *) -+ if test "$ac_cv_sys_file_offset_bits" = ''; then -+ ac_cv_sys_file_offset_bits=64; -+ fi - LFS_CPPFLAGS="$LFS_CPPFLAGS -D_FILE_OFFSET_BITS=$ac_cv_sys_file_offset_bits" - ;; - esac