Package ImageMagick: Information

    Source package: ImageMagick
    Version: 6.8.4.10-alt3.M70C.1
    Build time:  May 23, 2016, 01:51 PM in the task #164972
    Category: Graphics
    Report package bug
    License: OpenSource
    Summary: An X application for displaying and manipulating images
    Description: 
    ImageMagick is a powerful image display, conversion and manipulation tool.
    It runs in an X session.  With this tool, you can view, edit and display
    a variety of image formats.
    
    This package installs the necessary files to run ImageMagick.

    List of rpms provided by this srpm:
    ImageMagick (x86_64, i586)
    ImageMagick-doc (noarch)
    ImageMagick-tools (x86_64, i586)
    ImageMagick-tools-debuginfo (x86_64, i586)
    libImageMagick (x86_64, i586)
    libImageMagick-debuginfo (x86_64, i586)
    libImageMagick-devel (x86_64, i586)
    perl-Magick (x86_64, i586)
    perl-Magick-debuginfo (x86_64, i586)

    Maintainer: Anton Farygin


      1. glibc-devel-static
      2. curl
      3. graphviz
      4. groff-base
      5. perl-devel
      6. perl-parent
      7. imake
      8. libXext-devel
      9. gcc-c++
      10. libXt-devel
      11. libpixman-devel
      12. libpng-devel
      13. libjasper-devel
      14. libjbig-devel
      15. libtiff-devel
      16. ImageMagick-tools
      17. transfig
      18. openexr-devel
      19. libdjvu-devel
      20. xdg-utils
      21. libwmf-devel
      22. xorg-cf-files
      23. liblcms-devel
      24. bzlib-devel
      25. chrpath
      26. liblqr-devel
      27. libltdl-devel
      28. libxml2-devel
      29. librsvg-devel

    Last changed


    May 23, 2016 Anton V. Boyarshinov 6.8.4.10-alt3.M70C.1
    - backport to 7
    May 18, 2016 Andrey Cherepanov 6.8.4.10-alt3.M70P.1
    - Apply security patches from Debian:
      ImageTragick: The coders EPHEMERAL, URL, HTTPS, MVG, MSL, TEXT,
      SHOW, WIN, and PLT are disabled via policy.xml file, since they are
      vulnerable to code injection. This mitigates CVE-2016-3714,
      CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, and CVE-2016-3718.
      Since ImageMagick reverts to its internal SVG renderer (which uses
      MVG coder) if Inkscape or RSVG is not used, the option --with-rsvg
      is included. Closes: 823542. In addition, some other actions were
      taken with respect to these vulnerabilities:
      - Drop the PLT/Gnuplot decoder, which was vulnerable to command
      injection.
      - Some sanitization for input filenames in http/https delegates is
      added.
      - Indirect filename are now authorized by policy.
      - Indirect reads with label:@ are prevented.
      - Less secure coders (such as MVG, TEXT, and MSL) require explicit
        reference in the filename (e.g. mvg:my-graph.mvg).
    April 25, 2013 George V. Kouryachy 6.8.4.10-alt2.1
    - Avoid ImageMagick pipe i/o bug