Geyser - Package «ImageMagick»

SRPMs in branches

Sisyphus:
- Sisyphus (core)
  6.9.11.53-alt1
- Sisyphus MIPSEL
  6.9.11.23-alt1
- Sisyphus (e2k)
  6.9.10.86-alt1
- Sisyphus [ppc64le]
  6.9.10.49-alt2
- Sisyphus (riscV)
  6.9.10.24-alt1.1

p9:
- p9 (mipsel)
  6.9.11.23-alt1
- p9 (core)
  6.9.11.23-alt1
- p9 [e2k]
  6.9.10.86-alt1
- p9 [ppc64le]
  6.9.10.39-alt1

c8.1:
6.9.4.7-alt1.M80C.1

c8:
6.9.4.7-alt1

p8:
6.9.4.7-alt2.M80P.1

c7.1:
6.8.4.10-alt3.M70C.1

c7:
6.8.4.10-alt3.M70C.1

p7:
6.8.4.10-alt3.M70P.2

t7:
6.8.4.10-alt3.M70P.2

c6:
6.6.9.6-alt1

p6:
6.6.9.7-alt0.M60P.1

t6:
6.6.9.7-alt0.M60P.1

5.1:
6.5.6.10-alt1

p5:
6.5.6.10-alt1

Group :: Graphics

Current version: 6.8.4.10-alt3.M70P.2
Built: over 4 years ago
Size: 7.98 MB
Repocop status:

Gear: http://git.altlinux.org/gears/I/ImageMagick.git
Archive: http://ftp.altlinux.org/pub/distributions/archive/p7/index/src/I/ImageMagick
Home page: http://www.imagemagick.org/

License: OpenSource
Summary: An X application for displaying and manipulating images
Description:

ImageMagick is a powerful image display, conversion and manipulation tool.
It runs in an X session. With this tool, you can view, edit and display
a variety of image formats.

This package installs the necessary files to run ImageMagick.

Current maintainer: Anton Farygin

List of contributors:

AEN
ALT QA Team Robot
Alexey Tourbin
Andrey Cherepanov
Anton Farygin
Bernhard Rosenkraenzer
Bill Nottingham
Chmouel Boudjnah
Cristian Gafton
David BAUDENS
Dmitry V. Levin
Donnie Barnes
Erik Troan
Eugeny A. Rostovtsev
Frederic Lepied
Geoffrey Lee
George V. Kouryachy
Giuseppe Ghibò
Konstantin Volckov
Michael Fulbright
Michael K. Johnson
Pixel
Prospector System
Stanislav Ievlev
Stefan Siegel
Stefan van der Eijk
Thierry Vignaud
Valery Inozemtsev
Vincent Saugey
Vladimir Lettiev
Yuri N. Sedunov

ACL:

List of rpms provided by this srpm:

ImageMagick
ImageMagick-doc
ImageMagick-tools
ImageMagick-tools-debuginfo
libImageMagick
libImageMagick-debuginfo
libImageMagick-devel
perl-Magick
perl-Magick-debuginfo

Recent changes (last three changelog entries):

2016-06-06 Andrey Cherepanov 6.8.4.10-alt3.M70P.2

- Apply security patch from Debian:
  Disable support for reading input from a shell command, or writing
  output to a shell command. This was done by the pipe (|) prefix. It
  was possible to perform a command injection as discrived by
  CVE-2016-5118 since it use popen.

2016-05-18 Andrey Cherepanov 6.8.4.10-alt3.M70P.1

- Apply security patches from Debian:
  ImageTragick: The coders EPHEMERAL, URL, HTTPS, MVG, MSL, TEXT,
  SHOW, WIN, and PLT are disabled via policy.xml file, since they are
  vulnerable to code injection. This mitigates CVE-2016-3714,
  CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, and CVE-2016-3718.
  Since ImageMagick reverts to its internal SVG renderer (which uses
  MVG coder) if Inkscape or RSVG is not used, the option --with-rsvg
  is included. Closes: 823542. In addition, some other actions were
  taken with respect to these vulnerabilities:
  - Drop the PLT/Gnuplot decoder, which was vulnerable to command
  injection.
  - Some sanitization for input filenames in http/https delegates is
  added.
  - Indirect filename are now authorized by policy.
  - Indirect reads with label:@ are prevented.
  - Less secure coders (such as MVG, TEXT, and MSL) require explicit
    reference in the filename (e.g. mvg:my-graph.mvg).

2013-04-25 George V. Kouryachy 6.8.4.10-alt2.1

- Avoid ImageMagick pipe i/o bug