Репозитории ALT
Последнее обновление в Пт, 24 июля 2020, 16:32:17 +0000 | Пакетов: 15011
en ru
Исходные пакеты в ветвях
свернуть окно
  • 6.9.4.7-alt1
  • 6.9.4.7-alt2.M80P.1
  • 6.8.4.10-alt3.M70C.1
  • 6.8.4.10-alt3.M70C.1
  • 6.8.4.10-alt3.M70P.2
  • 6.8.4.10-alt3.M70P.2
  • 6.6.9.6-alt1
  • 6.6.9.7-alt0.M60P.1
  • 6.6.9.7-alt0.M60P.1
  • 6.5.6.10-alt1
Группа :: Графика
Исходный пакет: ImageMagick
Текущая версия: 6.8.4.10-alt3.M70P.2
Собрано: больше 4 лет назад
Размер архива: 8,0 МБ
Отчёт repocop: skip
Gear:   http://git.altlinux.org/gears/I/ImageMagick.git
Архив:   http://ftp.altlinux.org/pub/distributions/archive/p7/index/src/I/ImageMagick
Домашняя страница:   http://www.imagemagick.org/

Лицензия: OpenSource
О пакете: An X application for displaying and manipulating images
Описание:

ImageMagick is a powerful image display, conversion and manipulation tool.
It runs in an X session. With this tool, you can view, edit and display
a variety of image formats.

This package installs the necessary files to run ImageMagick.

Текущий сопровождающий: qa_p7

Список участников
(данной и/или предыдущих сборок пакета):
Права: Список rpm-пакетов, предоставляемых данным srpm-пакетом:
  • ImageMagick
  • ImageMagick-doc
  • ImageMagick-tools
  • ImageMagick-tools-debuginfo
  • libImageMagick
  • libImageMagick-debuginfo
  • libImageMagick-devel
  • perl-Magick
  • perl-Magick-debuginfo
Последние изменения (три последних записи журнала изменений):

2016-06-06 Андрей Черепанов 6.8.4.10-alt3.M70P.2

    - Apply security patch from Debian:
      Disable support for reading input from a shell command, or writing
      output to a shell command. This was done by the pipe (|) prefix. It
      was possible to perform a command injection as discrived by
      CVE-2016-5118 since it use popen.
        

2016-05-18 Андрей Черепанов 6.8.4.10-alt3.M70P.1

    - Apply security patches from Debian:
      ImageTragick: The coders EPHEMERAL, URL, HTTPS, MVG, MSL, TEXT,
      SHOW, WIN, and PLT are disabled via policy.xml file, since they are
      vulnerable to code injection. This mitigates CVE-2016-3714,
      CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, and CVE-2016-3718.
      Since ImageMagick reverts to its internal SVG renderer (which uses
      MVG coder) if Inkscape or RSVG is not used, the option --with-rsvg
      is included. Closes: 823542. In addition, some other actions were
      taken with respect to these vulnerabilities:
      - Drop the PLT/Gnuplot decoder, which was vulnerable to command
      injection.
      - Some sanitization for input filenames in http/https delegates is
      added.
      - Indirect filename are now authorized by policy.
      - Indirect reads with label:@ are prevented.
      - Less secure coders (such as MVG, TEXT, and MSL) require explicit
        reference in the filename (e.g. mvg:my-graph.mvg).
        

2013-04-25 Георгий Курячий 6.8.4.10-alt2.1

    - Avoid ImageMagick pipe i/o bug
        
 
Проект Geyser основан на коде из проекта Prometheus 2.0, который был доступен по лицензии MIT