head	1.4;
access;
symbols
	pkgsrc-2013Q2:1.4.0.36
	pkgsrc-2013Q2-base:1.4
	pkgsrc-2012Q4:1.4.0.34
	pkgsrc-2012Q4-base:1.4
	pkgsrc-2011Q4:1.4.0.32
	pkgsrc-2011Q4-base:1.4
	pkgsrc-2011Q2:1.4.0.30
	pkgsrc-2011Q2-base:1.4
	pkgsrc-2009Q4:1.4.0.28
	pkgsrc-2009Q4-base:1.4
	pkgsrc-2008Q4:1.4.0.26
	pkgsrc-2008Q4-base:1.4
	pkgsrc-2008Q3:1.4.0.24
	pkgsrc-2008Q3-base:1.4
	cube-native-xorg:1.4.0.22
	cube-native-xorg-base:1.4
	pkgsrc-2008Q2:1.4.0.20
	pkgsrc-2008Q2-base:1.4
	pkgsrc-2008Q1:1.4.0.18
	pkgsrc-2008Q1-base:1.4
	pkgsrc-2007Q4:1.4.0.16
	pkgsrc-2007Q4-base:1.4
	pkgsrc-2007Q3:1.4.0.14
	pkgsrc-2007Q3-base:1.4
	pkgsrc-2007Q2:1.4.0.12
	pkgsrc-2007Q2-base:1.4
	pkgsrc-2007Q1:1.4.0.10
	pkgsrc-2007Q1-base:1.4
	pkgsrc-2006Q4:1.4.0.8
	pkgsrc-2006Q4-base:1.4
	pkgsrc-2006Q3:1.4.0.6
	pkgsrc-2006Q3-base:1.4
	pkgsrc-2006Q2:1.4.0.4
	pkgsrc-2006Q2-base:1.4
	pkgsrc-2006Q1:1.4.0.2
	pkgsrc-2006Q1-base:1.4
	pkgsrc-2005Q4:1.2.0.18
	pkgsrc-2005Q4-base:1.2
	pkgsrc-2005Q3:1.2.0.16
	pkgsrc-2005Q3-base:1.2
	pkgsrc-2005Q2:1.2.0.14
	pkgsrc-2005Q2-base:1.2
	pkgsrc-2005Q1:1.2.0.12
	pkgsrc-2005Q1-base:1.2
	pkgsrc-2004Q4:1.2.0.10
	pkgsrc-2004Q4-base:1.2
	pkgsrc-2004Q3:1.2.0.8
	pkgsrc-2004Q3-base:1.2
	pkgsrc-2004Q2:1.2.0.6
	pkgsrc-2004Q2-base:1.2
	pkgsrc-2004Q1:1.2.0.4
	pkgsrc-2004Q1-base:1.2
	pkgsrc-2003Q4:1.2.0.2
	pkgsrc-2003Q4-base:1.2
	netbsd-1-6:1.1.0.8
	netbsd-1-6-RELEASE-base:1.1
	pkgviews:1.1.0.4
	pkgviews-base:1.1
	buildlink2:1.1.0.2
	buildlink2-base:1.2
	netbsd-1-5-PATCH003:1.1;
locks; strict;
comment	@# @;


1.4
date	2006.03.05.21.25.49;	author adam;	state dead;
branches;
next	1.3;

1.3
date	2006.01.28.02.36.55;	author salo;	state Exp;
branches;
next	1.2;

1.2
date	2002.08.22.08.06.15;	author tron;	state dead;
branches
	1.2.18.1;
next	1.1;

1.1
date	2002.02.10.12.51.00;	author abs;	state Exp;
branches
	1.1.2.1;
next	;

1.2.18.1
date	2006.01.28.23.39.05;	author seb;	state Exp;
branches;
next	;

1.1.2.1
date	2002.08.22.11.11.19;	author jlam;	state dead;
branches;
next	;


desc
@@


1.4
log
@Changes 6.2.6.3:
  * The command line utilities properly returns a non-zero status when an
    exception is thrown.

Changes 6.2.6.2
  * Fix a memory leak in each of CompositeImageCommand() and CompositeImage()
  * Add new options -layers compare-any, -layers compare-clear,
    -layers compare-overlay, and -layers optimize.
  * Draw last dash in a dashed polyline.
  * Add %D to -format to return the image disposal method.
  * ncorrect handling of file:// URIs causes data loss (patch from Daniel
    Kobras).
  * Set default BMP resolution units to PixelsPerCentimeter (problem report
    from digipete@@shaw...).
@
text
@$NetBSD: patch-ah,v 1.3 2006/01/28 02:36:55 salo Exp $

Security fix for CVE-2006-0082, from Debian.

--- magick/string_.h.orig	2006-01-08 06:14:02.000000000 +0100
+++ magick/string_.h	2006-01-28 03:04:20.000000000 +0100
@@@@ -61,6 +61,7 @@@@
     magick_attribute((format (printf,3,4))),
   FormatMagickStringList(char *,const size_t,const char *,va_list)
     magick_attribute((format (printf,3,0))),
+  FormatMagickStringNumeric(char *,const size_t,const char *,int),
   FormatMagickTime(const time_t,const size_t,char *),
   LocaleCompare(const char *,const char *),
   LocaleNCompare(const char *,const char *,const size_t);
@


1.3
log
@Security fixes for CVE-2006-0082 and Debian bug #345595:

"Format string vulnerabilities in ImageMagick allow user-complicit attackers
 to cause a denial of service (crash) and possibly execute arbitrary code via
 a numeric format string specifier such as %d in the file name, a variant of
 CVE-2005-0397, and as demonstrated using the convert program."

Patches from Debian.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595
@
text
@d1 1
a1 1
$NetBSD$
@


1.2
log
@Update "ImageMagick" and "p5-PerlMagick" packages to version 5.4.8.2.
Many bugs were fixed since the release of version 5.3.9 and lots of new
features like 32-Bit QuantumDepth support added.
@
text
@d1 1
a1 1
$NetBSD: patch-ah,v 1.1 2002/02/10 12:51:00 abs Exp $
d3 12
a14 52
--- utilities/mogrify.c.orig	Fri Sep  7 16:03:51 2001
+++ utilities/mogrify.c
@@@@ -1651,11 +1651,12 @@@@
               (void) strcpy(p,format);
             else
               {
-                FormatString(image_info->filename,"%.1024s:%.1024s",format,
-                  image->filename);
-                (void) strcpy(image->filename,image_info->filename);
+                FormatString(filename, "%.1024s:%.1024s",format,
+                  image_info->filename);
+                (void) strcpy(image->filename,filename);
               }
-          }
+          } else 
+            (void) strcpy(image->filename,image_info->filename);
         /*
           Transmogrify image as defined by the image processing options.
         */
@@@@ -1669,19 +1670,6 @@@@
         */
         if (format != (char *) NULL)
           AppendImageFormat(format,image->filename);
-        else
-          if (LocaleCompare(image_info->filename,"-") != 0)
-            {
-              (void) strcpy(filename,image->filename);
-              AppendImageFormat("mgk",image->filename);
-              if (IsAccessible(image->filename))
-                {
-                  (void) strcat(image->filename,"~");
-                  if (IsAccessible(image->filename))
-                    MagickError(FileOpenError,"Unable to create temporary file",
-                      filename);
-                }
-            }
         for (p=image; p != (Image *) NULL; p=p->next)
         {
           (void) strcpy(p->filename,image->filename);
@@@@ -1700,12 +1688,6 @@@@
           scene--;
         if (image_info->verbose)
           DescribeImage(image,stderr,False);
-        if ((format == (char *) NULL) && (status != False))
-          if (LocaleCompare(image_info->filename,"-") != 0)
-            {
-              (void) remove(filename);
-              (void) rename(image->filename,filename);
-            }
         DestroyImage(image);
       }
   }
@


1.2.18.1
log
@Pullup ticket 1070 - requested by Lubomir Sedlacik
sync graphics/ImageMagick with HEAD including security fixes

Revisions pulled up:
- pkgsrc/graphics/ImageMagick/Makefile                        1.137
- pkgsrc/graphics/ImageMagick/Makefile.common                 1.46
- pkgsrc/graphics/ImageMagick/PLIST                           1.44
- pkgsrc/graphics/ImageMagick/buildlink3.mk                   1.11
- pkgsrc/graphics/ImageMagick/distinfo                        1.57, 1.58
- pkgsrc/graphics/ImageMagick/options.mk                      1.4
- pkgsrc/graphics/ImageMagick/patches/patch-aa                1.33
- pkgsrc/graphics/ImageMagick/patches/patch-ab                1.16
- pkgsrc/graphics/ImageMagick/patches/patch-ac                1.12
- pkgsrc/graphics/ImageMagick/patches/patch-ad                1.9
- pkgsrc/graphics/ImageMagick/patches/patch-ae                1.6
- pkgsrc/graphics/ImageMagick/patches/patch-af                1.6
- pkgsrc/graphics/ImageMagick/patches/patch-ag                1.4
- pkgsrc/graphics/ImageMagick/patches/patch-ah                1.3

   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Thu Jan 26 20:38:19 UTC 2006

   Modified Files:
   	pkgsrc/graphics/ImageMagick: Makefile Makefile.common PLIST
   	    buildlink3.mk distinfo options.mk
   	pkgsrc/graphics/ImageMagick/patches: patch-aa

   Log Message:
   Changes 6.2.6.0:
   * Bug fixes
---
   Module Name:	pkgsrc
   Committed By:	salo
   Date:		Sat Jan 28 02:36:55 UTC 2006

   Modified Files:
   	pkgsrc/graphics/ImageMagick: Makefile distinfo
   Added Files:
   	pkgsrc/graphics/ImageMagick/patches: patch-ab patch-ac patch-ad
   	    patch-ae patch-af patch-ag patch-ah

   Log Message:
   Security fixes for CVE-2006-0082 and Debian bug #345595:

   "Format string vulnerabilities in ImageMagick allow user-complicit attackers
    to cause a denial of service (crash) and possibly execute arbitrary code via
    a numeric format string specifier such as %d in the file name, a variant of
    CVE-2005-0397, and as demonstrated using the convert program."

   Patches from Debian.

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0082
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345876
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345595
@
text
@d1 1
a1 1
$NetBSD$
d3 52
a54 12
Security fix for CVE-2006-0082, from Debian.

--- magick/string_.h.orig	2006-01-08 06:14:02.000000000 +0100
+++ magick/string_.h	2006-01-28 03:04:20.000000000 +0100
@@@@ -61,6 +61,7 @@@@
     magick_attribute((format (printf,3,4))),
   FormatMagickStringList(char *,const size_t,const char *,va_list)
     magick_attribute((format (printf,3,0))),
+  FormatMagickStringNumeric(char *,const size_t,const char *,int),
   FormatMagickTime(const time_t,const size_t,char *),
   LocaleCompare(const char *,const char *),
   LocaleNCompare(const char *,const char *,const size_t);
@


1.1
log
@Switch a 'long' to int32_t to work correctly on BE-LP64 platforms.
Mark NOT_FOR_PLATFORM = NetBSD-*-sparc64 as c++ still broken
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@Merge changes from pkgsrc-current into the buildlink2 branch for the
packages that have buildlink2.mk files.
@
text
@d1 1
a1 1
$NetBSD: patch-ah,v 1.1 2002/02/10 12:51:00 abs Exp $
@