File: ChangeLog.2016

package info (click to toggle)
graphicsmagick 1.3.30+hg15796-1~deb9u2
  • links: PTS
  • area: main
  • in suites: stretch
  • size: 176,320 kB
  • sloc: ansic: 998,570; xml: 91,899; sh: 77,027; cpp: 39,772; python: 29,412; makefile: 8,198; perl: 4,629; asm: 3,560; pascal: 3,096; tcl: 2,208; ada: 1,681; awk: 924; cs: 879; php: 368; sed: 10
file content (911 lines) | stat: -rw-r--r-- 35,472 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
2016-12-31  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pnm.c (WritePNMImage): Support writing GRAYSCALE PAM
	format.  Before this fix, grayscale output was marked as type
	BLACKANDWHITE.  Problem was reported by Aaron Boxer via email on
	December 31, 2016.

	* TclMagick/generic/Makefile.am: Applied patch by Massimo Manghi
	(plus some fixes by me) to add a 'libttkcommon' shared library to
	contain codde common to the TclMagick/TkMagick loadable modules,
	and particularly to allow TkMagick to access TclMagick functions
	without depending on dlopen() with RTLD_GLOBAL behavior.

2016-12-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/compare.c (DifferenceImage): Fix all-black difference
	image if an input file is colormapped.  Resolves SourceForge issue
	#404 "Difference file does not work if PNG ".

2016-12-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/txt.c (ReadTXTImage): Fix Coverity issue 55866 "Resource
	leak".

	* magick/enum_strings.c (StringToCompositeOperator): Fix Coverity
	issue 139296 "Constant expression result".

	* magick/channel.c (ImportImageChannelsMasked): Fix Coverity issue
	139297 "Constant expression result".  This was a bug but only in
	terms of reduced performance, not results.

	* Magick++/lib/Drawable.cpp
	(PathSmoothCurvetoRel::operator): Fix Coverity issue 139301 "Using
	invalid iterator".
	(PathSmoothCurvetoRel::operator): Fix Coverity issue 139302 "Using
	invalid iterator"

	* magick/attribute.c: From SourceForge patches #47
	"GraphicsMagick-1.3.25-get-exif-attribute-gps-fix.patch" and
	"GraphicsMagick-1.3.25-set-exif-orientation-fix.patch" by Troy
	Patteson with description (related to provided Coverity reports in
	coverity.txt): Those coverity errors indicate a problem with the
	earlier patch I sent you to fix getting the EXIF orientation when
	the GPS IFD occurs before the EXIF IFD. Although the patch fixed
	that issue it introduced a new issue in that GPS tags could no
	longer be retrieved. This occurs because the gpsfound flag is set
	when the GPS IFD is pushed onto the stack but then cleared
	immediately when breaking out of the loop processing the directory
	entries for the current IFD. The solution is to push the gpsfound
	flag onto the stack as well as it needs to be set when the GPS IFD
	is popped off the stack rather than being set straight away.

	The second coverity error relates to gpsoffset not being set in
	FindEXIFAttribute(). The code that sets gpsoffset in
	GenerateEXIFAttribute() was embedded in the code that gets tags
	values which was removed in FindEXIFAttribute() as only the DE
	offset is required. I have removed the need for gpsoffset and just
	computed the GPS IFD offset when pushing it onto the stack in the
	same way the EXIF IFD offset is computed.

2016-12-18  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/attribute.c: From SourceForge patches #47
	"GraphicsMagick-1.3.25-5-set-exif-orientation.patch" by Troy
	Patteson with description: Rotating an image without resetting the
	EXIF orientation tag is problematic as follow-on viewers that
	support the EXIF orientation tag may incorrectly rotate the image
	a second time. For JPEG images, the current solution is to either
	strip the image, remove the EXIF profile or modify the EXIF data
	of the written image with other software. This patch adds the
	ability to set the orientation tag in the EXIF profile via the
	SetImageAttribute on attribute EXIF:Orientation provided the EXIF
	orientation already exists. AutoOrientImage() has been modified to
	set the EXIF orientation tag on successful rotation of the image.

	The implementation is less than ideal. The EXIF profile must be
	duplicated because it is returned read-only from the profiles
	map. Large amounts of the GenerateEXIFAttribute() function has
	been duplicated in a function called FindEXIFAttribute() which
	returns the offset in the EXIF profile of a given tag ID. Once
	found, the orientation tag value is updated accordingly and the
	new EXIF profile set. Despite the patches shortcomings, I believe
	it is preferable to leaving the EXIF orientation tag unchanged
	after auto-orienting the image.

	* wand/magick_wand.c (MagickClearException): From SourceForge
	patches #47 "GraphicsMagick-1.3.25-1-wand-clear-exception.patch"
	by Troy Patteson with description: This patch adds the ability to
	clear the last Wand exception. This is particularly useful to
	clear any exception on the Wand before calling MagickReadImage()
	which can return success with a warning exception such as "JPEG
	data: premature end of data segment".
	(MagickRemoveImageOption): From SourceForge patches #47
	"GraphicsMagick-1.3.25-2-wand-remove-image-option.patch" by Troy
	Patteson with description: There is MagickSetImageOption() to set
	options like JPEG preserve-settings but no way to remove the
	option once set. Since the mechanism to remove image options
	already exists in lower-level API there seems no reason not to
	expose it in the Wand API.
	(MagickGetImageOrientation, MagickSetImageOrientation): From
	SourceForge patches #47
	"GraphicsMagick-1.3.25-3-wand-get-set-orientation.patch" by Troy
	Patteson with description: MagickGetImageOrientation returns the
	internal orientation setting which is useful to know to determine
	whether an image needs rotation. The function to set the
	orientation is less useful as it only sets the internal
	orientation setting which is only used when writing out TIFF
	files. A future patch addresses this issue.
	(MagickAutoOrientImage): From SourceForge patches #47
	"GraphicsMagick-1.3.25-4-wand-auto-orient.patch" by Troy Patteson
	with description: This patch adds auto-orient image to the Wand
	API.

2016-12-17  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* TclMagick/{configure.ac, Makefile.am}: Applied patches by
	Massimo Manghi to use TEA tcl.m4 version 3.9.

2016-11-26  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/gif.c (DecodeImage): Applied fixes by Tianyu Lang for
	"Excessive LZW string data" problem leading to "Corrupt image"
	report while reading some GIF files.

2016-11-18 Glenn Randers-Pehrson  <glennrp@simple.dallas.tx.us>

	* doc/options.imdoc, doc/config_files.imdoc, doc/benchmark.imdoc:
	Fixed some indentation in the documentation.

2016-10-29  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* acinclude.m4 (LIBS): Fix memory leaks in GM_FUNC_MMAP_FILEIO
	macro test-case so that it can be used successfully with ASAN
	compilation options.

	* magick/blob.c: Eliminate unused variable compiler warnings when
	HAVE_MMAP_FILEIO is not defined.

2016-10-24  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Ability to read multiple images from Matlab V4 format.

2016-10-21 Glenn Randers-Pehrson  <glennrp@simple.dallas.tx.us>

	*coders/png.c (ReadOneJNGImage): Enforce spec requirement that the
	dimensions of the JPEG embedded in a JDAT chunk must match the
	JHDR dimensions. This issue was assigned CVE-2016-9830 on
	2016-12-04.  Please note that GraphicsMagick's pixel, width, and
	height default limits are often greater than the dimension limits
	of JNG and JPEG so the user should add explicit limits (if needed)
	to prevent unexpected memory consumption from properly-constructed
	JNG files with large dimensions.

	*doc/options.imdoc (-strip): Added a caution to not use the -strip
	option to remove author, copyright, and license information
	when redistributing an image that requires them to be retained.

	*doc/options.imdoc (-comment and -label): Document the fact that
	only one comment or label is stored, and how they are stored in
	PNG files.

2016-10-13  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/sgi.c (ReadSGIImage): Adjusts some variable types and
	lessen the amount of casting.

2016-10-09 Glenn Randers-Pehrson  <glennrp@simple.dallas.tx.us>

	* coders/png.c (ReadJNGImage): Quiet COVERITY issue about
	a potential memory leak.

2016-10-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xcf.c (ReadXCFImage): Fix memory leak of layer_info for
	some recently added error-return paths.

2016-10-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/sgi.c (ReadSGIImage): For RLE SGI image, defer memory
	allocations for as long as possible and allow the file to prove
	itself worthy before making the largest allocations.  This helps
	with rejecting bogus RLE files while avoiding rejecting valid
	files.

2016-10-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (ReadTIFFImage): If TIFF uses Old JPEG
	compression, then read using full tiles or strips.  Solves
	"Improper call to JPEG library in state 0. (LibJpeg)." error.
	Problem was reported via email on October 6, 2016 by John Brown.

2016-10-04  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/attribute.c (GenerateEXIFAttribute): Fixed SourceForge
	bug 400 "Exif orientation unknown for some JPEG files".  Patch
	submitted by Troy Patteson.

2016-10-02  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c Add sanity check for palette.  Merge
	RemoveLastImageFromList+AppendImageToList to ReplaceImageInList.
	Possible heap overflow of colormap in Q8 build was assigned
	CVE-2016-7996.  Assertion crash due to blob != NULL was assigned
	CVE-2016-7997.

2016-10-01  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/meta.c (parse8BIM): Fix unsigned underflow leading to
	heap overflow when parsing 8BIM chunk.  Problem was reported by
	Marco Grassi via email on October 1, 2016.  Problem was already
	known (but not fixed) based on comments in the code.  This issue
	has been assigned CVE-2016-7800.

2016-09-28  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xcf.c: Improve the robustness of the XCF reader by adding
	more error checking.

2016-09-27  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/rle.c (RLEConstrainColormapIndex): Was not constraining
	colormap index like it should be.  This problem was added on
	2016-09-23.

	* www/thanks.rst: Added Moshe Kaplan to Thanks.

	* www/Hg.rst: Mercurial URL fixes.  Patch from Mark Mitchell.

	* www/programming.rst: Updated programming APIs page.

2016-09-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/pixel_cache.c (OpenCache): Trace ExtendCache() failures.

2016-09-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/sgi.c (ReadSGIImage): Fix unexpectedly large memory
	allocation with corrupt SGI file provided via email by Agostino
	Sarubbo on September 15, 2016.

	* coders/rle.c (ReadRLEImage): Only report an invalid colormap
	index once.  Fixes slowness problem with corrupt file provided via
	email by Agostino Sarubbo on September 15, 2016.

2016-09-18  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* www/thanks.rst: Added a 'thanks' page.

2016-09-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* PerlMagick/MANIFEST: Fix content of PerlMagick MANIFEST.

2016-09-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pcx.c (ReadPCXImage): Check that filesize is reasonable
	given header.  Fixes excessive memory allocation followed by
	eventual file truncation error for corrupt file.  Problem was
	reported via email by Agostino Sarubbo on 2016-09-10.

	* coders/sgi.c (ReadSGIImage): Check that filesize is reasonable
	given header.  Fixes excessive memory allocation followed by
	eventual file truncation error for corrupt file.  Problem was
	reported via email by Agostino Sarubbo on 2016-09-09.

	* coders/sct.c (ReadSCTImage): Fix stack-buffer read overflow
	while reading SCT header.  Problem was reported via email by
	Agostino Sarubbo on 2016-09-09.

	* coders/svg.c: Fix Coverity issue 135772 "RESOURCE_LEAK" and
	issue 135829 "Null pointer dereferences".  None of these issues
	were new, but Coverity noticed them now.  Reflowed source to GNU C
	style for consistent indentation and so it does not fight with my
	editor.

2016-09-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/common.h (MAGICK_HAS_ATTRIBUTE): Coverity is allergic to
	__has_attribute() so don't use it for Coverity builds.

2016-09-05  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* www/index.rst: Update for 1.3.25 release.

	* version.sh: Update library versioning for 1.3.25 release.

	* NEWS.txt: Make sure is up to date.

	* Various fixes for minor issues noticed when compiling under
	Visual Studio.

2016-08-22  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/studio.h (MAGICK_CACHE_LINE_SIZE): Apply patch from
	Gentoo Linux to increase MAGICK_CACHE_LINE_SIZE to 128 when
	__powerpc__ is defined.

2016-08-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* NEWS.txt: Updated with latest changes.

2016-08-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/rle.c (ReadRLEImage): Reject truncated/absurd Utah RLE
	files. Problem was reported by Agostino Sarubbo on August 19,
	2016.  This problem was assigned CVE-2016-7448 after the 1.3.25
	release.

2016-08-18  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (ReadTIFFImage): Fix heap-based buffer read
	overflow.  TIFF sized attibutes were not being properly copied to
	a null-terminated string if the value was not null terminated.
	Problem was reported by Agostino Sarubbo on August 18, 2016.  This
	problem was assigned CVE-2016-7449 after the 1.3.25 release.

2016-08-15  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* lcms/src/cmstypes.c (Type_MLU_Read): "Added an extra check to
	MLU bounds", change based on github mm2/Little-CMS commit
	5ca71a7bc18b6897ab21d815d15e218e204581e2 and announced to the
	oss-security list by Ibrahim M. El-Sayed on Mon, 15 Aug 2016.

2016-08-14  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* webp: Updated bundled libwebp to release 0.5.1.

	* libxml: Updated bundled libxml2 to release 2.9.4.

	* lcms: Updated bundled lcms2 to release 2.8.

	* png: Update bundled libpng to release 1.6.24.

	* coders/jpeg.c (ReadJPEGImage): Log setting resolution and
	resolution units due to JFIF marker.

	* coders/sgi.c (SGIDecode): Fix integer overflow of size type in
	Win64 build where sizeof(long) < sizeof(size_t).

2016-08-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders, magick: Compile clean using GCC with -std=c90.

	* magick/describe.c (DescribeImage): The 'identify' and 'info'
	functionality only shows the pixel read rate if image was not read
	in 'ping' mode.  Provide seconds timing with 6 digits of precision
	since that is what is needed.

2016-08-07  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/describe.c (DescribeImage): Include milliseconds
	resolution in elapsed time output.

	* magick/timer.c (ElapsedTime): Use clock_gettime() (when
	available with default linkage) to obtain elapsed time.

2016-08-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/yuv.c (WriteYUVImage): Fix benign clang compiler warning
	regarding "variable 'x' is incremented both in the loop header and
	in the loop body".

	* configure.ac: Fixes to use clang's OpenMP runtime library
	(-lomp) for clang 3.8 and later.  Specifically tested with clang
	3.8 on Ubuntu 16.04 'xenial'.  Problem was reported by Holger
	Hoffstätte via private email.

	* NEWS.txt: Bring up to date with latest changes.

2016-07-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawImage): Reject abnormally absurd gradient
	size requests (many absurd requests are still allowed).  Provide
	detailed error reports when a gradient is rejected.

	* coders/svg.c: Support units for 'stroke-dashoffset'.

2016-07-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/annotate.c (EscapeParenthesis): In private email on
	2016-07-07, Gustavo Grieco notified us of a heap overflow in
	EscapeParenthesis().  I was not able to reproduce the issue but
	changed the implementation with the suspicion that the
	implementation has a bug, and due to noticing arbitary limits and
	inefficiency.  This issue was assigned CVE-2016-7447 after the
	1.3.25 release.

2016-07-03  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawImage): Fix absolute and arbitrary gradient
	dimension sanity checks which caused gradient requests to fail.
	Resolves SourceForge issue #392 "SVG 'push defs' fails (Debian
	bugs 829063 and 828120)".

2016-06-16  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* www/security.rst: Add discussion of SVG format and SSRF
	vulnerability.

2016-06-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/svg.c (ReadSVGImage): Assure that SVGInfo data is freed
	when XMP parsing is aborted due to an error.

2016-06-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* NEWS.txt: Updated NEWS with changes since last release.

	* www/security.rst: Add a page about GraphicsMagick security.

2016-06-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawPrimitive): Over-aggressive error reporting
	was causing failures when elements were "drawn" off-image.
	Resolves SourceForge issue #389 "Non-conforming drawing primitive
	definition (line)".

2016-05-31  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawImage): Fix problem while reading file
	"tnamkejarz.svg.2532308010849170049" provided via private email
	from Gustavo Grieco on May 31, 2016.

	* magick/utility.c (MagickGetToken): Fix problem while reading
	file "vqxwatmqmi.svg.-3669039972557308254" provided via private
	email from Gustavo Grieco on May 31, 2016.

2016-05-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* NEWS.txt: Update for 1.3.24 release.

	* www/Changes.rst: Mention 1.3.24 release.

	* www/index.rst: Update for 1.3.24 release.

	* version.sh: Update library ABI information in preparation for
	1.3.24 release.

	* NEWS.txt: Updated NEWS to reflect fixes and issues.

2016-05-29  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* NEWS.txt: Updated with latest news.

	* magick/blob.c (OpenBlob): Remove support for reading input from
	a shell command, or writing output to a shell command, by
	prefixing the specified filename (containing the command) with a
	'|'.  This feature provided a remote shell execution opportunity
	(CVE-2016-5118).

	* coders/mat.c (ReadMATImage): Validate that MAT frames is not
	zero.

2016-05-28  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawImage): Be less optimistic when estimating
	the number of points required to represent a path.  This should
	help address CVE-2016-2317 "Heap buffer overflow".  This resolves
	SourceForge issue #275 "Applying Clipping Path to high resolution
	JPG".

2016-05-25  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawImage): Fix problem while reading file
	"pxypjhfdxf.svg.7406476585885697806" provided via via private
	email from Gustavo Grieco on May 24, 2016.

	* coders/svg.c: Fix problem while reading file
	"pxypjhfdxf.svg.308008972284643989" provided via private email
	from Gustavo Grieco on May 24, 2016.

2016-05-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/svg.c ("C"): Support font-size "medium".

2016-05-22  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* NEWS.txt: Updated NEWS.txt to reflect latest changes.

	* magick/render.c (DrawImage): Added DrawImage() recursion
	detection/prevention.

	* coders/svg.c (ReadSVGImage): Add basic primitive argument
	validation.

	* magick/render.c (DrawImage): Add basic primitive argument
	validation.

2016-05-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/url.c (ReadURLImage): Reading "file://" URLs was not
	working.  Now file URLs are working.

2016-05-21  Glenn Randers-Pehrson  <glennrp@simple.dallas.tx.us>

	* coders/png.c: Respect JPEG limits (65535x65535) and user width
	and height limits from "-limit" while reading or writing JNG files.

2016-05-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/url.c: Don't hide HTTP, FTP, and FILE URL support from
	'-list format' output.  Ignore HTTP, FTP, and FILE as a useful
	file extension for determing the file format.

2016-05-17  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (ConvertPathToPolygon): Make sure that first
	edge is initialized.  Make sure that points is not null.

2016-05-15  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawImage): Fixed segmentation violation while
	reading file "275077586554139424.lqxdgqxtfs.svg" provided via
	private email from Gustavo Grieco on May 15, 2016.  This is due to
	another CVE-2016-2317 related issue.

2016-05-14  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/svg.c ("C"): Fixed problems while reading files
	"aaphrbkwwe.svg.-1899680443073025602",
	"aaphrbkwwe.svg.-5751004588641220738",
	"aaphrbkwwe.svg.-8875730334406147537", and
	"aaphrbkwwe.svg.4495884156523242589" provided via private email
	from Gustavo Grieco on February 8, 2016.

2016-05-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dib.c (ReadDIBImage): Verify that DIB file data is
	sufficient to meet claims made by file header.  Validate image
	planes.  Fixes Fixes problem reported by Hanno Böck on May 8th,
	2016 via private email entitled "malloc issue in ReadDIBImage".

2016-05-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/msl.c (RegisterMSLImage): Ignore the file extension on
	MSL files.  The only way to read an image from a MSL file (as
	opposed to explicitly running a MSL script with 'conjure') is by
	reading using a filename specification like "msl:filename".  This
	is done for security reasons.

	* magick/render.c (DrawPrimitive): Fix Coverity issue 126378
	"Resource leak".

	* coders/mat.c (DecompressBlock): Fix Coverity issue 126379
	"Resource leak".

	* magick/render.c (DrawImage): Fix Coverity issue 126380 "Resource
	leak".

2016-05-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawPrimitive): Sanity check the image file
	path or URL before passing it to ReadImage().

	* config/delegates.mgk.in: Pare down delegates.mgk to reduce
	security exposure due to external programs not under our control.

2016-05-08  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Typo fix - matrix has nothing to do with PostScript.

2016-05-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/mat.c (DecompressBlock): Don't hang on a corrupt deflate
	stream when reading matlab v6 file.  Fixes problem reported by
	Hanno Böck on May 8, 2016 via private email entitled "hang of
	matlab input file".

2016-05-07  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/image.c (SetImageInfo): Undocumented "TMP" magick prefix
	no longer removes the argument file after it has been read. This
	functionality is only used to support the "show" delegate which is
	used by options in the 'display' program which need to display a
	generated image in a new instance of 'display'.  The "show"
	delegate is used by writing a temporary file to be viewed, and
	which should be removed before the program quits.  Since the "TMP"
	feature was originally implemented, GraphicsMagick added a
	temporary file management subsystem which assures that temporary
	files are removed so this feature is not needed.

	* coders/tiff.c (ReadTIFFImage): Fix heap overflow with file
	"gkkxrilssm.tiff.-4678010562506843336" provided by Gustavo Grieco
	on February 8, 2006 via private email.

	* coders/viff.c (ReadVIFFImage): Fix problem with a very large
	malloc in sample file provided by Hanno Böck on May 7, 2016 with
	subject "large malloc in ReadVIFFImage".

	* coders/mvg.c (RegisterMVGImage): Do not auto-detect MVG format
	based on file extension.  MVG files can then only be read by
	adding a "MVG:" prefix to the file name. There is already no
	auto-detection of MVG based on content.

2016-05-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xpm.c (ReadXPMImage): Limit the number of XPM colors and
	assure array initialization.  Fixes bad behavior with a sample
	file provided by Hanno Böck on May 6, 2016 with subject "Invalid
	free in ReadXPMImage".

	* coders/pcx.c (ReadPCXImage): Limit the number of PCX image
	planes allowed.  Fixes an unreasonable memory allocation in a
	sample file provided by Hanno Böck on May 5, 2016.

2016-05-04  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* config/delegates.mgk.in: Gnuplot files are inherently insecure.
	Remove delegates support for reading them.  Reported by John
	Lightsey via private email.
	Added -dSAFER to Ghostscript invokations in delegates.mgk for more
	secure execution.  Reported by David Chan via SourceForge bug
	"#386 ghostscript delegates should explicitly use -dSAFER.".

	* magick/constitute.c (ReadImages): Avoid possible infinite
	ReadImage() recursion.

2016-05-01  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawPolygonPrimitive): Fix divide by zero
	exception encountered while reading file "sigfpe.svg" posted by
	Gustavo Grieco on May 1, 2016 to the oss-security mailing list
	with subject "CVE request: DoS in multiple versions of
	GraphicsMagick".
	(DrawDashPolygon): Fix endless loop problem caused by negative
	stroke-dasharray arguments.  Resolves problem observed while
	reading file "circular.svg" posted by Gustavo Grieco on May 1,
	2016 to the oss-security mailing list with subject "CVE request:
	DoS in multiple versions of GraphicsMagick".

	* magick/import.c (ImportViewPixelArea): Fix assertion while
	reading TIFF file gkkxrilssm.tiff.105123337066 provided by Gustavo
	Grieco.

2016-04-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/locale.c (ReadLOCALEImage): Make sure to close blob
	before returning.

	* coders/svg.c ("C"): Provide a hack work-around for double-quoted
	font-family argument.

	* magick/render.c (DrawImage): Make SVG path and other primitive
	parsing more robust.  Fixes SEGV when reading files provided by
	CVE-2016-2318 test cases.  Fixes CVE-2016-2318 completely.

2016-04-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawImage): Fix heap buffer overflow when
	reading aaphrbkwwe.svg.-1114777018469422437 from CVE-2016-2317
	test cases.  This resolves CVE-2016-2317 completely.

2016-04-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/command.c (MogrifyImageCommand): Added mogrify
	-preserve-timestamp option to preserve file access and
	modification timestamps.  Contributed by Niko Rosvall via
	SourceForge patch #45 "preserve-timestamp option for mogrify
	command."

2016-04-19  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/blob.c: Added ReadBlobLSBSignedShort(),
	ReadBlobMSBSignedShort(),
	ReadBlobLSBSignedLong(),ReadBlobMSBSignedLong(),
	WriteBlobLSBSignedShort(), WriteBlobLSBSignedLong(),
	WriteBlobMSBSignedLong(), WriteBlobMSBSignedShort() for doing I/O
	on signed integer types without the need for dangerous casts or
	unexpected values due to signed/unsigned conversion.

2016-04-17  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* NEWS.txt: Updated with latest changes.

	* magick/constitute.c (ReadImage): Added asserts to check that the
	I/O blob is not still open in the returned image since this causes
	problems.

	* magick/blob.c (CloneBlobInfo): Use a cloning approach which does
	not require manually keeping structure members in sync.

	* coders/msl.c (ProcessMSLScript): Need to close I/O blob before
	returning.

	* coders/psd.c (ReadPSDImage): Assure that allocated image is not
	dereferenced before checking if it is NULL.  Check some memory
	calculations for overflow.
	(ReadPSDImage): Need to close I/O blob before returning.

	* coders/dib.c (ReadDIBImage): Use DestroyBlob() rather than
	DestroyBlobInfo().

	* coders/bmp.c (ReadBMPImage): Use DestroyBlob() rather than
	DestroyBlobInfo().

	* magick/blob.c: Improve blob tracing.

2016-04-13  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/bmp.c (ReadBMPImage): Fix reading 24-bit Microsoft BMP
	which claims to have a colormap.

2016-04-13 Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* PerlMagick/t/input_complex_lsb_double_V4.mat Demo Matlab V4
	complex file.
	* coders/mat.c Missing break added.

2016-04-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xpm.c (ReadXPMImage): Fix SourceForge issue #361
	"out-of-bounds read in coders/xpm.c:150:24"

	* coders/psd.c (ReadPSDImage): Add some defensive code to assure
	that image layers are not freed twice.

2016-04-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/log.c (InitializeLogInfo): Simplify LogInfo structure and
	its allocation in order to lessen the amount of fixed overhead.

2016-04-04  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/jp2.c (WriteJP2Image): Fix SourceForge issue #378 "jp2:
	impossible to create lossless jpeg-2000".  With this fix,
	specifying 'define jp2:rate=1.0' or '-quality 100' results in a
	lossless JP2 file.

2016-04-03  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/common.h: Update for GCC 5.

	* PerlMagick/MANIFEST: Update PerlMagick manifest.

	* PerlMagick/t/{read.t, write.t}: Add tests for MAT v4.

2016-04-03 Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Matlab V4 attempt to read complex part of data.

2016-04-02  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* PerlMagick/t/features.pl.in: Provide a way that PerlMagick
	feature tests can test if a feature is supported.  Use it to make
	the PSD test optional.

	* coders/Makefile.am: Only build PSD module if
	ENABLE_BROKEN_CODERS is enabled.

	* magick/module.c (UnloadModule): Only invoke the module
	unregister function if it is defined.  The module register
	function is not defined if either the register or unregister
	functions were not found in the module which was loaded.

2016-04-02 Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Matlab V4 files are also rotated.
        * PerlMagick/t/input_gray_lsb_double_V4.mat   Demo Matlab V4 file.

2016-04-01  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/magick.c (GetMagickInfo): Only declare that ExceptionInfo
	argument is not used if modules are not supported.

2016-03-28 Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Attempt to read Matlab V4 files.

2016-03-27  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/image.c (DestroyImage): Simply return if image is NULL
	since it is more user-friendly.

	* magick/shear.c (RotateImage): Fix Coverity issue 124519
	"Logically dead code".

	* magick/effect.c (BlurImage): Fix Coverity issue 124520
	"Dereference after null check".

	* coders/pdb.c (WritePDBImage): Fix SourceForge bug #360
	"out-of-bounds read in utilities/gm+0x80fcc71) (PDB reader)".

	* coders/meta.c (convertHTMLcodes): Fix SourceForge bug #373
	"out-of-bounds read in coders/meta.c:444:50"
	(ReadMETAImage): Fix SourceForge bug #364 "out-of-bounds write in
	coders/meta.c:1331:7".

2016-03-26  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/sgi.c (ReadSGIImage): Fix SourceForge bug #366
	"out-of-bounds write in coders/sgi.c:528:4" and bug #369
	"out-of-bounds write in coders/sgi.c:535:4".

	* coders/rle.c (ReadRLEImage): Fix SourceForge bug #371
	"out-of-bounds read in coders/rle.c:633:39".

2016-03-25  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dib.c (ReadDIBImage): Fix SourceForge bug #367
	"out-of-bounds read in coders/dib.c:706:13" and bug #370
	"out-of-bounds read in coders/dib.c:716:15".

	* coders/pict.c (ReadPICTImage): Fix SourceForge bug #365
	"out-of-bounds read in magick/image.c:1305:3"

	* magick/utility.c (GetPageGeometry): Fix SourceForge bug #374
	"out-of-bounds write in magick/utility.c:4355:7"

2016-03-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/miff.c (ReadMIFFImage): Fix SourceForge bug #376 "SIGABRT
	in magick/colorspace.c:1052".

	* magick/shear.c (RotateImage): Fix SourceForge bug #375 "SIGABRT
	in magick/image.c:1230".

	* coders/sun.c (DecodeImage): Fix SourceForge bug #368
	"out-of-bounds read in coders/sun.c:223:17" and bug #363
	"out-of-bounds read in coders/sun.c:221:16".

2016-03-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/svg.c (GetUserSpaceCoordinateValue): Fix stack buffer
	overflow when reading file 'aaphrbkwwe.svg.-632425326915265752'
	from CVE-2016-2317 problem files.  Partial fix for SourceForge bug
	#358 "CVE-2016-2317 - SVG heap/stack buffer overflows".

	* magick/utility.c (MagickGetToken): New private function to
	replace GetToken().  The new function accepts a token buffer
	length argument.  GetToken() is modified to assume a token buffer
	length 'MaxTextExtent'.  All code using GetToken() is updated to
	use MagickGetToken().

	* coders/svg.c: Fix heap buffer overflow when reading file
	"aaphrbkwwe.svg.4495884156523242589" from CVE-2016-2317 problem
	files.  Partial fix for SourceForge bug #358 "CVE-2016-2317 - SVG
	heap/stack buffer overflows".

2016-03-19  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/psd.c (ReadPSDImage): Fix SourceForge bug #341
	"out-of-bounds read in coders/psd.c:1435".
	(WriteWhiteBackground): Fix SourceForge bug #350 "SEGV in
	coders/psd.c:1685".
	(DecodeImage): Fix SourceForge bug #351 "heap-buffer-overflow in
	coders/psd.c:142".
	(ReadPSDImage): Fix SourceForge bug #342 "out-of-bounds write in
	coders/psd.c:892"

	* coders/xcf.c (load_tile): Fix SourceForge bug #337
	"heap-buffer-overflow in coders/xcf.c:373".

	* coders/pict.c (WritePICTImage): Fix SourceForge bug #340
	"out-of-bounds write in coders/pict.c:1929".

	* coders/pdb.c (WritePDBImage): Fix SourceForge bug #348
	"heap-buffer-overflow in coders/pdb.c:949:26".

	* coders/xpm.c (ReadXPMImage): Fix SourceForge bug #334
	"heap-buffer-overflow in coders/xpm.c:150".

2016-03-09 Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Fixed huge image limitation.

2016-03-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/sun.c (WriteSUNImage): Fix SourceForge bug #343
	"out-of-bounds write in coders/sun.c:962".

	* coders/rle.c (ReadRLEImage): Fix SourceForge bug #344
	"out-of-bounds write in coders/rle.c:524".

	* coders/xpm.c (ReadXPMImage): Fix SourceForge bug #335
	"out-of-bounds read in coders/xpm.c:154 ".

2016-03-06  Glenn Randers-Pehrson  <glennrp@simple.dallas.tx.us>

	* doc/options.imdoc (-extent): Revised the example to
	clarify the interaction of -gravity with the "geometry" offsets.

2016-03-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* configure.ac: Add support for --enable-broken-coders which
	determines if broken or hazardous file format support should be
	enabled in the build.  Currently Adobe Photoshop (PSD) format is
	included in this category.

	* Rotate Changelog for new year.  Update documentation copyrights
	for new year.

2016-03-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* tiff/libtiff/tif_config.h (HAVE_SNPRINTF): Define HAVE_SNPRINTF
	when using Microsoft Visual C++ 14 (Visual Studio 2015) or later.
	This is based on advice by Pablo Elpuro.

2016-02-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* Magick++/lib/Image.cpp (xResolution): New method to support
	setting the horizontal resolution with double precision.
	(yResolution): New method to support setting the vertical
	resolution with double precision.

	* www/Hg.rst: Document the ssh public keys for the server hosting
	the development Mercurial repository.

2016-02-16  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xpm.c (ReadXPMImage): Fix SourceForge bug #333
	heap-buffer-overflow in coders/xpm.c:409.