Bug#987300: unblock: imagemagick/8:6.9.11.60+dfsg-1.3

Salvatore Bonaccorso Wed, 21 Apr 2021 00:00:22 -0700

Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: 
car...@debian.org,j...@debian.org,roucaries.bast...@gmail.com,ro...@debian.org


Dear release team,

Please unblock package imagemagick

Initially both 8:6.9.11.60+dfsg-1.1 (independtly) and
8:6.9.11.60+dfsg-1.2 was unblocked. The later was done to bring inline
with the previous changes done in stable already for imagemagick to
disable the ghostscript handled formats by default in the imagemagick
policy (See: DSA 4712-1 / imagemagick 8:6.9.10.23+dfsg-2.1+deb10u1)

Due to an oversight on my end, this caused obviously the own
imagemagick autopkgtests to fail, cf. #987247. The autopkgtests ware
changed to not try to actually perform now the PDF related tests,
which are now correct to not function.

Related, the changes uncovered autopkgtest failures in bookletimposer
filled as #987249. The problem here is that for performing the tests,
bookletimposer 'integration' test needs 4 PDFs to test the
bookletimposer functionality, and used for that the 'convert xc:none
-page A4 $i.pdf' conmmand which will fail due to the imagemagick
changes, in consequence the autopkgtest fails though that was not the
actual part of the tests which wanted to be performed.

I'm attaching both the debdiff between the already unblocked versions
but for completeness as well the debdiff against the current version
in testing.

Can you unblock imagemagick accordingly? bookletimposer autopkgtest
should probably independly be adjusted to not use imagemagick to
generate the initial set of PDFs to then further test the
functionality of bookletimposer.

Regards,
Salvatore

diff -Nru imagemagick-6.9.11.60+dfsg/debian/changelog 
imagemagick-6.9.11.60+dfsg/debian/changelog
--- imagemagick-6.9.11.60+dfsg/debian/changelog 2021-04-19 20:16:51.000000000 
+0200
+++ imagemagick-6.9.11.60+dfsg/debian/changelog 2021-04-20 16:37:59.000000000 
+0200
@@ -1,3 +1,11 @@
+imagemagick (8:6.9.11.60+dfsg-1.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * autopkgtest: Drop PDF related tests which will fail after disabling
+    ghostscript handled formats by default (Closes: #987247)
+
+ -- Salvatore Bonaccorso <car...@debian.org>  Tue, 20 Apr 2021 16:37:59 +0200
+
 imagemagick (8:6.9.11.60+dfsg-1.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru imagemagick-6.9.11.60+dfsg/debian/tests/control 
imagemagick-6.9.11.60+dfsg/debian/tests/control
--- imagemagick-6.9.11.60+dfsg/debian/tests/control     2021-04-19 
20:15:14.000000000 +0200
+++ imagemagick-6.9.11.60+dfsg/debian/tests/control     2021-04-20 
16:37:59.000000000 +0200
@@ -1,11 +1,11 @@
 Tests: rose-6.q16
-Depends: imagemagick-6.q16, libmagickcore-6.q16-6-extra, ghostscript, netpbm
+Depends: imagemagick-6.q16, libmagickcore-6.q16-6-extra, netpbm
 
 Tests: perlmagick-6.q16
 Depends: libimage-magick-q16-perl, libmagickcore-6.q16-6-extra, 
libaliased-perl, gsfonts
 
 Tests: rose-6.q16hdri
-Depends: imagemagick-6.q16hdri, libmagickcore-6.q16hdri-6-extra, ghostscript, 
netpbm
+Depends: imagemagick-6.q16hdri, libmagickcore-6.q16hdri-6-extra, netpbm
 
 Tests: perlmagick-6.q16hdri
 Depends: libimage-magick-q16hdri-perl, libmagickcore-6.q16hdri-6-extra, 
libaliased-perl, gsfonts
diff -Nru imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16 
imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16
--- imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16  2021-04-19 
20:15:14.000000000 +0200
+++ imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16  2021-04-20 
16:37:59.000000000 +0200
@@ -3,7 +3,6 @@
 CONVERT=convert-im6.q16
 
 set -e
-$CONVERT rose: pdf:/dev/null
 $CONVERT rose: png:/dev/null
 $CONVERT rose: jpeg:/dev/null
 $CONVERT rose: bmp:/dev/null
diff -Nru imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16hdri 
imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16hdri
--- imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16hdri      2021-04-19 
20:15:14.000000000 +0200
+++ imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16hdri      2021-04-20 
16:37:59.000000000 +0200
@@ -3,7 +3,6 @@
 CONVERT=convert-im6.q16hdri
 
 set -e
-$CONVERT rose: pdf:/dev/null
 $CONVERT rose: png:/dev/null
 $CONVERT rose: jpeg:/dev/null
 $CONVERT rose: bmp:/dev/null
diff -Nru imagemagick-6.9.11.60+dfsg/debian/tests.d/control.quantum.in 
imagemagick-6.9.11.60+dfsg/debian/tests.d/control.quantum.in
--- imagemagick-6.9.11.60+dfsg/debian/tests.d/control.quantum.in        
2021-04-19 20:15:14.000000000 +0200
+++ imagemagick-6.9.11.60+dfsg/debian/tests.d/control.quantum.in        
2021-04-20 16:37:59.000000000 +0200
@@ -1,5 +1,5 @@
 Tests: rose-${IMVERSION}.${QUANTUMDEPTH}
-Depends: imagemagick-${IMVERSION}.${QUANTUMDEPTH}, 
libmagickcore-${IMVERSION}.${QUANTUMDEPTH}-${CORESOVERSION}-extra, ghostscript, 
netpbm
+Depends: imagemagick-${IMVERSION}.${QUANTUMDEPTH}, 
libmagickcore-${IMVERSION}.${QUANTUMDEPTH}-${CORESOVERSION}-extra, netpbm
 
 Tests: perlmagick-${IMVERSION}.${QUANTUMDEPTH}
 Depends: libimage-magick-${QUANTUMDEPTH}-perl, 
libmagickcore-${IMVERSION}.${QUANTUMDEPTH}-${CORESOVERSION}-extra, 
libaliased-perl, gsfonts
diff -Nru 
imagemagick-6.9.11.60+dfsg/debian/tests.d/rose-IMVERSION.QUANTUMDEPTH.in 
imagemagick-6.9.11.60+dfsg/debian/tests.d/rose-IMVERSION.QUANTUMDEPTH.in
--- imagemagick-6.9.11.60+dfsg/debian/tests.d/rose-IMVERSION.QUANTUMDEPTH.in    
2021-04-19 20:15:14.000000000 +0200
+++ imagemagick-6.9.11.60+dfsg/debian/tests.d/rose-IMVERSION.QUANTUMDEPTH.in    
2021-04-20 16:37:59.000000000 +0200
@@ -3,7 +3,6 @@
 CONVERT=convert-im${IMVERSION}.${QUANTUMDEPTH}
 
 set -e
-$CONVERT rose: pdf:/dev/null
 $CONVERT rose: png:/dev/null
 $CONVERT rose: jpeg:/dev/null
 $CONVERT rose: bmp:/dev/null

diff -Nru imagemagick-6.9.11.60+dfsg/debian/changelog 
imagemagick-6.9.11.60+dfsg/debian/changelog
--- imagemagick-6.9.11.60+dfsg/debian/changelog 2021-02-01 17:22:02.000000000 
+0100
+++ imagemagick-6.9.11.60+dfsg/debian/changelog 2021-04-20 16:37:59.000000000 
+0200
@@ -1,3 +1,25 @@
+imagemagick (8:6.9.11.60+dfsg-1.3) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * autopkgtest: Drop PDF related tests which will fail after disabling
+    ghostscript handled formats by default (Closes: #987247)
+
+ -- Salvatore Bonaccorso <car...@debian.org>  Tue, 20 Apr 2021 16:37:59 +0200
+
+imagemagick (8:6.9.11.60+dfsg-1.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Disable ghostscript handled formats based on -SAFER insecurity
+
+ -- Salvatore Bonaccorso <car...@debian.org>  Mon, 19 Apr 2021 20:16:51 +0200
+
+imagemagick (8:6.9.11.60+dfsg-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Import upstream patch to fix font size (Closes: #980202).
+
+ -- Jochen Sprickerhof <jspri...@debian.org>  Tue, 13 Apr 2021 20:58:45 +0200
+
 imagemagick (8:6.9.11.60+dfsg-1) unstable; urgency=high
 
   * New upstream version
diff -Nru 
imagemagick-6.9.11.60+dfsg/debian/patches/0001-https-github.com-ImageMagick-ImageMagick6-issues-145.patch
 
imagemagick-6.9.11.60+dfsg/debian/patches/0001-https-github.com-ImageMagick-ImageMagick6-issues-145.patch
--- 
imagemagick-6.9.11.60+dfsg/debian/patches/0001-https-github.com-ImageMagick-ImageMagick6-issues-145.patch
   1970-01-01 01:00:00.000000000 +0100
+++ 
imagemagick-6.9.11.60+dfsg/debian/patches/0001-https-github.com-ImageMagick-ImageMagick6-issues-145.patch
   2021-04-19 20:15:14.000000000 +0200
@@ -0,0 +1,32 @@
+From 650f0f7ecfaee42b3da89a04b92b05f27fe786e9 Mon Sep 17 00:00:00 2001
+From: Cristy <mikayla-gr...@urban-warrior.org>
+Date: Sat, 10 Apr 2021 12:15:54 -0400
+Subject: [PATCH] https://github.com/ImageMagick/ImageMagick6/issues/145
+
+---
+ magick/annotate.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/magick/annotate.c b/magick/annotate.c
+index 29c8bbe74..20fbf7bb1 100644
+--- a/magick/annotate.c
++++ b/magick/annotate.c
+@@ -1484,6 +1484,15 @@ static MagickBooleanType RenderFreetype(Image 
*image,const DrawInfo *draw_info,
+   metrics->pixels_per_em.y=face->size->metrics.y_ppem;
+   metrics->ascent=(double) face->size->metrics.ascender/64.0;
+   metrics->descent=(double) face->size->metrics.descender/64.0;
++  if (face->size->metrics.ascender == 0)
++    {
++      /*
++        Sanitize buggy ascender and descender values.
++      */
++      metrics->ascent=face->size->metrics.y_ppem;
++      if (face->size->metrics.descender == 0)
++        metrics->descent=face->size->metrics.y_ppem/-3.5;
++    }
+   metrics->width=0;
+   metrics->origin.x=0;
+   metrics->origin.y=0;
+-- 
+2.31.0
+
diff -Nru 
imagemagick-6.9.11.60+dfsg/debian/patches/0023-disable-ghostscript-formats.patch
 
imagemagick-6.9.11.60+dfsg/debian/patches/0023-disable-ghostscript-formats.patch
--- 
imagemagick-6.9.11.60+dfsg/debian/patches/0023-disable-ghostscript-formats.patch
    1970-01-01 01:00:00.000000000 +0100
+++ 
imagemagick-6.9.11.60+dfsg/debian/patches/0023-disable-ghostscript-formats.patch
    2021-04-19 20:15:35.000000000 +0200
@@ -0,0 +1,24 @@
+Author: Steve Beattie <steve.beat...@canonical.com>
+Subject: disable ghostscript handled formats based on -SAFER insecurity
+
+Based on Tavis Ormandy's Recommendations
+updated: 2019-11-11
+
+---
+ config/policy.xml |    5 +++++
+ 1 file changed, 5 insertions(+)
+
+--- a/config/policy.xml
++++ b/config/policy.xml
+@@ -86,4 +86,11 @@
+   <policy domain="delegate" rights="none" pattern="HTTP" />
+   <!-- in order to avoid to get image with password text -->
+   <policy domain="path" rights="none" pattern="@*"/>
++  <!-- disable ghostscript format types -->
++  <policy domain="coder" rights="none" pattern="PS" />
++  <policy domain="coder" rights="none" pattern="PS2" />
++  <policy domain="coder" rights="none" pattern="PS3" />
++  <policy domain="coder" rights="none" pattern="EPS" />
++  <policy domain="coder" rights="none" pattern="PDF" />
++  <policy domain="coder" rights="none" pattern="XPS" />
+ </policymap>
diff -Nru imagemagick-6.9.11.60+dfsg/debian/patches/series 
imagemagick-6.9.11.60+dfsg/debian/patches/series
--- imagemagick-6.9.11.60+dfsg/debian/patches/series    2021-02-01 
17:20:25.000000000 +0100
+++ imagemagick-6.9.11.60+dfsg/debian/patches/series    2021-04-19 
20:15:53.000000000 +0200
@@ -20,3 +20,5 @@
 0020-Fix-a-typo-in-manpage.patch
 0021-Finalize-fixing-error-in-html.patch
 0022-FIx-error-in-new-upstream-html.patch
+0001-https-github.com-ImageMagick-ImageMagick6-issues-145.patch
+0023-disable-ghostscript-formats.patch
diff -Nru imagemagick-6.9.11.60+dfsg/debian/tests/control 
imagemagick-6.9.11.60+dfsg/debian/tests/control
--- imagemagick-6.9.11.60+dfsg/debian/tests/control     2021-02-01 
17:20:23.000000000 +0100
+++ imagemagick-6.9.11.60+dfsg/debian/tests/control     2021-04-20 
16:37:59.000000000 +0200
@@ -1,11 +1,11 @@
 Tests: rose-6.q16
-Depends: imagemagick-6.q16, libmagickcore-6.q16-6-extra, ghostscript, netpbm
+Depends: imagemagick-6.q16, libmagickcore-6.q16-6-extra, netpbm
 
 Tests: perlmagick-6.q16
 Depends: libimage-magick-q16-perl, libmagickcore-6.q16-6-extra, 
libaliased-perl, gsfonts
 
 Tests: rose-6.q16hdri
-Depends: imagemagick-6.q16hdri, libmagickcore-6.q16hdri-6-extra, ghostscript, 
netpbm
+Depends: imagemagick-6.q16hdri, libmagickcore-6.q16hdri-6-extra, netpbm
 
 Tests: perlmagick-6.q16hdri
 Depends: libimage-magick-q16hdri-perl, libmagickcore-6.q16hdri-6-extra, 
libaliased-perl, gsfonts
diff -Nru imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16 
imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16
--- imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16  2021-02-01 
17:20:23.000000000 +0100
+++ imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16  2021-04-20 
16:37:59.000000000 +0200
@@ -3,7 +3,6 @@
 CONVERT=convert-im6.q16
 
 set -e
-$CONVERT rose: pdf:/dev/null
 $CONVERT rose: png:/dev/null
 $CONVERT rose: jpeg:/dev/null
 $CONVERT rose: bmp:/dev/null
diff -Nru imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16hdri 
imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16hdri
--- imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16hdri      2021-02-01 
17:20:23.000000000 +0100
+++ imagemagick-6.9.11.60+dfsg/debian/tests/rose-6.q16hdri      2021-04-20 
16:37:59.000000000 +0200
@@ -3,7 +3,6 @@
 CONVERT=convert-im6.q16hdri
 
 set -e
-$CONVERT rose: pdf:/dev/null
 $CONVERT rose: png:/dev/null
 $CONVERT rose: jpeg:/dev/null
 $CONVERT rose: bmp:/dev/null
diff -Nru imagemagick-6.9.11.60+dfsg/debian/tests.d/control.quantum.in 
imagemagick-6.9.11.60+dfsg/debian/tests.d/control.quantum.in
--- imagemagick-6.9.11.60+dfsg/debian/tests.d/control.quantum.in        
2021-02-01 17:20:23.000000000 +0100
+++ imagemagick-6.9.11.60+dfsg/debian/tests.d/control.quantum.in        
2021-04-20 16:37:59.000000000 +0200
@@ -1,5 +1,5 @@
 Tests: rose-${IMVERSION}.${QUANTUMDEPTH}
-Depends: imagemagick-${IMVERSION}.${QUANTUMDEPTH}, 
libmagickcore-${IMVERSION}.${QUANTUMDEPTH}-${CORESOVERSION}-extra, ghostscript, 
netpbm
+Depends: imagemagick-${IMVERSION}.${QUANTUMDEPTH}, 
libmagickcore-${IMVERSION}.${QUANTUMDEPTH}-${CORESOVERSION}-extra, netpbm
 
 Tests: perlmagick-${IMVERSION}.${QUANTUMDEPTH}
 Depends: libimage-magick-${QUANTUMDEPTH}-perl, 
libmagickcore-${IMVERSION}.${QUANTUMDEPTH}-${CORESOVERSION}-extra, 
libaliased-perl, gsfonts
diff -Nru 
imagemagick-6.9.11.60+dfsg/debian/tests.d/rose-IMVERSION.QUANTUMDEPTH.in 
imagemagick-6.9.11.60+dfsg/debian/tests.d/rose-IMVERSION.QUANTUMDEPTH.in
--- imagemagick-6.9.11.60+dfsg/debian/tests.d/rose-IMVERSION.QUANTUMDEPTH.in    
2021-02-01 17:20:23.000000000 +0100
+++ imagemagick-6.9.11.60+dfsg/debian/tests.d/rose-IMVERSION.QUANTUMDEPTH.in    
2021-04-20 16:37:59.000000000 +0200
@@ -3,7 +3,6 @@
 CONVERT=convert-im${IMVERSION}.${QUANTUMDEPTH}
 
 set -e
-$CONVERT rose: pdf:/dev/null
 $CONVERT rose: png:/dev/null
 $CONVERT rose: jpeg:/dev/null
 $CONVERT rose: bmp:/dev/null

Bug#987300: unblock: imagemagick/8:6.9.11.60+dfsg-1.3

Reply via email to