Update to ImageMagick 6.9.10-10 including various fixes for bugs found by

OSS Fuzz. Disable ghostscript-based coders in the default config file (policy.xml) following suggestion in http://www.openwall.com/lists/oss-security/2018/08/21/2 If you're using an edited config file or using ImageMagick in chroot, you may want to consider following suit.
2018-08-22 18:36:00 +00:00 · 2018-08-22 18:36:00 +00:00 · 054f22e19b
commit 054f22e19b
parent 93e42925a7
5 changed files with 40 additions and 22 deletions
--- a/graphics/ImageMagick/Makefile
+++ b/graphics/ImageMagick/Makefile
@ -1,16 +1,16 @@
-# $OpenBSD: Makefile,v 1.177 2018/05/24 09:33:42 sthen Exp $
+# $OpenBSD: Makefile,v 1.178 2018/08/22 18:36:00 sthen Exp $

 COMMENT=		image processing tools

-VER=			6.9.9
-DASHVER=		47
+VER=			6.9.10
+DASHVER=		10
 DISTNAME=		ImageMagick-${VER}-${DASHVER}
 PKGNAME=		ImageMagick-${VER}.${DASHVER}
 PORTROACH=		site:https://www.imagemagick.org/download/ limit:6.*
 EXTRACT_SUFX=		.tar.xz

-SHARED_LIBS +=	MagickCore-6.Q16     6.1      # 5.0
-SHARED_LIBS +=	MagickWand-6.Q16     4.0      # 5.0
+SHARED_LIBS +=	MagickCore-6.Q16     6.2      # 6.0
+SHARED_LIBS +=	MagickWand-6.Q16     4.0      # 6.0
 SHARED_LIBS +=	Magick++-6.Q16       5.2      # 8.0

 CATEGORIES=		graphics
@ -72,16 +72,12 @@ CONFIGURE_ENV+=		CPPFLAGS="-I${LOCALBASE}/include/libxml2 -I${LOCALBASE}/include
 			LDFLAGS="-L${WRKBUILD}/magick/.libs -L${WRKBUILD}/wand/.libs -L${LOCALBASE}/lib" \
 			ac_cv_path_LaunchDelegate=no

+FAKE_FLAGS=		CONFIGURE_PATH=${PREFIX}/share/examples/ImageMagick
+
 pre-configure:
 	cd ${WRKSRC}; ${SUBST_CMD} $$(find . -name '*.pc.in')

-post-install:
+xxpost-install:
 	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/ImageMagick
-.for i in coder.xml colors.xml delegates.xml log.xml magic.xml \
-	mime.xml policy.xml quantization-table.xml \
-	thresholds.xml type-dejavu.xml type-ghostscript.xml \
-	type-windows.xml type.xml
-	${INSTALL_DATA} ${WRKSRC}/config/$i ${PREFIX}/share/examples/ImageMagick
-.endfor

 .include <bsd.port.mk>
--- a/graphics/ImageMagick/distinfo
+++ b/graphics/ImageMagick/distinfo
@ -1,2 +1,2 @@
-SHA256 (ImageMagick-6.9.9-47.tar.xz) = jqbz/M8HupbOreyEUEKCgxUoXb5WJXAQZdHnQDv3rqc=
-SIZE (ImageMagick-6.9.9-47.tar.xz) = 8918196
+SHA256 (ImageMagick-6.9.10-10.tar.xz) = 8JSI5tjkxwNgmjvkJEaQpfUz12X9KwgiwF29amrnHCw=
+SIZE (ImageMagick-6.9.10-10.tar.xz) = 8929904
--- a/graphics/ImageMagick/patches/patch-config_policy_xml
+++ b/graphics/ImageMagick/patches/patch-config_policy_xml
@ -0,0 +1,18 @@
+$OpenBSD: patch-config_policy_xml,v 1.1 2018/08/22 18:36:00 sthen Exp $
+
+As recommended in http://www.openwall.com/lists/oss-security/2018/08/21/2
+
+Index: config/policy.xml
+--- config/policy.xml.orig
+++ config/policy.xml
+@@ -69,6 +69,10 @@
+   <!-- <policy domain="resource" name="throttle" value="0"/> -->
+   <!-- <policy domain="resource" name="time" value="3600"/> -->
+   <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
+  <policy domain="coder" rights="none" pattern="PS" />
+  <policy domain="coder" rights="none" pattern="EPS" />
+  <policy domain="coder" rights="none" pattern="PDF" />
+  <policy domain="coder" rights="none" pattern="XPS" />
+   <!-- <policy domain="delegate" rights="none" pattern="HTTPS" /> -->
+   <!-- <policy domain="path" rights="none" pattern="@*" /> -->
+   <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
--- a/graphics/ImageMagick/patches/patch-configure_ac
+++ b/graphics/ImageMagick/patches/patch-configure_ac
@ -1,8 +1,8 @@
-$OpenBSD: patch-configure_ac,v 1.17 2017/12/28 21:56:32 sthen Exp $
+$OpenBSD: patch-configure_ac,v 1.18 2018/08/22 18:36:00 sthen Exp $
 Index: configure.ac
 --- configure.ac.orig
 +++ configure.ac
-@@ -1342,7 +1342,7 @@ fi
+@@ -1339,7 +1339,7 @@ fi
 
 # Assume that delegate headers reside under same directory as ImageMagick
 # installation prefix.
@ -11,7 +11,7 @@ Index: configure.ac
 
 #
 # Find the X11 RGB database
-@@ -2937,7 +2937,7 @@ AC_SUBST([PERLMAINCC])
+@@ -2934,7 +2934,7 @@ AC_SUBST([PERLMAINCC])
 #
 
 # Path to ImageMagick header files
@ -20,7 +20,7 @@ Index: configure.ac
 INCLUDE_PATH="${INCLUDE_DIR}/${INCLUDE_RELATIVE_PATH}"
 DEFINE_INCLUDE_PATH="${INCLUDE_DIR}/${INCLUDE_RELATIVE_PATH}/"
 case "${build_os}" in
-@@ -2960,7 +2960,7 @@ AC_DEFINE_UNQUOTED(INCLUDEARCH_PATH,"$DEFINE_INCLUDE_P
+@@ -2957,7 +2957,7 @@ AC_DEFINE_UNQUOTED(INCLUDEARCH_PATH,"$DEFINE_INCLUDE_P
 AC_SUBST(INCLUDEARCH_PATH)
 
 # Subdirectory under lib to place ImageMagick lib files
@ -29,7 +29,7 @@ Index: configure.ac
 AC_DEFINE_UNQUOTED(LIBRARY_RELATIVE_PATH,"$LIBRARY_RELATIVE_PATH",[Subdirectory of lib where ImageMagick architecture dependent files are installed.])
 
 # Path to ImageMagick bin directory
-@@ -3051,7 +3051,7 @@ AC_SUBST(FILTER_PATH)
+@@ -3048,7 +3048,7 @@ AC_SUBST(FILTER_PATH)
 
 #
 # Path to ImageMagick documentation files
@ -38,7 +38,7 @@ Index: configure.ac
 DOCUMENTATION_PATH="${DOC_DIR}/${DOCUMENTATION_RELATIVE_PATH}"
 DEFINE_DOCUMENTATION_PATH="${DOC_DIR}/${DOCUMENTATION_RELATIVE_PATH}/"
 case "${build_os}" in
-@@ -3071,7 +3071,7 @@ AC_ARG_ENABLE([docs],
+@@ -3068,7 +3068,7 @@ AC_ARG_ENABLE([docs],
 AM_CONDITIONAL([INSTALL_DOC], [test "$wantdocs" = "yes"])
 
 # Subdirectory to place architecture-dependent configuration files
@ -47,7 +47,7 @@ Index: configure.ac
 AC_DEFINE_UNQUOTED(CONFIGURE_RELATIVE_PATH,"$CONFIGURE_RELATIVE_PATH",[Subdirectory of lib where architecture-dependent configuration files live.])
 CONFIGURE_PATH="${SYSCONF_DIR}/${CONFIGURE_RELATIVE_PATH}/"
 DEFINE_CONFIGURE_PATH="${SYSCONF_DIR}/${CONFIGURE_RELATIVE_PATH}/"
-@@ -3084,7 +3084,7 @@ AC_DEFINE_UNQUOTED(CONFIGURE_PATH,"$DEFINE_CONFIGURE_P
+@@ -3081,7 +3081,7 @@ AC_DEFINE_UNQUOTED(CONFIGURE_PATH,"$DEFINE_CONFIGURE_P
 AC_SUBST(CONFIGURE_PATH)
 
 # Subdirectory to place architecture-independent configuration files
--- a/graphics/ImageMagick/pkg/PLIST
+++ b/graphics/ImageMagick/pkg/PLIST
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.57 2018/05/24 09:33:42 sthen Exp $
+@comment $OpenBSD: PLIST,v 1.58 2018/08/22 18:36:00 sthen Exp $
@conflict p5-PerlMagick-*
@pkgpath graphics/ImageMagick,no_x11
@sample ${SYSCONFDIR}/ImageMagick/
@ -1263,10 +1263,14 @@ share/examples/ImageMagick/quantization-table.xml
@sample ${SYSCONFDIR}/ImageMagick/quantization-table.xml
 share/examples/ImageMagick/thresholds.xml
@sample ${SYSCONFDIR}/ImageMagick/thresholds.xml
+share/examples/ImageMagick/type-apple.xml
+@sample ${SYSCONFDIR}/ImageMagick/type-apple.xml
 share/examples/ImageMagick/type-dejavu.xml
@sample ${SYSCONFDIR}/ImageMagick/type-dejavu.xml
 share/examples/ImageMagick/type-ghostscript.xml
@sample ${SYSCONFDIR}/ImageMagick/type-ghostscript.xml
+share/examples/ImageMagick/type-urw-base35.xml
+@sample ${SYSCONFDIR}/ImageMagick/type-urw-base35.xml
 share/examples/ImageMagick/type-windows.xml
@sample ${SYSCONFDIR}/ImageMagick/type-windows.xml
 share/examples/ImageMagick/type.xml