Browse Source

initial package creation

Signed-off-by: Toshaan Bharvani <toshaan@powerel.org>
master
Toshaan Bharvani 2 years ago
commit
465787a8c1
  1. 165
      SOURCES/openjpeg2-CVE-2021-29338.patch
  2. 35
      SOURCES/openjpeg2-CVE-2021-3575.patch
  3. 12
      SOURCES/openjpeg2_opj2.patch
  4. 501
      SPECS/openjpeg2.spec

165
SOURCES/openjpeg2-CVE-2021-29338.patch

@ -0,0 +1,165 @@ @@ -0,0 +1,165 @@
From efbfbbb723e100cfbcea287a30958bf678e83458 Mon Sep 17 00:00:00 2001
From: Ariadne Conill <ariadne@dereferenced.org>
Date: Tue, 27 Apr 2021 09:37:40 -0600
Subject: [PATCH] opj_{compress,decompress,dump}: fix possible buffer overflows
in path manipulation functions

---
src/bin/jp2/opj_compress.c | 12 ++++++------
src/bin/jp2/opj_decompress.c | 13 ++++++-------
src/bin/jp2/opj_dump.c | 14 +++++++-------
3 files changed, 19 insertions(+), 20 deletions(-)

diff --git a/src/bin/jp2/opj_compress.c b/src/bin/jp2/opj_compress.c
index 6827484..d8f894c 100644
--- a/src/bin/jp2/opj_compress.c
+++ b/src/bin/jp2/opj_compress.c
@@ -543,8 +543,8 @@ static char * get_file_name(char *name)
static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
opj_cparameters_t *parameters)
{
- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
+ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
+ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
char *temp_p, temp1[OPJ_PATH_LEN] = "";
strcpy(image_filename, dirptr->filename[imageno]);
@@ -553,7 +553,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
if (parameters->decod_format == -1) {
return 1;
}
- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
+ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
infilename) != 0) {
return 1;
@@ -566,7 +566,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
sprintf(temp1, ".%s", temp_p);
}
if (img_fol->set_out_format == 1) {
- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
+ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
img_fol->out_format);
if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
outfilename) != 0) {
@@ -1910,9 +1910,9 @@ int main(int argc, char **argv)
num_images = get_num_images(img_fol.imgdirpath);
dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
if (dirptr) {
- dirptr->filename_buf = (char*)malloc(num_images * OPJ_PATH_LEN * sizeof(
+ dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN * sizeof(
char)); /* Stores at max 10 image file names*/
- dirptr->filename = (char**) malloc(num_images * sizeof(char*));
+ dirptr->filename = (char**) calloc(num_images, sizeof(char*));
if (!dirptr->filename_buf) {
ret = 0;
goto fin;
diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
index 2634907..e54e54f 100644
--- a/src/bin/jp2/opj_decompress.c
+++ b/src/bin/jp2/opj_decompress.c
@@ -455,13 +455,13 @@ const char* path_separator = "/";
char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
opj_decompress_parameters *parameters)
{
- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
+ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
+ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
char *temp_p, temp1[OPJ_PATH_LEN] = "";
strcpy(image_filename, dirptr->filename[imageno]);
fprintf(stderr, "File Number %d \"%s\"\n", imageno, image_filename);
- sprintf(infilename, "%s%s%s", img_fol->imgdirpath, path_separator,
+ snprintf(infilename, OPJ_PATH_LEN * 2, "%s%s%s", img_fol->imgdirpath, path_separator,
image_filename);
parameters->decod_format = infile_format(infilename);
if (parameters->decod_format == -1) {
@@ -479,7 +479,7 @@ char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
sprintf(temp1, ".%s", temp_p);
}
if (img_fol->set_out_format == 1) {
- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
+ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
img_fol->out_format);
if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
outfilename) != 0) {
@@ -1357,14 +1357,13 @@ int main(int argc, char **argv)
return EXIT_FAILURE;
}
/* Stores at max 10 image file names */
- dirptr->filename_buf = (char*)malloc(sizeof(char) *
- (size_t)num_images * OPJ_PATH_LEN);
+ dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN);
if (!dirptr->filename_buf) {
failed = 1;
goto fin;
}
- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
+ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
if (!dirptr->filename) {
failed = 1;
diff --git a/src/bin/jp2/opj_dump.c b/src/bin/jp2/opj_dump.c
index 6e15fee..4e19c61 100644
--- a/src/bin/jp2/opj_dump.c
+++ b/src/bin/jp2/opj_dump.c
@@ -201,8 +201,8 @@ static int get_file_format(const char *filename)
static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
opj_dparameters_t *parameters)
{
- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
+ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
+ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
char *temp_p, temp1[OPJ_PATH_LEN] = "";
strcpy(image_filename, dirptr->filename[imageno]);
@@ -211,7 +211,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
if (parameters->decod_format == -1) {
return 1;
}
- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
+ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
infilename) != 0) {
return 1;
@@ -224,7 +224,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
sprintf(temp1, ".%s", temp_p);
}
if (img_fol->set_out_format == 1) {
- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
+ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
img_fol->out_format);
if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
outfilename) != 0) {
@@ -457,7 +457,7 @@ int main(int argc, char *argv[])
opj_codestream_info_v2_t* cstr_info = NULL;
opj_codestream_index_t* cstr_index = NULL;
- OPJ_INT32 num_images, imageno;
+ int num_images, imageno;
img_fol_t img_fol;
dircnt_t *dirptr = NULL;
@@ -486,13 +486,13 @@ int main(int argc, char *argv[])
if (!dirptr) {
return EXIT_FAILURE;
}
- dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof(
+ dirptr->filename_buf = (char*) calloc((size_t) num_images, OPJ_PATH_LEN * sizeof(
char)); /* Stores at max 10 image file names*/
if (!dirptr->filename_buf) {
free(dirptr);
return EXIT_FAILURE;
}
- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
+ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
if (!dirptr->filename) {
goto fails;
--
2.31.1

35
SOURCES/openjpeg2-CVE-2021-3575.patch

@ -0,0 +1,35 @@ @@ -0,0 +1,35 @@
From 409907d89878222cf9dea80f0add8f73e9383834 Mon Sep 17 00:00:00 2001
From: Mehdi Sabwat <mehdisabwat@gmail.com>
Date: Fri, 7 May 2021 01:50:37 +0200
Subject: [PATCH] fix heap buffer overflow #1347

---
src/bin/common/color.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/bin/common/color.c b/src/bin/common/color.c
index 27f15f1..935fa44 100644
--- a/src/bin/common/color.c
+++ b/src/bin/common/color.c
@@ -368,12 +368,15 @@ static void sycc420_to_rgb(opj_image_t *img)
sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
- ++y;
+ if (*y != img->comps[0].data[loopmaxh])
+ ++y;
++r;
++g;
++b;
- ++cb;
- ++cr;
+ if (*cb != img->comps[1].data[loopmaxh])
+ ++cb;
+ if (*cr != img->comps[2].data[loopmaxh])
+ ++cr;
}
if (j < maxw) {
sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
--
2.31.1

12
SOURCES/openjpeg2_opj2.patch

@ -0,0 +1,12 @@ @@ -0,0 +1,12 @@
diff -rupN --no-dereference openjpeg-2.4.0/src/bin/jp2/CMakeLists.txt openjpeg-2.4.0-new/src/bin/jp2/CMakeLists.txt
--- openjpeg-2.4.0/src/bin/jp2/CMakeLists.txt 2020-12-28 21:59:39.000000000 +0100
+++ openjpeg-2.4.0-new/src/bin/jp2/CMakeLists.txt 2020-12-29 15:45:09.466819414 +0100
@@ -44,6 +44,8 @@ endif()
# Loop over all executables:
foreach(exe opj_decompress opj_compress opj_dump)
add_executable(${exe} ${exe}.c ${common_SRCS})
+ string(REPLACE "opj_" "opj2_" exe2 ${exe})
+ set_target_properties(${exe} PROPERTIES OUTPUT_NAME ${exe2})
if(NOT ${CMAKE_VERSION} VERSION_LESS "2.8.12")
target_compile_options(${exe} PRIVATE ${OPENJP2_COMPILE_OPTIONS})
endif()

501
SPECS/openjpeg2.spec

@ -0,0 +1,501 @@ @@ -0,0 +1,501 @@
# Conformance tests disabled by default since it requires 1 GB of test data
#global runcheck 1

#global optional_components 1

# https://bugzilla.redhat.com/show_bug.cgi?id=1751749
%global _target_platform %{_vendor}-%{_target_os}

Name: openjpeg2
Version: 2.4.0
Release: 6%{?dist}
Summary: C-Library for JPEG 2000

# windirent.h is MIT, the rest is BSD
License: BSD and MIT
URL: https://github.com/uclouvain/openjpeg
Source0: https://github.com/uclouvain/openjpeg/archive/v%{version}/openjpeg-%{version}.tar.gz
%if 0%{?runcheck}
# git clone git@github.com:uclouvain/openjpeg-data.git
Source1: data.tar.xz
%endif

# Rename tool names to avoid conflicts with openjpeg-1.x
Patch0: openjpeg2_opj2.patch
# Fix CVE-2021-29338
Patch1: openjpeg2-CVE-2021-29338.patch
# Fix CVE-2021-3575
Patch2: openjpeg2-CVE-2021-3575.patch


BuildRequires: cmake
# The library itself is C only, but there is some optional C++ stuff, hence the project is not marked as C-only in cmake and hence cmake looks for a c++ compiler
BuildRequires: gcc-c++
BuildRequires: make
BuildRequires: zlib-devel
BuildRequires: libpng-devel
BuildRequires: libtiff-devel
BuildRequires: lcms2-devel
BuildRequires: doxygen

%if 0%{?optional_components}
BuildRequires: java-devel
BuildRequires: xerces-j2
%endif

%description
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
promote the use of JPEG 2000.

This package contains
* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1
compliance).
* JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple
component transforms for multispectral and hyperspectral imagery)


%package devel
Summary: Development files for OpenJPEG 2
Requires: %{name}%{?_isa} = %{version}-%{release}
# OpenJPEGTargets.cmake refers to the tools
Requires: %{name}-tools%{?_isa} = %{version}-%{release}

%description devel
The %{name}-devel package contains libraries and header files for developing
applications that use OpenJPEG 2.


%package devel-docs
Summary: Developer documentation for OpenJPEG 2
BuildArch: noarch

%description devel-docs
The %{name}-devel-docs package contains documentation files for developing
applications that use OpenJPEG 2.


%package tools
Summary: OpenJPEG 2 command line tools
Requires: %{name}%{?_isa} = %{version}-%{release}

%description tools
Command line tools for JPEG 2000 file manipulation, using OpenJPEG2:
* opj2_compress
* opj2_decompress
* opj2_dump

%if 0%{?optional_components}
##### MJ2 #####

%package mj2
Summary: OpenJPEG2 MJ2 module
Requires: %{name}%{?_isa} = %{version}-%{release}

%description mj2
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
promote the use of JPEG 2000.

This package contains the MJ2 module (JPEG 2000 standard Part 3)


%package mj2-devel
Summary: Development files for OpenJPEG2 MJ2 module
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
Requires: %{name}-mj2%{?_isa} = %{version}-%{release}

%description mj2-devel
Development files for OpenJPEG2 MJ2 module


%package mj2-tools
Summary: OpenJPEG2 MJ2 module command line tools
Requires: %{name}-mj2%{?_isa} = %{version}-%{release}

%description mj2-tools
OpenJPEG2 MJ2 module command line tools

##### JPWL #####

%package jpwl
Summary: OpenJPEG2 JPWL module
Requires: %{name}%{?_isa} = %{version}-%{release}

%description jpwl
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
promote the use of JPEG 2000.

This package contains the JPWL (JPEG 2000 standard Part 11 - Jpeg 2000 Wireless)


%package jpwl-devel
Summary: Development files for OpenJPEG2 JPWL module
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
Requires: %{name}-jpwl%{?_isa} = %{version}-%{release}

%description jpwl-devel
Development files for OpenJPEG2 JPWL module


%package jpwl-tools
Summary: OpenJPEG2 JPWL module command line tools
Requires: %{name}-jpwl%{?_isa} = %{version}-%{release}

%description jpwl-tools
OpenJPEG2 JPWL module command line tools

##### JPIP #####

%package jpip
Summary: OpenJPEG2 JPIP module
Requires: %{name}%{?_isa} = %{version}-%{release}

%description jpip
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
promote the use of JPEG 2000.

This package contains the JPWL (JPEG 2000 standard Part 9 - Jpeg 2000 Interactive Protocol)


%package jpip-devel
Summary: Development files for OpenJPEG2 JPIP module
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
Requires: %{name}-jpwl%{?_isa} = %{version}-%{release}

%description jpip-devel
Development files for OpenJPEG2 JPIP module


%package jpip-tools
Summary: OpenJPEG2 JPIP module command line tools
Requires: %{name}-jpip%{?_isa} = %{version}-%{release}
Requires: jpackage-utils
Requires: java

%description jpip-tools
OpenJPEG2 JPIP module command line tools

##### JP3D #####

%package jp3d
Summary: OpenJPEG2 JP3D module
Requires: %{name}%{?_isa} = %{version}-%{release}

%description jp3d
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
promote the use of JPEG 2000.

This package contains the JP3D (JPEG 2000 standard Part 10 - Jpeg 2000 3D)


%package jp3d-devel
Summary: Development files for OpenJPEG2 JP3D module
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
Requires: %{name}-jp3d%{?_isa} = %{version}-%{release}

%description jp3d-devel
Development files for OpenJPEG2 JP3D module


%package jp3d-tools
Summary: OpenJPEG2 JP3D module command line tools
Requires: %{name}-jp3d%{?_isa} = %{version}-%{release}

%description jp3d-tools
OpenJPEG2 JP3D module command line tools
%endif


%prep
%autosetup -p1 -n openjpeg-%{version} %{?runcheck:-a 1}

# Remove all third party libraries just to be sure
find thirdparty/ -mindepth 1 -maxdepth 1 -type d -exec rm -rf {} \;


%build
# TODO: Consider
# -DBUILD_JPIP_SERVER=ON -DBUILD_JAVA=ON
%cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DOPENJPEG_INSTALL_LIB_DIR=%{_lib} \
%{?optional_components:-DBUILD_MJ2=ON -DBUILD_JPWL=ON -DBUILD_JPIP=ON -DBUILD_JP3D=ON} \
-DBUILD_DOC=ON \
-DBUILD_STATIC_LIBS=OFF \
-DBUILD_SHARED_LIBS=ON \
%{?runcheck:-DBUILD_TESTING:BOOL=ON -DOPJ_DATA_ROOT=$PWD/../data}

%cmake_build


%install
%cmake_install

mv %{buildroot}%{_mandir}/man1/opj_compress.1 %{buildroot}%{_mandir}/man1/opj2_compress.1
mv %{buildroot}%{_mandir}/man1/opj_decompress.1 %{buildroot}%{_mandir}/man1/opj2_decompress.1
mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.1

# Docs are installed through %%doc
rm -rf %{buildroot}%{_datadir}/doc/

%if 0%{?optional_components}
# Move the jar to the correct place
mkdir -p %{buildroot}%{_javadir}
mv %{buildroot}%{_datadir}/opj_jpip_viewer.jar %{buildroot}%{_javadir}/opj2_jpip_viewer.jar
cat > %{buildroot}%{_bindir}/opj2_jpip_viewer <<EOF
java -jar %{_javadir}/opj2_jpip_viewer.jar "$@"
EOF
chmod +x %{buildroot}%{_bindir}/opj2_jpip_viewer
%endif


%ldconfig_scriptlets


%check
%if 0%{?runcheck}
%ctest
%endif


%files
%{!?_licensedir:%global license %doc}
%license LICENSE
%doc AUTHORS.md NEWS.md README.md THANKS.md
%{_libdir}/libopenjp2.so.*
%{_mandir}/man3/libopenjp2.3*

%files devel
%dir %{_includedir}/openjpeg-2.4/
%{_includedir}/openjpeg-2.4/openjpeg.h
%{_includedir}/openjpeg-2.4/opj_config.h
%{_includedir}/openjpeg-2.4/opj_stdint.h
%{_libdir}/libopenjp2.so
%{_libdir}/openjpeg-2.4/
%{_libdir}/pkgconfig/libopenjp2.pc

%files devel-docs
%doc %{__cmake_builddir}/doc/html

%files tools
%{_bindir}/opj2_compress
%{_bindir}/opj2_decompress
%{_bindir}/opj2_dump
%{_mandir}/man1/opj2_compress.1*
%{_mandir}/man1/opj2_decompress.1*
%{_mandir}/man1/opj2_dump.1*

%if 0%{?optional_components}
%files mj2
%{_libdir}/libopenmj2.so.*

%files mj2-devel
%{_libdir}/libopenmj2.so

%files mj2-tools
%{_bindir}/opj2_mj2*

%files jpwl
%{_libdir}/libopenjpwl.so.*

%files jpwl-devel
%{_libdir}/libopenjpwl.so
%{_libdir}/pkgconfig/libopenjpwl.pc

%files jpwl-tools
%{_bindir}/opj2_jpwl*

%files jpip
%{_libdir}/libopenjpip.so.*

%files jpip-devel
%{_libdir}/libopenjpip.so
%{_libdir}/pkgconfig/libopenjpip.pc

%files jpip-tools
%{_bindir}/opj2_jpip*
%{_bindir}/opj2_dec_server
%{_javadir}/opj2_jpip_viewer.jar

%files jp3d
%{_libdir}/libopenjp3d.so.*

%files jp3d-devel
%{_includedir}/openjpeg-2.0/openjp3d.h
%{_libdir}/libopenjp3d.so
%{_libdir}/pkgconfig/libopenjp3d.pc

%files jp3d-tools
%{_bindir}/opj2_jp3d*
%endif


%changelog
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-6
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688

* Fri Jun 25 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-5
- Fix CVE-2021-3575 (#1969280)

* Fri Jun 25 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-4
- Fix CVE-2021-29338 (#1951333)

* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

* Tue Dec 29 2020 Sandro Mani <manisandro@gmail.com> - 2.4.0-1
- Update to 2.4.0

* Thu Dec 17 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-10
* Backport patches for CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845

* Thu Dec 10 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-9
* Backport patches for CVE-2020-27824 and CVE-2020-27823

* Sat Nov 28 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-8
- Backport patch for CVE-2020-27814

* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Thu Feb 13 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-6
- Backport patch for CVE 2020-8112

* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild

* Fri Jan 17 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-4
- Backport patch for CVE 2020-6851

* Wed Oct 02 2019 Sandro Mani <manisandro@gmail.com> - 2.3.1-3
- Fix unbundling 3rd party libraries (#1757822)

* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

* Tue Apr 02 2019 Sandro Mani <manisandro@gmail.com> - 2.3.1-1
- Update to 2.3.1

* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

* Thu Dec 20 2018 Sandro Mani <manisandro@gmail.com> - 2.3.0-10
- Backport patches for CVE-2018-18088, CVE-2018-6616

* Thu Oct 04 2018 Sandro Mani <manisandro@gmail.com> - 2.3.0-9
- Backport patch for CVE-2018-5785 (#1537758)

* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Wed Mar 07 2018 Sandro Mani <manisandro@gmail.com> - 2.3.0-7
- BR: gcc-c++

* Mon Feb 19 2018 Sandro Mani <manisandro@gmail.com> - 2.3.0-6
- Add missing BR: gcc, make

* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.3.0-4
- Switch to %%ldconfig_scriptlets

* Mon Dec 25 2017 Sandro Mani <manisandro@gmail.com> - 2.3.0-3
- Rename tool names at cmake level to ensure OpenJPEGTargets.cmake refers to the renamed files

* Mon Dec 25 2017 Sandro Mani <manisandro@gmail.com> - 2.3.0-2
- Use BUILD_STATIC_LIBS=OFF instead of deleting the static library after build

* Thu Oct 05 2017 Sandro Mani <manisandro@gmail.com> - 2.3.0-1
- Update to 2.3.0

* Thu Sep 07 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-4
- Backport fix for CVE-2017-14039

* Thu Aug 31 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-3
- Backport more security fixes, including for CVE-2017-14041 and CVE-2017-14040

* Thu Aug 31 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-2
- Backport patch for CVE-2017-12982

* Thu Aug 10 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-1
- Update to 2.2.0

* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

* Sat Dec 17 2016 Sandro Mani <manisandro@gmail.com> - 2.1.2-3
- Add patch for CVE-2016-9580 (#1405128) and CVE-2016-9581 (#1405135)

* Thu Dec 08 2016 Sandro Mani <manisandro@gmail.com> - 2.1.2-2
- Add patch for CVE-2016-9572 (#1402714) and CVE-2016-9573 (#1402711)

* Wed Sep 28 2016 Sandro Mani <manisandro@gmail.com> - 2.1.2-1
- Update to 2.1.2
- Fixes: CVE-2016-7445

* Fri Sep 09 2016 Sandro Mani <manisandro@gmail.com> - 2.1.1-3
- Backport: Add sanity check for tile coordinates (#1374337)

* Fri Sep 09 2016 Sandro Mani <manisandro@gmail.com> - 2.1.1-2
- Backport fixes for CVE-2016-7163

* Wed Jul 06 2016 Sandro Mani <manisandro@gmail.com> - 2.1.1-1
- Update to 2.1.1
- Fixes: CVE-2016-3183, CVE-2016-3181, CVE-2016-3182, CVE-2016-4796, CVE-2016-4797, CVE-2015-8871

* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

* Thu Oct 01 2015 Sandro Mani <manisandro@gmail.com> - 2.1.0-7
- Backport fix for possible double-free (#1267983)

* Tue Sep 15 2015 Sandro Mani <manisandro@gmail.com> - 2.1.0-6
- Backport fix for use after free vulnerability (#1263359)

* Thu Jun 25 2015 Sandro Mani <manisandro@gmail.com> - 2.1.0-5
- Add openjpeg2_bigendian.patch (#1232739)

* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Tue May 27 2014 Sandro Mani <manisandro@gmail.com> - 2.1.0-1
- Update to 2.1.0

* Wed Apr 16 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-5
- Switch to official 2.0 release and backport pkg-config patch

* Thu Apr 10 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-4.svn20140403
- Replace define with global
- Fix #define optional_components 1S typo
- Fix %%(pwd) -> $PWD for test data
- Added some BR for optional components
- Include opj2_jpip_viewer.jar in %%files

* Wed Apr 09 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-3.svn20140403
- Fix source url
- Fix mixed tabs and spaces
- Fix description too long

* Wed Apr 09 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-2.svn20140403
- Remove thirdparty libraries folder in prep
- Own %%{_libdir}/openjpeg-2.0/
- Fix Requires
- Add missing ldconfig
- Add possibility to run conformance tests if desired
* Thu Apr 03 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-1.svn20140403
- Initial package
Loading…
Cancel
Save