Sync from SUSE:SLFO:Main SDL2 revision 56618740701ce5265aa43cddb02a7c6d

2024-09-06 15:25:16 +02:00 · 2024-09-06 15:25:16 +02:00 · edc3240bc7
commit edc3240bc7
parent ece5a3fdd5
9 changed files with 191 additions and 18 deletions
--- a/SDL2-2.28.5.tar.gz
+++ b/SDL2-2.28.5.tar.gz
--- a/SDL2-2.28.5.tar.gz.sig
+++ b/SDL2-2.28.5.tar.gz.sig
--- a/SDL2-2.30.6.tar.gz
+++ b/SDL2-2.30.6.tar.gz
--- a/SDL2-2.30.6.tar.gz.sig
+++ b/SDL2-2.30.6.tar.gz.sig
--- a/SDL2.changes
+++ b/SDL2.changes
@ -1,3 +1,81 @@
+-------------------------------------------------------------------
+Thu Aug 29 09:07:45 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
+
+- Don't build with fcitx support. fcitx support was just added
+  because of a bug (boo#1025413) that could be fixed by building
+  with fcitx support but upstream SDL2 developers fixed it
+  in 2.0.5 when building without fcitx support too. Also fcitx
+  support has always been disabled in SLE/Leap and in Factory
+  it's built against fcitx 4.2.9.9, not the newer fcitx5 so
+  let's disable it in order to reduce dependencies.
+
+-------------------------------------------------------------------
+Fri Aug 16 08:57:49 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 2.30.6
+  * Improved detection of Nintendo Switch Pro controller report mode
+  * Fixed a rare crash when a controller is disconnected
+
+-------------------------------------------------------------------
+Tue Jun 18 07:32:33 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 2.30.4
+  * Added support for the Saitek Cyborg V.3 Rumble Pad in PS3 mode
+  * Added support for the Razer Kitsune in PS5 mode
+  * Added Linux bindings for the Qanba Drone 2 Arcade Joystick
+  * Leave Nintendo Online controllers in simple report mode so
+    they work with DirectInput games
+  * Enable using libusb for GameCube controllers when available
+
+-------------------------------------------------------------------
+Wed May  1 19:03:52 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 2.30.3
+  * Fixed a pointer warping issue on XWayland
+  * Reduced startup time when scanning for game controllers on Linux
+
+-------------------------------------------------------------------
+Tue Apr  2 08:47:20 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 2.30.2
+  * Fixed performance regression initialing controllers on Linux
+  * Added support for the 6-button SEGA Mega Drive Control Pad
+    for Nintendo Online
+  * Add support for MadCatz Saitek Side Panel Control Deck
+  * Added support for the Hori Fighting Stick EX2
+  * Added support for the Yawman Arrow flightstick
+  * Added a gamepad mapping for the Defender Joystick Cobra R4
+  * Fixed the gamepad mapping for the Sanwa Supply JY-P76USV
+    controller
+  * Allow using SDL_RWFromFile() with named pipes
+
+-------------------------------------------------------------------
+Wed Mar  6 07:45:37 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 2.30.1
+  * Fixed a regression causing SDL_WaitEvent() to return spurious
+    failures
+  * Wayland windows automatically have OpenGL enabled again
+  * Fixed memory corruption when converting signed 16-bit audio
+    to float
+  * Fixed audio artifacts when converting signed 8-bit audio to
+    float
+  * Fixed the clip rectangle not being updated when the viewport
+    changes in the SDL renderer
+
+-------------------------------------------------------------------
+Fri Feb  2 00:45:50 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 2.30
+  * Added support for 2 bits-per-pixel indexed surface formats.
+  * Added the function SDL_GameControllerGetSteamHandle() to get
+    the Steam API handle for a controller, if available.
+  * Added the event SDL_CONTROLLERSTEAMHANDLEUPDATED which is sent
+    when the Steam API handle for a controller changes. This could
+    also change the name, VID, and PID of the controller.
+  * Added the environment variable SDL_LOGGING to control default
+    log output.
+
 -------------------------------------------------------------------
 Thu Nov  2 19:09:24 UTC 2023 - Jan Engelhardt <jengelh@inai.de>

@ -142,6 +220,13 @@ Tue Nov 22 01:03:38 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
    SDL_ControllerSensorEvent, when the hardware provides that
    information.
 - Delete sdl2-khronos.patch (merged)
+- Drop CVE-2022-4743.patch.
+
+-------------------------------------------------------------------
+Tue Nov  3 21:06:13 UTC 2022 - Michael Gorse <mgorse@suse.com>
+
+- Add CVE-2022-4743.patch: fix potential memory leak in
+  GLES_CreateTexture (boo#1206727 CVE-2022-4743).

 -------------------------------------------------------------------
 Tue Nov  1 14:27:40 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
@ -288,6 +373,14 @@ Tue Nov 30 17:30:02 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
 - Drop SDL2-endian.patch (inapplicable),
  sdl2-fix-wayland-fullscreen.patch (merged),
  audio-Support-pulse-as-an-alias-for-pulseaudio.patch (merged)
+- Drop CVE-2021-33657.patch.
+
+-------------------------------------------------------------------
+Tue Nov 10 19:50:12 UTC 2021 - Michael Gorse <mgorse@suse.com>
+
+- Add CVE-2021-33657.patch: always create a full 256-entry color
+  map in case color values are out of range (boo#1198001
+  CVE-2021-33657).

 -------------------------------------------------------------------
 Mon Nov  8 12:52:16 CET 2021 - tiwai@suse.de
@ -340,6 +433,14 @@ Wed Mar 11 10:23:44 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
  * A new video driver for offscreen rendering
  * ARM NEON optimizations
 - Drop CVE-2019-13616.patch (merged upstream)
+- Drop sdl2-surface-pitch-overflow.patch.
+
+-------------------------------------------------------------------
+Tue Jan 14 21:30:34 UTC 2020 - Michael Gorse <mgorse@suse.com>
+
+- Add sdl2-surface-pitch-overflow.patch: fix overflow in surface
+  pitch calculation (boo#1181201 boo#1181202 CVE-2020-14410
+  CVE-2020-14409).

 -------------------------------------------------------------------
 Sun Jan 12 22:53:50 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
@ -350,7 +451,7 @@ Sun Jan 12 22:53:50 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
 Wed Oct  9 13:34:31 UTC 2019 - Stefan Dirsch <sndirsch@suse.com>

 - sdl2-khronos.patch
-  * fixes build on i586 (boo#1153455)
+  * fixes build on i586 (boo#1153455, boo#1158176)

 -------------------------------------------------------------------
 Fri Aug 23 11:19:59 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
@ -415,6 +516,73 @@ Fri Jul 26 07:44:39 UTC 2019 - Luigi Baldoni <aloisio@gmx.com>
    (boo#1124826), CVE-2019-7638 (boo#1124824).

 - Refreshed sdl2-symvers.patch
+- Drop CVE-2019-13626.patch, CVE-2019-7636.patch,
+  CVE-2019-7635.patch.
+
+-------------------------------------------------------------------
+Mon Jul 20 19:33:22 UTC 2019 - Michael Gorse <mgorse@suse.com>
+
+- Add CVE-2019-13626.patch: add safeguards to the wav parser to
+  prevent crashes (boo#1142031 CVE-2019-13626).
+- Drop CVE-2019-7572.patch, CVE-2019-7574.patch,
+  CVE-2019-7575.patch, CVE-2019-7577.patch, and
+  CVE-2019-7578.patch: these are handled by the new code added in
+  CVE-2019-13626.patch.
+
+-------------------------------------------------------------------
+Thu May 23 09:52:38 UTC 2019 - Qiang Zheng <qzheng@suse.com>
+
+- Remove CVE-2019-7637.patch, the modification of function 
+  SDL_CalculatePitch is only suit for SDL not SDL2.
+
+-------------------------------------------------------------------
+Wed Mar 20 09:46:14 UTC 2019 - qzheng <qzheng@suse.com>
+
+- Add CVE-2019-7636.patch to fix a heap-based buffer over-read
+  issue (CVE-2019-7636, boo#1124826, CVE-2019-7638, boo#1124824).
+
+-------------------------------------------------------------------
+Wed Mar 20 09:34:39 UTC 2019 - qzheng <qzheng@suse.com>
+
+- Add CVE-2019-7635.patch to fix a heap-based buffer over-read
+  issue (CVE-2019-7635, boo#1124827).
+
+-------------------------------------------------------------------
+Wed Mar 20 09:08:43 UTC 2019 - qzheng <qzheng@suse.com>
+
+- Add CVE-2019-7578.patch to fix a heap-based buffer over-read
+  issue (CVE-2019-7578, boo#1125099, CVE-2019-7576, boo#1124799
+  CVE-2019-7573, boo#1124805).
+
+-------------------------------------------------------------------
+Wed Mar 20 07:50:52 UTC 2019 - qzheng <qzheng@suse.com>
+
+- Add CVE-2019-7572.patch to fix a buffer over-read issue
+  (CVE-2019-7572, boo#1124806).
+
+-------------------------------------------------------------------
+Wed Mar 20 07:19:37 UTC 2019 - qzheng <qzheng@suse.com>
+
+- Add CVE-2019-7574.patch to fix a heap-based buffer over-read
+  issue (CVE-2019-7574, boo#1124803).
+
+-------------------------------------------------------------------
+Thu Feb 28 06:14:19 UTC 2019 - qzheng <qzheng@suse.com>
+
+- Add CVE-2019-7575.patch to fix a heap-based buffer overflow
+  issue (CVE-2019-7575, boo#1124802).
+
+-------------------------------------------------------------------
+Thu Feb 28 02:27:10 UTC 2019 - qzheng <qzheng@suse.com>
+
+- Add CVE-2019-7637.patch to fix a heap-base buffer overflow
+  issue (CVE-2019-7637, boo#1124825).
+
+-------------------------------------------------------------------
+Wed Feb 27 07:45:48 UTC 2019 - qzheng <qzheng@suse.com>
+
+- Add CVE-2019-7577.patch to fix a buffer over-read issue
+  (CVE-2019-7577, boo#1124800).

 -------------------------------------------------------------------
 Sun Nov  4 14:10:15 UTC 2018 - Luigi Baldoni <aloisio@gmx.com>
--- a/SDL2.spec
+++ b/SDL2.spec
@ -1,7 +1,7 @@
 #
 # spec file for package SDL2
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -19,7 +19,7 @@
 %define sle_version 0
 Name:           SDL2
 %define lname   libSDL2-2_0-0
-Version:        2.28.5
+Version:        2.30.6
 Release:        0
 Summary:        Simple DirectMedia Layer Library
 License:        Zlib
@ -37,9 +37,6 @@ BuildRequires:  libdecor-devel
 BuildRequires:  pkg-config
 BuildRequires:  pkgconfig(alsa) >= 1.0.11
 BuildRequires:  pkgconfig(dbus-1)
-%if !0%{?sle_version}
-BuildRequires:  pkgconfig(fcitx)
-%endif
 BuildRequires:  pkgconfig(egl)
 BuildRequires:  pkgconfig(gl)
 BuildRequires:  pkgconfig(glesv1_cm)
@ -117,9 +114,7 @@ perl -i -pe 's{\r\n}{\n}g' *.txt README.md
 # In this instance, we do want --with-pic because of libSDL2main.a.
 %configure --with-pic --disable-alsa-shared --disable-video-directfb \
 	--enable-video-kmsdrm --enable-video-wayland \
-%if 0%{?sle_version}
 	--disable-fcitx \
-%endif
 %ifarch ix86
 	--enable-sse2=no \
 %endif
@ -130,13 +125,8 @@ perl -i -pe 's{\r\n}{\n}g' *.txt README.md
 %make_install
 rm -f "%buildroot/%_libdir"/*.la
 rm -fv "%buildroot/%_libdir/libSDL2.a"
-# Need to keep libSDL2main.a (empty lib), because it is referenced by
-# sdl2-config.cmake, and it seems like that .cmake file cannot be edited to
-# make SDL2::SDL2main a phony target with no file (just leads to more Makefile
-# errors down the road).

-%post   -n %lname -p /sbin/ldconfig
-%postun -n %lname -p /sbin/ldconfig
+%ldconfig_scriptlets -n %lname

 %files -n %lname
 %license LICENSE.txt
--- a/_scmsync.obsinfo
+++ b/_scmsync.obsinfo
@ -0,0 +1,4 @@
+mtime: 1724923481
+commit: 6cf087f53a0538c2096fc56bb068ba3f818a2f9027fcda1b82ff7a1b4a5137d9
+url: https://src.opensuse.org/jengelh/SDL2
+revision: master
--- a/build.specials.obscpio
+++ b/build.specials.obscpio
--- a/sdl2-symvers.patch
+++ b/sdl2-symvers.patch
@ -36,7 +36,7 @@ Index: SDL2-2.26.0/sdl2.sym
 ===================================================================
 --- /dev/null
 +++ SDL2-2.26.0/sdl2.sym
-@@ -0,0 +1,319 @@
+@@ -0,0 +1,327 @@
 +SUSE_2.0.5 {
 +global:
 +	SDL_DequeueAudio;
@ -356,3 +356,11 @@ Index: SDL2-2.26.0/sdl2.sym
 +	SDL_strcasestr;
 +	SDL_GetWindowSizeInPixels;
 +} SUSE_2.24.0;
+SUSE_2.28.0 {
+	SDL_GDKSuspendComplete;
+	SDL_HasWindowSurface;
+	SDL_DestroyWindowSurface;
+} SUSE_2.26.0;
+SUSE_2.30.0 {
+	SDL_GameControllerGetSteamHandle;
+} SUSE_2.28.0;