SHA256
1
0
forked from jengelh/SDL2

Accepting request 725546 from games

- Update sdl2-symvers.patch for SDL 2.0.9/2.0.10.
- Update to version 2.0.10

OBS-URL: https://build.opensuse.org/request/show/725546
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/SDL2?expand=0&rev=26
This commit is contained in:
Dominique Leuenberger 2019-09-05 10:33:11 +00:00 committed by Git OBS Bridge
commit 4de6b4ed2e
8 changed files with 159 additions and 27 deletions

15
CVE-2019-13616.patch Normal file
View File

@ -0,0 +1,15 @@
diff -r b810b78d32cc -r e7ba650a643a src/video/SDL_bmp.c
--- a/src/video/SDL_bmp.c Thu Jul 25 08:05:13 2019 -0500
+++ b/src/video/SDL_bmp.c Tue Jul 30 11:00:00 2019 -0700
@@ -226,6 +226,11 @@
SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR);
}
}
+ if (biWidth <= 0 || biHeight == 0) {
+ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
+ was_error = SDL_TRUE;
+ goto done;
+ }
if (biHeight < 0) {
topDown = SDL_TRUE;
biHeight = -biHeight;

3
SDL2-2.0.10.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b4656c13a1f0d0023ae2f4a9cf08ec92fffb464e0f24238337784159b8b91d57
size 5550762

BIN
SDL2-2.0.10.tar.gz.sig Normal file

Binary file not shown.

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:255186dc676ecd0c1dbf10ec8a2cc5d6869b5079d8a38194c2aecdff54b324b1
size 5246942

Binary file not shown.

View File

@ -1,3 +1,65 @@
-------------------------------------------------------------------
Fri Aug 23 11:19:59 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update sdl2-symvers.patch for SDL 2.0.9/2.0.10.
-------------------------------------------------------------------
Thu Aug 22 16:43:13 UTC 2019 - Michael Gorse <mgorse@suse.com>
- Add CVE-2019-13616.patch: fix heap buffer overflow when reading
a crafted bmp file (boo#1141844 CVE-2019-13616).
-------------------------------------------------------------------
Sun Aug 11 04:29:55 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Drop libSDL2main.a from libSDL-2_0-devel. It is only used
during build.
-------------------------------------------------------------------
Wed Jul 31 08:47:44 UTC 2019 - Martin Liška <mliska@suse.cz>
- Use FAT LTO objects in order to provide proper static library.
-------------------------------------------------------------------
Fri Jul 26 07:44:39 UTC 2019 - Luigi Baldoni <aloisio@gmx.com>
- Update to version 2.0.10
* The SDL_RW* macros have been turned into functions that are
available only in 2.0.10 and onward
* Added SDL_SIMDGetAlignment(), SDL_SIMDAlloc(), and
SDL_SIMDFree(), to allocate memory aligned for SIMD
operations for the current CPU
* Added SDL_RenderDrawPointF(), SDL_RenderDrawPointsF(),
SDL_RenderDrawLineF(), SDL_RenderDrawLinesF(),
SDL_RenderDrawRectF(), SDL_RenderDrawRectsF(),
SDL_RenderFillRectF(), SDL_RenderFillRectsF(),
SDL_RenderCopyF(), SDL_RenderCopyExF(), to allow floating
point precision in the SDL rendering API.
* Added SDL_GetTouchDeviceType() to get the type of a touch
device, which can be a touch screen or a trackpad in relative
or absolute coordinate mode.
* The SDL rendering API now uses batched rendering by default,
for improved performance
* Added SDL_RenderFlush() to force batched render commands to
execute, if you're going to mix SDL rendering with native
rendering
* Added the hint SDL_HINT_RENDER_BATCHING to control whether
batching should be used for the rendering API. This defaults
to "1" if you don't specify what rendering driver to use when
creating the renderer.
* Added the hint SDL_HINT_EVENT_LOGGING to enable logging of
SDL events for debugging purposes
* Added the hint SDL_HINT_GAMECONTROLLERCONFIG_FILE to specify
a file that will be loaded at joystick initialization with
game controller bindings
* Added the hint SDL_HINT_MOUSE_TOUCH_EVENTS to control
whether SDL will synthesize touch events from mouse events
* Improved handling of malformed WAVE and BMP files, fixing
potential security exploits (boo#1142031 CVE-2019-13626)
* Removed the Mir video driver in favor of Wayland
- Refreshed sdl2-symvers.patch
-------------------------------------------------------------------
Sun Nov 4 14:10:15 UTC 2018 - Luigi Baldoni <aloisio@gmx.com>

View File

@ -1,7 +1,7 @@
#
# spec file for package SDL2
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -16,9 +16,10 @@
#
%define sle_version 0
Name: SDL2
%define lname libSDL2-2_0-0
Version: 2.0.9
Version: 2.0.10
Release: 0
Summary: Simple DirectMedia Layer Library
License: Zlib
@ -32,6 +33,7 @@ Source3: %name.keyring
Source4: baselibs.conf
Patch1: sdl2-symvers.patch
Patch2: SDL2-endian.patch
Patch3: CVE-2019-13616.patch
BuildRequires: cmake
BuildRequires: dos2unix
BuildRequires: gcc-c++
@ -108,8 +110,7 @@ This package contains files needed for development with the SDL2
library.
%prep
%setup -q
%patch -P 1 -P 2 -p1
%autosetup -p1
dos2unix WhatsNew.txt
dos2unix TODO.txt
dos2unix BUGS.txt
@ -119,6 +120,7 @@ dos2unix CREDITS.txt
dos2unix COPYING.txt
%build
%global _lto_cflags %{_lto_cflags} -ffat-lto-objects
# In this instance, we do want --with-pic because of libSDL2main.a.
%configure --with-pic --disable-alsa-shared --disable-video-directfb \
--enable-video-kmsdrm --enable-video-wayland \
@ -128,17 +130,15 @@ dos2unix COPYING.txt
%ifarch ix86
--enable-sse2=no \
%endif
--enable-sse3=no \
--disable-rpath \
--disable-3dnow
--enable-sse3=no --disable-rpath --disable-3dnow
make %{?_smp_mflags} V=1
%install
make install DESTDIR="%buildroot"
%make_install
rm -f "%buildroot/%_libdir"/*.la
# We do not want static libs, but using --disable-static leads to make aborting
# halfway through. SDL2main.a we need to keep(?) for the stub symbol.
find "%buildroot/%_libdir" -type f -name "*.a" ! -name "libSDL2main.a" -delete
# halfway through %%build. Now it can be removed though.
rm -f "%buildroot/%_libdir/"*.a
%post -n %lname -p /sbin/ldconfig
%postun -n %lname -p /sbin/ldconfig
@ -152,7 +152,6 @@ find "%buildroot/%_libdir" -type f -name "*.a" ! -name "libSDL2main.a" -delete
%doc TODO.txt WhatsNew.txt
%_bindir/sdl2-config
%_libdir/libSDL2.so
%_libdir/libSDL2main.a
%_includedir/SDL2/
%_datadir/aclocal/sdl2.m4
%_libdir/pkgconfig/sdl2.pc

View File

@ -4,28 +4,28 @@ Date: 2018-01-10 23:56:12.245827883 +0100
Scrape the SDL announcements since 2.0.3 (version in Leap 42.3) and add
some symvers so that zypper knows when to upgrade SDL.
---
Makefile.in | 2 -
sdl2.sym | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 69 insertions(+), 1 deletion(-)
Makefile.in | 2
sdl2.sym | 124 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 125 insertions(+), 1 deletion(-)
Index: SDL2-2.0.8/Makefile.in
Index: SDL2-2.0.10/Makefile.in
===================================================================
--- SDL2-2.0.8.orig/Makefile.in
+++ SDL2-2.0.8/Makefile.in
@@ -122,7 +122,7 @@ LT_AGE = @LT_AGE@
--- SDL2-2.0.10.orig/Makefile.in
+++ SDL2-2.0.10/Makefile.in
@@ -125,7 +125,7 @@ LT_AGE = @LT_AGE@
LT_CURRENT = @LT_CURRENT@
LT_RELEASE = @LT_RELEASE@
LT_REVISION = @LT_REVISION@
-LT_LDFLAGS = -no-undefined -rpath $(libdir) -release $(LT_RELEASE) -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE)
+LT_LDFLAGS = -no-undefined -rpath $(libdir) -release $(LT_RELEASE) -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -Wl,--version-script=sdl2.sym
all: $(srcdir)/configure Makefile $(objects) $(objects)/$(TARGET) $(objects)/$(SDLMAIN_TARGET) $(objects)/$(SDLTEST_TARGET)
all: $(srcdir)/configure Makefile $(objects)/$(TARGET) $(objects)/$(SDLMAIN_TARGET) $(objects)/$(SDLTEST_TARGET)
Index: SDL2-2.0.8/sdl2.sym
Index: SDL2-2.0.10/sdl2.sym
===================================================================
--- /dev/null
+++ SDL2-2.0.8/sdl2.sym
@@ -0,0 +1,68 @@
+++ SDL2-2.0.10/sdl2.sym
@@ -0,0 +1,124 @@
+SUSE_2.0.5 {
+global:
+ SDL_DequeueAudio;
@ -94,3 +94,59 @@ Index: SDL2-2.0.8/sdl2.sym
+ SDL_SetYUVConversionMode;
+ SDL_GetYUVConversionMode;
+} SUSE_2.0.7;
+SUSE_2.0.9 {
+global:
+ SDL_CreateThreadWithStackSize;
+ SDL_GameControllerGetPlayerIndex;
+ SDL_GameControllerMappingForDeviceIndex;
+ SDL_GameControllerRumble;
+ SDL_GetDisplayOrientation;
+ SDL_HasAVX512F;
+ SDL_HasColorKey;
+ SDL_IsTablet;
+ SDL_JoystickGetDevicePlayerIndex;
+ SDL_JoystickGetPlayerIndex;
+ SDL_JoystickRumble;
+ SDL_LinuxSetThreadPriority;
+ SDL_NumSensors;
+ SDL_SensorClose;
+ SDL_SensorFromInstanceID;
+ SDL_SensorGetData;
+ SDL_SensorGetDeviceInstanceID;
+ SDL_SensorGetDeviceName;
+ SDL_SensorGetDeviceNonPortableType;
+ SDL_SensorGetDeviceType;
+ SDL_SensorGetInstanceID;
+ SDL_SensorGetName;
+ SDL_SensorGetNonPortableType;
+ SDL_SensorGetType;
+ SDL_SensorOpen;
+ SDL_SensorUpdate;
+ SDL_exp;
+ SDL_expf;
+ SDL_wcsdup;
+} SUSE_2.0.8;
+SUSE_2.0.10 {
+global:
+ SDL_GetTouchDeviceType;
+ SDL_RWclose;
+ SDL_RWread;
+ SDL_RWseek;
+ SDL_RWsize;
+ SDL_RWtell;
+ SDL_RWwrite;
+ SDL_RenderCopyExF;
+ SDL_RenderCopyF;
+ SDL_RenderDrawLineF;
+ SDL_RenderDrawLinesF;
+ SDL_RenderDrawPointF;
+ SDL_RenderDrawPointsF;
+ SDL_RenderDrawRectF;
+ SDL_RenderDrawRectsF;
+ SDL_RenderFillRectF;
+ SDL_RenderFillRectsF;
+ SDL_RenderFlush;
+ SDL_SIMDAlloc;
+ SDL_SIMDFree;
+ SDL_SIMDGetAlignment;
+} SUSE_2.0.9;