Accepting request 725546 from games

- Update sdl2-symvers.patch for SDL 2.0.9/2.0.10.
- Update to version 2.0.10

OBS-URL: https://build.opensuse.org/request/show/725546
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/SDL2?expand=0&rev=26
This commit is contained in:
Dominique Leuenberger 2019-09-05 10:33:11 +00:00 committed by Git OBS Bridge
commit 4de6b4ed2e
8 changed files with 159 additions and 27 deletions

15
CVE-2019-13616.patch Normal file
View File

@ -0,0 +1,15 @@
diff -r b810b78d32cc -r e7ba650a643a src/video/SDL_bmp.c
--- a/src/video/SDL_bmp.c Thu Jul 25 08:05:13 2019 -0500
+++ b/src/video/SDL_bmp.c Tue Jul 30 11:00:00 2019 -0700
@@ -226,6 +226,11 @@
SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR);
}
}
+ if (biWidth <= 0 || biHeight == 0) {
+ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
+ was_error = SDL_TRUE;
+ goto done;
+ }
if (biHeight < 0) {
topDown = SDL_TRUE;
biHeight = -biHeight;

3
SDL2-2.0.10.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b4656c13a1f0d0023ae2f4a9cf08ec92fffb464e0f24238337784159b8b91d57
size 5550762

BIN
SDL2-2.0.10.tar.gz.sig Normal file

Binary file not shown.

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:255186dc676ecd0c1dbf10ec8a2cc5d6869b5079d8a38194c2aecdff54b324b1
size 5246942

Binary file not shown.

View File

@ -1,3 +1,65 @@
-------------------------------------------------------------------
Fri Aug 23 11:19:59 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update sdl2-symvers.patch for SDL 2.0.9/2.0.10.
-------------------------------------------------------------------
Thu Aug 22 16:43:13 UTC 2019 - Michael Gorse <mgorse@suse.com>
- Add CVE-2019-13616.patch: fix heap buffer overflow when reading
a crafted bmp file (boo#1141844 CVE-2019-13616).
-------------------------------------------------------------------
Sun Aug 11 04:29:55 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Drop libSDL2main.a from libSDL-2_0-devel. It is only used
during build.
-------------------------------------------------------------------
Wed Jul 31 08:47:44 UTC 2019 - Martin Liška <mliska@suse.cz>
- Use FAT LTO objects in order to provide proper static library.
-------------------------------------------------------------------
Fri Jul 26 07:44:39 UTC 2019 - Luigi Baldoni <aloisio@gmx.com>
- Update to version 2.0.10
* The SDL_RW* macros have been turned into functions that are
available only in 2.0.10 and onward
* Added SDL_SIMDGetAlignment(), SDL_SIMDAlloc(), and
SDL_SIMDFree(), to allocate memory aligned for SIMD
operations for the current CPU
* Added SDL_RenderDrawPointF(), SDL_RenderDrawPointsF(),
SDL_RenderDrawLineF(), SDL_RenderDrawLinesF(),
SDL_RenderDrawRectF(), SDL_RenderDrawRectsF(),
SDL_RenderFillRectF(), SDL_RenderFillRectsF(),
SDL_RenderCopyF(), SDL_RenderCopyExF(), to allow floating
point precision in the SDL rendering API.
* Added SDL_GetTouchDeviceType() to get the type of a touch
device, which can be a touch screen or a trackpad in relative
or absolute coordinate mode.
* The SDL rendering API now uses batched rendering by default,
for improved performance
* Added SDL_RenderFlush() to force batched render commands to
execute, if you're going to mix SDL rendering with native
rendering
* Added the hint SDL_HINT_RENDER_BATCHING to control whether
batching should be used for the rendering API. This defaults
to "1" if you don't specify what rendering driver to use when
creating the renderer.
* Added the hint SDL_HINT_EVENT_LOGGING to enable logging of
SDL events for debugging purposes
* Added the hint SDL_HINT_GAMECONTROLLERCONFIG_FILE to specify
a file that will be loaded at joystick initialization with
game controller bindings
* Added the hint SDL_HINT_MOUSE_TOUCH_EVENTS to control
whether SDL will synthesize touch events from mouse events
* Improved handling of malformed WAVE and BMP files, fixing
potential security exploits (boo#1142031 CVE-2019-13626)
* Removed the Mir video driver in favor of Wayland
- Refreshed sdl2-symvers.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Nov 4 14:10:15 UTC 2018 - Luigi Baldoni <aloisio@gmx.com> Sun Nov 4 14:10:15 UTC 2018 - Luigi Baldoni <aloisio@gmx.com>

View File

@ -1,7 +1,7 @@
# #
# spec file for package SDL2 # spec file for package SDL2
# #
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -16,9 +16,10 @@
# #
%define sle_version 0
Name: SDL2 Name: SDL2
%define lname libSDL2-2_0-0 %define lname libSDL2-2_0-0
Version: 2.0.9 Version: 2.0.10
Release: 0 Release: 0
Summary: Simple DirectMedia Layer Library Summary: Simple DirectMedia Layer Library
License: Zlib License: Zlib
@ -32,6 +33,7 @@ Source3: %name.keyring
Source4: baselibs.conf Source4: baselibs.conf
Patch1: sdl2-symvers.patch Patch1: sdl2-symvers.patch
Patch2: SDL2-endian.patch Patch2: SDL2-endian.patch
Patch3: CVE-2019-13616.patch
BuildRequires: cmake BuildRequires: cmake
BuildRequires: dos2unix BuildRequires: dos2unix
BuildRequires: gcc-c++ BuildRequires: gcc-c++
@ -108,8 +110,7 @@ This package contains files needed for development with the SDL2
library. library.
%prep %prep
%setup -q %autosetup -p1
%patch -P 1 -P 2 -p1
dos2unix WhatsNew.txt dos2unix WhatsNew.txt
dos2unix TODO.txt dos2unix TODO.txt
dos2unix BUGS.txt dos2unix BUGS.txt
@ -119,6 +120,7 @@ dos2unix CREDITS.txt
dos2unix COPYING.txt dos2unix COPYING.txt
%build %build
%global _lto_cflags %{_lto_cflags} -ffat-lto-objects
# In this instance, we do want --with-pic because of libSDL2main.a. # In this instance, we do want --with-pic because of libSDL2main.a.
%configure --with-pic --disable-alsa-shared --disable-video-directfb \ %configure --with-pic --disable-alsa-shared --disable-video-directfb \
--enable-video-kmsdrm --enable-video-wayland \ --enable-video-kmsdrm --enable-video-wayland \
@ -128,17 +130,15 @@ dos2unix COPYING.txt
%ifarch ix86 %ifarch ix86
--enable-sse2=no \ --enable-sse2=no \
%endif %endif
--enable-sse3=no \ --enable-sse3=no --disable-rpath --disable-3dnow
--disable-rpath \
--disable-3dnow
make %{?_smp_mflags} V=1 make %{?_smp_mflags} V=1
%install %install
make install DESTDIR="%buildroot" %make_install
rm -f "%buildroot/%_libdir"/*.la rm -f "%buildroot/%_libdir"/*.la
# We do not want static libs, but using --disable-static leads to make aborting # We do not want static libs, but using --disable-static leads to make aborting
# halfway through. SDL2main.a we need to keep(?) for the stub symbol. # halfway through %%build. Now it can be removed though.
find "%buildroot/%_libdir" -type f -name "*.a" ! -name "libSDL2main.a" -delete rm -f "%buildroot/%_libdir/"*.a
%post -n %lname -p /sbin/ldconfig %post -n %lname -p /sbin/ldconfig
%postun -n %lname -p /sbin/ldconfig %postun -n %lname -p /sbin/ldconfig
@ -152,7 +152,6 @@ find "%buildroot/%_libdir" -type f -name "*.a" ! -name "libSDL2main.a" -delete
%doc TODO.txt WhatsNew.txt %doc TODO.txt WhatsNew.txt
%_bindir/sdl2-config %_bindir/sdl2-config
%_libdir/libSDL2.so %_libdir/libSDL2.so
%_libdir/libSDL2main.a
%_includedir/SDL2/ %_includedir/SDL2/
%_datadir/aclocal/sdl2.m4 %_datadir/aclocal/sdl2.m4
%_libdir/pkgconfig/sdl2.pc %_libdir/pkgconfig/sdl2.pc

View File

@ -4,28 +4,28 @@ Date: 2018-01-10 23:56:12.245827883 +0100
Scrape the SDL announcements since 2.0.3 (version in Leap 42.3) and add Scrape the SDL announcements since 2.0.3 (version in Leap 42.3) and add
some symvers so that zypper knows when to upgrade SDL. some symvers so that zypper knows when to upgrade SDL.
--- ---
Makefile.in | 2 - Makefile.in | 2
sdl2.sym | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ sdl2.sym | 124 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 69 insertions(+), 1 deletion(-) 2 files changed, 125 insertions(+), 1 deletion(-)
Index: SDL2-2.0.8/Makefile.in Index: SDL2-2.0.10/Makefile.in
=================================================================== ===================================================================
--- SDL2-2.0.8.orig/Makefile.in --- SDL2-2.0.10.orig/Makefile.in
+++ SDL2-2.0.8/Makefile.in +++ SDL2-2.0.10/Makefile.in
@@ -122,7 +122,7 @@ LT_AGE = @LT_AGE@ @@ -125,7 +125,7 @@ LT_AGE = @LT_AGE@
LT_CURRENT = @LT_CURRENT@ LT_CURRENT = @LT_CURRENT@
LT_RELEASE = @LT_RELEASE@ LT_RELEASE = @LT_RELEASE@
LT_REVISION = @LT_REVISION@ LT_REVISION = @LT_REVISION@
-LT_LDFLAGS = -no-undefined -rpath $(libdir) -release $(LT_RELEASE) -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -LT_LDFLAGS = -no-undefined -rpath $(libdir) -release $(LT_RELEASE) -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE)
+LT_LDFLAGS = -no-undefined -rpath $(libdir) -release $(LT_RELEASE) -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -Wl,--version-script=sdl2.sym +LT_LDFLAGS = -no-undefined -rpath $(libdir) -release $(LT_RELEASE) -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) -Wl,--version-script=sdl2.sym
all: $(srcdir)/configure Makefile $(objects) $(objects)/$(TARGET) $(objects)/$(SDLMAIN_TARGET) $(objects)/$(SDLTEST_TARGET) all: $(srcdir)/configure Makefile $(objects)/$(TARGET) $(objects)/$(SDLMAIN_TARGET) $(objects)/$(SDLTEST_TARGET)
Index: SDL2-2.0.8/sdl2.sym Index: SDL2-2.0.10/sdl2.sym
=================================================================== ===================================================================
--- /dev/null --- /dev/null
+++ SDL2-2.0.8/sdl2.sym +++ SDL2-2.0.10/sdl2.sym
@@ -0,0 +1,68 @@ @@ -0,0 +1,124 @@
+SUSE_2.0.5 { +SUSE_2.0.5 {
+global: +global:
+ SDL_DequeueAudio; + SDL_DequeueAudio;
@ -94,3 +94,59 @@ Index: SDL2-2.0.8/sdl2.sym
+ SDL_SetYUVConversionMode; + SDL_SetYUVConversionMode;
+ SDL_GetYUVConversionMode; + SDL_GetYUVConversionMode;
+} SUSE_2.0.7; +} SUSE_2.0.7;
+SUSE_2.0.9 {
+global:
+ SDL_CreateThreadWithStackSize;
+ SDL_GameControllerGetPlayerIndex;
+ SDL_GameControllerMappingForDeviceIndex;
+ SDL_GameControllerRumble;
+ SDL_GetDisplayOrientation;
+ SDL_HasAVX512F;
+ SDL_HasColorKey;
+ SDL_IsTablet;
+ SDL_JoystickGetDevicePlayerIndex;
+ SDL_JoystickGetPlayerIndex;
+ SDL_JoystickRumble;
+ SDL_LinuxSetThreadPriority;
+ SDL_NumSensors;
+ SDL_SensorClose;
+ SDL_SensorFromInstanceID;
+ SDL_SensorGetData;
+ SDL_SensorGetDeviceInstanceID;
+ SDL_SensorGetDeviceName;
+ SDL_SensorGetDeviceNonPortableType;
+ SDL_SensorGetDeviceType;
+ SDL_SensorGetInstanceID;
+ SDL_SensorGetName;
+ SDL_SensorGetNonPortableType;
+ SDL_SensorGetType;
+ SDL_SensorOpen;
+ SDL_SensorUpdate;
+ SDL_exp;
+ SDL_expf;
+ SDL_wcsdup;
+} SUSE_2.0.8;
+SUSE_2.0.10 {
+global:
+ SDL_GetTouchDeviceType;
+ SDL_RWclose;
+ SDL_RWread;
+ SDL_RWseek;
+ SDL_RWsize;
+ SDL_RWtell;
+ SDL_RWwrite;
+ SDL_RenderCopyExF;
+ SDL_RenderCopyF;
+ SDL_RenderDrawLineF;
+ SDL_RenderDrawLinesF;
+ SDL_RenderDrawPointF;
+ SDL_RenderDrawPointsF;
+ SDL_RenderDrawRectF;
+ SDL_RenderDrawRectsF;
+ SDL_RenderFillRectF;
+ SDL_RenderFillRectsF;
+ SDL_RenderFlush;
+ SDL_SIMDAlloc;
+ SDL_SIMDFree;
+ SDL_SIMDGetAlignment;
+} SUSE_2.0.9;