OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/SDL_image?expand=0&rev=10

SDL_image-1.2.6-gif-overflow.patch

@@ -1,13 +0,0 @@
---- IMG_gif.c
-+++ IMG_gif.c
-@@ -418,6 +418,10 @@
-     static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp;
-     register int i;
- 
-+    /* Fixed buffer overflow found by Michael Skladnikiewicz */
-+    if (input_code_size > MAX_LWZ_BITS)
-+        return -1;
-+
-     if (flag) {
- 	set_code_size = input_code_size;
- 	code_size = set_code_size + 1;

SDL_image-1.2.6-lbm-overflow.patch

@@ -1,28 +0,0 @@
---- IMG_lbm.c
-+++ IMG_lbm.c
-@@ -28,6 +28,7 @@
-    EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain
-    (http://www.multimania.com/mavati) in December 2003.
-    Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004.
-+   Buffer overflow fix in RLE decompression by David Raulo in January 2008.
- */
- 
- #include <stdio.h>
-@@ -328,7 +329,7 @@
- 						count ^= 0xFF;
- 						count += 2; /* now it */
- 
--						if ( !SDL_RWread( src, &color, 1, 1 ) )
-+						if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) )
- 						{
- 						   error="error reading BODY chunk";
- 							goto done;
-@@ -339,7 +340,7 @@
- 					{
- 						++count;
- 
--						if ( !SDL_RWread( src, ptr, count, 1 ) )
-+						if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) )
- 						{
- 						   error="error reading BODY chunk";
- 							goto done;

SDL_image-1.2.6.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:89d675bea020fed1b28da33587bad884ba886d8b590b70fb545eff78b82183bb
-size 1221313

SDL_image-1.2.7.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f2d395e3f5050397d8e167a27ad7b4c7fd252359b8d7eaa81328fa2790af0972
+size 1230926

SDL_image.changes

@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Tue May 19 15:42:59 CEST 2009 - prusnak@suse.cz
+
+- updated to 2.1.7
+  * Fixed buffer overflow in BMP loading code
+  * Fixed buffer overflow in GIF loading code
+- removed obsoleted patches:
+  * gif-overflow.patch (mainline)
+  * lbm-overflow.patch (mainline)
+
 -------------------------------------------------------------------
 Sat Feb 28 00:11:03 CET 2009 - crrodriguez@suse.de
 

SDL_image.spec

@@ -1,5 +1,5 @@
 #
-# spec file for package SDL_image (Version 1.2.6)
+# spec file for package SDL_image (Version 1.2.7)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -22,11 +22,9 @@ Name:           SDL_image
 BuildRequires:  SDL-devel libjpeg-devel libpng-devel libtiff-devel xorg-x11-devel
 Url:            http://www.libsdl.org/projects/SDL_image/
 Summary:        Simple DirectMedia Layer--Sample Image Loading Library
-Version:        1.2.6
+Version:        1.2.7
-Release:        152
+Release:        1
-Source0:        %{name}-%{version}.tar.bz2
+Source:         %{name}-%{version}.tar.bz2
-Patch0:         %{name}-%{version}-gif-overflow.patch
-Patch1:         %{name}-%{version}-lbm-overflow.patch
 License:        LGPL v2.1 or later
 Group:          System/Libraries
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -61,11 +59,8 @@ Authors:
 
 %prep
 %setup -q
-%patch0
-%patch1
 
 %build
-%{?suse_update_config:%{suse_update_config -f }}
 %configure --disable-static --with-pic
 make %{?jobs:-j %jobs}
 
@@ -82,7 +77,7 @@ rm -rf $RPM_BUILD_ROOT
 
 %files
 %defattr(-,root,root)
-%doc README CHANGES COPYING
+%doc CHANGES COPYING README
 %{_libdir}/lib*.so.*
 
 %files devel
@@ -91,6 +86,13 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/lib*.so
 
 %changelog
+* Tue May 19 2009 prusnak@suse.cz
+- updated to 2.1.7
+  * Fixed buffer overflow in BMP loading code
+  * Fixed buffer overflow in GIF loading code
+- removed obsoleted patches:
+  * gif-overflow.patch (mainline)
+  * lbm-overflow.patch (mainline)
 * Sat Feb 28 2009 crrodriguez@suse.de
 - remove static libraries and "la" files, useless without
   SDL static libraries too.