diff --git a/CVE-2019-13616.patch b/CVE-2019-13616.patch deleted file mode 100644 index 3feeff0..0000000 --- a/CVE-2019-13616.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -r 9ccaa3a0dfb6 -r a59bfe382008 IMG_bmp.c ---- a/IMG_bmp.c Thu Jul 11 01:01:56 2019 +0300 -+++ b/IMG_bmp.c Tue Jul 30 21:29:15 2019 +0300 -@@ -272,6 +272,11 @@ - biClrUsed = SDL_ReadLE32(src); - biClrImportant = SDL_ReadLE32(src); - } -+ if (biWidth <= 0 || biHeight == 0) { -+ IMG_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight); -+ was_error = SDL_TRUE; -+ goto done; -+ } - if (biHeight < 0) { - topDown = SDL_TRUE; - biHeight = -biHeight; diff --git a/SDL_image-1.2.12+hg695.tar.xz b/SDL_image-1.2.12+hg695.tar.xz new file mode 100644 index 0000000..ce30f2e --- /dev/null +++ b/SDL_image-1.2.12+hg695.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3610a13328bac9fc641c4718ad298864552f9671d952742b884f61f3c7dffe24 +size 256176 diff --git a/SDL_image-1.2.12-repack.tar.bz2 b/SDL_image-1.2.12-repack.tar.bz2 deleted file mode 100644 index fc399a0..0000000 --- a/SDL_image-1.2.12-repack.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3942454c04f9dd3a73f27537ae6ffaaee3dbc58450af700149d3ba9fce1615d9 -size 303837 diff --git a/SDL_image.changes b/SDL_image.changes index 8ebf944..21c1200 100644 --- a/SDL_image.changes +++ b/SDL_image.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Fri Aug 23 13:23:44 UTC 2019 - Jan Engelhardt + +- Update to new snapshot 1.2.12+hg695 + * Fixed TALOS-2019-0821 CVE-2019-5052 + * Fixed TALOS-2019-0841 CVE-2019-5057 boo#1143763 + * Fixed TALOS-2019-0842 CVE-2019-5058 boo#1143764 + * Fixed TALOS-2019-0843 CVE-2019-5059 boo#1143766 + * Fixed TALOS-2019-0844 CVE-2019-5060 boo#1143768 + * Fixed CVE-2019-7635 + * Fixed CVE-2019-13616 boo#1141844 +- Drop CVE-2019-13616.patch (merged) + ------------------------------------------------------------------- Thu Aug 22 19:51:00 UTC 2019 - Michael Gorse diff --git a/SDL_image.spec b/SDL_image.spec index 3de3329..758b4d6 100644 --- a/SDL_image.spec +++ b/SDL_image.spec @@ -18,21 +18,20 @@ Name: SDL_image %define lname libSDL_image-1_2-0 -Version: 1.2.12 +Version: 1.2.12+hg695 Release: 0 Summary: SDL image loading library License: LGPL-2.1-or-later Group: Development/Libraries/X11 -Url: http://libsdl.org/projects/SDL_image/release-1.2.html +URL: https://libsdl.org/projects/SDL_image/release-1.2.html -# removed VisualC.zip, VisualCE.zip, Watcom-OS2.zip, Xcode.tar.gz, Xcode_iPhone.tar.gz from upstream tarball [bnc#508084] -Source: %name-%version-repack.tar.bz2 +#Hg-Clone: http://hg.libsdl.org/SDL_image/ +Source: %name-%version.tar.xz Source3: baselibs.conf -Patch0: CVE-2019-13616.patch -BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: libjpeg-devel BuildRequires: libtiff-devel BuildRequires: pkg-config +BuildRequires: xz BuildRequires: pkgconfig(libpng) BuildRequires: pkgconfig(libwebp) BuildRequires: pkgconfig(sdl) @@ -66,8 +65,7 @@ surfaces. This library supports the BMP, PPM, PCX, GIF, JPEG, PNG, TIFF and WEBP formats. %prep -%setup -q -%patch0 -p1 +%autosetup -p1 %build %configure --disable-png-shared --disable-jpg-shared --disable-tif-shared \ @@ -82,12 +80,11 @@ rm -f "%buildroot/%_libdir"/*.la %postun -n %lname -p /sbin/ldconfig %files -n %lname -%defattr(-,root,root) -%doc CHANGES COPYING README +%license COPYING %_libdir/libSDL_image-1*.so.* %files -n libSDL_image-devel -%defattr(-,root,root) +%doc CHANGES README %_includedir/SDL/ %_libdir/libSDL_image.so %_libdir/pkgconfig/SDL_image.pc diff --git a/_service b/_service new file mode 100644 index 0000000..aa88a4d --- /dev/null +++ b/_service @@ -0,0 +1,17 @@ + + + hg + http://hg.libsdl.org/SDL_image/ + SDL-1.2 + 1.2.12+hg{rev} + + VisualC* + Xcode* + Watcom* + + + *.tar + xz + + +