- Update to new snapshot 1.2.12+hg695

OBS-URL: https://build.opensuse.org/package/show/games/SDL_image?expand=0&rev=24

CVE-2019-13616.patch

@@ -1,15 +0,0 @@
-diff -r 9ccaa3a0dfb6 -r a59bfe382008 IMG_bmp.c
---- a/IMG_bmp.c	Thu Jul 11 01:01:56 2019 +0300
-+++ b/IMG_bmp.c	Tue Jul 30 21:29:15 2019 +0300
-@@ -272,6 +272,11 @@
- 		biClrUsed	= SDL_ReadLE32(src);
- 		biClrImportant	= SDL_ReadLE32(src);
- 	}
-+	if (biWidth <= 0 || biHeight == 0) {
-+		IMG_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
-+		was_error = SDL_TRUE;
-+		goto done;
-+	}
- 	if (biHeight < 0) {
- 		topDown = SDL_TRUE;
- 		biHeight = -biHeight;

SDL_image-1.2.12+hg695.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3610a13328bac9fc641c4718ad298864552f9671d952742b884f61f3c7dffe24
+size 256176

SDL_image-1.2.12-repack.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:3942454c04f9dd3a73f27537ae6ffaaee3dbc58450af700149d3ba9fce1615d9
-size 303837

SDL_image.changes

@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Fri Aug 23 13:23:44 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to new snapshot 1.2.12+hg695
+  * Fixed TALOS-2019-0821 CVE-2019-5052
+  * Fixed TALOS-2019-0841 CVE-2019-5057 boo#1143763
+  * Fixed TALOS-2019-0842 CVE-2019-5058 boo#1143764
+  * Fixed TALOS-2019-0843 CVE-2019-5059 boo#1143766
+  * Fixed TALOS-2019-0844 CVE-2019-5060 boo#1143768
+  * Fixed CVE-2019-7635
+  * Fixed CVE-2019-13616 boo#1141844
+- Drop CVE-2019-13616.patch (merged)
+
 -------------------------------------------------------------------
 Thu Aug 22 19:51:00 UTC 2019 - Michael Gorse <mgorse@suse.com>
 

SDL_image.spec

@@ -18,21 +18,20 @@
 
 Name:           SDL_image
 %define lname	libSDL_image-1_2-0
-Version:        1.2.12
+Version:        1.2.12+hg695
 Release:        0
 Summary:        SDL image loading library
 License:        LGPL-2.1-or-later
 Group:          Development/Libraries/X11
-Url:            http://libsdl.org/projects/SDL_image/release-1.2.html
+URL:            https://libsdl.org/projects/SDL_image/release-1.2.html
 
-# removed VisualC.zip, VisualCE.zip, Watcom-OS2.zip, Xcode.tar.gz, Xcode_iPhone.tar.gz from upstream tarball [bnc#508084]
+#Hg-Clone:	http://hg.libsdl.org/SDL_image/
-Source:         %name-%version-repack.tar.bz2
+Source:         %name-%version.tar.xz
 Source3:        baselibs.conf
-Patch0:         CVE-2019-13616.patch
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  libjpeg-devel
 BuildRequires:  libtiff-devel
 BuildRequires:  pkg-config
+BuildRequires:  xz
 BuildRequires:  pkgconfig(libpng)
 BuildRequires:  pkgconfig(libwebp)
 BuildRequires:  pkgconfig(sdl)
@@ -66,8 +65,7 @@ surfaces. This library supports the BMP, PPM, PCX, GIF, JPEG, PNG,
 TIFF and WEBP formats.
 
 %prep
-%setup -q
+%autosetup -p1
-%patch0 -p1
 
 %build
 %configure --disable-png-shared --disable-jpg-shared --disable-tif-shared \
@@ -82,12 +80,11 @@ rm -f "%buildroot/%_libdir"/*.la
 %postun -n %lname -p /sbin/ldconfig
 
 %files -n %lname
-%defattr(-,root,root)
+%license COPYING
-%doc CHANGES COPYING README
 %_libdir/libSDL_image-1*.so.*
 
 %files -n libSDL_image-devel
-%defattr(-,root,root)
+%doc CHANGES README
 %_includedir/SDL/
 %_libdir/libSDL_image.so
 %_libdir/pkgconfig/SDL_image.pc

_service

@@ -0,0 +1,17 @@
+<services>
+	<service name="tar_scm" mode="disabled">
+		<param name="scm">hg</param>
+		<param name="url">http://hg.libsdl.org/SDL_image/</param>
+		<param name="revision">SDL-1.2</param>
+		<param name="versionformat">1.2.12+hg{rev}</param>
+		<!-- boo#508084 -->
+		<param name="exclude">VisualC*</param>
+		<param name="exclude">Xcode*</param>
+		<param name="exclude">Watcom*</param>
+	</service>
+	<service name="recompress" mode="disabled">
+		<param name="file">*.tar</param>
+		<param name="compression">xz</param>
+	</service>
+	<service name="set_version" mode="disabled"/>
+</services>