Accepting request 820057 from home:elimat:branches:devel:libraries:c_c++

- Update to version 5.2.1
  * In gifbuild.c, avoid a core dump on no color map.
  * Restore inadvertently removed library version numbers in Makefile.
- Changes in version 5.2.0
  * The undocumented and deprecated GifQuantizeBuffer() entry point
    has been moved to the util library to reduce libgif size and attack
    surface. Applications needing this function are couraged to link the
    util library or make their own copy.
  * The following obsolete utility programs are no longer installed:
    gifecho, giffilter, gifinto, gifsponge. These were either installed in
    error or have been obsolesced by modern image-transformmation tools
    like ImageMagick convert. They may be removed entirely in a future
    release.
  * Address SourceForge issue #136: Stack-buffer-overflow in gifcolor.c:84
  * Address SF bug #134: Giflib fails to slurp significant number of gifs
  * Apply SPDX convention for license tagging.
- Changes in version 5.1.9
  * The documentation directory now includes an HTMlified version of the
    GIF89 standard, and a more detailed description of how LZW compression
    is applied to GIFs.
  * Address SF bug #129: The latest version of giflib cannot be build on windows.
  * Address SF bug #126: Cannot compile giflib using c89
- Changes in version 5.1.8
  * Address SF bug #119: MemorySanitizer: FPE on unknown address
  * Address SF bug #125: 5.1.7: xmlto is still required for tarball
  * Address SF bug #124: 5.1.7: ar invocation is not crosscompile compatible
  * Address SF bug #122: 5.1.7 installs manpages to wrong directory
  * Address SF bug #121: make: getversion: Command not found
  * Address SF bug #120: 5.1.7 does not build a proper library - no 
- Changes in version 5.1.7
  * Correct a minor packaging error (superfluous symlinks) in the 5.1.6 tarballs.
- Changes in version 5.1.6
  * Fix library installation in the Makefile.
- Changes in version 5.1.5
  * Fix SF bug #114: Null dereferences in main() of gifclrmp
  * Fix SF bug #113: Heap Buffer Overflow-2 in function DGifDecompressLine()
    in cgif.c.  This had been assigned (CVE-2018-11490).
  * Fix SF bug #111: segmentation fault in PrintCodeBlock
  * Fix SF bug #109: Segmentation fault of giftool reading a crafted file
  * Fix SF bug #107: Floating point exception in giftext utility
  * Fix SF bug #105: heap buffer overflow in DumpScreen2RGB in gif2rgb.c:317
  * Fix SF bug #104: Ineffective bounds check in DGifSlurp
  * Fix SF bug #103: GIFLIB 5.1.4: DGifSlurp fails on empty comment
  * Fix SF bug #87: Heap buffer overflow in 5.1.2 (gif2rgb).
  * The horrible old autoconf build system has been removed with extreme prejudice. 
    You now build this simply by running "make" from the top-level directory.
- Run spec-cleaner
- Drop patches fixed upstream:
  * giflib-visibility.patch
  * giflib-automake-1_13.patch
  * giflib-CVE-2016-3977.patch
  * fix-autoconf11.patch
- Change build system to Make only (upstream not using autoconf)

OBS-URL: https://build.opensuse.org/request/show/820057
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/giflib?expand=0&rev=50

fix-autoconf11.patch

@@ -1,12 +0,0 @@
-diff -Nur giflib-5.1.4/configure.ac new/configure.ac
---- giflib-5.1.4/configure.ac	2016-05-13 17:43:01.232661891 +0200
-+++ new/configure.ac	2016-05-13 17:42:47.136471014 +0200
-@@ -12,7 +12,7 @@
- AC_CONFIG_MACRO_DIR([m4])
- 
- dnl Checks for programs.
--AM_PROG_AR
-+m4_ifdef([AM_PROG_AR], [AM_PROG_AR])
- AC_PROG_CC_STDC
- AC_USE_SYSTEM_EXTENSIONS
- AC_SYS_LARGEFILE

giflib-5.1.4.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:df27ec3ff24671f80b29e6ab1c4971059c14ac3db95406884fc26574631ba8d5
-size 639703

giflib-CVE-2016-3977.patch

@@ -1,15 +0,0 @@
---- giflib-5.1.4/util/gif2rgb.c	2016-03-17 17:24:17.000000000 +0100
-+++ giflib-5.1.4/util/gif2rgb.c	2016-04-12 10:37:35.672174495 +0200
-@@ -471,6 +471,12 @@
-         exit(EXIT_FAILURE);
-     }
- 
-+    /* check that the background color isn't garbage (SF bug #87) */
-+    if (GifFile->SBackGroundColor < 0 || GifFile->SBackGroundColor >= ColorMap->ColorCount) {
-+        fprintf(stderr, "Background color out of range for colormap\n");
-+        exit(EXIT_FAILURE);
-+    }
-+
-     DumpScreen2RGB(OutFileName, OneFileFlag,
- 		   ColorMap,
- 		   ScreenBuffer, 

giflib-automake-1_13.patch

@@ -1,11 +0,0 @@
---- giflib-5.1.2/configure.ac	2016-01-19 13:55:58.238147631 +0100
-+++ giflib-5.1.2/configure.ac	2016-01-19 13:56:31.165397666 +0100
-@@ -8,7 +8,7 @@
- 
- dnl Note: config.h is not used in the current build
- dnl We leave this in place only to suppress an error message at autogen time
--AM_CONFIG_HEADER(config.h)
-+AC_CONFIG_HEADERS(config.h)
- AC_CONFIG_MACRO_DIR([m4])
- 
- dnl Checks for programs.

giflib-visibility.patch

@@ -1,59 +0,0 @@
---- giflib-5.1.2/configure.ac	2016-01-07 13:51:33.000000000 +0100
-+++ giflib-5.1.2/configure.ac	2016-01-19 13:54:45.119812921 +0100
-@@ -9,12 +9,15 @@
- dnl Note: config.h is not used in the current build
- dnl We leave this in place only to suppress an error message at autogen time
- AM_CONFIG_HEADER(config.h)
-+AC_CONFIG_MACRO_DIR([m4])
- 
- dnl Checks for programs.
- AM_PROG_AR
--AC_PROG_LIBTOOL
--AC_PROG_CC
-+AC_PROG_CC_STDC
-+AC_USE_SYSTEM_EXTENSIONS
-+AC_SYS_LARGEFILE
- AC_PROG_CPP
-+LT_INIT([pic-only disable-static])
- AC_PROG_INSTALL
- AC_PROG_LN_S
- AC_PROG_MAKE_SET
---- giflib-5.1.2/lib/gif_hash.h	2014-05-16 12:46:53.000000000 +0200
-+++ giflib-5.1.2/lib/gif_hash.h	2016-01-19 13:54:45.119812921 +0100
-@@ -25,6 +25,8 @@
- #define HT_PUT_KEY(l)	(l << 12)
- #define HT_PUT_CODE(l)	(l & 0x0FFF)
- 
-+#pragma GCC visibility push(hidden)
-+
- typedef struct GifHashTableType {
-     uint32_t HTable[HT_SIZE];
- } GifHashTableType;
-@@ -34,6 +36,8 @@
- void _InsertHashTable(GifHashTableType *HashTable, uint32_t Key, int Code);
- int _ExistsHashTable(GifHashTableType *HashTable, uint32_t Key);
- 
-+#pragma GCC visibility pop
-+
- #endif /* _GIF_HASH_H_ */
- 
- /* end */
---- giflib-5.1.2/lib/gif_lib_private.h	2014-05-16 12:46:53.000000000 +0200
-+++ giflib-5.1.2/lib/gif_lib_private.h	2016-01-19 13:54:45.119812921 +0100
-@@ -29,6 +29,8 @@
- #define IS_READABLE(Private)    (Private->FileState & FILE_STATE_READ)
- #define IS_WRITEABLE(Private)   (Private->FileState & FILE_STATE_WRITE)
- 
-+#pragma GCC visibility push(hidden)
-+
- typedef struct GifFilePrivateType {
-     GifWord FileState, FileHandle,  /* Where all this data goes to! */
-       BitsPerPixel,     /* Bits per pixel (Codes uses at least this + 1). */
-@@ -54,6 +56,7 @@
-     bool gif89;
- } GifFilePrivateType;
- 
-+#pragma GCC visibility pop
- #endif /* _GIF_LIB_PRIVATE_H */
- 
- /* end */

giflib.changes

@@ -1,3 +1,60 @@
+-------------------------------------------------------------------
+Fri Jul 10 21:23:35 UTC 2020 - Matthias Eliasson <elimat@opensuse.org>
+
+- Update to version 5.2.1
+  * In gifbuild.c, avoid a core dump on no color map.
+  * Restore inadvertently removed library version numbers in Makefile.
+- Changes in version 5.2.0
+  * The undocumented and deprecated GifQuantizeBuffer() entry point
+    has been moved to the util library to reduce libgif size and attack
+    surface. Applications needing this function are couraged to link the
+    util library or make their own copy.
+  * The following obsolete utility programs are no longer installed:
+    gifecho, giffilter, gifinto, gifsponge. These were either installed in
+    error or have been obsolesced by modern image-transformmation tools
+    like ImageMagick convert. They may be removed entirely in a future
+    release.
+  * Address SourceForge issue #136: Stack-buffer-overflow in gifcolor.c:84
+  * Address SF bug #134: Giflib fails to slurp significant number of gifs
+  * Apply SPDX convention for license tagging.
+- Changes in version 5.1.9
+  * The documentation directory now includes an HTMlified version of the
+    GIF89 standard, and a more detailed description of how LZW compression
+    is applied to GIFs.
+  * Address SF bug #129: The latest version of giflib cannot be build on windows.
+  * Address SF bug #126: Cannot compile giflib using c89
+- Changes in version 5.1.8
+  * Address SF bug #119: MemorySanitizer: FPE on unknown address
+  * Address SF bug #125: 5.1.7: xmlto is still required for tarball
+  * Address SF bug #124: 5.1.7: ar invocation is not crosscompile compatible
+  * Address SF bug #122: 5.1.7 installs manpages to wrong directory
+  * Address SF bug #121: make: getversion: Command not found
+  * Address SF bug #120: 5.1.7 does not build a proper library - no 
+- Changes in version 5.1.7
+  * Correct a minor packaging error (superfluous symlinks) in the 5.1.6 tarballs.
+- Changes in version 5.1.6
+  * Fix library installation in the Makefile.
+- Changes in version 5.1.5
+  * Fix SF bug #114: Null dereferences in main() of gifclrmp
+  * Fix SF bug #113: Heap Buffer Overflow-2 in function DGifDecompressLine()
+    in cgif.c.  This had been assigned (CVE-2018-11490).
+  * Fix SF bug #111: segmentation fault in PrintCodeBlock
+  * Fix SF bug #109: Segmentation fault of giftool reading a crafted file
+  * Fix SF bug #107: Floating point exception in giftext utility
+  * Fix SF bug #105: heap buffer overflow in DumpScreen2RGB in gif2rgb.c:317
+  * Fix SF bug #104: Ineffective bounds check in DGifSlurp
+  * Fix SF bug #103: GIFLIB 5.1.4: DGifSlurp fails on empty comment
+  * Fix SF bug #87: Heap buffer overflow in 5.1.2 (gif2rgb).
+  * The horrible old autoconf build system has been removed with extreme prejudice. 
+    You now build this simply by running "make" from the top-level directory.
+- Run spec-cleaner
+- Drop patches fixed upstream:
+  * giflib-visibility.patch
+  * giflib-automake-1_13.patch
+  * giflib-CVE-2016-3977.patch
+  * fix-autoconf11.patch
+- Change build system to Make only (upstream not using autoconf)
+
 -------------------------------------------------------------------
 Fri Nov  9 23:16:46 UTC 2018 - schwab@suse.de
 

giflib.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package giflib
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,20 +18,14 @@
 
 %define lname   libgif7
 Name:           giflib
-Version:        5.1.4
+Version:        5.2.1
 Release:        0
 Summary:        A Library for Working with GIF Images
 License:        MIT
-Group:          Development/Libraries/C and C++
-Url:            http://giflib.sf.net/
-Source:         http://downloads.sf.net/giflib/%{name}-%{version}.tar.bz2
+URL:            http://giflib.sf.net/
+Source:         http://downloads.sf.net/giflib/%{name}-%{version}.tar.gz
 Source2:        baselibs.conf
-Patch1:         giflib-visibility.patch
-Patch2:         giflib-automake-1_13.patch
-Patch3:         giflib-CVE-2016-3977.patch
-Patch4:         fix-autoconf11.patch
 BuildRequires:  libtool >= 2
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
 This Library allows manipulating GIF Image files. Since the LZW patents
@@ -39,7 +33,6 @@ have expired, giflib can again be used instead of libungif.
 
 %package -n %{lname}
 Summary:        A Library for Working with GIF Images
-Group:          System/Libraries
 
 %description -n %{lname}
 This Library allows manipulating GIF Image files. Since the LZW patents
@@ -47,7 +40,6 @@ have expired, giflib can again be used instead of libungif.
 
 %package progs
 Summary:        Tools for Working with the GIF Library
-Group:          Productivity/Graphics/Convertors
 Provides:       ungif = %{version}
 Obsoletes:      ungif < %{version}
 
@@ -56,7 +48,6 @@ A tool for converting GIFs to various formats.
 
 %package devel
 Summary:        Library for Working with GIF Images - Files Mandatory for Development
-Group:          Development/Libraries/C and C++
 Requires:       %{lname} = %{version}
 
 %description devel
@@ -64,16 +55,10 @@ This Library allows manipulating GIF Image files. Since the LZW patents
 have expired, giflib can again be used instead of libungif.
 
 %prep
-%setup -q
+%autosetup
 for file in `find util -name "*.c"`; do
 	touch -r $file $file.stamp
 done
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%if 0%{?suse_version} <= 1110
-%patch4 -p1
-%endif
 
 # USE __TIMESTAMP__ instead of __DATE__ , __TIME__
 # this change is pointless unless we preserve the original
@@ -84,39 +69,33 @@ for file in `find util -name "*.c"`; do
     rm -v $file.stamp
 done
 
-mkdir -p m4; autoreconf -fiv
-
 %build
-%configure \
-    --disable-silent-rules \
-    --disable-static \
-    --with-pic \
-    --x-libraries=%{_libdir}
-make %{?_smp_mflags}
+export CFLAGS="%optflags"
+%make_build
 
 %install
-make DESTDIR=%{buildroot} install %{?_smp_mflags}
+%make_install PREFIX="%{_prefix}" LIBDIR="%{_libdir}"
 find %{buildroot} -type f -name "*.la" -delete -print
 find doc -name "Makefile*" -print -delete
 
-%post -n %{lname} -p /sbin/ldconfig
+# Drop static library
+rm -f %{buildroot}%{_libdir}/libgif.a
 
+%post -n %{lname} -p /sbin/ldconfig
 %postun -n %{lname} -p /sbin/ldconfig
 
 %files -n %{lname}
-%defattr(-,root,root)
 %license COPYING
 %{_libdir}/lib*.so.*
 
 %files devel
-%defattr(-,root,root)
 %{_includedir}/gif_lib.h
 %{_libdir}/lib*.so
 
 %files progs
-%defattr(-,root,root)
 %license COPYING
 %doc NEWS README doc
 %{_bindir}/*
+%{_mandir}/man1/*.1%{?ext_man}
 
 %changelog