From 90ed2f16554090de88888318871c7e303898bbd38de9c14c64f197df4c43c444 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Sat, 23 Dec 2023 10:37:44 +0000
Subject: [PATCH] Accepting request 1134414 from
 home:AndreasStieger:branches:multimedia:libs

libavif 1.0.3 CVE-2023-6704boo#1218303

OBS-URL: https://build.opensuse.org/request/show/1134414
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libavif?expand=0&rev=56
---
 libavif-1.0.2.tar.gz | 3 ---
 libavif-1.0.3.tar.gz | 3 +++
 libavif.changes      | 8 ++++++++
 libavif.spec         | 2 +-
 4 files changed, 12 insertions(+), 4 deletions(-)
 delete mode 100644 libavif-1.0.2.tar.gz
 create mode 100644 libavif-1.0.3.tar.gz

diff --git a/libavif-1.0.2.tar.gz b/libavif-1.0.2.tar.gz
deleted file mode 100644
index ff609e2..0000000
--- a/libavif-1.0.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:de8bf79488c5b523b77358df8b85ae69c3078e6b3f1636fc1f313f952269ad20
-size 10576546
diff --git a/libavif-1.0.3.tar.gz b/libavif-1.0.3.tar.gz
new file mode 100644
index 0000000..a5c36ee
--- /dev/null
+++ b/libavif-1.0.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:35e3cb3cd7158209dcc31d3bf222036de5b9597e368a90e18449ecc89bb86a19
+size 10573846
diff --git a/libavif.changes b/libavif.changes
index fee43d2..8736270 100644
--- a/libavif.changes
+++ b/libavif.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Thu Dec 21 09:27:03 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- update to 1.0.3:
+  * Rewrite the fix for memory errors fixed in 1.0.2
+  * CVE-2023-6704: Fix use-after-free errors (boo#1218303)
+  * src/reformat.c: Allocate the threadData array directly
+
 -------------------------------------------------------------------
 Tue Nov 28 20:40:32 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
 
diff --git a/libavif.spec b/libavif.spec
index 714bfb3..91daab1 100644
--- a/libavif.spec
+++ b/libavif.spec
@@ -27,7 +27,7 @@
 %bcond_with yuv
 %endif
 Name:           libavif
-Version:        1.0.2
+Version:        1.0.3
 Release:        0
 Summary:        Library for encoding and decoding .avif files
 License:        BSD-2-Clause