Marcus Meissner
9c3fc0fbb7
* Fixed some buffer overflows in exif_entry_format_value()
This fixes CVE-2012-2814. Reported by Mateusz Jurczyk of
Google Security Team
* Fixed an off-by-one error in exif_convert_utf16_to_utf8()
This can cause a one-byte NUL write past the end of the buffer.
This fixes CVE-2012-2840
* Don't read past the end of a tag when converting from UTF-16
This fixes CVE-2012-2813. Reported by Mateusz Jurczyk of
Google Security Team
* Fixed an out of bounds read on corrupted input
The EXIF_TAG_COPYRIGHT tag ought to be, but perhaps is not,
NUL-terminated.
This fixes CVE-2012-2812. Reported by Mateusz Jurczyk of
Google Security Team
* Fixed a buffer overflow problem in exif_entry_get_value
If the application passed in a buffer length of 0, then it would
be treated as the buffer had unlimited length.
This fixes CVE-2012-2841
* Fix a buffer overflow on corrupt EXIF data.
This fixes bug #3434540 and fixes part of CVE-2012-2836
Reported by Yunho Kim
* Fix a buffer overflow on corrupted JPEG data
An unsigned data length might wrap around when decremented
below zero, bypassing sanity checks on length.
This code path can probably only occur if exif_data_load_data()
is called directly by the application on data that wasn't parsed
by libexif itself.
This solves the other part of CVE-2012-2836
* Fixed some possible division-by-zeros in Olympus-style makernotes
OBS-URL: https://build.opensuse.org/package/show/graphics/libexif?expand=0&rev=18
105 lines
2.6 KiB
RPMSpec
105 lines
2.6 KiB
RPMSpec
#
|
||
# spec file for package libexif
|
||
#
|
||
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||
#
|
||
# All modifications and additions to the file contributed by third parties
|
||
# remain the property of their copyright owners, unless otherwise agreed
|
||
# upon. The license for this file, and modifications and additions to the
|
||
# file, is the same license as for the pristine package itself (unless the
|
||
# license for the pristine package is not an Open Source License, in which
|
||
# case the license is the MIT License). An "Open Source License" is a
|
||
# license that conforms to the Open Source Definition (Version 1.9)
|
||
# published by the Open Source Initiative.
|
||
|
||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||
#
|
||
|
||
|
||
Name: libexif
|
||
BuildRequires: doxygen
|
||
BuildRequires: pkg-config
|
||
Url: http://libexif.sourceforge.net
|
||
Summary: An EXIF Tag Parsing Library for Digital Cameras
|
||
License: LGPL-2.1+
|
||
Group: System/Libraries
|
||
Version: 0.6.21
|
||
Release: 0
|
||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||
Source0: https://downloads.sourceforge.net/project/libexif/%{name}/%{version}/%{name}-%{version}.tar.bz2
|
||
Source1: baselibs.conf
|
||
|
||
%define pname libexif12
|
||
|
||
%define debug_package_requires %{pname} = %{version}-%{release}
|
||
|
||
%package -n %{pname}
|
||
|
||
Summary: An EXIF Tag Parsing Library for Digital Cameras
|
||
Group: System/Libraries
|
||
Provides: libexif = %{version}
|
||
Obsoletes: libexif < %{version}
|
||
|
||
%description
|
||
This library is used to parse EXIF information from JPEGs created by
|
||
digital cameras.
|
||
|
||
%description -n %{pname}
|
||
This library is used to parse EXIF information from JPEGs created by
|
||
digital cameras.
|
||
|
||
|
||
%package devel
|
||
Summary: An EXIF Tag Parsing Library for Digital Cameras (Development files)
|
||
Group: Development/Libraries/C and C++
|
||
Requires: %{pname} = %{version}
|
||
Requires: glibc-devel
|
||
|
||
%description devel
|
||
This library is used to parse EXIF information from JPEGs created by
|
||
digital cameras.
|
||
|
||
|
||
|
||
Authors:
|
||
--------
|
||
Lutz M<EFBFBD>ller <lutz@users.sourceforge.net>
|
||
Curtis Galloway <curtisg@users.sourceforge.net>
|
||
|
||
%prep
|
||
%setup -q
|
||
|
||
%build
|
||
%configure --with-pic \
|
||
--disable-static \
|
||
--with-doc-dir=%{_docdir}/%{name}
|
||
%{__make} %{?jobs:-j%jobs}
|
||
|
||
%check
|
||
make check
|
||
|
||
%install
|
||
%makeinstall
|
||
%find_lang %{name}-12
|
||
%{__rm} -f %{buildroot}%{_libdir}/*.la
|
||
|
||
%clean
|
||
rm -rf $RPM_BUILD_ROOT
|
||
|
||
%post -n %{pname} -p /sbin/ldconfig
|
||
|
||
%postun -n %{pname} -p /sbin/ldconfig
|
||
|
||
%files -n %{pname} -f %{name}-12.lang
|
||
%defattr(-,root,root)
|
||
%{_libdir}/*.so.*
|
||
|
||
%files devel
|
||
%defattr(-,root,root)
|
||
%doc %{_docdir}/%{name}
|
||
%{_libdir}/*.so
|
||
%{_libdir}/pkgconfig/*.pc
|
||
%{_includedir}/*
|
||
|
||
%changelog
|