pool/libjpeg-turbo
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 859049 from graphics

Browse Source 
- version update to 2.0.6
  1. Fixed "using JNI after critical get" errors that occurred on Android
  platforms when using any of the YUV encoding/compression/decompression/decoding
  methods in the TurboJPEG Java API.
  2. Fixed or worked around multiple issues with `jpeg_skip_scanlines()`:
       - Fixed segfaults or "Corrupt JPEG data: premature end of data segment"
  errors in `jpeg_skip_scanlines()` that occurred when decompressing 4:2:2 or
  4:2:0 JPEG images using merged (non-fancy) upsampling/color conversion (that
  is, when setting `cinfo.do_fancy_upsampling` to `FALSE`.)  2.0.0[6] was a
  similar fix, but it did not cover all cases.
       - `jpeg_skip_scanlines()` now throws an error if two-pass color
  quantization is enabled.  Two-pass color quantization never worked properly
  with `jpeg_skip_scanlines()`, and the issues could not readily be fixed.
       - Fixed an issue whereby `jpeg_skip_scanlines()` always returned 0 when
  skipping past the end of an image.
  3. The Arm 64-bit (Armv8) Neon SIMD extensions can now be built using MinGW
  toolchains targetting Arm64 (AArch64) Windows binaries.
  4. Fixed unexpected visual artifacts that occurred when using
  `jpeg_crop_scanline()` and interblock smoothing while decompressing only the DC
  scan of a progressive JPEG image.
  5. Fixed an issue whereby libjpeg-turbo would not build if 12-bit-per-component
  JPEG support (`WITH_12BIT`) was enabled along with libjpeg v7 or libjpeg v8
  API/ABI emulation (`WITH_JPEG7` or `WITH_JPEG8`.)
- modified sources
  % libjpeg-turbo.keyring

OBS-URL: https://build.opensuse.org/request/show/859049
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libjpeg-turbo?expand=0&rev=54
This commit is contained in:
Dominique Leuenberger 2020-12-30 16:11:45 +00:00 committed by Git OBS Bridge
commit 69ce102dff
9 changed files with 61 additions and 611 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
libjpeg-turbo-2.0.5.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:16f8f6f2715b3a38ab562a84357c793dd56ae9899ce130563c72cd93d8357b5d
size 2162983

BIN
libjpeg-turbo-2.0.5.tar.gz.sig
View File

Binary file not shown.

3
libjpeg-turbo-2.0.6.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d74b92ac33b0e3657123ddcf6728788c90dc84dcb6a52013d758af3c4af481bb
size 2192315

BIN
libjpeg-turbo-2.0.6.tar.gz.sig Normal file
View File

Binary file not shown.

29
libjpeg-turbo.changes
View File

@ -1,3 +1,32 @@
-------------------------------------------------------------------
Mon Dec 28 15:39:18 UTC 2020 - pgajdos@suse.com
- version update to 2.0.6
1. Fixed "using JNI after critical get" errors that occurred on Android
platforms when using any of the YUV encoding/compression/decompression/decoding
methods in the TurboJPEG Java API.
2. Fixed or worked around multiple issues with `jpeg_skip_scanlines()`:
- Fixed segfaults or "Corrupt JPEG data: premature end of data segment"
errors in `jpeg_skip_scanlines()` that occurred when decompressing 4:2:2 or
4:2:0 JPEG images using merged (non-fancy) upsampling/color conversion (that
is, when setting `cinfo.do_fancy_upsampling` to `FALSE`.) 2.0.0[6] was a
similar fix, but it did not cover all cases.
- `jpeg_skip_scanlines()` now throws an error if two-pass color
quantization is enabled. Two-pass color quantization never worked properly
with `jpeg_skip_scanlines()`, and the issues could not readily be fixed.
- Fixed an issue whereby `jpeg_skip_scanlines()` always returned 0 when
skipping past the end of an image.
3. The Arm 64-bit (Armv8) Neon SIMD extensions can now be built using MinGW
toolchains targetting Arm64 (AArch64) Windows binaries.
4. Fixed unexpected visual artifacts that occurred when using
`jpeg_crop_scanline()` and interblock smoothing while decompressing only the DC
scan of a progressive JPEG image.
5. Fixed an issue whereby libjpeg-turbo would not build if 12-bit-per-component
JPEG support (`WITH_12BIT`) was enabled along with libjpeg v7 or libjpeg v8
API/ABI emulation (`WITH_JPEG7` or `WITH_JPEG8`.)
- modified sources
% libjpeg-turbo.keyring
-------------------------------------------------------------------
Wed Aug 12 21:24:44 UTC 2020 - Matthias Eliasson <elimat@opensuse.org>

54
libjpeg-turbo.keyring
View File

@ -1,30 +1,30 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.1.6
Comment: Hostname: sks.pod02.fleetstreetops.com
mQGiBFWuQpoRBACKZREWpZug3nddAYrt9AvxrR3dYRlQvf+gU0q7EJXGERPVF0sz
gOofTCo7uMy+xLx47sg0wFapON1HphzwnaCK852pcKajLDoW9oXGV+KvuyAay0Ap
T296NxgFidKYlOFS8TcI1PFbmemT56yIWBUSiEZcvJIKG8vu4CHoCSFx5wCg9N55
TNEv0XOi9fcxBHJM8P1nSvMD/i4Ounk99EcCcbkNkxJrn2ePWE/H6JZWgy+mBzdX
zPEGb7JrmLnoeClHzOq3PwrVCUerXNICJQnZXLUfYv37cdxSXKSP+xw9x/RzpJiq
EdJQXrFFLPAFl6iWqi9mm9X5hStPpjVG7frqJR5ogA7frzRV0+rlunhQBhnpeSTE
QNznA/oC29xIx6BA7jLVTbqCUqETDf9rA9jpKeJXI5cpE4neevS7EbQez70VEc9f
BmvC4L4MU/oJk5/y1OrVDKuFG9F2nAnshL0Y02lcEvmirTG8dJskBNlAm/JbrDEx
L0/V7wTTMERuTHGP+F7Y1hpSz+oU6rMLop7qJn9or00HcVMd7rRdVGhlIGxpYmpw
ZWctdHVyYm8gUHJvamVjdCAoU2lnbmluZyBrZXkgZm9yIG9mZmljaWFsIGJpbmFy
aWVzKSA8aW5mb3JtYXRpb25AbGlianBlZy10dXJiby5vcmc+iGAEExECACAFAlWu
QpoCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCFxwROAz/eFv5IAJ9NPfuV
c8mpjSXK+yumPN6TS6okCgCfaltKSnTBHhlvJAEVsWopAPUrj2a5Ag0EVa5CnBAI
AIMtO9yvgD/wV/yEkLLRpVaRoM4R1SaDzVNS+Kc9iL4GzWTcNPCqXlxswqVIRKxx
NkW7y/RO7Pem6Ew3owmrQRa1FUFLU+TLSMuTLhQl/ao+lmpn32KnPdYIyRRyaLrb
DTYBRVGB65sZY4BzueI4m3+w02+53XVuE3tIRk9eHNF8dbYwgUMXb4+8IC5mp0ta
4dwdLIMwwatL+iaAuAS6nCKn2eZOyO9KbF2TdWHZhOKE16I5aLa48Nfp/T7Qx3tU
c5hH/pOg652/zZCSm7yTekUnzmngnFSiecgsN4WRtpfyxIlJYWbBO1qs6Munviu+
a6yEdEhSSw3JGgGwciYep5MAAwUH/RIDmO6PZOn2PXgAGdLvvdnXR5im5axwW30C
JjYqkubucqQ0Y7gFE3NsxFxRwMbnRab1yJFrWLtcTBHqa5NAaR8UjUl4vdvvDZXM
yOznB5EkjpAhATPpCVAA6N1QnDgh/oceBAcu7KU7WEWGVI2QzOmVQ7CmxDgcehVG
6E2DhEatFavD0LLlqlDorFpJnRoIwVOCXz2lV3lmrnP6H+2j0TZHAWnHETyAUL+P
lOq7HCbOnnVFzAulrYrt8Ap5ZQm3BRjY+EJIMweb1ZUeReKtW2cTBqM1DQnMdqs2
PvIyk7+A0MdAwOPvmaffBDPlu/jECK3AyQvRPMg9tcp1u6Dz6hGISQQYEQIACQUC
Va5CnAIbDAAKCRCFxwROAz/eFhUXAKCLyoe0xNURwAjj+2q7NW7IgCuQogCgjKXm
udv9ZKnuBluVtm+LueeyV4U=
=B+vg
mQINBF+tkd4BEADFFp/owDcrHfGDEfxJfaDaUlHaxs2F5jWvhyThimpJbuDdrtZ06dAw7CJ+
LY/53Xo1ogZJZb1UuJ9qFunkA601WmbKeOOxSj4UNdQM+T8oMxJklnQh3iNTb4DeLh6+eS2j
VO/q4lEGYC3XwuinuhpqMsvAFfbDkgSp3nm0rI2hEOysm+UBp/xyBISPzUYKzZGC24MKt8Nz
oevKq86JfVUMkvgb756fWoRrbBkGn3tZEDr3EClMTiQSyxdKdVpwa9EtEuezXptgbQcjXV5H
Hhh8XEF9zbnkY7VYaCn/Cd0ETjscPRig9H2IFjSyF5tmAfezGB5D5kCRu60ufCnFG1YXIuD2
Mc0o9msHfEwD7Uy7jRgxpgljMeaQhRG2tcwd1fW34vNOBd5spRNULGkdlbzAOczd6RTNrD10
24xE5OHve2t1+Qc9TyJz8mjAk2bbbeFNYjKTMbKIrxfBEL+kYpUD9mr1xl7lM3qZKrwFvu/C
Rp1rohvW9M7JZLusYthyA8Cv/OL8bQkTYc1Cpod1QCtN1OKt33cyjEKkO5B5EKay0x1vz85X
ATXUbEUeeFe6TLICylK18FxM6i6D7aKJcw0cu1nigvWFrnBhc84xz0d6PwhXGFYVkvMIPFBX
R98rWMJi6Aryby1oQModVyjgefMEl167NNGFUVfjmTZSJP4ywwARAQABtF1UaGUgbGlianBl
Zy10dXJibyBQcm9qZWN0IChTaWduaW5nIGtleSBmb3Igb2ZmaWNpYWwgYmluYXJpZXMpIDxp
bmZvcm1hdGlvbkBsaWJqcGVnLXR1cmJvLm9yZz6JAjYEEwECACAFAl+tkd4CGwMGCwkIBwMC
BBUCCAMEFgIDAQIeAQIXgAAKCRB+wtu29Nv0NEBcEACbJw1RHP2T622KVvO5oq2RW5vRn4Rv
+hOyJgZHsgNkchP+6QqxgVPdxl3N7la286KfDblFGsqvNt7sce873Qlh/KuMcJ+3mBbmO8v7
4mRbG9aLk/M0UdlZBTnGs9D26jpXfyOGOXVeiFW621ghKq7WbdpXa75rK4afpVP9VFvgvw51
Ms9ZoAI81+rnp+H2Kkmo328i+HZcIaGo2K/F6rRvhdEz24PwFA9o8xHmSIHiBUYv/oOrlqM3
VFXcAGwU7zAIATUSmPgmdmcrxlKI75wwAm4tCxk5Vo1BPxCQEP7rjblPDkqLhTjhwphhSu0S
NfpLopiIB4IH8iaM02DhC7SNILhCyKcTyTLdiDQLbY1tCEfYdu90kmD7lLBR+Ek0exOec3QL
ZR8bajj7gmABfL1gkw0UJWST/H+crmTYV2Iu6T96zQo/37xg0XeWKQUsRQv85dK0qyvUxBAp
964ey07DuFz/eLJbX9FzeHhEWS+QRMHntrn211BzhSm7BPWx79wmmyQ8xhof29Z+DsfluS5X
yDnwA9KaZ4g77Ig9sub8RNJxJfVrXns2tTBnVLsysNbdIMT0M42NPk3QWCGcNhCwoyri7fu3
1AGjeo7bg1mqP4xFZVxsx7CWimFPBemClj+R94c7URT1I5IEK7Q+HxkML49Ou3IF2+aEXKJP
geTXZ4hGBBMRAgAGBQJfrZInAAoJEIXHBE4DP94W3McAoNmyT2L9j+7JbZgNkuKz442R2s7K
AKDh2mL458y99LgK/U7AtLi8uWnVvA==
=R+n+
-----END PGP PUBLIC KEY BLOCK-----

2
libjpeg-turbo.spec
View File

@ -18,7 +18,7 @@
%define asan_build 0
%define debug_build 0
%define srcver 2.0.5
%define srcver 2.0.6
%define major 8
%define minor 2
%define micro 2

579
libjpeg62-turbo.changes
View File

@ -1,579 +0,0 @@
-------------------------------------------------------------------
Wed Aug 12 21:24:44 UTC 2020 - Matthias Eliasson <elimat@opensuse.org>
- Update to version 2.0.5
* Worked around issues in the MIPS DSPr2 SIMD extensions that caused failures
in the libjpeg-turbo regression tests. Specifically, the
jsimd_h2v1_downsample_dspr2() and jsimd_h2v2_downsample_dspr2() functions
in the MIPS DSPr2 SIMD extensions are now disabled until/unless they can be
fixed, and other functions that are incompatible with big endian MIPS CPUs
are disabled when building libjpeg-turbo for such CPUs.
* Fixed an oversight in the TJCompressor.compress(int) method in the
TurboJPEG Java API that caused an error ("java.lang.IllegalStateException:
No source image is associated with this instance") when attempting to use
that method to compress a YUV image.
* Fixed an issue (CVE-2020-13790) in the PPM reader that caused a buffer
overrun in cjpeg, TJBench, or the tjLoadImage() function if one of the
values in a binary PPM/PGM input file exceeded the maximum value defined in
the file's header and that maximum value was less than 255. libjpeg-turbo
1.5.0 already included a similar fix for binary PPM/PGM files with maximum
values greater than 255.
* The TurboJPEG API library's global error handler, which is used in
functions such as tjBufSize() and tjLoadImage() that do not require a
TurboJPEG instance handle, is now thread-safe on platforms that support
thread-local storage.
- Drop patches fixed upstream:
* ctest-depends.patch
* libjpeg-turbo-CVE-2020-13790.patch
- Run spec-cleaner
* Remove package groups
* Use make macros
-------------------------------------------------------------------
Mon Jun 8 11:49:47 UTC 2020 - pgajdos@suse.com
- security update
- added patches
fix CVE-2020-13790 [bsc#1172491], heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file
+ libjpeg-turbo-CVE-2020-13790.patch
-------------------------------------------------------------------
Sun Mar 29 10:17:03 UTC 2020 - Aaron Stern <ukbeast89@protonmail.com>
- Upate to version 2.0.4:
* Fixed a regression in the Windows packaging system
(introduced by 2.0 beta1[2]) whereby, if both the 64-bit libjpeg-turbo
SDK for GCC and the 64-bit libjpeg-turbo SDK for Visual C++ were installed
on the same system, only one of them could be uninstalled.
* Fixed a signed integer overflow and subsequent segfault that occurred when
attempting to decompress images with more than 715827882 pixels using the 64-bit C version of TJBench.
* Fixed out-of-bounds write in tjDecompressToYUV2() and tjDecompressToYUVPlanes()
(sometimes manifesting as a double free) that occurred when attempting to decompress
grayscale JPEG images that were compressed with a sampling factor other than 1
(for instance, with cjpeg -grayscale -sample 2x2).
* Fixed a regression introduced by 2.0.2[5] that caused the TurboJPEG API to incorrectly
identify some JPEG images with unusual sampling factors as 4:4:4 JPEG images.
This was known to cause a buffer overflow when attempting to decompress some such images using
tjDecompressToYUV2() or tjDecompressToYUVPlanes().
* Fixed an issue, detected by ASan, whereby attempting to losslessly transform a specially-crafted
malformed JPEG image containing an extremely-high-frequency coefficient block
(junk image data that could never be generated by a legitimate JPEG compressor) could cause the
Huffman encoder's local buffer to be overrun. (Refer to 1.4.0[9] and 1.4beta1[15].)
Given that the buffer overrun was fully contained within the stack and did not cause a segfault
or other user-visible errant behavior, and given that the lossless transformer (unlike the decompressor)
is not generally exposed to arbitrary data exploits, this issue did not likely pose a security risk.
The ARM 64-bit (ARMv8) NEON SIMD assembly code now stores constants in a separate read-only data
section rather than in the text section, to support execute-only memory layouts.
-------------------------------------------------------------------
Tue Mar 17 05:52:14 UTC 2020 - John Whately <john+OpenSuse@whately.me>
- Added If statments for Fedora not having sertain openSUSE macros
-------------------------------------------------------------------
Sat Oct 5 09:08:29 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com>
- Update to version 2.0.3:
* Fixed "using JNI after critical get" errors that occurred on
Android platforms when passing invalid arguments to certain
methods in the TurboJPEG Java API.
* Fixed a regression in the SIMD feature detection code,
introduced by the AVX2 SIMD extensions (2.0 beta1), that was
known to cause an illegal instruction exception, in rare cases,
on CPUs that lack support for CPUID leaf (or on which the
maximum CPUID leaf has been limited by way of a BIOS setting.)
* The 4:4:0 (h1v2) fancy (smooth) chroma upsampling algorithm in
the decompressor now uses a similar bias pattern to that of the
4:2:2 (h2v1) fancy chroma upsampling algorithm, rounding up or
down the upsampled result for alternate pixels rather than
always rounding down. This ensures that, regardless of whether
a 4:2:2 JPEG image is rotated or transposed prior to
decompression (in the frequency domain) or after decompression
(in the spatial domain), the final image will be similar.
* Fixed an integer overflow and subsequent segfault that occurred
when attempting to compress or decompress images with more than
1 billion pixels using the TurboJPEG API.
* Fixed a regression introduced by 2.0 beta1[15] whereby
attempting to generate a progressive JPEG image on an
SSE2-capable CPU using a scan script containing one or more
scans with lengths divisible by 16 would result in an error
("Missing Huffman code table entry") and an invalid JPEG image.
* Fixed an issue whereby `tjDecodeYUV()` and
`tjDecodeYUVPlanes()` would throw an error ("Invalid
progressive parameters") or a warning ("Inconsistent
progression sequence") if passed a TurboJPEG instance that was
previously used to decompress a progressive JPEG image.
-------------------------------------------------------------------
Thu Jan 3 16:46:46 UTC 2019 - Petr Gajdos <pgajdos@suse.com>
- security update
* CVE-2018-20330 [bsc#1120646]
+ libjpeg-turbo-CVE-2018-20330.patch
-------------------------------------------------------------------
Wed Jan 2 10:13:00 UTC 2019 - Petr Gajdos <pgajdos@suse.com>
- security update
* CVE-2018-19644 [bsc#1117890]
+ libjpeg-turbo-CVE-2018-19644.patch
-------------------------------------------------------------------
Tue Nov 13 11:10:50 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
- update to version 2.0.1:
* jsimd_quantize_float_dspr2() and jsimd_convsamp_float_dspr2()
functions in the MIPS DSPr2 SIMD extensions are now disabled
at compile time if the soft float ABI is enabled
* Fixed a regression in the SIMD feature detection code,
introduced by the AVX2 SIMD extensions
* Fixed out-of-bounds read in cjpeg that occurred when attempting
to compress a specially-crafted malformed color-index
(8-bit-per-sample) Targa file
-------------------------------------------------------------------
Mon Sep 24 07:11:27 UTC 2018 - schwab@suse.de
- Define FLOATTEST=64bit on ppc
- ctest-depends.patch: Add missing testsuite depedencies
-------------------------------------------------------------------
Wed Aug 8 15:45:50 UTC 2018 - jengelh@inai.de
- Update description and switch out MMX/SSE by the more generic
term SIMD.
-------------------------------------------------------------------
Wed Aug 1 11:39:01 UTC 2018 - tchvatal@suse.com
- Version update to 2.0.0:
* Cmake as a buildsystem
* avx support
* Better error handling
* More use of SSE2
- Drop patch libjpeg-1.4.0-ocloexec.patch; conflicts, would be better
handled by upstream anyway
- Drop patches merged upstream:
* libjpeg-turbo-CVE-2018-11813.patch
* libjpeg-turbo-CVE-2018-1152.patch
-------------------------------------------------------------------
Tue Jun 19 13:45:31 UTC 2018 - pgajdos@suse.com
- security update:
* CVE-2018-1152 [bsc#1098155]
+ libjpeg-turbo-CVE-2018-1152.patch
-------------------------------------------------------------------
Tue Jun 12 13:34:11 UTC 2018 - pgajdos@suse.com
- security update:
* CVE-2018-11813 [bsc#1096209]
+ libjpeg-turbo-CVE-2018-11813.patch
* remove redundant libjpeg-turbo-CVE-2017-15232.patch
[bsc#1062937#c17]
-------------------------------------------------------------------
Mon Dec 18 13:07:03 UTC 2017 - pgajdos@suse.com
- update to version 1.5.3
1. Fixed a NullPointerException in the TurboJPEG Java wrapper that occurred
when using the YUVImage constructor that creates an instance backed by separate
image planes and allocates memory for the image planes.
2. Fixed an issue whereby the Java version of TJUnitTest would fail when
testing BufferedImage encoding/decoding on big endian systems.
3. Fixed a segfault in djpeg that would occur if an output format other than
PPM/PGM was selected along with the `-crop` option. The `-crop` option now
works with the GIF and Targa formats as well (unfortunately, it cannot be made
to work with the BMP and RLE formats due to the fact that those output engines
write scanlines in bottom-up order.) djpeg will now exit gracefully if an
output format other than PPM/PGM, GIF, or Targa is selected along with the
`-crop` option.
4. Fixed an issue whereby `jpeg_skip_scanlines()` would segfault if color
quantization was enabled.
5. TJBench (both C and Java versions) will now display usage information if any
command-line argument is unrecognized. This prevents the program from silently
ignoring typos.
6. Fixed an access violation in tjbench.exe (Windows) that occurred when the
program was used to decompress an existing JPEG image.
7. Fixed an ArrayIndexOutOfBoundsException in the TJExample Java program that
occurred when attempting to decompress a JPEG image that had been compressed
with 4:1:1 chrominance subsampling.
8. Fixed an issue whereby, when using `jpeg_skip_scanlines()` to skip to the
end of a single-scan (non-progressive) image, subsequent calls to
`jpeg_consume_input()` would return `JPEG_SUSPENDED` rather than
`JPEG_REACHED_EOI`.
9. `jpeg_crop_scanlines()` now works correctly when decompressing grayscale
JPEG images that were compressed with a sampling factor other than 1 (for
instance, with `cjpeg -grayscale -sample 2x2`).
-------------------------------------------------------------------
Thu Oct 12 10:59:03 UTC 2017 - pgajdos@suse.com
- security update:
* CVE-2017-15232 [bsc#1062937]
+ libjpeg-turbo-CVE-2017-15232.patch
-------------------------------------------------------------------
Thu Oct 12 10:22:05 UTC 2017 - pgajdos@suse.com
- Update to version 1.5.2
+ Fixed several memory leaks in the TurboJPEG API library that
could occur if the library was built with certain compilers
and optimization levels.
+ The libjpeg-turbo memory manager will now honor the
max_memory_to_use structure member in jpeg_memory_mgr,
which can be set to the maximum amount of memory (in bytes)
that libjpeg-turbo should use during decompression or
multi-pass (including progressive) compression. This limit
can also be set using the JPEGMEM environment variable or
using the -maxmemory switch in cjpeg/djpeg/jpegtran.
+ TJBench will now run each benchmark for 1 second prior to
starting the timer, in order to improve the consistency of
the results. Furthermore, the -warmup option is now used to
specify the amount of warmup time rather than the number of
warmup iterations.
+ Fixed an error (short jump is out of range) that occurred
when assembling the 32-bit x86 SIMD extensions with NASM
versions prior to 2.04.
+ Fixed a regression introduced by 1.5 beta1[11] that prevented
the Java version of TJBench from outputting any reference images
(the -nowrite switch was accidentally enabled by default.)
libjpeg-turbo should now build and run with full AltiVec SIMD
acceleration on PowerPC-based AmigaOS 4 and OpenBSD systems.
-------------------------------------------------------------------
Thu Jun 15 10:50:53 UTC 2017 - jbohac@suse.com
- mention the included utilities (djpeg, jpegtran, rdjpgcom,
tjbench, and wrjpgcom) in the package description.
-------------------------------------------------------------------
Wed Jan 18 10:07:29 UTC 2017 - bwiedemann@suse.com
- set build date to enable reproducible builds
-------------------------------------------------------------------
Wed Sep 21 10:50:36 UTC 2016 - idonmez@suse.com
- Update to version 1.5.1 fate#324061
+ Fix for PowerPC platforms lacking AltiVec instructions
+ Fix ABI problem with clang/llvm on aarch64.
+ Fancy upsampling is now supported when decompressing JPEG
images that use 4:4:0 (h1v2) chroma subsampling.
+ If merged upsampling isn't SIMD-accelerated but YCbCr-to-RGB
conversion is, then libjpeg-turbo will now disable merged
upsampling when decompressing YCbCr JPEG images into RGB
or extended RGB output images. This significantly speeds up
the decompression of 4:2:0 and 4:2:2 JPEGs on ARM platforms
if fancy upsampling is not used
(for example, if the -nosmooth option to djpeg is specified.)
+ The TurboJPEG API will now decompress 4:2:2 and 4:4:0 JPEG
images with 2x2 luminance sampling factors and 2x1 or 1x2
chrominance sampling factors.
+ Fixed an unsigned integer overflow in the libjpeg memory manager.
+ Fixed additional negative left shifts and other issues reported
by the GCC and Clang undefined behavior sanitizers when
attempting to decompress specially-crafted malformed JPEG
images. None of these issues posed a security threat, but
removing the warnings makes it easier to detect actual
security issues, should they arise in the future.
+ Fixed an out-of-bounds array reference, introduced by
1.4.902 and detected by the Clang undefined behavior sanitizer,
that could be triggered by a specially-crafted malformed
JPEG image with more than four components. Because the
out-of-bounds reference was still within the same structure,
it was not known to pose a security threat, but removing
the warning makes it easier to detect actual security issues,
should they arise in the future.
-------------------------------------------------------------------
Wed Jun 8 07:53:26 UTC 2016 - idonmez@suse.com
- Update to version 1.5.0
+ Fixed an issue whereby a malformed motion-JPEG frame could
cause the "fast path" of libjpeg-turbo's Huffman decoder to
read from uninitialized memory.
+ Added libjpeg-turbo version and build information to the global
string table of the libjpeg and TurboJPEG API libraries.
+ Fixed a couple of issues in the PPM reader that would cause
buffer overruns in cjpeg if one of the values in a binary
PPM/PGM input file exceeded the maximum value defined in the
file's header. libjpeg-turbo 1.4.2 already included a similar
fix for ASCII PPM/PGM files. Note that these issues were not
security bugs, since they were confined to the cjpeg program
and did not affect any of the libjpeg-turbo libraries.
+ Fixed an issue whereby attempting to decompress a JPEG file with
a corrupt header using the tjDecompressToYUV2() function would
cause the function to abort without returning an error and,
under certain circumstances, corrupt the stack. This only
occurred if tjDecompressToYUV2() was called prior to calling
tjDecompressHeader3(), or if the return value from
tjDecompressHeader3() was ignored (both cases represent
incorrect usage of the TurboJPEG API.)
+ The jpeg_stdio_src(), jpeg_mem_src(), jpeg_stdio_dest(),
and jpeg_mem_dest() functions in the libjpeg API will now
throw an error if a source/destination manager has already
been assigned to the compress or decompress object by a
different function or by the calling program.
-------------------------------------------------------------------
Thu Oct 8 07:56:34 UTC 2015 - idonmez@suse.com
- Update to version 1.4.2
+ Crash fixes
+ clang compatibility fixes
+ See the included ChangeLog.txt for the details
- Drop libjpeg-turbo-1.4.0-int32.patch, not needed anymore.
-------------------------------------------------------------------
Thu Mar 5 11:43:27 UTC 2015 - jengelh@inai.de
- Remove useless same-name provides. Use download URLs not
dependent on directory structure.
-------------------------------------------------------------------
Mon Mar 2 16:24:05 UTC 2015 - normand@linux.vnet.ibm.com
- Remove float tests with new libjpeg-turbo-remove-test.patch
same as Fedora bug 1161585 related to upstream issue
https://sourceforge.net/p/libjpeg-turbo/bugs/83/
-------------------------------------------------------------------
Sat Jan 10 00:39:57 UTC 2015 - p.drouand@gmail.com
- Update to version 1.4.0
+ Fixed a build issue on OS X PowerPC platforms (md5cmp failed to build
because OS X does not provide the le32toh() and htole32() functions.)
+ The non-SIMD RGB565 color conversion code did not work correctly on big
endian machines. This has been fixed.
+ Fixed an issue in tjPlaneSizeYUV() whereby it would erroneously return 1
instead of -1 if componentID was > 0 and subsamp was TJSAMP_GRAY.
+ Fixed an issue in tjBufSizeYUV2() wherby it would erroneously return 0
instead of -1 if width was < 1.
+ The Huffman encoder now uses clz and bsr instructions for bit counting on
ARM64 platforms (see 1.4 beta1 [5].)
+ The close() method in the TJCompressor and TJDecompressor Java classes is
now idempotent. Previously, that method would call the native tjDestroy()
function even if the TurboJPEG instance had already been destroyed. This
caused an exception to be thrown during finalization, if the close() method had
already been called. The exception was caught, but it was still an expensive
operation.
+ The TurboJPEG API previously generated an error ("Could not determine
subsampling type for JPEG image") when attempting to decompress grayscale JPEG
images that were compressed with a sampling factor other than 1 (for instance,
with 'cjpeg -grayscale -sample 2x2'). Subsampling technically has no meaning
with grayscale JPEGs, and thus the horizontal and vertical sampling factors
for such images are ignored by the decompressor. However, the TurboJPEG API
was being too rigid and was expecting the sampling factors to be equal to 1
before it treated the image as a grayscale JPEG.
+ cjpeg, djpeg, and jpegtran now accept an argument of -version, which will
print the library version and exit.
+ Referring to 1.4 beta1 [15], another extremely rare circumstance was
discovered under which the Huffman encoder's local buffer can be overrun
when a buffered destination manager is being used and an
extremely-high-frequency block (basically junk image data) is being encoded.
Even though the Huffman local buffer was increased from 128 bytes to 136 bytes
to address the previous issue, the new issue caused even the larger buffer to
be overrun. Further analysis reveals that, in the absolute worst case (such as
setting alternating AC coefficients to 32767 and -32768 in the JPEG scanning
order), the Huffman encoder can produce encoded blocks that approach double the
size of the unencoded blocks. Thus, the Huffman local buffer was increased to
256 bytes, which should prevent any such issue from re-occurring in the future.
+ The new tjPlaneSizeYUV(), tjPlaneWidth(), and tjPlaneHeight() functions
were not actually usable on any platform except OS X and Windows, because
those functions were not included in the libturbojpeg mapfile. This has been
fixed.
+ Restored the JPP(), JMETHOD(), and FAR macros in the libjpeg-turbo header
files. The JPP() and JMETHOD() macros were originally implemented in libjpeg
as a way of supporting non-ANSI compilers that lacked support for prototype
parameters. libjpeg-turbo has never supported such compilers, but some
software packages still use the macros to define their own prototypes.
Similarly, libjpeg-turbo has never supported MS-DOS and other platforms that
have far symbols, but some software packages still use the FAR macro. A pretty
good argument can be made that this is a bad practice on the part of the
software in question, but since this affects more than one package, it's just
easier to fix it here.
+ Fixed issues that were preventing the ARM 64-bit SIMD code from compiling
for iOS, and included an ARMv8 architecture in all of the binaries installed by
the "official" libjpeg-turbo SDK for OS X.
- Adapt patches to upstream changes
libjpeg-ocloexec.patch > libjpeg-1.4.0-ocloexec.patch
libjpeg-turbo-1.3.0-int32.patch > libjpeg-turbo-1.4.0-int32.patch
- Remove libjpeg-turbo-CVE-2014-9092.patch; fixed on upstream release
- Bump tminor to 1
-------------------------------------------------------------------
Thu Nov 27 09:49:28 UTC 2014 - pgajdos@suse.com
- security update CVE-2014-9092 [bnc#906761]
* added libjpeg-turbo-CVE-2014-9092.patch
-------------------------------------------------------------------
Tue Oct 7 07:31:55 UTC 2014 - coolo@suse.com
- to obsolete old versions better use obsoletes
-------------------------------------------------------------------
Sat Oct 4 14:57:19 UTC 2014 - olaf@aepfle.de
- add Conflicts: libjpeg-6.2.0 to libjpeg62 to obsolete old version
and to avoid file conflicts
-------------------------------------------------------------------
Mon Mar 31 09:32:32 UTC 2014 - pgajdos@suse.com
- update to 1.3.1:
* Fixed a bug whereby attempting to encode a progressive JPEG
with arithmetic entropy coding (by passing arguments of
-progressive -arithmetic to cjpeg or jpegtran, for instance)
would result in an error, "Requested feature was omitted at
compile time".
* Fixed a couple of issues whereby malformed JPEG images would
cause libjpeg-turbo to use uninitialized memory during
decompression.
* Fixed an error ("Buffer passed to JPEG library is too small")
that occurred when calling the TurboJPEG YUV encoding function
with a very small (< 5x5) source image, and added a unit test
to check for this error.
* etc. see ChangeLog.txt
-------------------------------------------------------------------
Tue Sep 10 12:51:24 UTC 2013 - pgajdos@suse.com
- update do 1.3.0:
* Fixed a Huffman encoder bug that prevented I/O suspension from
working properly.
* Added support for additional scaling factors (3/8, 5/8, 3/4,
7/8, 9/8, 5/4, 11/8, 3/2, 13/8, 7/4, 15/8, and 2) when
decompressing. Note that the IDCT will not be SIMD-accelerated
when using any of these new scaling factors.
* The tjDecompressToYUV() function now supports the TJFLAG_FASTDCT
flag.
* cjpeg can now be used to generate JPEG files with the RGB
colorspace (feature ported from jpeg-8d.)
* etc. see ChangeLog.txt
-------------------------------------------------------------------
Fri Jun 14 09:24:19 UTC 2013 - pgajdos@suse.com
- by change from Wed Mar 6 11:19:02 UTC 2013, libjpeg62-turbo
do not provide any binaries, so it should not provide jpeg
-------------------------------------------------------------------
Mon May 27 18:22:46 UTC 2013 - crrodriguez@opensuse.org
- Build with full RELRO as this library is exposed to·
possible malicious images.
-------------------------------------------------------------------
Wed Mar 6 11:19:02 UTC 2013 - pgajdos@suse.com
- remove
%{_bindir}/*
%doc %{_mandir}/man1/*
https://bugzilla.novell.com/show_bug.cgi?id=807183#c14
-------------------------------------------------------------------
Wed Mar 6 07:58:46 UTC 2013 - pgajdos@suse.com
- libjpeg62-turbo package created [bnc#807183]
-------------------------------------------------------------------
Mon Aug 13 17:05:35 UTC 2012 - dmueller@suse.com
- selfconflicts are not possible, remove it
-------------------------------------------------------------------
Mon Jul 23 11:33:56 UTC 2012 - pgajdos@suse.com
- Update to version 1.2.1:
* fixed heap overflow [bnc#771791]
-------------------------------------------------------------------
Thu Mar 22 13:25:09 UTC 2012 - idonmez@suse.com
- Update to version 1.2.0
* Fixed out-of-bounds read in SSE2 SIMD code
* Added a compile-time macro (LIBJPEG_TURBO_VERSION) that can
be used to check the version of libjpeg-turbo against which
an application was compiled.
* Added new RGBA/BGRA/ABGR/ARGB colorspace extension constants
* libjpeg-turbo will now correctly decompress erroneous
CMYK/YCCK JPEGs whose K component is assigned a component ID
of 1 instead of 4.
* Added SIMD routines for RGB-to-grayscale color conversion
* Improved the performance of the C color conversion routines
* Added a function to the TurboJPEG API that performs lossless
transforms.
* Added support for 4:4:0 (transposed 4:2:2) subsampling
-------------------------------------------------------------------
Sat Nov 19 20:38:03 UTC 2011 - coolo@suse.com
- add libtool as buildrequire to avoid implicit dependency
-------------------------------------------------------------------
Sat Nov 12 22:54:58 UTC 2011 - crrodriguez@opensuse.org
- Open all file descriptors with O_CLOEXEC, extended description
in the patch file.
-------------------------------------------------------------------
Thu May 19 14:44:56 CEST 2011 - pgajdos@suse.cz
- updated to 1.1.1:
* Fixed a 1-pixel error in row 0, column 21 of the luminance
plane generated by tjEncodeYUV().
* libjpeg-turbo's accelerated Huffman decoder previously
ignored unexpected markers found in the middle of the
JPEG data stream during decompression. It will now
hand off decoding of a particular block to the unaccelerated
Huffman decoder if an unexpected marker is found, so that
the unaccelerated Huffman decoder can generate an appropriate
warning.
* Fixed a bug in jpeg_read_coefficients() whereby it would
not initialize cinfo->image_width and cinfo->image_height
if libjpeg v7 or v8 emulation was enabled. This specifically
caused the jpegoptim program to fail if it was linked against
a version of libjpeg-turbo that was built with libjpeg v7 or
v8 emulation.
* Eliminated excessive I/O overhead that occurred when reading
BMP files in cjpeg.
*
-------------------------------------------------------------------
Thu Mar 3 13:53:18 CET 2011 - pgajdos@suse.cz
- updated to 1.1.0:
* Added further protections against invalid Huffman codes.
* Added an extended version of tjDecompressHeader().
* Added arithmetic encoding and decoding support.
* TurboJPEG/OSS can now compress from/decompress to
grayscale bitmaps.
* Added emulation of the libjpeg v7 and v8 APIs and ABIs.
* Added two new TurboJPEG API functions, tjEncodeYUV() and
tjDecompressToYUV().
* The TurboJPEG dynamic library now uses versioned symbols.
* Fixed visual artifacts in grayscale JPEG compression
caused by a typo in the RGB-to-chrominance lookup tables.
- see ChangeLog.txt for details.
- removed upstreamed jpegtran.patch and rh639672.patch
-------------------------------------------------------------------
Tue Dec 14 14:32:56 CET 2010 - pgajdos@suse.cz
- spec file cleanup
-------------------------------------------------------------------
Fri Dec 10 13:02:58 UTC 2010 - pgajdos@novell.com
- this jpeg version will be the default to the prejudice of jpeg8
from now on
-------------------------------------------------------------------
Sun Nov 7 12:53:26 UTC 2010 - prusnak@opensuse.org
- created package based on Fedora one (v 1.0.1)

2
libjpeg62-turbo.spec
View File

@ -19,7 +19,7 @@
%define major 62
%define minor 3
%define micro 0
%define srcver 2.0.5
%define srcver 2.0.6
%define libver %{major}.%{minor}.%{micro}
Name: libjpeg62-turbo
Version: %{srcver}