pool/libjpeg-turbo
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

revert last change

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/graphics/libjpeg-turbo?expand=0&rev=143
This commit is contained in:
Petr Gajdos 2023-06-02 08:12:26 +00:00 committed by Git OBS Bridge
parent 741902d408
commit f8e48b34a7
4 changed files with 0 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
libjpeg-turbo-CVE-2023-2804.patch
View File

@ -1,14 +0,0 @@
Index: libjpeg-turbo-2.1.5.1/jdmaster.c
===================================================================
--- libjpeg-turbo-2.1.5.1.orig/jdmaster.c
+++ libjpeg-turbo-2.1.5.1/jdmaster.c
@@ -33,6 +33,9 @@ LOCAL(boolean)
use_merged_upsample(j_decompress_ptr cinfo)
{
#ifdef UPSAMPLE_MERGING_SUPPORTED
+ /* Colorspace conversion is not supported with lossless JPEG images */
+ if (cinfo->master->lossless)
+ return FALSE;
/* Merging is the equivalent of plain box-filter upsampling */
if (cinfo->do_fancy_upsampling || cinfo->CCIR601_sampling)
return FALSE;

8
libjpeg-turbo.changes
View File

@ -1,11 +1,3 @@
-------------------------------------------------------------------
Fri Jun 2 07:31:13 UTC 2023 - pgajdos@suse.com
- security update
- added patches
fix CVE-2023-2804 [bsc#1211542], heap-buffer-overflow in h2v2_merged_upsample_internal() at /libjpeg-turbo/jdmrgext.c
+ libjpeg-turbo-CVE-2023-2804.patch
-------------------------------------------------------------------
Thu May 4 11:37:31 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>

3
libjpeg-turbo.spec
View File

@ -37,8 +37,6 @@ Source1: https://downloads.sf.net/libjpeg-turbo/libjpeg-turbo-%{version}.
Source2: libjpeg-turbo.keyring
Source3: baselibs.conf
Patch1: libjpeg-turbo-1.3.0-tiff-ojpeg.patch
# CVE-2023-2804 [bsc#1211542], heap-buffer-overflow in h2v2_merged_upsample_internal() at /libjpeg-turbo/jdmrgext.c
Patch2: libjpeg-turbo-CVE-2023-2804.patch
BuildRequires: cmake
BuildRequires: gcc-c++
BuildRequires: nasm
@ -102,7 +100,6 @@ files using the libjpeg library.
%prep
%setup -q
%patch1
%patch2 -p1
%build
MYLDFLAGS="-Wl,-z,relro,-z,now"

3
libjpeg62-turbo.spec
View File

@ -32,8 +32,6 @@ Source1: https://downloads.sf.net/libjpeg-turbo/libjpeg-turbo-%{version}.
Source2: libjpeg-turbo.keyring
Source3: baselibs.conf
Patch1: libjpeg-turbo-1.3.0-tiff-ojpeg.patch
# CVE-2023-2804 [bsc#1211542], heap-buffer-overflow in h2v2_merged_upsample_internal() at /libjpeg-turbo/jdmrgext.c
Patch2: libjpeg-turbo-CVE-2023-2804.patch
BuildRequires: cmake
BuildRequires: gcc-c++
# needed for tests as we remove the lib here
@ -75,7 +73,6 @@ files using the libjpeg library.
%prep
%setup -q -n libjpeg-turbo-%{srcver}
%patch1
%patch2 -p1
%build
export LDFLAGS="-Wl,-z,relro,-z,now"