pool/openjpeg2
SHA256
6
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 523789 from home:hpjansson:openjpeg2-cve-factory

Browse Source 
Add security fixes:
  openjpeg2-CVE-2016-10504.patch (CVE-2016-10504, bsc#1056351),
  openjpeg2-CVE-2016-10505.patch (CVE-2016-10505, bsc#1056363),
  openjpeg2-CVE-2016-10506.patch (CVE-2016-10506, bsc#1056396),
  openjpeg2-CVE-2017-12982.patch (CVE-2017-12982, bsc#1054696),
  openjpeg2-CVE-2017-14039.patch (CVE-2017-14039, CVE-2017-14164,
  bsc#1056622, bsc#1057511),
  openjpeg2-CVE-2017-14040.patch (CVE-2017-14040, bsc#1056621),
  openjpeg2-CVE-2017-14041.patch (CVE-2017-14041, bsc#1056562),
  openjpeg2-CVE-2017-14151.patch (CVE-2017-14151, bsc#1057336),
  openjpeg2-CVE-2017-14152.patch (CVE-2017-14152, bsc#1057335),
  most of which are critical, including heap and stack overwrites,
  over-reads and division by zero errors.

OBS-URL: https://build.opensuse.org/request/show/523789
OBS-URL: https://build.opensuse.org/package/show/graphics/openjpeg2?expand=0&rev=28
This commit is contained in:
Ismail Dönmez 2017-09-13 14:11:10 +00:00 committed by Git OBS Bridge
parent d2c7ef5910
commit 96b2424330
11 changed files with 421 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
openjpeg2-CVE-2016-10504.patch Normal file
View File

@ -0,0 +1,23 @@
commit 0a915d5e6b49c8428a28d0b858b9e274851b4b1c
Author: Hans Petter Jansson <hpj@cl.no>
Date: Fri Sep 8 00:22:18 2017 +0200
openjpeg2-CVE-2016-10504.patch
diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
index 985ac5f..2e116b2 100644
--- a/src/lib/openjp2/tcd.c
+++ b/src/lib/openjp2/tcd.c
@@ -1088,8 +1088,10 @@ static OPJ_BOOL opj_tcd_code_block_enc_allocate_data (opj_tcd_cblk_enc_t * p_cod
{
OPJ_UINT32 l_data_size;
- l_data_size = (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) * (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
-
+ /* The +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
+ l_data_size = 1 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
+ (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
+
if (l_data_size > p_code_block->data_size) {
if (p_code_block->data) {
opj_free(p_code_block->data - 1); /* again, why -1 */

47
openjpeg2-CVE-2016-10505.patch Normal file
View File

@ -0,0 +1,47 @@
diff --git a/src/bin/common/color.c b/src/bin/common/color.c
index 234c7bd..f42d982 100644
--- a/src/bin/common/color.c
+++ b/src/bin/common/color.c
@@ -108,6 +108,7 @@ static void sycc444_to_rgb(opj_image_t *img)
d1 = g = (int*)malloc(sizeof(int) * max);
d2 = b = (int*)malloc(sizeof(int) * max);
+ if(y == NULL || cb == NULL || cr == NULL) goto fails;
if(r == NULL || g == NULL || b == NULL) goto fails;
for(i = 0U; i < max; ++i)
@@ -149,6 +150,7 @@ static void sycc422_to_rgb(opj_image_t *img)
d1 = g = (int*)malloc(sizeof(int) * max);
d2 = b = (int*)malloc(sizeof(int) * max);
+ if(y == NULL || cb == NULL || cr == NULL) goto fails;
if(r == NULL || g == NULL || b == NULL) goto fails;
/* if img->x0 is odd, then first column shall use Cb/Cr = 0 */
@@ -918,6 +920,7 @@ void color_esycc_to_rgb(opj_image_t *image)
(image->numcomps < 3)
|| (image->comps[0].dx != image->comps[1].dx) || (image->comps[0].dx != image->comps[2].dx)
|| (image->comps[0].dy != image->comps[1].dy) || (image->comps[0].dy != image->comps[2].dy)
+ || !image->comps [0].data || !image->comps [1].data || !image->comps [2].data
) {
fprintf(stderr,"%s:%d:color_esycc_to_rgb\n\tCAN NOT CONVERT\n", __FILE__,__LINE__);
return;
diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
index 4df8d58..5c52ef4 100644
--- a/src/bin/jp2/convertbmp.c
+++ b/src/bin/jp2/convertbmp.c
@@ -814,6 +814,14 @@ int imagetobmp(opj_image_t * image, const char *outfile) {
fprintf(stderr, "Unsupported number of components: %d\n", image->comps[0].prec);
return 1;
}
+
+ for (i = 0; i < image->numcomps; i++) {
+ if (image->comps[i].data == NULL) {
+ fprintf(stderr, "Missing image data\n");
+ return 1;
+ }
+ }
+
if (image->numcomps >= 3 && image->comps[0].dx == image->comps[1].dx
&& image->comps[1].dx == image->comps[2].dx
&& image->comps[0].dy == image->comps[1].dy

55
openjpeg2-CVE-2016-10506.patch Normal file
View File

@ -0,0 +1,55 @@
diff --git a/src/lib/openjp2/pi.c b/src/lib/openjp2/pi.c
index 41a2f04..ca9b62f 100644
--- a/src/lib/openjp2/pi.c
+++ b/src/lib/openjp2/pi.c
@@ -360,6 +360,16 @@ if (!pi->tp_on){
try1 = opj_int_ceildiv(pi->ty1, (OPJ_INT32)(comp->dy << levelno));
rpx = res->pdx + levelno;
rpy = res->pdy + levelno;
+
+ /* To avoid divisions by zero / undefined behaviour on shift */
+ /* in below tests */
+ /* Fixes reading id:000026,sig:08,src:002419,op:int32,pos:60,val:+32 */
+ /* of https://github.com/uclouvain/openjpeg/issues/938 */
+ if (rpx >= 31 || ((comp->dx << rpx) >> rpx) != comp->dx ||
+ rpy >= 31 || ((comp->dy << rpy) >> rpy) != comp->dy) {
+ continue;
+ }
+
if (!((pi->y % (OPJ_INT32)(comp->dy << rpy) == 0) || ((pi->y == pi->ty0) && ((try0 << levelno) % (1 << rpy))))){
continue;
}
@@ -441,6 +451,16 @@ static OPJ_BOOL opj_pi_next_pcrl(opj_pi_iterator_t * pi) {
try1 = opj_int_ceildiv(pi->ty1, (OPJ_INT32)(comp->dy << levelno));
rpx = res->pdx + levelno;
rpy = res->pdy + levelno;
+
+ /* To avoid divisions by zero / undefined behaviour on shift */
+ /* in below tests */
+ /* Relates to id:000019,sig:08,src:001098,op:flip1,pos:49 */
+ /* of https://github.com/uclouvain/openjpeg/issues/938 */
+ if (rpx >= 31 || ((comp->dx << rpx) >> rpx) != comp->dx ||
+ rpy >= 31 || ((comp->dy << rpy) >> rpy) != comp->dy) {
+ continue;
+ }
+
if (!((pi->y % (OPJ_INT32)(comp->dy << rpy) == 0) || ((pi->y == pi->ty0) && ((try0 << levelno) % (1 << rpy))))){
continue;
}
@@ -520,6 +540,16 @@ static OPJ_BOOL opj_pi_next_cprl(opj_pi_iterator_t * pi) {
try1 = opj_int_ceildiv(pi->ty1, (OPJ_INT32)(comp->dy << levelno));
rpx = res->pdx + levelno;
rpy = res->pdy + levelno;
+
+ /* To avoid divisions by zero / undefined behaviour on shift */
+ /* in below tests */
+ /* Fixes reading id:000019,sig:08,src:001098,op:flip1,pos:49 */
+ /* of https://github.com/uclouvain/openjpeg/issues/938 */
+ if (rpx >= 31 || ((comp->dx << rpx) >> rpx) != comp->dx ||
+ rpy >= 31 || ((comp->dy << rpy) >> rpy) != comp->dy) {
+ continue;
+ }
+
if (!((pi->y % (OPJ_INT32)(comp->dy << rpy) == 0) || ((pi->y == pi->ty0) && ((try0 << levelno) % (1 << rpy))))){
continue;
}

15
openjpeg2-CVE-2017-12982.patch Normal file
View File

@ -0,0 +1,15 @@
diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
index ae83077..4df8d58 100644
--- a/src/bin/jp2/convertbmp.c
+++ b/src/bin/jp2/convertbmp.c
@@ -379,6 +379,10 @@ static OPJ_BOOL bmp_read_info_header(FILE* IN, OPJ_BITMAPINFOHEADER* header)
header->biBitCount = (OPJ_UINT16)getc(IN);
header->biBitCount |= (OPJ_UINT16)((OPJ_UINT32)getc(IN) << 8);
+ if (header->biBitCount == 0) {
+ fprintf(stderr, "Error, invalid biBitCount %d\n", 0);
+ return OPJ_FALSE;
+ }
if(header->biSize >= 40U) {
header->biCompression = (OPJ_UINT32)getc(IN);

99
openjpeg2-CVE-2017-14039.patch Normal file
View File

@ -0,0 +1,99 @@
diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
index 5cefffd..1844ac3 100644
--- a/src/lib/openjp2/j2k.c
+++ b/src/lib/openjp2/j2k.c
@@ -826,6 +826,7 @@ static OPJ_BOOL opj_j2k_write_tlm( opj_j2k_t *p_j2k,
*/
static OPJ_BOOL opj_j2k_write_sot( opj_j2k_t *p_j2k,
OPJ_BYTE * p_data,
+ OPJ_UINT32 p_total_data_size,
OPJ_UINT32 * p_data_written,
const opj_stream_private_t *p_stream,
opj_event_mgr_t * p_manager );
@@ -3963,6 +3964,7 @@ static OPJ_BOOL opj_j2k_write_tlm( opj_j2k_t *p_j2k,
static OPJ_BOOL opj_j2k_write_sot( opj_j2k_t *p_j2k,
OPJ_BYTE * p_data,
+ OPJ_UINT32 p_total_data_size,
OPJ_UINT32 * p_data_written,
const opj_stream_private_t *p_stream,
opj_event_mgr_t * p_manager
@@ -3973,6 +3975,12 @@ static OPJ_BOOL opj_j2k_write_sot( opj_j2k_t *p_j2k,
assert(p_manager != 00);
assert(p_stream != 00);
+ if (p_total_data_size < 12) {
+ opj_event_msg(p_manager, EVT_ERROR,
+ "Not enough bytes in output buffer to write SOT marker\n");
+ return OPJ_FALSE;
+ }
+
opj_write_bytes(p_data,J2K_MS_SOT,2); /* SOT */
p_data += 2;
@@ -4308,6 +4316,12 @@ static OPJ_BOOL opj_j2k_write_sod( opj_j2k_t *p_j2k,
assert(p_manager != 00);
assert(p_stream != 00);
+ if (p_total_data_size < 4) {
+ opj_event_msg(p_manager, EVT_ERROR,
+ "Not enough bytes in output buffer to write SOD marker\n");
+ return OPJ_FALSE;
+ }
+
opj_write_bytes(p_data,J2K_MS_SOD,2); /* SOD */
p_data += 2;
@@ -10625,7 +10639,7 @@ static OPJ_BOOL opj_j2k_write_first_tile_part (opj_j2k_t *p_j2k,
l_current_nb_bytes_written = 0;
l_begin_data = p_data;
- if (! opj_j2k_write_sot(p_j2k,p_data,&l_current_nb_bytes_written,p_stream,p_manager))
+ if (! opj_j2k_write_sot(p_j2k,p_data,p_total_data_size,&l_current_nb_bytes_written,p_stream,p_manager))
{
return OPJ_FALSE;
}
@@ -10712,7 +10726,7 @@ static OPJ_BOOL opj_j2k_write_all_tile_parts( opj_j2k_t *p_j2k,
l_part_tile_size = 0;
l_begin_data = p_data;
- if (! opj_j2k_write_sot(p_j2k,p_data,&l_current_nb_bytes_written,p_stream,p_manager)) {
+ if (! opj_j2k_write_sot(p_j2k,p_data,p_total_data_size,&l_current_nb_bytes_written,p_stream,p_manager)) {
return OPJ_FALSE;
}
@@ -10752,7 +10766,7 @@ static OPJ_BOOL opj_j2k_write_all_tile_parts( opj_j2k_t *p_j2k,
l_part_tile_size = 0;
l_begin_data = p_data;
- if (! opj_j2k_write_sot(p_j2k,p_data,&l_current_nb_bytes_written,p_stream,p_manager)) {
+ if (! opj_j2k_write_sot(p_j2k,p_data,p_total_data_size,&l_current_nb_bytes_written,p_stream,p_manager)) {
return OPJ_FALSE;
}
diff --git a/src/lib/openjp2/t2.c b/src/lib/openjp2/t2.c
index 5a8d440..f14cea8 100644
--- a/src/lib/openjp2/t2.c
+++ b/src/lib/openjp2/t2.c
@@ -585,6 +585,10 @@ static OPJ_BOOL opj_t2_encode_packet( OPJ_UINT32 tileno,
/* <SOP 0xff91> */
if (tcp->csty & J2K_CP_CSTY_SOP) {
+ if (length < 6) {
+ return OPJ_FALSE;
+ }
+
c[0] = 255;
c[1] = 145;
c[2] = 0;
@@ -731,6 +735,10 @@ static OPJ_BOOL opj_t2_encode_packet( OPJ_UINT32 tileno,
/* <EPH 0xff92> */
if (tcp->csty & J2K_CP_CSTY_EPH) {
+ if (length < 2) {
+ return OPJ_FALSE;
+ }
+
c[0] = 255;
c[1] = 146;
c += 2;

77
openjpeg2-CVE-2017-14040.patch Normal file
View File

@ -0,0 +1,77 @@
diff --git a/src/bin/jp2/convert.c b/src/bin/jp2/convert.c
index deee4f6..f28c98d 100644
--- a/src/bin/jp2/convert.c
+++ b/src/bin/jp2/convert.c
@@ -41,6 +41,7 @@
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
+#include <limits.h>
#include "openjpeg.h"
#include "convert.h"
@@ -558,12 +559,9 @@ struct tga_header
};
#endif /* INFORMATION_ONLY */
-static unsigned short get_ushort(const unsigned char *data) {
- unsigned short val = *(const unsigned short *)data;
-#ifdef OPJ_BIG_ENDIAN
- val = ((val & 0xffU) << 8) | (val >> 8);
-#endif
- return val;
+/* Returns a ushort from a little-endian serialized value */
+static unsigned short get_tga_ushort(const unsigned char *data) {
+ return data[0] | (data[1] << 8);
}
#define TGA_HEADER_SIZE 18
@@ -589,17 +587,17 @@ static int tga_readheader(FILE *fp, unsigned int *bits_per_pixel,
id_len = tga[0];
/*cmap_type = tga[1];*/
image_type = tga[2];
- /*cmap_index = get_ushort(&tga[3]);*/
- cmap_len = get_ushort(&tga[5]);
+ /*cmap_index = get_tga_ushort(&tga[3]);*/
+ cmap_len = get_tga_ushort(&tga[5]);
cmap_entry_size = tga[7];
#if 0
- x_origin = get_ushort(&tga[8]);
- y_origin = get_ushort(&tga[10]);
+ x_origin = get_tga_ushort(&tga[8]);
+ y_origin = get_tga_ushort(&tga[10]);
#endif
- image_w = get_ushort(&tga[12]);
- image_h = get_ushort(&tga[14]);
+ image_w = get_tga_ushort(&tga[12]);
+ image_h = get_tga_ushort(&tga[14]);
pixel_depth = tga[16];
image_desc = tga[17];
@@ -763,6 +761,24 @@ opj_image_t* tgatoimage(const char *filename, opj_cparameters_t *parameters) {
color_space = OPJ_CLRSPC_SRGB;
}
+ /* If the declared file size is > 10 MB, check that the file is big */
+ /* enough to avoid excessive memory allocations */
+ if (image_height != 0 && image_width > 10000000 / image_height / numcomps) {
+ char ch;
+ OPJ_UINT64 expected_file_size =
+ (OPJ_UINT64)image_width * image_height * numcomps;
+ long curpos = ftell(f);
+ if (expected_file_size > (OPJ_UINT64)INT_MAX) {
+ expected_file_size = (OPJ_UINT64)INT_MAX;
+ }
+ fseek(f, (long)expected_file_size - 1, SEEK_SET);
+ if (fread(&ch, 1, 1, f) != 1) {
+ fclose(f);
+ return NULL;
+ }
+ fseek(f, curpos, SEEK_SET);
+ }
+
subsampling_dx = parameters->subsampling_dx;
subsampling_dy = parameters->subsampling_dy;

13
openjpeg2-CVE-2017-14041.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/src/bin/jp2/convert.c b/src/bin/jp2/convert.c
index f28c98d..2381f3a 100644
--- a/src/bin/jp2/convert.c
+++ b/src/bin/jp2/convert.c
@@ -1115,7 +1115,7 @@ opj_image_t* pgxtoimage(const char *filename, opj_cparameters_t *parameters) {
}
fseek(f, 0, SEEK_SET);
- if( fscanf(f, "PG%[ \t]%c%c%[ \t+-]%d%[ \t]%d%[ \t]%d",temp,&endian1,&endian2,signtmp,&prec,temp,&w,temp,&h) != 9){
+ if( fscanf(f, "PG%31[ \t]%c%c%31[ \t+-]%d%31[ \t]%d%31[ \t]%d",temp,&endian1,&endian2,signtmp,&prec,temp,&w,temp,&h) != 9){
fclose(f);
fprintf(stderr, "ERROR: Failed to read the right number of element from the fscanf() function!\n");
return NULL;

22
openjpeg2-CVE-2017-14151.patch Normal file
View File

@ -0,0 +1,22 @@
diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
index 2e116b2..2f50bfe 100644
--- a/src/lib/openjp2/tcd.c
+++ b/src/lib/openjp2/tcd.c
@@ -1087,10 +1087,13 @@ static OPJ_BOOL opj_tcd_code_block_enc_allocate (opj_tcd_cblk_enc_t * p_code_blo
static OPJ_BOOL opj_tcd_code_block_enc_allocate_data (opj_tcd_cblk_enc_t * p_code_block)
{
OPJ_UINT32 l_data_size;
-
- /* The +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
- l_data_size = 1 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
- (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
+
+ /* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
+ /* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
+ /* TODO: is there a theoretical upper-bound for the compressed code */
+ /* block size ? */
+ l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
+ (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
if (l_data_size > p_code_block->data_size) {
if (p_code_block->data) {

25
openjpeg2-CVE-2017-14152.patch Normal file
View File

@ -0,0 +1,25 @@
diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
index 1844ac3..316b928 100644
--- a/src/lib/openjp2/j2k.c
+++ b/src/lib/openjp2/j2k.c
@@ -6104,10 +6104,16 @@ static void opj_j2k_set_cinema_parameters(opj_cparameters_t *parameters, opj_ima
/* Precincts */
parameters->csty |= 0x01;
- parameters->res_spec = parameters->numresolution-1;
- for (i = 0; i<parameters->res_spec; i++) {
- parameters->prcw_init[i] = 256;
- parameters->prch_init[i] = 256;
+ if (parameters->numresolution == 1) {
+ parameters->res_spec = 1;
+ parameters->prcw_init[0] = 128;
+ parameters->prch_init[0] = 128;
+ } else {
+ parameters->res_spec = parameters->numresolution - 1;
+ for (i = 0; i < parameters->res_spec; i++) {
+ parameters->prcw_init[i] = 256;
+ parameters->prch_init[i] = 256;
+ }
}
/* The progression order shall be CPRL */

17
openjpeg2.changes
View File

@ -1,3 +1,20 @@
-------------------------------------------------------------------
Tue Sep 12 20:49:00 CEST 2017 - hpj@suse.com
- Add security fixes:
openjpeg2-CVE-2016-10504.patch (CVE-2016-10504, bsc#1056351),
openjpeg2-CVE-2016-10505.patch (CVE-2016-10505, bsc#1056363),
openjpeg2-CVE-2016-10506.patch (CVE-2016-10506, bsc#1056396),
openjpeg2-CVE-2017-12982.patch (CVE-2017-12982, bsc#1054696),
openjpeg2-CVE-2017-14039.patch (CVE-2017-14039, CVE-2017-14164,
bsc#1056622, bsc#1057511),
openjpeg2-CVE-2017-14040.patch (CVE-2017-14040, bsc#1056621),
openjpeg2-CVE-2017-14041.patch (CVE-2017-14041, bsc#1056562),
openjpeg2-CVE-2017-14151.patch (CVE-2017-14151, bsc#1057336),
openjpeg2-CVE-2017-14152.patch (CVE-2017-14152, bsc#1057335),
most of which are critical, including heap and stack overwrites,
over-reads and division by zero errors.
-------------------------------------------------------------------
Mon Dec 19 08:42:02 UTC 2016 - normand@linux.vnet.ibm.com

29
openjpeg2.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package openjpeg2
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -39,6 +39,24 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build
# CVE-2016-5152 is
# https://pdfium.googlesource.com/pdfium.git/+/d8cc503575463ff3d81b22dad292665f2c88911e/third_party/libopenjpeg20/0018-tcd_get_decoded_tile_size.patch
Patch1: 0018-tcd_get_decoded_tile_size.patch
# PATCH-FIX-UPSTREAM openjpeg2-CVE-2016-10504.patch bsc#1056351 hpj@suse.com
Patch2: openjpeg2-CVE-2016-10504.patch
# PATCH-FIX-UPSTREAM openjpeg2-CVE-2016-10505.patch bsc#1056363 hpj@suse.com
Patch3: openjpeg2-CVE-2016-10505.patch
# PATCH-FIX-UPSTREAM openjpeg2-CVE-2016-10506.patch bsc#1056396 hpj@suse.com
Patch4: openjpeg2-CVE-2016-10506.patch
# PATCH-FIX-UPSTREAM openjpeg2-CVE-2017-12982.patch bsc#1054696 hpj@suse.com
Patch5: openjpeg2-CVE-2017-12982.patch
# PATCH-FIX-UPSTREAM openjpeg2-CVE-2017-14039.patch bsc#1056622 bsc#1057511 hpj@suse.com
Patch6: openjpeg2-CVE-2017-14039.patch
# PATCH-FIX-UPSTREAM openjpeg2-CVE-2017-14040.patch bsc#1056621 hpj@suse.com
Patch7: openjpeg2-CVE-2017-14040.patch
# PATCH-FIX-UPSTREAM openjpeg2-CVE-2017-14041.patch bsc#1056562 hpj@suse.com
Patch8: openjpeg2-CVE-2017-14041.patch
# PATCH-FIX-UPSTREAM openjpeg2-CVE-2017-14151.patch bsc#1057336 hpj@suse.com
Patch9: openjpeg2-CVE-2017-14151.patch
# PATCH-FIX-UPSTREAM openjpeg2-CVE-2017-14152.patch bsc#1057335 hpj@suse.com
Patch10: openjpeg2-CVE-2017-14152.patch
%description
The OpenJPEG library is an open-source JPEG 2000 codec written in C language.
@ -81,6 +99,15 @@ for d in thirdparty/*; do
[ -d "$d" ] && rm -rf "$d"
done
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%build
%cmake \