- Update to 1.12.1:

* Increased GLib minimum version to 2.20. * Added 12 new test inputs, including bad inputs to handle gracefully. * Added a few symbols to API documentation that were accidentally left out. * Bug fixes: + huntr.dev CVE-2022-2061: Out-of-bounds read in libnsgif's lzw_decode() + [unfiled] Undefined behavior in libnsgif due to uninitialized frame fields. + [unfiled] Signed integer overflow in chafa_pack_color(). + [unfiled] Integer overflow in normalization pass on some images. + [unfiled] Potential unaligned access with corrupt XWD images. + [unfiled] Integer overflow in quantization on some images. + [unfiled] Calculating offset from NULL pointer in LodePNG. OBS-URL: https://build.opensuse.org/package/show/graphics/chafa?expand=0&rev=31
2022-06-20 07:58:31 +00:00 · 2022-06-20 07:58:31 +00:00 · 5c9749397e
commit 5c9749397e
parent 47ce8e2f30
4 changed files with 21 additions and 5 deletions
--- a/chafa-1.12.0.tar.xz
+++ b/chafa-1.12.0.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:aafde6275e498f34e5120b56dc20dd15f6bb5e9b35ac590f52fde5ad6b2c7319
-size 638560
--- a/chafa-1.12.1.tar.xz
+++ b/chafa-1.12.1.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f08cbcd87f604ba20cf8699dc107349400f21b825be20491e8e0ada8995194ea
+size 653624
--- a/chafa.changes
+++ b/chafa.changes
@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Mon Jun 20 07:53:37 UTC 2022 - Michael Vetter <mvetter@suse.com>
+
+- Update to 1.12.1:
+  * Increased GLib minimum version to 2.20.
+  * Added 12 new test inputs, including bad inputs to handle gracefully.
+  * Added a few symbols to API documentation that were accidentally left out.
+  * Bug fixes:
+    + huntr.dev CVE-2022-2061: Out-of-bounds read in libnsgif's lzw_decode()
+    + [unfiled] Undefined behavior in libnsgif due to uninitialized frame fields.
+    + [unfiled] Signed integer overflow in chafa_pack_color().
+    + [unfiled] Integer overflow in normalization pass on some images.
+    + [unfiled] Potential unaligned access with corrupt XWD images.
+    + [unfiled] Integer overflow in quantization on some images.
+    + [unfiled] Calculating offset from NULL pointer in LodePNG.
+
 -------------------------------------------------------------------
 Mon Jun  6 09:22:07 UTC 2022 - Michael Vetter <mvetter@suse.com>

--- a/chafa.spec
+++ b/chafa.spec
@ -17,7 +17,7 @@


 Name:           chafa
-Version:        1.12.0
+Version:        1.12.1
 Release:        0
 Summary:        Image-to-text converter for terminal
 License:        LGPL-3.0-or-later
@ -27,7 +27,7 @@ Source0:        https://github.com/hpjansson/%{name}/releases/download/%{version
 BuildRequires:  ImageMagick-devel
 BuildRequires:  freetype2-devel
 BuildRequires:  gcc
-BuildRequires:  glib2-devel
+BuildRequires:  glib2-devel >= 2.20
 BuildRequires:  gtk-doc
 BuildRequires:  libtool
 Requires:       libchafa0 = %{version}