rpm/jasper
SHA256
1
0
Fork 0
forked from pool/jasper
Code Pull Requests Activity
71 Commits 1 Branch 0 Tags
factory
Commit Graph

37 Commits

Author SHA256 Message Date
Michael Vetter
2eea89a366 - Update to 4.2.4: 
* Added some missing checks to the jas_heic_decode function in the
    HEIC codec (#383).

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=148
 2024-04-27 19:31:54 +00:00
Michael Vetter
59ac7dc8a9 * Added a missing check in the JPC codec (#381) bsc#1223155 (CVE-2024-31744) 
OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=146
 2024-04-19 17:26:40 +00:00
Michael Vetter
a6e4817b7c - Update to 4.2.3: 
* Added a missing check in the JPC codec (#381).

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=144
 2024-03-31 20:58:02 +00:00
Michael Vetter
0d59d84cb3 - Update to 4.2.2: 
* Fix minor build issue (#374).

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=142
 2024-03-12 05:18:54 +00:00
Michael Vetter
3df7242ea1 - Update to 4.2.1: 
* Fix a build problem for the DJGPP/MS-DOS environment (#372).

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=140
 2024-02-20 05:54:45 +00:00
Michael Vetter
5ee6445079 - Update to 4.2.0: 
* Add the JAS_PACKAGING option to the CMake build in an attempt to allow
    easier control over rpath settings by packagers of JasPer.
  * Remove a number of obsolete scripts.
  * Make some cosmetic changes to the code for the JPC codec in order
    to improve readability (#371).
  * Fix a portability bug related to threads/atomics.
  * Replace some lingering uses of strtok in the JPC coder with jas_strtok,
    since the use of strtok is problematic in multithreading contexts.

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=138
 2024-02-06 07:13:07 +00:00
Michael Vetter
7b7851a363 * Fix invalid memory write bug (#367) bsc#1218802 (CVE-2023-51257). 
OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=136
 2024-01-15 10:21:10 +00:00
Michael Vetter
f136385bee - Update to 4.1.2: 
* Fix invalid memory write bug (#367) (CVE-2023-51257).
  * Fix missing range check in the JPC encoder (#368).

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=134
 2024-01-11 15:55:23 +00:00
Michael Vetter
18e1243963 - Update to 4.1.1: 
* Disallow in-source builds by default #364
  * Fix a potential integer overflow problem in the
    jas_get_total_mem_size function (for the Windows platform) #363

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=132
 2023-11-29 09:36:52 +00:00
Michael Vetter
f07d451a77 - Update to 4.1.0: 
* Add support for building several JasPer application programs for
    WebAssembly target with WASI support.

- Update to 4.0.1:
  * Fix integer overflow bug in PNM decoder (#353).
  * Fix a few minor build issues.

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=130
 2023-11-05 13:32:57 +00:00
Michael Vetter
75996bd1dd (#269) (CVE-2021-3443) bsc#1184798 
for some invalid CDEF boxes. (#268) (CVE-2021-3467) bsc#1184757
    This fix is associated with CVE-2021-26926 bsc#1182105 and
    bsc#1182104 CVE-2021-26927.
    bsc#1179748
  * CVE-2021-27845 bsc#1188437
    https://github.com/mdadams/jasper/issues/194 (part 1)
  * Fix CVE-2016-9399 bsc#1010980, CVE-2017-13751
  * Fix CVE-2017-5503 bsc#1020456, CVE-2017-5504 bsc#1020458, CVE-2017-5505 bsc#1020460
  * Fix CVE-2018-9252 bsc#1088278
  * Fix CVE-2018-19139 bsc#1115637
  * Fix CVE-2018-19543 bsc#1117328, CVE-2017-9782 bsc#1045450
  * Fix CVE-2018-20570 bsc#1120807
  * Fix CVE-2018-20622 bsc#1120805
  * Fix CVE-2016-9398 bsc#1010979
  * Fix CVE-2017-14132 bsc#1057152
  * Fix CVE-2017-5499 bsc#1020451
  * Fix CVE-2018-18873 bsc#1114498
  * Fix assertion failure JPC_NOMINALGAIN (CVE-2016-9396) (#50) bsc#1010783

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=128
 2023-10-30 17:50:24 +00:00
Michael Vetter
8d98e7d0d2 - Update to 4.0.0: 
* Improve static linking (##336).
  * Fix path relocation in mingw environment (#335).
  * Improve logging and build scripts.
  * Improve JPEG-2000 conformance test results.
  * Enable PIC by default.
  * Fix memory leaks in function cmdopts_parse (#332) (CVE-2022-2963).
  * imgcmp:
    + Add quiet (-q) option.
    + Add debug-level option.
    + Fix memory leak.
    imginfo:
    + Add quiet (-q) option.
  * Fix bug in parsing PGX header.
  * Fix integer overflow bug (#345) (CVE-2022-40755).
- Remove jasper-CVE-2022-2963.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=125
 2022-11-06 09:22:47 +00:00
Michael Vetter
6729cc20e9 - security update: 
* CVE-2022-2963 [bsc#1202642]
    + jasper-CVE-2022-2963.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=123
 2022-09-16 11:36:12 +00:00
Michael Vetter
cbc83fd458 - Update to 3.0.6: 
* Fix bug in manual deployment script.

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=121
 2022-07-14 07:26:02 +00:00
Michael Vetter
56ff520bcc - Update to 3.0.5: 
* Fix a minor build issue (#328).

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=119
 2022-06-23 14:11:40 +00:00
Michael Vetter
2df10131fc - Update to 3.0.4: 
* Eliminate some bogus calls to abort.
  * Fix a typo in jas_safeui64_div (#323).
  * Add some additional logging messages.
  * Fix the source of a potential compiler warning (#321).

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=117
 2022-06-03 12:45:00 +00:00
Michael Vetter
7f152d80e8 - Update to 3.0.3: 
* Fix some portability issues in a few scripts.

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=115
 2022-03-16 17:01:36 +00:00
Michael Vetter
5456f703ee Accepting request 954348 from home:wolfi323:branches:graphics 
- Add back missing Requires to the devel package

Fixes an rpmlint error:  
libjasper-devel.x86_64: E: no-library-dependency-on libjasper6 /usr/lib64/libjasper.so.6
The package misses dependency on a package which file it links to.

OBS-URL: https://build.opensuse.org/request/show/954348
OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=114
 2022-02-15 09:33:17 +00:00
Michael Vetter
ef8c8aa150 - Update to 3.0.2: 
* Fix a build issue that occurs when a cross-compiler is
    used (e.g., #319).

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=113
 2022-02-14 15:14:08 +00:00
Michael Vetter
0624545993 - Update to 3.0.1: 
* Fix some build/portability issues (e.g., #317, #318).
- Drop jasper-cmake-warnings.patch: contained in upstream release

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=112
 2022-02-12 21:18:18 +00:00
Michael Vetter
b4294b0a56 Accepting request 952208 from home:jubalh:branches:graphics 
- Update to 3.0.0:
  * Introducing some API changes please refer to the "News" section
    of the JasPer manuel: https://jasper-software.github.io/jasper-manual
  * Greatly improve documentation.
  * Add support for multithreading.
  * Add some customization points in the library, such as the
    memory allocator and error logging function.
  * Add improved memory usage tracking and limiting.
  * Add experimental partial encoding/decoding support for the
    HEIC format.
  * Fix some longstanding issues in the JasPer I/O streams API.
  * Fix many bugs (e.g., #305, #307, #308, #309, #312, #314, and
    many others not associated with any issue numbers).
- Remove jasper-freeglut.patch: not needed anymore
- Add jasper-cmake-warnings.patch: fix cmake warnings
- Remove legacy provides/obsoletes related to sle11 and bsc#437293

OBS-URL: https://build.opensuse.org/request/show/952208
OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=111
 2022-02-07 16:14:32 +00:00
Michael Vetter
7dd1298a35 Accepting request 950018 from home:Kieltux:branches:graphics 
- Add jasper-freeglut.patch, fixes freeglut detection and linking
- Run spec-cleaner
- Change license from SUSE-Public-Domain to JasPer-2.0
- Cleanup docdir, only package the html and pdf docs and not
  the sources

OBS-URL: https://build.opensuse.org/request/show/950018
OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=110
 2022-02-01 12:22:03 +00:00
Michael Vetter
91f0dc2e4b - Update to 2.0.33: 
* Fix a JP2/JPC decoder bug (#291)
  * Fix a build issue impacting some platforms (#296)

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=109
 2021-08-16 07:06:14 +00:00
Michael Vetter
50cfb433a3 - Update to 2.0.32: 
* Between 2.0.29 and 2.0.32 were only experiments with
    GitHub Actions

- Update to 2.0.29:
  * Loosen some overly tight restrictions on JP2 codestreams,
    which caused some valid codestreams to be rejected. (#289)

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=107
 2021-04-19 11:40:44 +00:00
Michael Vetter
903b41e723 - Update to 2.0.28: 
* Fix potential null pointer dereference in the JP2/JPC decoder.
    (#269)
  * Fix ignoring of JAS_STREAM_FILEOBJ_NOCLOSE at stream close time.
    (#286)
  * Fix integral type sizing problem in JP2 codec. (#284)

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=105
 2021-03-29 17:10:40 +00:00
Michael Vetter
023dac1234 - Update to 2.0.27: 
* Check for an image containing no samples in the PGX
    decoder. (#271, #272, #273, #274, #275, #276, #281)
  * Check for dimensions of zero in the JPC and JPEG decoders.
  * Fix an arguably incorrect type for an integer literal
    in the PGX decoder. (#270)
  * Check for an invalid component reference in the
    JP2 decoder. (#269)
  * Check on integer size in JP2 decoder. (#278)

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=103
 2021-03-18 11:36:55 +00:00
Michael Vetter
500548f3b5 - Update to 2.0.26: 
* Fix JP2 decoder bug that can cause a null pointer dereference
    for some invalid CDEF boxes. (#268)

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=101
 2021-03-05 15:44:48 +00:00
Michael Vetter
df46b92620 - Update to 2.0.25: 
* Fix memory-related bugs in the JPEG-2000 codec resulting from
    attempting to decode invalid code streams. (#264, #265)
  * Fix wrong return value under some compilers (#260)
  * Fix bsc#1181483 CVE-2021-3272 heap buffer overflow
    in jp2_decode (#259)

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=99
 2021-02-08 09:13:17 +00:00
Michael Vetter
ecaa42925d - Update to 2.0.24: 
* Add JAS_VERSION_MAJOR, JAS_VERSION_MINOR, JAS_VERSION_PATCH
    for easier access to the JasPer version.
  * Fixes stack overflow bug on Windows, where variable-length
    arrays are not available. (#256)

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=97
 2021-01-04 09:20:35 +00:00
Michael Vetter
461a098fb8 - Update to 2.0.23: 
* Fix CVE-2020-27828, heap-overflow in cp_create() in jpc_enc.c (#252)

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=95
 2020-12-08 07:47:20 +00:00
Michael Vetter
96649c3f2d - Update to 2.0.22: 
* Update manual
  * Remove JPEG dummy codec
  * Fix test suite build failure regarding disabled MIF codec (#249)
  * Fix OpenGL/glut detection (#247)
- Remove jasper-2.0.21-glut.patch: upstreamed

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=93
 2020-10-06 07:23:00 +00:00
Michael Vetter
9d631ce51a - Add jasper-2.0.21-glut.patch: Fix glut.h detection 
See https://github.com/jasper-software/jasper/issues/247

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=91
 2020-09-23 07:42:00 +00:00
Michael Vetter
a70973d87f - Update to 2.0.21: 
* Fix ZDI-15-529
    https://github.com/jasper-software/jasper/pull/245
  * Fix CVE-2018-19541 in decoder
    https://github.com/jasper-software/jasper/pull/244

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=90
 2020-09-22 12:17:15 +00:00
Michael Vetter
9762306c78 - Update to 2.0.20: 
* Fixed several ISO/IEC 15444-4 conformance bugs
  * Fixed new variant of CVE-2016-9398
  * Disabled the MIF codec by default for security reasons (but it is still
    included in the library);
    in a future release, the MIF codec may also be excluded from the
    library by default
  * Added documentation for the I/O streams library API
  * Improved adherance to specification
- Move to GitHub repo https://github.com/jasper-software/jasper
- Update URL to https://jasper-software.github.io/jasper

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=89
 2020-09-07 08:19:33 +00:00
Michael Vetter
88bd16505e - Update to 2.0.19: 
* Fix CVE-2018-9154
    https://github.com/jasper-software/jasper/issues/215
    https://github.com/jasper-software/jasper/issues/166
    https://github.com/jasper-software/jasper/issues/175
    https://github.com/jasper-maint/jasper/issues/8
  * Fix CVE-2018-19541
    https://github.com/jasper-software/jasper/pull/199
    https://github.com/jasper-maint/jasper/issues/6
  * Fix CVE-2016-9399, CVE-2017-13751
    https://github.com/jasper-maint/jasper/issues/1
  * Fix CVE-2018-19540
    https://github.com/jasper-software/jasper/issues/182
    https://github.com/jasper-maint/jasper/issues/22
  * Fix CVE-2018-9055
    https://github.com/jasper-maint/jasper/issues/9
  * Fix CVE-2017-13748
    https://github.com/jasper-software/jasper/issues/168
  * Fix CVE-2017-5503, CVE-2017-5504, CVE-2017-5505
    https://github.com/jasper-maint/jasper/issues/3
    https://github.com/jasper-maint/jasper/issues/4
    https://github.com/jasper-maint/jasper/issues/5
    https://github.com/jasper-software/jasper/issues/88
    https://github.com/jasper-software/jasper/issues/89
    https://github.com/jasper-software/jasper/issues/90
  * Fix CVE-2018-9252
    https://github.com/jasper-maint/jasper/issues/16
  * Fix CVE-2018-19139
    https://github.com/jasper-maint/jasper/issues/14
  * Fix CVE-2018-19543, CVE-2017-9782

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=87
 2020-07-28 09:44:31 +00:00
Michael Vetter
5fdd768381 - bsc#1092115 CVE-2018-9154: Fix possible denial of service 
Add jasper-CVE-2018-9154.patch: dont abort in jpc_dec_process_sot()

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=86
 2020-03-17 12:56:29 +00:00
Michael Vetter
28361fd836 - bsc#1117507 CVE-2018-19541: Properly fix heap based overread 
in jas_image_depalettize. Original fix caused segfaults.
  Update jasper-CVE-2018-19541.patch

- bsc#1117508 CVE-2018-19540: Fix heap based overflow in jas_icctxtdesc_input
  Add jasper-CVE-2018-19540.patch: Make sure asclen is at least 1
- bsc#1117507 CVE-2018-19541: Fix heap based overread in jas_image_depalettize
  Add jasper-CVE-2018-19541.patch: Check number of lutents

- Update to 2.0.16:
  * Fix assertion failure JPC_NOMINALGAIN (CVE-2016-9396) (#50)
  * Fix build on Windows 10 (#162)
  * Improve README
  * Fix build with CMake 2.x
  * Add missing dereference operators (#178, #157)
  * Check data in jas_image (CVE-2018-19539) (#196)
- Remove because contained in new release:
  * jasper-CVE-2018-19539.patch
  * 0001-jpc_cs-reject-all-but-JPC_COX_INS-and-JPC_COX_RFT.patch
  * Remove 0001-Added-a-fix-from-nrusch-to-allow-JasPer-to-be-build-.patch
- Run spec-cleaner

- bsc#1117505 CVE-2018-19542:
  * Add jasper-CVE-2018-19542.patch

- bsc#1117511 CVE-2018-19539:
  * Add jasper-CVE-2018-19539.patch

- Added patch:
  * jasper-CVE-2018-9055.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/jasper?expand=0&rev=85
 2020-03-17 08:54:41 +00:00