Search
SailfishOS Open Build Service
>
Projects
>
home:wdehoog
>
jasper
> Changes
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
Changes of Revision 14
We truncated the diff of some files because they were too big. If you want to see the full diff for every file,
click here
.
[-]
[+]
Added
jasper.spec
@@ -0,0 +1,495 @@ +# +# spec file for package jasper +# +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + + +Name: jasper +Version: 1.900.14 +Release: 231.1 +Summary: An Implementation of the JPEG-2000 Standard, Part 1 +License: SUSE-Public-Domain +Group: Productivity/Graphics/Convertors +Url: http://www.ece.uvic.ca/~mdadams/jasper/ +Source: %{name}-%{version}.tar.bz2 +Source2: baselibs.conf +Patch0: jasper-1.900.1-uninitialized.patch +Patch1: jasper-CVE-2016-8654.patch +Patch2: jasper-CVE-2016-9395.patch +Patch3: jasper-CVE-2016-9398.patch +Patch4: jasper-CVE-2016-9560.patch +Patch5: jasper-CVE-2016-9591.patch +Patch6: jasper-CVE-2016-10251.patch +Patch7: jasper-CVE-2017-5498.patch +Patch8: jasper-CVE-2016-9600.patch +Patch9: jasper-CVE-2016-9583.patch +Patch10: jasper-CVE-2017-6850.patch +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: gcc-c++ +BuildRequires: libdrm-devel +BuildRequires: libjpeg-devel +BuildRequires: libtool +BuildRequires: pkgconfig +BuildRequires: unzip +BuildRoot: %{_tmppath}/%{name}-%{version}-build + +%description +This package contains an implementation of the image compression +standard, JPEG-2000, Part 1. It consists of tools for conversion to and +from the JP2 and JPC formats. + +%package -n libjasper1 +Summary: JPEG-2000 library +# bug437293 +# used in <= 11.3 +Group: Productivity/Graphics/Convertors +Obsoletes: libjasper < %{version}-%{release} +Provides: libjasper = %{version}-%{release} +%ifarch ppc64 +Obsoletes: libjasper-64bit +%endif +# + +%description -n libjasper1 +This package contains libjasper, a library implementing the JPEG-2000 +image compression standard Part 1. + +%package -n libjasper-devel +Summary: Development files for libjasper, a JPEG-2000 library +# bug437293 +# +Group: Development/Libraries/C and C++ +Requires: libjasper1 = %{version} +Requires: libjpeg-devel +%ifarch ppc64 +Obsoletes: libjasper-devel-64bit +%endif + +%description -n libjasper-devel +This package contains libjasper, a library implementing the JPEG-2000 +image compression standard Part 1. + +%prep +%setup -q +%patch0 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 + +%build +libtoolize --force --copy --install +autoreconf -fi +export CFLAGS="%{optflags} -Wall -std=c99 -D_BSD_SOURCE" +%configure --prefix="%{_prefix}" --enable-shared --disable-static --libdir=%{_libdir} +make %{?_smp_mflags} +# +# Sanity check +# With some CFLAGS sets, uint, ulong and ushort are not visible and jas_config.h +# refefines system types. It can trigger build failures after +# #include <jasper/jasper.h>. +if grep "#define ushort" src/libjasper/include/jasper/jas_config.h ; then + echo "jas_config.h redefines system types" >&2 + exit 1 +fi + +%install +# % make_install +make install DESTDIR=%{buildroot} +mv doc/README doc/README.doc +rm %{buildroot}%{_bindir}/tmrdemo +# compatibility link, there was no interface change +ln -s libjasper.so.1.0.0 %{buildroot}%{_libdir}/libjasper-1.701.so.1 + +%post -n libjasper1 -p /sbin/ldconfig +%postun -n libjasper1 -p /sbin/ldconfig + +%files +%defattr(-,root,root) +%doc COPYRIGHT LICENSE NEWS README doc/* +%{_bindir}/imgcmp +%{_bindir}/imginfo +%{_bindir}/jasper +%{_mandir}/man*/* + +%files -n libjasper1 +%defattr(-,root,root) +%{_libdir}/libjasper*.so.* + +%files -n libjasper-devel +%defattr(-,root,root) +%{_includedir}/jasper +%{_libdir}/libjasper.so +%{_libdir}/libjasper.la +%{_libdir}/pkgconfig/jasper.pc + +%changelog +* Wed Mar 22 2017 fstrba@suse.com +- Added patches: + * jasper-CVE-2016-9583.patch + - Out of bounds heap read in jpc_pi_nextpcrl() (bsc#1015400, + CVE-2016-9583) + * jasper-CVE-2017-6850.patch + - NULL pointer dereference in jp2_cdef_destroy (jp2_cod.c) + (bsc#1021868, CVE-2017-6850) +* Fri Mar 17 2017 fstrba@suse.com +- Added patches: + * jasper-CVE-2017-5498.patch + - Upstream changes putting braces and belts around + CVE-2017-5498, bsc#1020353, left-shift undefined behaviour + * jasper-CVE-2016-9600.patch + - Upstream fix for "Null Pointer Dereference due to missing + check for UNKNOWN color space in JP2 encoder" (CVE-2016-9600, + bsc#1018088) +* Thu Mar 16 2017 fstrba@suse.com +- Added patch: + * jasper-CVE-2016-10251.patch + - Upstream fix for bsc#1029497, CVE-2016-10251: Use of + uninitialized value in jpc_pi_nextcprl (jpc_t2cod.c) +* Mon Mar 6 2017 sbrabec@suse.com +- Add -D_BSD_SOURCE to fix redefinition of system types in + jas_config.h and breakage in ppc64le, s390 and s390x + (bsc#1028070). +* Wed Dec 21 2016 fstrba@suse.com +- Added patch: + * jasper-CVE-2016-9591.patch + - Fix for bsc#1015993, CVE-2016-9591: Use-after-free on heap in + jas_matrix_destroy +* Tue Dec 13 2016 fstrba@suse.com +- Added patches: + * jasper-CVE-2016-8654.patch + - Upstream fix for bsc#1012530, CVE-2016-8654: Heap-based + buffer overflow in QMFB code in JPC codec + * jasper-CVE-2016-9395.patch + - Upstream fix for bsc#1010977, CVE-2016-9395: jas_seq.c:90: + jas_matrix_t *jas_seq2d_create(int, int, int, int): Assertion + 'xstart <= xend && ystart <= yend' failed + * jasper-CVE-2016-9398.patch + - Fix for bsc#1010979, CVE-2016-9398: jpc_math.c:94: int + jpc_floorlog2(int): Assertion 'x > 0' failed + * jasper-CVE-2016-9560.patch + - Upstream fix for bsc#1011830, CVE-2016-9560: stack-based + buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c) +* Fri Oct 28 2016 jengelh@inai.de +- Update summaries. Use %%_smp_mflags for parallel build. +* Wed Oct 26 2016 fstrba@suse.com +- Updated to bugfix release 1.900.14 + * Security fixes + + bsc#941919, CVE-2015-5203 + + bsc#1006591, CVE-2016-8880 + + bsc#1006593, CVE-2016-8881