diff --git a/CVE-2018-18873.patch b/CVE-2018-18873.patch deleted file mode 100644 index f63422c..0000000 --- a/CVE-2018-18873.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 12db8078ba17a8ffc5cc2429fb506988f0f11b44 Mon Sep 17 00:00:00 2001 -From: Max Kellermann -Date: Sun, 28 Jun 2020 13:25:12 +0200 -Subject: [PATCH] ras_enc: check components for RGB, fixes NULL pointer - dereference - -Fixes CVE-2018-18873 - -Closes https://github.com/jasper-maint/jasper/issues/15 -Closes https://github.com/mdadams/jasper/issues/184 ---- - src/libjasper/ras/ras_enc.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/src/libjasper/ras/ras_enc.c b/src/libjasper/ras/ras_enc.c -index 85ff9a3..dc4f151 100644 ---- a/src/libjasper/ras/ras_enc.c -+++ b/src/libjasper/ras/ras_enc.c -@@ -232,6 +232,11 @@ static int ras_putdatastd(jas_stream_t *out, ras_hdr_t *hdr, jas_image_t *image, - - assert(numcmpts <= 3); - -+ if (RAS_ISRGB(hdr) && numcmpts < 3) { -+ /* need 3 components for RGB */ -+ return -1; -+ } -+ - for (i = 0; i < 3; ++i) { - data[i] = 0; - } diff --git a/CVE-2018-19139.patch b/CVE-2018-19139.patch deleted file mode 100644 index 13bef9a..0000000 --- a/CVE-2018-19139.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 708871879b86443c28bcb5505d3fd04e8384f8aa Mon Sep 17 00:00:00 2001 -From: Max Kellermann -Date: Wed, 24 Jun 2020 21:09:02 +0200 -Subject: [PATCH] jpc_cs: register jpc_unk_destroyparms() in all unknown - segments - -Fixes CVE-2018-19139 (memory leak) - -Closes https://github.com/jasper-maint/jasper/issues/14 ---- - src/libjasper/jpc/jpc_cs.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/libjasper/jpc/jpc_cs.c b/src/libjasper/jpc/jpc_cs.c -index 8a2e0ab..6c61d44 100644 ---- a/src/libjasper/jpc/jpc_cs.c -+++ b/src/libjasper/jpc/jpc_cs.c -@@ -190,8 +190,8 @@ static const jpc_mstabent_t jpc_mstab[] = { - jpc_qcc_putparms, jpc_qcc_dumpparms}}, - {JPC_MS_POC, "POC", {jpc_poc_destroyparms, jpc_poc_getparms, - jpc_poc_putparms, jpc_poc_dumpparms}}, -- {JPC_MS_TLM, "TLM", {0, jpc_unk_getparms, jpc_unk_putparms, 0}}, -- {JPC_MS_PLM, "PLM", {0, jpc_unk_getparms, jpc_unk_putparms, 0}}, -+ {JPC_MS_TLM, "TLM", {jpc_unk_destroyparms, jpc_unk_getparms, jpc_unk_putparms, 0}}, -+ {JPC_MS_PLM, "PLM", {jpc_unk_destroyparms, jpc_unk_getparms, jpc_unk_putparms, 0}}, - {JPC_MS_PPM, "PPM", {jpc_ppm_destroyparms, jpc_ppm_getparms, - jpc_ppm_putparms, jpc_ppm_dumpparms}}, - {JPC_MS_PPT, "PPT", {jpc_ppt_destroyparms, jpc_ppt_getparms, diff --git a/CVE-2018-19539.patch b/CVE-2018-19539.patch deleted file mode 100644 index 8afd25f..0000000 --- a/CVE-2018-19539.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/jasper-2.0.14/src/libjasper/base/jas_image.c b/jasper-2.0.14-edit/src/libjasper/base/jas_image.c -index e71b86a..6aafc3a 100644 ---- a/src/libjasper/base/jas_image.c -+++ b/src/libjasper/base/jas_image.c -@@ -553,6 +553,9 @@ int jas_image_writecmpt(jas_image_t *image, int cmptno, jas_image_coord_t x, - image, cmptno, JAS_CAST(long, x), JAS_CAST(long, y), - JAS_CAST(long, width), JAS_CAST(long, height), data)); - -+ if(data == NULL) -+ return -1; -+ - if (cmptno < 0 || cmptno >= image->numcmpts_) { - return -1; - } diff --git a/CVE-2018-19540.patch b/CVE-2018-19540.patch deleted file mode 100644 index 5fa4fd4..0000000 --- a/CVE-2018-19540.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/jasper-2.0.14/src/libjasper/base/jas_icc.c b/jasper-2.0.14-edit/src/libjasper/base/jas_icc.c -index 4607930..762c0e8 100644 ---- a/src/libjasper/base/jas_icc.c -+++ b/src/libjasper/base/jas_icc.c -@@ -1104,6 +1104,8 @@ static int jas_icctxtdesc_input(jas_iccattrval_t *attrval, jas_stream_t *in, - if (jas_stream_read(in, txtdesc->ascdata, txtdesc->asclen) != - JAS_CAST(int, txtdesc->asclen)) - goto error; -+ if (txtdesc->asclen < 1) -+ goto error; - txtdesc->ascdata[txtdesc->asclen - 1] = '\0'; - if (jas_iccgetuint32(in, &txtdesc->uclangcode) || - jas_iccgetuint32(in, &txtdesc->uclen)) diff --git a/CVE-2018-19541.patch b/CVE-2018-19541.patch deleted file mode 100644 index 785ede9..0000000 --- a/CVE-2018-19541.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/jasper-2.0.14/src/libjasper/base/jas_image.c b/jasper-2.0.14-edit/src/libjasper/base/jas_image.c -index 6aafc3a..31ddb4b 100644 ---- a/src/libjasper/base/jas_image.c -+++ b/src/libjasper/base/jas_image.c -@@ -978,6 +978,9 @@ int jas_image_depalettize(jas_image_t *image, int cmptno, int numlutents, - cmptparms.prec = JAS_IMAGE_CDT_GETPREC(dtype); - cmptparms.sgnd = JAS_IMAGE_CDT_GETSGND(dtype); - -+ if (numlutents < 1) { -+ return -1; -+ } - if (jas_image_addcmpt(image, newcmptno, &cmptparms)) { - return -1; - } diff --git a/CVE-2018-20570.patch b/CVE-2018-20570.patch deleted file mode 100644 index bd0df40..0000000 --- a/CVE-2018-20570.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 03db7c81f6a8a92d896249bc673877749987fd7a Mon Sep 17 00:00:00 2001 -From: Max Kellermann -Date: Wed, 24 Jun 2020 21:26:10 +0200 -Subject: [PATCH] jp2_enc: check number of components before dereferencing them - -Fixes CVE-2018-20570 - -Closes https://github.com/jasper-maint/jasper/issues/11 -Closes https://github.com/mdadams/jasper/issues/191 ---- - src/libjasper/jp2/jp2_enc.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/src/libjasper/jp2/jp2_enc.c b/src/libjasper/jp2/jp2_enc.c -index fd39a84..1b44c18 100644 ---- a/src/libjasper/jp2/jp2_enc.c -+++ b/src/libjasper/jp2/jp2_enc.c -@@ -293,7 +293,8 @@ int jp2_encode(jas_image_t *image, jas_stream_t *out, const char *optstr) - needcdef = 1; - switch (jas_clrspc_fam(jas_image_clrspc(image))) { - case JAS_CLRSPC_FAM_RGB: -- if (jas_image_cmpttype(image, 0) == -+ if (jas_image_numcmpts(image) >= 3 && -+ jas_image_cmpttype(image, 0) == - JAS_IMAGE_CT_COLOR(JAS_CLRSPC_CHANIND_RGB_R) && - jas_image_cmpttype(image, 1) == - JAS_IMAGE_CT_COLOR(JAS_CLRSPC_CHANIND_RGB_G) && -@@ -302,7 +303,8 @@ int jp2_encode(jas_image_t *image, jas_stream_t *out, const char *optstr) - needcdef = 0; - break; - case JAS_CLRSPC_FAM_YCBCR: -- if (jas_image_cmpttype(image, 0) == -+ if (jas_image_numcmpts(image) >= 3 && -+ jas_image_cmpttype(image, 0) == - JAS_IMAGE_CT_COLOR(JAS_CLRSPC_CHANIND_YCBCR_Y) && - jas_image_cmpttype(image, 1) == - JAS_IMAGE_CT_COLOR(JAS_CLRSPC_CHANIND_YCBCR_CB) && -@@ -311,7 +313,8 @@ int jp2_encode(jas_image_t *image, jas_stream_t *out, const char *optstr) - needcdef = 0; - break; - case JAS_CLRSPC_FAM_GRAY: -- if (jas_image_cmpttype(image, 0) == -+ if (jas_image_numcmpts(image) >= 1 && -+ jas_image_cmpttype(image, 0) == - JAS_IMAGE_CT_COLOR(JAS_IMAGE_CT_GRAY_Y)) - needcdef = 0; - break; diff --git a/CVE-2018-20622.patch b/CVE-2018-20622.patch deleted file mode 100644 index 85a7501..0000000 --- a/CVE-2018-20622.patch +++ /dev/null @@ -1,86 +0,0 @@ -From aa8516b28344aa1263ee538bb7366c4679a0e1a5 Mon Sep 17 00:00:00 2001 -From: Max Kellermann -Date: Wed, 24 Jun 2020 21:41:24 +0200 -Subject: [PATCH] jpc_t2dec: fix various memory leaks in jpc_dec_decodepkt() - -Fixes CVE-2018-20622 - -Closes https://github.com/jasper-maint/jasper/issues/12 -Closes https://github.com/mdadams/jasper/issues/193 ---- - src/libjasper/jpc/jpc_t2dec.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/src/libjasper/jpc/jpc_t2dec.c b/src/libjasper/jpc/jpc_t2dec.c -index 81d1f61..e88ccb6 100644 ---- a/src/libjasper/jpc/jpc_t2dec.c -+++ b/src/libjasper/jpc/jpc_t2dec.c -@@ -225,6 +225,7 @@ hdroffstart = jas_stream_getrwcount(pkthdrstream); - } - - if ((present = jpc_bitstream_getbit(inb)) < 0) { -+ jpc_bitstream_close(inb); - return 1; - } - JAS_DBGLOG(10, ("\n", present)); -@@ -252,10 +253,12 @@ hdroffstart = jas_stream_getrwcount(pkthdrstream); - if (!cblk->numpasses) { - leaf = jpc_tagtree_getleaf(prc->incltagtree, usedcblkcnt - 1); - if ((included = jpc_tagtree_decode(prc->incltagtree, leaf, lyrno + 1, inb)) < 0) { -+ jpc_bitstream_close(inb); - return -1; - } - } else { - if ((included = jpc_bitstream_getbit(inb)) < 0) { -+ jpc_bitstream_close(inb); - return -1; - } - } -@@ -269,6 +272,7 @@ hdroffstart = jas_stream_getrwcount(pkthdrstream); - leaf = jpc_tagtree_getleaf(prc->numimsbstagtree, usedcblkcnt - 1); - for (;;) { - if ((ret = jpc_tagtree_decode(prc->numimsbstagtree, leaf, i, inb)) < 0) { -+ jpc_bitstream_close(inb); - return -1; - } - if (ret) { -@@ -280,6 +284,7 @@ hdroffstart = jas_stream_getrwcount(pkthdrstream); - cblk->firstpassno = cblk->numimsbs * 3; - } - if ((numnewpasses = jpc_getnumnewpasses(inb)) < 0) { -+ jpc_bitstream_close(inb); - return -1; - } - JAS_DBGLOG(10, ("numnewpasses=%d ", numnewpasses)); -@@ -288,6 +293,7 @@ hdroffstart = jas_stream_getrwcount(pkthdrstream); - mycounter = 0; - if (numnewpasses > 0) { - if ((m = jpc_getcommacode(inb)) < 0) { -+ jpc_bitstream_close(inb); - return -1; - } - cblk->numlenbits += m; -@@ -298,6 +304,7 @@ hdroffstart = jas_stream_getrwcount(pkthdrstream); - maxpasses = JPC_SEGPASSCNT(passno, cblk->firstpassno, 10000, (ccp->cblkctx & JPC_COX_LAZY) != 0, (ccp->cblkctx & JPC_COX_TERMALL) != 0); - if (!discard && !seg) { - if (!(seg = jpc_seg_alloc())) { -+ jpc_bitstream_close(inb); - return -1; - } - jpc_seglist_insert(&cblk->segs, cblk->segs.tail, seg); -@@ -312,6 +319,7 @@ hdroffstart = jas_stream_getrwcount(pkthdrstream); - mycounter += n; - numnewpasses -= n; - if ((len = jpc_bitstream_getbits(inb, cblk->numlenbits + jpc_floorlog2(n))) < 0) { -+ jpc_bitstream_close(inb); - return -1; - } - JAS_DBGLOG(10, ("len=%d ", len)); -@@ -333,6 +341,7 @@ hdroffstart = jas_stream_getrwcount(pkthdrstream); - } else { - if (jpc_bitstream_inalign(inb, 0x7f, 0)) { - jas_eprintf("alignment failed\n"); -+ jpc_bitstream_close(inb); - return -1; - } - } diff --git a/CVE-2018-9055.patch b/CVE-2018-9055.patch deleted file mode 100644 index 09cda8c..0000000 --- a/CVE-2018-9055.patch +++ /dev/null @@ -1,63 +0,0 @@ -From d4358fb62a01bd542146a1d25b8f6fd2a0b210fe Mon Sep 17 00:00:00 2001 -From: Michael Vetter -Date: Mon, 25 Mar 2019 12:20:26 +0100 -Subject: [PATCH] Fix integer width in jpc_math - -Fix denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c. - -Assigned CVE-2018-9055. -Fixes https://github.com/mdadams/jasper/issues/172. - -Fix by Fridrich Strba . ---- - src/libjasper/jpc/jpc_math.c | 4 ++-- - src/libjasper/jpc/jpc_math.h | 5 +++-- - 2 files changed, 5 insertions(+), 4 deletions(-) - -diff --git a/src/libjasper/jpc/jpc_math.c b/src/libjasper/jpc/jpc_math.c -index 2b70844..1b18880 100644 ---- a/src/libjasper/jpc/jpc_math.c -+++ b/src/libjasper/jpc/jpc_math.c -@@ -86,7 +86,7 @@ - - /* Calculate the integer quantity floor(log2(x)), where x is a positive - integer. */ --int jpc_floorlog2(int x) -+int jpc_floorlog2(int_fast32_t x) - { - int y; - -@@ -105,7 +105,7 @@ int jpc_floorlog2(int x) - integer. */ - /* This function is the basically the same as ceillog2(x), except that the - allowable range for x is slightly different. */ --int jpc_firstone(int x) -+int jpc_firstone(int_fast32_t x) - { - int n; - -diff --git a/src/libjasper/jpc/jpc_math.h b/src/libjasper/jpc/jpc_math.h -index e8e0978..bd80d51 100644 ---- a/src/libjasper/jpc/jpc_math.h -+++ b/src/libjasper/jpc/jpc_math.h -@@ -67,6 +67,7 @@ - \******************************************************************************/ - - #include -+#include - - /******************************************************************************\ - * Macros -@@ -90,10 +91,10 @@ - - /* Calculate the bit position of the first leading one in a nonnegative - integer. */ --int jpc_firstone(int x); -+int jpc_firstone(int_fast32_t x); - - /* Calculate the integer quantity floor(log2(x)), where x is a positive - integer. */ --int jpc_floorlog2(int x); -+int jpc_floorlog2(int_fast32_t x); - - #endif diff --git a/CVE-2018-9154.patch b/CVE-2018-9154.patch deleted file mode 100644 index 543fd0d..0000000 --- a/CVE-2018-9154.patch +++ /dev/null @@ -1,40 +0,0 @@ -From fcbabdaaba217124c92dc29472596146756b968e Mon Sep 17 00:00:00 2001 -From: Michael Vetter -Date: Tue, 17 Mar 2020 13:32:11 +0100 -Subject: [PATCH] Use return in jpc_dec_process_sot() instead of abort - -We don't need to and should not abort here. - -Fix CVE-2018-9154. -Fix https://github.com/mdadams/jasper/issues/215 -Fix https://github.com/mdadams/jasper/issues/166 -Fix https://github.com/mdadams/jasper/issues/175 - -See: https://github.com/mdadams/jasper/pull/216 -Fix https://github.com/jasper-maint/jasper/issues/8 ---- - src/libjasper/jpc/jpc_dec.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/libjasper/jpc/jpc_dec.c b/src/libjasper/jpc/jpc_dec.c -index 6d40786..817009e 100644 ---- a/src/libjasper/jpc/jpc_dec.c -+++ b/src/libjasper/jpc/jpc_dec.c -@@ -485,7 +485,7 @@ static int jpc_dec_process_sot(jpc_dec_t *dec, jpc_ms_t *ms) - - if (!(compinfos = jas_alloc2(dec->numcomps, - sizeof(jas_image_cmptparm_t)))) { -- abort(); -+ return -1; - } - for (cmptno = 0, cmpt = dec->cmpts, compinfo = compinfos; - cmptno < dec->numcomps; ++cmptno, ++cmpt, ++compinfo) { -@@ -512,7 +512,7 @@ static int jpc_dec_process_sot(jpc_dec_t *dec, jpc_ms_t *ms) - /* Convert the PPM marker segment data into a collection of streams - (one stream per tile-part). */ - if (!(dec->pkthdrstreams = jpc_ppmstabtostreams(dec->ppmstab))) { -- abort(); -+ return -1; - } - jpc_ppxstab_destroy(dec->ppmstab); - dec->ppmstab = 0; diff --git a/CVE-2018-9252.patch b/CVE-2018-9252.patch deleted file mode 100644 index 84a2c2e..0000000 --- a/CVE-2018-9252.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 6cd1e1d8aff56d0d86d4e7d1e7e3e4dd1c64b55d Mon Sep 17 00:00:00 2001 -From: Max Kellermann -Date: Wed, 24 Jun 2020 19:01:35 +0200 -Subject: [PATCH] jpc_enc: jpc_abstorelstepsize() returns error instead of - aborting - -Fixes CVE-2018-9252 - -Closes https://github.com/jasper-maint/jasper/issues/16 ---- - src/libjasper/jpc/jpc_enc.c | 19 +++++++++++++++---- - 1 file changed, 15 insertions(+), 4 deletions(-) - -diff --git a/src/libjasper/jpc/jpc_enc.c b/src/libjasper/jpc/jpc_enc.c -index a779645..b11a450 100644 ---- a/src/libjasper/jpc/jpc_enc.c -+++ b/src/libjasper/jpc/jpc_enc.c -@@ -165,6 +165,9 @@ static jpc_enc_cp_t *cp_create(const char *optstr, jas_image_t *image); - void jpc_enc_cp_destroy(jpc_enc_cp_t *cp); - static uint_fast32_t jpc_abstorelstepsize(jpc_fix_t absdelta, int scaleexpn); - -+/** -+ * @return UINT_FAST32_MAX on error -+ */ - static uint_fast32_t jpc_abstorelstepsize(jpc_fix_t absdelta, int scaleexpn) - { - int p; -@@ -173,7 +176,7 @@ static uint_fast32_t jpc_abstorelstepsize(jpc_fix_t absdelta, int scaleexpn) - int n; - - if (absdelta < 0) { -- abort(); -+ return UINT_FAST32_MAX; - } - - p = jpc_firstone(absdelta) - JPC_FIX_FRACBITS; -@@ -179,8 +182,10 @@ static uint_fast32_t jpc_abstorelstepsize(jpc_fix_t absdelta, int scaleexpn) - mant = ((n < 0) ? (absdelta >> (-n)) : (absdelta << n)) & 0x7ff; - expn = scaleexpn - p; - if (scaleexpn < p) { -- abort(); -+ return UINT_FAST32_MAX; - } -+ if (expn >= 0x1f) -+ return UINT_FAST32_MAX; - return JPC_QCX_EXPN(expn) | JPC_QCX_MANT(mant); - } - -@@ -991,9 +996,12 @@ startoff = jas_stream_getrwcount(enc->out); - } else { - absstepsize = jpc_inttofix(1); - } -- cp->ccps[cmptno].stepsizes[bandno] = -+ const uint_fast32_t stepsize = - jpc_abstorelstepsize(absstepsize, - cp->ccps[cmptno].prec + analgain); -+ if (stepsize == UINT_FAST32_MAX) -+ return -1; -+ cp->ccps[cmptno].stepsizes[bandno] = stepsize; - } - cp->ccps[cmptno].numstepsizes = numbands; - } -@@ -1234,9 +1242,12 @@ jas_eprintf("%d %d mag=%d actual=%d numgbits=%d\n", cp->ccps[cmptno].prec, band- - } else { - band->absstepsize = jpc_inttofix(1); - } -- band->stepsize = jpc_abstorelstepsize( -+ const uint_fast32_t stepsize = jpc_abstorelstepsize( - band->absstepsize, cp->ccps[cmptno].prec + - band->analgain); -+ if (stepsize == UINT_FAST32_MAX) -+ return -1; -+ band->stepsize = stepsize; - band->numbps = cp->tccp.numgbits + - JPC_QCX_GETEXPN(band->stepsize) - 1; - diff --git a/CVE-2021-27845.patch b/CVE-2021-27845.patch deleted file mode 100644 index b40829b..0000000 --- a/CVE-2021-27845.patch +++ /dev/null @@ -1,26 +0,0 @@ -From fd564ee3377d9fc2484c657e4f464a3fb9764d31 Mon Sep 17 00:00:00 2001 -From: Max Kellermann -Date: Mon, 29 Jun 2020 13:47:09 +0200 -Subject: [PATCH] jpc_enc: validate raw_size, prevent division by zero in - cp_create() - -Closes https://github.com/mdadams/jasper/issues/194 (part 1) ---- - src/libjasper/jpc/jpc_enc.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/libjasper/jpc/jpc_enc.c b/src/libjasper/jpc/jpc_enc.c -index d60a4471..3b6b1e81 100644 ---- a/src/libjasper/jpc/jpc_enc.c -+++ b/src/libjasper/jpc/jpc_enc.c -@@ -428,6 +428,10 @@ static jpc_enc_cp_t *cp_create(const char *optstr, jas_image_t *image) - } - - cp->rawsize = jas_image_rawsize(image); -+ if (cp->rawsize == 0) { -+ /* prevent division by zero in cp_create() */ -+ goto error; -+ } - cp->totalsize = UINT_FAST32_MAX; - - tcp = &cp->tcp; diff --git a/jasper-2.0.14-CVE-2016-9396.patch b/jasper-2.0.14-CVE-2016-9396.patch deleted file mode 100644 index 197ea7c..0000000 --- a/jasper-2.0.14-CVE-2016-9396.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -urNp old/src/libjasper/jpc/jpc_cs.c new/src/libjasper/jpc/jpc_cs.c ---- old/src/libjasper/jpc/jpc_cs.c 2018-05-30 09:01:54.160406645 +0200 -+++ new/src/libjasper/jpc/jpc_cs.c 2018-05-30 09:05:24.527094308 +0200 -@@ -795,6 +795,9 @@ static int jpc_cox_getcompparms(jpc_ms_t - if (compparms->numdlvls > 32) { - goto error; - } -+ if (compparms->qmfbid != JPC_COX_INS && -+ compparms->qmfbid != JPC_COX_RFT) -+ goto error; - compparms->numrlvls = compparms->numdlvls + 1; - if (compparms->numrlvls > JPC_MAXRLVLS) { - goto error; diff --git a/jasper-2.0.14-rpath.patch b/jasper-2.0.14-rpath.patch deleted file mode 100644 index 23aba06..0000000 --- a/jasper-2.0.14-rpath.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up jasper-2.0.14/CMakeLists.txt.rpath jasper-2.0.14/CMakeLists.txt ---- jasper-2.0.14/CMakeLists.txt.rpath 2017-09-14 18:20:10.000000000 -0500 -+++ jasper-2.0.14/CMakeLists.txt 2018-07-19 09:48:53.035815377 -0500 -@@ -347,7 +347,7 @@ if (JAS_ENABLE_SHARED) - # (but later on when installing) - set(CMAKE_BUILD_WITH_INSTALL_RPATH FALSE) - -- set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib") -+ #set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib") - - # add the automatically determined parts of the RPATH - # which point to directories outside the build tree to the install RPATH diff --git a/jasper-2.0.14.tar.gz b/jasper-2.0.14.tar.gz deleted file mode 100644 index 657c271..0000000 Binary files a/jasper-2.0.14.tar.gz and /dev/null differ diff --git a/jasper-4.1.0-rpath.patch b/jasper-4.1.0-rpath.patch new file mode 100644 index 0000000..b6b4700 --- /dev/null +++ b/jasper-4.1.0-rpath.patch @@ -0,0 +1,12 @@ +diff -urNp a/CMakeLists.txt b/CMakeLists.txt +--- a/CMakeLists.txt 2023-11-08 10:45:01.610146140 +0100 ++++ b/CMakeLists.txt 2023-11-08 10:46:18.131824994 +0100 +@@ -804,7 +804,7 @@ if(JAS_ENABLE_SHARED) + # (but later on when installing) + set(CMAKE_BUILD_WITH_INSTALL_RPATH FALSE) + +- set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib") ++ #set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/lib") + + # add the automatically determined parts of the RPATH + # which point to directories outside the build tree to the install RPATH diff --git a/jasper.spec b/jasper.spec index b1fc5a8..a39f06f 100644 --- a/jasper.spec +++ b/jasper.spec @@ -1,24 +1,12 @@ Name: jasper -Version: 2.0.14 -Release: 11 +Version: 4.1.0 +Release: 1 Summary: Reference implementation of the codec specified in the JPEG-2000 standard, Part 1 License: JasPer-2.0 URL: http://www.ece.uvic.ca/~frodo/jasper/ -Source0: http://www.ece.uvic.ca/~frodo/jasper/software/jasper-%{version}.tar.gz +Source0: https://github.com/jasper-software/%{name}/archive/refs/tags/version-%{version}.tar.gz -Patch0001: jasper-2.0.14-CVE-2016-9396.patch -Patch0002: jasper-2.0.14-rpath.patch -Patch0003: CVE-2018-9055.patch -Patch0004: CVE-2018-9154.patch -Patch0005: CVE-2018-9252.patch -Patch0006: CVE-2018-18873.patch -Patch0007: CVE-2018-19139.patch -Patch0008: CVE-2018-19539.patch -Patch0009: CVE-2018-19540.patch -Patch0010: CVE-2018-19541.patch -Patch0011: CVE-2018-20570.patch -Patch0012: CVE-2018-20622.patch -Patch0013: CVE-2021-27845.patch +Patch0001: jasper-4.1.0-rpath.patch BuildRequires: cmake freeglut-devel libGLU-devel libjpeg-devel libXmu-devel libXi-devel BuildRequires: pkgconfig doxygen mesa-libGL-devel @@ -53,7 +41,7 @@ Summary: Help documents for jasper Help documents for jasper. %prep -%autosetup -n %{name}-%{version} -p1 +%autosetup -n %{name}-version-%{version} -p1 %build install -d builder @@ -76,12 +64,12 @@ make test -C builder /sbin/ldconfig %files -%doc COPYRIGHT LICENSE +%doc COPYRIGHT.txt LICENSE.txt %{_bindir}/imgcmp %{_bindir}/imginfo %{_bindir}/jasper %{_docdir}/JasPer/* -%{_libdir}/libjasper.so.4* +%{_libdir}/libjasper.so.7* %files devel %doc doc/* @@ -94,9 +82,12 @@ make test -C builder %files help %{_mandir}/man1/* -%doc README +%doc README.md %changelog +* Wed Feb 7 2024 Dongxing Wang - 4.1.0-1 +- Upgrade to version 4.1.0 + * Mon Feb 5 2024 Dongxing Wang - 2.0.14-11 - Fix obs compile failure diff --git a/version-4.1.0.tar.gz b/version-4.1.0.tar.gz new file mode 100644 index 0000000..2e7dc41 Binary files /dev/null and b/version-4.1.0.tar.gz differ