diff --git a/.gitignore b/.gitignore index 7ffdc3e..1b69b98 100644 --- a/.gitignore +++ b/.gitignore @@ -77,3 +77,4 @@ LibRaw-0.9.1.tar.gz /LibRaw-0.19.4.tar.gz /LibRaw-0.19.5.tar.gz /0.20-Beta1.tar.gz +/0.20-RC1.tar.gz diff --git a/55f0a0c08974b8b79ebfa7762b555a1704b25fb2.patch b/55f0a0c08974b8b79ebfa7762b555a1704b25fb2.patch deleted file mode 100644 index 816ce48..0000000 --- a/55f0a0c08974b8b79ebfa7762b555a1704b25fb2.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 55f0a0c08974b8b79ebfa7762b555a1704b25fb2 Mon Sep 17 00:00:00 2001 -From: Alex Tutubalin -Date: Tue, 16 Jun 2020 13:17:00 +0300 -Subject: [PATCH] possible buffer underrun in exif parser - ---- - src/metadata/cr3_parser.cpp | 2 +- - src/metadata/exif_gps.cpp | 13 +++++++++---- - 2 files changed, 10 insertions(+), 5 deletions(-) - -diff --git a/src/metadata/cr3_parser.cpp b/src/metadata/cr3_parser.cpp -index 33983e62..ee209bf3 100644 ---- a/src/metadata/cr3_parser.cpp -+++ b/src/metadata/cr3_parser.cpp -@@ -83,7 +83,7 @@ void LibRaw::selectCRXTrack(short maxTrack) - - int tiff_idx = -1; - INT64 tpixels = 0; -- for (int i = 0; i < tiff_nifds; i++) -+ for (int i = 0; i < tiff_nifds && i < LIBRAW_IFD_MAXCOUNT; i++) - if (INT64(tiff_ifd[i].t_height) * INT64(tiff_ifd[i].t_height) > tpixels) - { - tpixels = INT64(tiff_ifd[i].t_height) * INT64(tiff_ifd[i].t_height); -diff --git a/src/metadata/exif_gps.cpp b/src/metadata/exif_gps.cpp -index 6fbe1f32..98327969 100644 ---- a/src/metadata/exif_gps.cpp -+++ b/src/metadata/exif_gps.cpp -@@ -164,7 +164,9 @@ void LibRaw::parse_exif(int base) - imgdata.lens.EXIF_MaxAp = libraw_powf64l(2.0f, (getreal(type) / 2.0f)); - break; - case 0x829a: // 33434 -- tiff_ifd[tiff_nifds - 1].t_shutter = shutter = getreal(type); -+ shutter = getreal(type); -+ if (tiff_nifds > 0 && tiff_nifds <= LIBRAW_IFD_MAXCOUNT) -+ tiff_ifd[tiff_nifds - 1].t_shutter = shutter; - break; - case 0x829d: // 33437, FNumber - aperture = getreal(type); -@@ -186,9 +188,12 @@ void LibRaw::parse_exif(int base) - get_timestamp(0); - break; - case 0x9201: // 37377 -- if ((expo = -getreal(type)) < 128 && shutter == 0.) -- tiff_ifd[tiff_nifds - 1].t_shutter = shutter = -- libraw_powf64l(2.0, expo); -+ if ((expo = -getreal(type)) < 128 && shutter == 0.) -+ { -+ shutter = libraw_powf64l(2.0, expo); -+ if (tiff_nifds > 0 && tiff_nifds <= LIBRAW_IFD_MAXCOUNT) -+ tiff_ifd[tiff_nifds - 1].t_shutter = shutter; -+ } - break; - case 0x9202: // 37378 ApertureValue - if ((fabs(ape = getreal(type)) < 256.0) && (!aperture)) diff --git a/LibRaw.spec b/LibRaw.spec index 653a5a1..6a88476 100644 --- a/LibRaw.spec +++ b/LibRaw.spec @@ -7,7 +7,7 @@ Summary: Library for reading RAW files obtained from digital photo cameras Name: LibRaw Version: 0.20 -Release: 0.beta1%{?dist}.2 +Release: 0.rc1%{?dist}.3 License: BSD and (CDDL or LGPLv2) URL: http://www.libraw.org @@ -18,9 +18,8 @@ BuildRequires: pkgconfig(libjpeg) BuildRequires: autoconf automake libtool #Source0: http://www.libraw.org/data/%{name}-%{version}.tar.gz -Source0: http://github.com/LibRaw/LibRaw/archive/%{version}-Beta1.tar.gz +Source0: http://github.com/LibRaw/LibRaw/archive/%{version}-RC1.tar.gz Patch0: LibRaw-pkgconfig.patch -Patch1: 55f0a0c08974b8b79ebfa7762b555a1704b25fb2.patch Provides: bundled(dcraw) = 9.25 %description @@ -55,7 +54,7 @@ Requires: %{name} = %{version}-%{release} LibRaw sample programs %prep -%autosetup -p1 -n %{name}-%{version}-Beta1 +%autosetup -p1 -n %{name}-%{version}-RC1 %build autoreconf -if @@ -117,7 +116,10 @@ rm -fv %{buildroot}%{_libdir}/lib*.la %changelog -* Mon Jun 29 2020 Gwyn Ciesla - 0.20-.beta1.2 +* Thu Jul 02 2020 Gwyn Ciesla - 0.20-0.rc1.3 +- RC1 + +* Mon Jun 29 2020 Gwyn Ciesla - 0.20-0.beta1.2 - Patch for CVE-2020-15365 * Wed May 13 2020 Kalev Lember - 0.20-0.beta1.1 diff --git a/sources b/sources index 862aec0..d82961d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (0.20-Beta1.tar.gz) = 8cb2972df734e7ce1ac553fe40a5fa6af14b76e90f3163e0f3fe29787ce6e424230f8cc9801cc5f7269d940d0b4bfa55ea574166a615c9703818d485da50b7e9 +SHA512 (0.20-RC1.tar.gz) = 99504b3da9952ceba6348bc3c1cba4d28fbc658af483099185422dd5446d500d231aeae24616d20b2d93f742ad5886fe50e5ed3048bb6051b59a949b4fb02114