12 changed files with 159 additions and 771 deletions
--- a/.LibRaw.metadata
+++ b/.LibRaw.metadata
@ -1 +1 @@
-c151995b6f17a0ccef7fbc1dcb982f0ccb04d934 SOURCES/LibRaw-0.19.5.tar.gz
+0693a4ef073e277aec2b1f40f360e1dae2870fb1 SOURCES/0.21.1.tar.gz
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/LibRaw-0.19.5.tar.gz
+SOURCES/0.21.1.tar.gz
--- a/SOURCES/9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch
+++ b/SOURCES/9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch
@ -0,0 +1,22 @@
 From 9ab70f6dca19229cb5caad7cc31af4e7501bac93 Mon Sep 17 00:00:00 2001
 From: Alex Tutubalin <lexa@lexa.ru>
 Date: Sat, 14 Jan 2023 18:32:59 +0300
 Subject: [PATCH] do not set shrink flag for 3/4 component images
 ---
 src/preprocessing/raw2image.cpp | 2 ++
 1 file changed, 2 insertions(+)
 diff --git a/src/preprocessing/raw2image.cpp b/src/preprocessing/raw2image.cpp
 index e65e2ad7..702cf290 100644
 --- a/src/preprocessing/raw2image.cpp
 +++ b/src/preprocessing/raw2image.cpp
@@ -43,6 +43,8 @@ void LibRaw::raw2image_start()
   // adjust for half mode!
   IO.shrink =
 +	  !imgdata.rawdata.color4_image && !imgdata.rawdata.color3_image &&
 +	  !imgdata.rawdata.float4_image && !imgdata.rawdata.float3_image &&
       P1.filters &&
       (O.half_size || ((O.threshold || O.aber[0] != 1 || O.aber[2] != 1)));
--- a/SOURCES/LibRaw-0.6.0-pkgconfig.patch
+++ b/SOURCES/LibRaw-0.6.0-pkgconfig.patch
@ -1,42 +0,0 @@
 --- libraw.pc.in~	2014-01-17 07:38:31.000000000 -0600
 +++ libraw.pc.in	2014-02-20 14:18:20.559279964 -0600
@@ -7,5 +7,6 @@
 Description: Raw image decoder library (non-thread-safe)
 Requires: @PACKAGE_REQUIRES@
 Version: @PACKAGE_VERSION@
 -Libs: -L${libdir} -lraw -lstdc++@PC_OPENMP@
 +Libs: -L${libdir} -lraw@PC_OPENMP@
 +Libs.private: -lstdc++
 Cflags: -I${includedir}/libraw
 --- libraw_r.pc.in~	2014-01-17 07:38:31.000000000 -0600
 +++ libraw_r.pc.in	2014-02-20 14:20:35.740276947 -0600
@@ -7,5 +7,6 @@
 Description: Raw image decoder library (thread-safe)
 Requires: @PACKAGE_REQUIRES@
 Version: @PACKAGE_VERSION@
 -Libs: -L${libdir} -lraw_r -lstdc++@PC_OPENMP@
 +Libs: -L${libdir} -lraw_r@PC_OPENMP@
 +Libs.private: -lstdc++
 Cflags: -I${includedir}/libraw
 --- libraw_r.pc.in~	2014-02-20 14:22:36.000000000 -0600
 +++ libraw_r.pc.in	2014-02-20 14:27:24.454267828 -0600
@@ -5,7 +5,7 @@
 Name: libraw
 Description: Raw image decoder library (thread-safe)
 -Requires: @PACKAGE_REQUIRES@
 +Requires.private: @PACKAGE_REQUIRES@
 Version: @PACKAGE_VERSION@
 Libs: -L${libdir} -lraw_r@PC_OPENMP@
 Libs.private: -lstdc++
 --- libraw.pc.in~	2014-02-20 14:22:36.000000000 -0600
 +++ libraw.pc.in	2014-02-20 14:27:18.368267964 -0600
@@ -5,7 +5,7 @@
 Name: libraw
 Description: Raw image decoder library (non-thread-safe)
 -Requires: @PACKAGE_REQUIRES@
 +Requires.private: @PACKAGE_REQUIRES@
 Version: @PACKAGE_VERSION@
 Libs: -L${libdir} -lraw@PC_OPENMP@
 Libs.private: -lstdc++
--- a/SOURCES/LibRaw-CVE-2020-15503.patch
+++ b/SOURCES/LibRaw-CVE-2020-15503.patch
@ -1,133 +0,0 @@
 diff -urNp LibRaw-0.19.5.orig/libraw/libraw_const.h LibRaw-0.19.5/libraw/libraw_const.h
 --- LibRaw-0.19.5.orig/libraw/libraw_const.h	2020-08-10 18:32:18.669459968 +0200
 +++ LibRaw-0.19.5/libraw/libraw_const.h	2020-08-10 18:48:10.462282067 +0200
@@ -24,6 +24,12 @@ it under the terms of the one of two lic
 #define LIBRAW_MAX_ALLOC_MB 2048L
 #endif
 +/* limit thumbnail size, default is 512Mb*/
 +#ifndef LIBRAW_MAX_THUMBNAIL_MB
 +#define LIBRAW_MAX_THUMBNAIL_MB 512L
 +#endif
 +
 +
 /* Change to non-zero to allow (broken) CRW (and other) files metadata 
    loop prevention */
 #ifndef LIBRAW_METADATA_LOOP_PREVENTION
 diff -urNp LibRaw-0.19.5.orig/src/libraw_cxx.cpp LibRaw-0.19.5/src/libraw_cxx.cpp
 --- LibRaw-0.19.5.orig/src/libraw_cxx.cpp	2020-08-10 18:32:18.672459987 +0200
 +++ LibRaw-0.19.5/src/libraw_cxx.cpp	2020-08-10 18:49:18.616688826 +0200
@@ -3712,6 +3712,21 @@ libraw_processed_image_t *LibRaw::dcraw_
     return NULL;
   }
 +  if (T.tlength < 64u)
 +  {
 +      if (errcode)
 +          *errcode = EINVAL;
 +      return NULL;
 +  }
 +
 +  if (INT64(T.tlength) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB)
 +  {
 +      if (errcode)
 +          *errcode = LIBRAW_TOO_BIG;
 +      return NULL;
 +  }
 +
 +
   if (T.tformat == LIBRAW_THUMBNAIL_BITMAP)
   {
     libraw_processed_image_t *ret = (libraw_processed_image_t *)::malloc(sizeof(libraw_processed_image_t) + T.tlength);
@@ -3976,6 +3991,12 @@ void LibRaw::kodak_thumb_loader()
   if (ID.toffset + est_datasize > ID.input->size() + THUMB_READ_BEYOND)
     throw LIBRAW_EXCEPTION_IO_EOF;
 +  if(INT64(T.theight) * INT64(T.twidth) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB)
 +      throw LIBRAW_EXCEPTION_IO_CORRUPT;
 +
 +  if (INT64(T.theight) * INT64(T.twidth) < 64ULL)
 +      throw LIBRAW_EXCEPTION_IO_CORRUPT;
 +
   // some kodak cameras
   ushort s_height = S.height, s_width = S.width, s_iwidth = S.iwidth, s_iheight = S.iheight;
   ushort s_flags = libraw_internal_data.unpacker_data.load_flags;
@@ -4237,6 +4258,25 @@ int LibRaw::unpack_thumb(void)
   CHECK_ORDER_LOW(LIBRAW_PROGRESS_IDENTIFY);
   CHECK_ORDER_BIT(LIBRAW_PROGRESS_THUMB_LOAD);
 +#define THUMB_SIZE_CHECKT(A) \
 +  do { \
 +    if (INT64(A) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB) throw LIBRAW_EXCEPTION_IO_CORRUPT; \
 +    if (INT64(A) > 0 &&  INT64(A) < 64ULL)        throw LIBRAW_EXCEPTION_IO_CORRUPT; \
 +  } while (0)
 +
 +#define THUMB_SIZE_CHECKTNZ(A) \
 +  do { \
 +    if (INT64(A) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB) throw LIBRAW_EXCEPTION_IO_CORRUPT; \
 +    if (INT64(A) < 64ULL)        throw LIBRAW_EXCEPTION_IO_CORRUPT; \
 +  } while (0)
 +
 +
 +#define THUMB_SIZE_CHECKWH(W,H) \
 +  do { \
 +    if (INT64(W)*INT64(H) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB) throw LIBRAW_EXCEPTION_IO_CORRUPT; \
 +    if (INT64(W)*INT64(H) < 64ULL)        throw LIBRAW_EXCEPTION_IO_CORRUPT; \
 +  } while (0)
 +
   try
   {
     if (!libraw_internal_data.internal_data.input)
@@ -4267,6 +4307,7 @@ int LibRaw::unpack_thumb(void)
         if (INT64(ID.toffset) + tsize > ID.input->size() + THUMB_READ_BEYOND)
           throw LIBRAW_EXCEPTION_IO_EOF;
 +        THUMB_SIZE_CHECKT(tsize);
       }
       else
       {
@@ -4280,6 +4321,7 @@ int LibRaw::unpack_thumb(void)
       ID.input->seek(ID.toffset, SEEK_SET);
       if (write_thumb == &LibRaw::jpeg_thumb)
       {
 +        THUMB_SIZE_CHECKTNZ(T.tlength);
         if (T.thumb)
           free(T.thumb);
         T.thumb = (char *)malloc(T.tlength);
@@ -4326,6 +4368,7 @@ int LibRaw::unpack_thumb(void)
       {
         if (t_bytesps > 1)
           throw LIBRAW_EXCEPTION_IO_CORRUPT; // 8-bit thumb, but parsed for more bits
 +        THUMB_SIZE_CHECKWH(T.twidth, T.theight);
         int t_length = T.twidth * T.theight * t_colors;
         if (T.tlength && T.tlength < t_length) // try to find tiff ifd with needed offset
@@ -4351,8 +4394,12 @@ int LibRaw::unpack_thumb(void)
                 T.tcolors = 1;
             }
             T.tlength = total_size;
 +            THUMB_SIZE_CHECKTNZ(T.tlength);
             if (T.thumb)
               free(T.thumb);
 +            
 +            THUMB_SIZE_CHECKTNZ(T.tlength);
 +            
             T.thumb = (char *)malloc(T.tlength);
             merror(T.thumb, "ppm_thumb()");
@@ -4400,10 +4447,15 @@ int LibRaw::unpack_thumb(void)
         if (t_bytesps > 2)
           throw LIBRAW_EXCEPTION_IO_CORRUPT; // 16-bit thumb, but parsed for more bits
         int o_bps = (imgdata.params.raw_processing_options & LIBRAW_PROCESSING_USE_PPM16_THUMBS) ? 2 : 1;
 +        THUMB_SIZE_CHECKWH(T.twidth, T.theight);
         int o_length = T.twidth * T.theight * t_colors * o_bps;
         int i_length = T.twidth * T.theight * t_colors * 2;
         if (!T.tlength)
           T.tlength = o_length;
 +        THUMB_SIZE_CHECKTNZ(o_length);
 +        THUMB_SIZE_CHECKTNZ(i_length);
 +        THUMB_SIZE_CHECKTNZ(T.tlength);
 +
         ushort *t_thumb = (ushort *)calloc(i_length, 1);
         ID.input->read(t_thumb, 1, i_length);
         if ((libraw_internal_data.unpacker_data.order == 0x4949) == (ntohs(0x1234) == 0x1234))
--- a/SOURCES/LibRaw-CVE-2020-24870.patch
+++ b/SOURCES/LibRaw-CVE-2020-24870.patch
@ -1,42 +0,0 @@
 From 4d463048b9f27a3dc86b7010c198b32d995cd941 Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <debarshir@gnome.org>
 Date: Tue, 27 Apr 2021 17:44:09 +0200
 Subject: [PATCH] Limit loops to MIN(colors,4)
 This is a backport of commit 4feaed4dea636cee for CVE-2020-24870.
 https://github.com/LibRaw/LibRaw/issues/330
 ---
 internal/dcraw_common.cpp | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)
 diff --git a/internal/dcraw_common.cpp b/internal/dcraw_common.cpp
 index a36553208194..3e8c009eb08e 100644
 --- a/internal/dcraw_common.cpp
 +++ b/internal/dcraw_common.cpp
@@ -19598,17 +19598,18 @@ dng_skip:
 				  if(calidx[colidx] == sidx)
 				  {
 -					  for (int i = 0; i < colors; i++)
 +					  for (int i = 0; i < colors && i < 4; i++)
 						  FORCC
 						  cc[i][c] = tiff_ifd[sidx].dng_color[colidx].calibration[i][c];
 				  }
 				  if(abidx == sidx)
 -					for (int i = 0; i < colors; i++)
 +					for (int i = 0; i < colors && i < 4; i++)
 						  FORCC cc[i][c] *= tiff_ifd[sidx].dng_levels.analogbalance[i];
 				  int j;
 -				  FORCC for (int i = 0; i < 3; i++) for (cam_xyz[c][i] = j = 0; j < colors; j++) cam_xyz[c][i] +=
 -					  cc[c][j] * cm[j][i];// add AsShotXY later * xyz[i];
 +				  FORCC for (int i = 0; i < 3; i++)
 +					for (cam_xyz[c][i] = j = 0; j < colors && j < 4; j++)
 +						cam_xyz[c][i] += cc[c][j] * cm[j][i];// add AsShotXY later * xyz[i];
 				  cam_xyz_coeff(cmatrix, cam_xyz);
 			  }
 		  }
 -- 
 2.30.2
--- a/SOURCES/LibRaw-CVE-2021-32142.patch
+++ b/SOURCES/LibRaw-CVE-2021-32142.patch
@ -1,41 +0,0 @@
 From 85e018cbca5eb3743eddca91d3d40c3123fa9777 Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <debarshir@gnome.org>
 Date: Tue, 19 Sep 2023 19:52:40 +0200
 Subject: [PATCH] check for input buffer size on datastream::gets
 (backported from commit fa329f37dca4a2c938f8abb50ee4a7ef93e64fbb)
 ---
 src/libraw_datastream.cpp | 3 +++
 1 file changed, 3 insertions(+)
 diff --git a/src/libraw_datastream.cpp b/src/libraw_datastream.cpp
 index bd9cf5ee55d7..aecd3997a707 100644
 --- a/src/libraw_datastream.cpp
 +++ b/src/libraw_datastream.cpp
@@ -175,6 +175,7 @@ INT64 LibRaw_file_datastream::tell()
 char *LibRaw_file_datastream::gets(char *str, int sz)
 {
 +  if(sz<1) return NULL;
   if (substream)
     return substream->gets(str, sz);
   LR_STREAM_CHK();
@@ -398,6 +399,7 @@ INT64 LibRaw_buffer_datastream::tell()
 char *LibRaw_buffer_datastream::gets(char *s, int sz)
 {
 +  if(sz<1) return NULL;
   if (substream)
     return substream->gets(s, sz);
   unsigned char *psrc, *pdest, *str;
@@ -594,6 +596,7 @@ INT64 LibRaw_bigfile_datastream::tell()
 char *LibRaw_bigfile_datastream::gets(char *str, int sz)
 {
 +  if(sz<1) return NULL;
   LR_BF_CHK();
   return substream ? substream->gets(str, sz) : fgets(str, sz, f);
 }
 -- 
 2.41.0
--- a/SOURCES/LibRaw-CVE-2026-20889-TALOS-2026-2358.patch
+++ b/SOURCES/LibRaw-CVE-2026-20889-TALOS-2026-2358.patch
@ -1,92 +0,0 @@
 From 7e315d12429c91aa7d7e6402db00ac0cdd173ad5 Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <debarshir@gnome.org>
 Date: Wed, 29 Apr 2026 23:42:31 +0200
 Subject: [PATCH] Fix for TALOS-2026-2358
 (backported from commit b9809e410d07ca7bf408e6d036615fb34f8c47cc)
 ---
 internal/libraw_x3f.cpp |  7 +++++++
 src/libraw_cxx.cpp      | 20 +++++++++++++++++++-
 2 files changed, 26 insertions(+), 1 deletion(-)
 diff --git a/internal/libraw_x3f.cpp b/internal/libraw_x3f.cpp
 index 49918e99d2ce..2976eaf70929 100644
 --- a/internal/libraw_x3f.cpp
 +++ b/internal/libraw_x3f.cpp
@@ -1579,7 +1579,14 @@ static uint32_t read_data_block(void **data,
 	if (fpos + size > I->input.file->size())
 		throw LIBRAW_EXCEPTION_IO_CORRUPT;
 +	// All known files from real cameras are many times smaller than 1 GB, so the hard limit is OK here.
 +
 +	if(size > 1024*1024*1024)
 +		throw LIBRAW_EXCEPTION_ALLOC;
 +
 	*data = (void *)malloc(size);
 +	if (!*data)
 +		throw LIBRAW_EXCEPTION_ALLOC;
 	GETN(*data, size);
 diff --git a/src/libraw_cxx.cpp b/src/libraw_cxx.cpp
 index 51d0ebbc9fc8..a5cdf8ae6b01 100644
 --- a/src/libraw_cxx.cpp
 +++ b/src/libraw_cxx.cpp
@@ -4432,6 +4432,8 @@ int LibRaw::unpack_thumb(void)
       {
         x3f_thumb_loader();
         SET_PROC_FLAG(LIBRAW_PROGRESS_THUMB_LOAD);
 +        if (!T.twidth && !T.theight)
 +          return LIBRAW_NO_THUMBNAIL;
         return 0;
       }
       else
@@ -6380,6 +6382,7 @@ void LibRaw::x3f_thumb_loader()
 {
   try
   {
 +    INT64 checked_size = x3f_thumb_size(); // This value was checked at upper level?
     x3f_t *x3f = (x3f_t *)_x3f_data;
     if (!x3f)
       return; // No data pointer set
@@ -6397,6 +6400,12 @@ void LibRaw::x3f_thumb_loader()
     imgdata.thumbnail.tcolors = 3;
     if (imgdata.thumbnail.tformat == LIBRAW_THUMBNAIL_JPEG)
     {
 +      INT64 alloc_size = ID->data_size;
 +      if ((alloc_size > 2 * checked_size) || (alloc_size > 1024LL * 1024LL * LIBRAW_MAX_THUMBNAIL_MB))
 +        throw LIBRAW_EXCEPTION_TOOBIG;
 +      if(alloc_size < 64LL)
 +        throw LIBRAW_EXCEPTION_IO_CORRUPT;
 +
       imgdata.thumbnail.thumb = (char *)malloc(ID->data_size);
       merror(imgdata.thumbnail.thumb, "LibRaw::x3f_thumb_loader()");
       memmove(imgdata.thumbnail.thumb, ID->data, ID->data_size);
@@ -6404,6 +6413,12 @@ void LibRaw::x3f_thumb_loader()
     }
     else if (imgdata.thumbnail.tformat == LIBRAW_THUMBNAIL_BITMAP)
     {
 +      INT64 alloc_size = INT64(ID->columns) * INT64(ID->rows) * 3LL;
 +      if ((alloc_size > 2 * checked_size) ||
 +          (alloc_size > 1024LL * 1024LL * LIBRAW_MAX_THUMBNAIL_MB)) throw LIBRAW_EXCEPTION_TOOBIG;
 +      if (alloc_size < 64LL)
 +        throw LIBRAW_EXCEPTION_IO_CORRUPT;
 +
       imgdata.thumbnail.tlength = ID->columns * ID->rows * 3;
       imgdata.thumbnail.thumb = (char *)malloc(ID->columns * ID->rows * 3);
       merror(imgdata.thumbnail.thumb, "LibRaw::x3f_thumb_loader()");
@@ -6421,7 +6436,10 @@ void LibRaw::x3f_thumb_loader()
   }
   catch (...)
   {
 -    // do nothing
 +    // no rethrow: handled at upper level
 +    imgdata.thumbnail.twidth = 0;
 +    imgdata.thumbnail.theight = 0;
 +    imgdata.thumbnail.tcolors = 0;
   }
 }
 -- 
 2.53.0
--- a/SOURCES/LibRaw-CVE-2026-21413-TALOS-2026-2331.patch
+++ b/SOURCES/LibRaw-CVE-2026-21413-TALOS-2026-2331.patch
@ -1,24 +0,0 @@
 diff -urNp LibRaw-0.19.5.orig/dcraw/dcraw.c LibRaw-0.19.5/dcraw/dcraw.c
 --- LibRaw-0.19.5.orig/dcraw/dcraw.c	2026-04-28 23:52:51.314912726 +0200
 +++ LibRaw-0.19.5/dcraw/dcraw.c	2026-04-29 00:05:10.714922134 +0200
@@ -953,7 +953,7 @@ void CLASS lossless_jpeg_load_raw()
       }
       if (raw_width == 3984 && (col -= 2) < 0)
 	col += (row--,raw_width);
 -      if ((unsigned) row < raw_height) RAW(row,col) = val;
 +      if (((unsigned) row < raw_height) && ((unsigned) col < raw_width)) RAW(row,col) = val;
       if (++col >= raw_width)
 	col = (row++,0);
     }
 diff -urNp LibRaw-0.19.5.orig/internal/dcraw_common.cpp LibRaw-0.19.5/internal/dcraw_common.cpp
 --- LibRaw-0.19.5.orig/internal/dcraw_common.cpp	2026-04-28 23:52:51.315669819 +0200
 +++ LibRaw-0.19.5/internal/dcraw_common.cpp	2026-04-29 00:03:21.023739250 +0200
@@ -1067,7 +1067,7 @@ void CLASS lossless_jpeg_load_raw()
 #else
         longjmp(failure, 3);
 #endif
 -        if ((unsigned)row < raw_height)
 +        if (((unsigned)row < raw_height) && ((unsigned)col < raw_width))
           RAW(row, col) = val;
         if (++col >= raw_width)
           col = (row++, 0);
--- a/SOURCES/LibRaw-CVE-2026-24660-TALOS-2026-2359.patch
+++ b/SOURCES/LibRaw-CVE-2026-24660-TALOS-2026-2359.patch
@ -1,334 +0,0 @@
 From 92492c81b2fd2b600f357b32a1e03bff85db65b9 Mon Sep 17 00:00:00 2001
 From: Debarshi Ray <debarshir@gnome.org>
 Date: Thu, 30 Apr 2026 14:27:27 +0200
 Subject: [PATCH] X3F decoder: implemented hard single allocation limit
 ... via LIBRAW_X3F_ALLOC_LIMIT_MB define; allocation size calculation
 converted to 64 bit arithm; fix for TALOS-2026-2359.
 (backported from commit ac151a829b8d3e4c74fa3aefa8a029c3cc3f857f)
 ---
 internal/libraw_x3f.cpp | 101 ++++++++++++++++++++++++----------------
 libraw/libraw_const.h   |   6 +++
 2 files changed, 67 insertions(+), 40 deletions(-)
 diff --git a/internal/libraw_x3f.cpp b/internal/libraw_x3f.cpp
 index 2976eaf70929..8b159dda18c9 100644
 --- a/internal/libraw_x3f.cpp
 +++ b/internal/libraw_x3f.cpp
@@ -474,6 +474,36 @@ x3f_return_t x3f_delete(x3f_t *x3f);
 /* Reading and writing - assuming little endian in the file              */
 /* --------------------------------------------------------------------- */
 +static void *x3f_limited_malloc(UINT64 sz)
 +{
 +  if (sz > LIBRAW_X3F_ALLOC_LIMIT_MB * 1024ULL * 1024ULL)
 +    throw LIBRAW_EXCEPTION_TOOBIG;
 +  void *ret = malloc(sz);
 +  if (!ret)
 +    throw LIBRAW_EXCEPTION_ALLOC;
 +  return ret;
 +}
 +
 +static void *x3f_limited_calloc(UINT64 n, UINT64 sz)
 +{
 +  if (sz * n > LIBRAW_X3F_ALLOC_LIMIT_MB * 1024ULL * 1024ULL)
 +    throw LIBRAW_EXCEPTION_TOOBIG;
 +  void *ret = calloc(n, sz);
 +  if (!ret)
 +    throw LIBRAW_EXCEPTION_ALLOC;
 +  return ret;
 +}
 +
 +static void *x3f_limited_realloc(void *ptr, UINT64 sz)
 +{
 +  if (sz > LIBRAW_X3F_ALLOC_LIMIT_MB * 1024ULL * 1024ULL)
 +    throw LIBRAW_EXCEPTION_TOOBIG;
 +  void *ret = realloc(ptr, sz);
 +  if (!ret)
 +    throw LIBRAW_EXCEPTION_ALLOC;
 +  return ret;
 +}
 +
 static int x3f_get1(LibRaw_abstract_datastream *f)
 {
 	/* Little endian file */
@@ -536,7 +566,7 @@ union {int32_t i; float f;} _tmp;		\
 	do {											\
 	int _i;											\
 	(_T).size = (_NUM);								\
 -	(_T).element = (_TYPE *)realloc((_T).element,	\
 +	(_T).element = (_TYPE *)x3f_limited_realloc((_T).element,	\
 	(_NUM)*sizeof((_T).element[0]));				\
 	for (_i = 0; _i < (_T).size; _i++)				\
 	_GETX((_T).element[_i]);						\
@@ -546,7 +576,7 @@ union {int32_t i; float f;} _tmp;		\
 	do {											\
 	int _i;											\
 	(_T).size = (_NUM);								\
 -	(_T).element = (x3f_property_t *)realloc((_T).element,	\
 +	(_T).element = (x3f_property_t *)x3f_limited_realloc((_T).element,	\
 	(_NUM)*sizeof((_T).element[0]));				\
 	for (_i = 0; _i < (_T).size; _i++) {			\
 	GET4((_T).element[_i].name_offset);				\
@@ -560,7 +590,7 @@ union {int32_t i; float f;} _tmp;		\
 	(_T).element = NULL;							\
 	for (_i = 0; ; _i++) {							\
 	(_T).size = _i + 1;								\
 -	(_T).element = (x3f_true_huffman_element_t *)realloc((_T).element,	\
 +	(_T).element = (x3f_true_huffman_element_t *)x3f_limited_realloc((_T).element,	\
 	(_i + 1)*sizeof((_T).element[0]));				\
 	GET1((_T).element[_i].code_size);				\
 	GET1((_T).element[_i].code);					\
@@ -583,7 +613,7 @@ static void new_huffman_tree(x3f_hufftree_t *HTP, int bits)
   HTP->free_node_index = 0;
   HTP->nodes = (x3f_huffnode_t *)
 -    calloc(1, HUF_TREE_MAX_NODES(leaves)*sizeof(x3f_huffnode_t));
 +    x3f_limited_calloc(1, HUF_TREE_MAX_NODES(leaves)*sizeof(x3f_huffnode_t));
 }
 /* --------------------------------------------------------------------- */
@@ -608,7 +638,7 @@ static void cleanup_true(x3f_true_t **TRUP)
 static x3f_true_t *new_true(x3f_true_t **TRUP)
 {
 -  x3f_true_t *TRU = (x3f_true_t *)calloc(1, sizeof(x3f_true_t));
 +  x3f_true_t *TRU = (x3f_true_t *)x3f_limited_calloc(1, sizeof(x3f_true_t));
   cleanup_true(TRUP);
@@ -639,7 +669,7 @@ static void cleanup_quattro(x3f_quattro_t **QP)
 static x3f_quattro_t *new_quattro(x3f_quattro_t **QP)
 {
 -  x3f_quattro_t *Q = (x3f_quattro_t *)calloc(1, sizeof(x3f_quattro_t));
 +  x3f_quattro_t *Q = (x3f_quattro_t *)x3f_limited_calloc(1, sizeof(x3f_quattro_t));
   int i;
   cleanup_quattro(QP);
@@ -682,7 +712,7 @@ static void cleanup_huffman(x3f_huffman_t **HUFP)
 static x3f_huffman_t *new_huffman(x3f_huffman_t **HUFP)
 {
 -  x3f_huffman_t *HUF = (x3f_huffman_t *)calloc(1, sizeof(x3f_huffman_t));
 +  x3f_huffman_t *HUF = (x3f_huffman_t *)x3f_limited_calloc(1, sizeof(x3f_huffman_t));
   cleanup_huffman(HUFP);
@@ -712,9 +742,7 @@ static x3f_huffman_t *new_huffman(x3f_huffman_t **HUFP)
 {
 	if (!infile) return NULL;
   	INT64 fsize = infile->size();
 -	x3f_t *x3f = (x3f_t *)calloc(1, sizeof(x3f_t));
 -        if(!x3f)
 -           throw LIBRAW_EXCEPTION_ALLOC;
 +	x3f_t *x3f = (x3f_t *)x3f_limited_calloc(1, sizeof(x3f_t));
   try {
 	x3f_info_t *I = NULL;
 	x3f_header_t *H = NULL;
@@ -773,7 +801,7 @@ static x3f_huffman_t *new_huffman(x3f_huffman_t **HUFP)
   if (DS->num_directory_entries > 0) {
     size_t size = DS->num_directory_entries * sizeof(x3f_directory_entry_t);
 -    DS->directory_entry = (x3f_directory_entry_t *)calloc(1, size);
 +    DS->directory_entry = (x3f_directory_entry_t *)x3f_limited_calloc(1, size);
   }
   /* Traverse the directory */
@@ -1579,14 +1607,7 @@ static uint32_t read_data_block(void **data,
 	if (fpos + size > I->input.file->size())
 		throw LIBRAW_EXCEPTION_IO_CORRUPT;
 -	// All known files from real cameras are many times smaller than 1 GB, so the hard limit is OK here.
 -
 -	if(size > 1024*1024*1024)
 -		throw LIBRAW_EXCEPTION_ALLOC;
 -
 -	*data = (void *)malloc(size);
 -	if (!*data)
 -		throw LIBRAW_EXCEPTION_ALLOC;
 +	*data = (void *)x3f_limited_malloc(size);
 	GETN(*data, size);
@@ -1719,35 +1740,35 @@ static void x3f_load_true(x3f_info_t *I,
 			uint32_t columns = Q->plane[0].columns;
 			uint32_t rows = Q->plane[0].rows;
 			uint32_t channels = 3;
 -			uint32_t size = columns * rows * channels;
 +			UINT64 size = UINT64(columns) * UINT64(rows) * UINT64(channels);
 			TRU->x3rgb16.columns = columns;
 			TRU->x3rgb16.rows = rows;
 			TRU->x3rgb16.channels = channels;
 			TRU->x3rgb16.row_stride = columns * channels;
 -			TRU->x3rgb16.buf = malloc(sizeof(uint16_t)*size);
 +			TRU->x3rgb16.buf = x3f_limited_malloc(sizeof(uint16_t)*size);
 			TRU->x3rgb16.data = (uint16_t *) TRU->x3rgb16.buf;
 			columns = Q->plane[2].columns;
 			rows = Q->plane[2].rows;
 			channels = 1;
 -			size = columns * rows * channels;
 +			size = UINT64(columns) * UINT64(rows) * UINT64(channels);
 			Q->top16.columns = columns;
 			Q->top16.rows = rows;
 			Q->top16.channels = channels;
 			Q->top16.row_stride = columns * channels;
 -			Q->top16.buf = malloc(sizeof(uint16_t)*size);
 +			Q->top16.buf = x3f_limited_malloc(sizeof(uint16_t)*size);
 			Q->top16.data = (uint16_t *)Q->top16.buf;
 	} else {
 -		uint32_t size = ID->columns * ID->rows * 3;
 +		UINT64 size = UINT64(ID->columns) * UINT64(ID->rows) * 3ULL;
 		TRU->x3rgb16.columns = ID->columns;
 		TRU->x3rgb16.rows = ID->rows;
 		TRU->x3rgb16.channels = 3;
 		TRU->x3rgb16.row_stride = ID->columns * 3;
 -		TRU->x3rgb16.buf =malloc(sizeof(uint16_t)*size);
 +		TRU->x3rgb16.buf = x3f_limited_malloc(sizeof(uint16_t)*size);
 		TRU->x3rgb16.data = (uint16_t *)TRU->x3rgb16.buf;		
 	}
@@ -1802,7 +1823,7 @@ static void x3f_load_huffman(x3f_info_t *I,
 	x3f_directory_entry_header_t *DEH = &DE->header;
 	x3f_image_data_t *ID = &DEH->data_subsection.image_data;
 	x3f_huffman_t *HUF = new_huffman(&ID->huffman);
 -	uint32_t size;
 +	UINT64 size;
 	if (use_map_table) {
 		int table_size = 1<<bits;
@@ -1813,21 +1834,21 @@ static void x3f_load_huffman(x3f_info_t *I,
 	switch (ID->type_format) {
 	case X3F_IMAGE_RAW_HUFFMAN_X530:
 	case X3F_IMAGE_RAW_HUFFMAN_10BIT:
 -		size = ID->columns * ID->rows * 3;
 +		size = UINT64(ID->columns) * UINT64(ID->rows) * 3ULL;
 		HUF->x3rgb16.columns = ID->columns;
 		HUF->x3rgb16.rows = ID->rows;
 		HUF->x3rgb16.channels = 3;
 		HUF->x3rgb16.row_stride = ID->columns * 3;
 -		HUF->x3rgb16.buf = malloc(sizeof(uint16_t)*size);
 +		HUF->x3rgb16.buf = x3f_limited_malloc(sizeof(uint16_t)*size);
 		HUF->x3rgb16.data = (uint16_t *)HUF->x3rgb16.buf;
 		break;
 	case X3F_IMAGE_THUMB_HUFFMAN:
 -		size = ID->columns * ID->rows * 3;
 +		size = UINT64(ID->columns) * UINT64(ID->rows) * 3ULL;
 		HUF->rgb8.columns = ID->columns;
 		HUF->rgb8.rows = ID->rows;
 		HUF->rgb8.channels = 3;
 		HUF->rgb8.row_stride = ID->columns * 3;
 -		HUF->rgb8.buf = malloc(sizeof(uint8_t)*size);
 +		HUF->rgb8.buf = x3f_limited_malloc(sizeof(uint8_t)*size);
 		HUF->rgb8.data = (uint8_t *)HUF->rgb8.buf;
 		break;
 	default:
@@ -1923,7 +1944,7 @@ static void x3f_load_camf_decode_type2(x3f_camf_t *CAMF)
 	int i;
 	CAMF->decoded_data_size = CAMF->data_size;
 -	CAMF->decoded_data = malloc(CAMF->decoded_data_size);
 +	CAMF->decoded_data = x3f_limited_malloc(CAMF->decoded_data_size);
 	for (i=0; i<CAMF->data_size; i++) {
 		uint8_t old, _new;
@@ -1963,7 +1984,7 @@ static void camf_decode_type4(x3f_camf_t *CAMF)
   CAMF->decoded_data_size = dst_size;
 -  CAMF->decoded_data = malloc(CAMF->decoded_data_size);
 +  CAMF->decoded_data = x3f_limited_malloc(CAMF->decoded_data_size);
   memset(CAMF->decoded_data, 0, CAMF->decoded_data_size);
   dst = (uint8_t *)CAMF->decoded_data;
@@ -2038,7 +2059,7 @@ static void x3f_load_camf_decode_type4(x3f_camf_t *CAMF)
   for (i=0, p = (uint8_t*)CAMF->data; *p != 0; i++) {
     /* TODO: Is this too expensive ??*/
     element =
 -      (x3f_true_huffman_element_t *)realloc(element, (i+1)*sizeof(*element));
 +      (x3f_true_huffman_element_t *)x3f_limited_realloc(element, (i+1)*sizeof(*element));
     element[i].code_size = *p++;
     element[i].code = *p++;
@@ -2077,7 +2098,7 @@ static void camf_decode_type5(x3f_camf_t *CAMF)
   int32_t i;
   CAMF->decoded_data_size = CAMF->t5.decoded_data_size;
 -  CAMF->decoded_data = malloc(CAMF->decoded_data_size);
 +  CAMF->decoded_data = x3f_limited_malloc(CAMF->decoded_data_size);
   dst = (uint8_t *)CAMF->decoded_data;
@@ -2100,7 +2121,7 @@ static void x3f_load_camf_decode_type5(x3f_camf_t *CAMF)
   for (i=0, p = (uint8_t*)CAMF->data; *p != 0; i++) {
     /* TODO: Is this too expensive ??*/
     element =
 -      (x3f_true_huffman_element_t *)realloc(element, (i+1)*sizeof(*element));
 +      (x3f_true_huffman_element_t *)x3f_limited_realloc(element, (i+1)*sizeof(*element));
     element[i].code_size = *p++;
     element[i].code = *p++;
@@ -2144,8 +2165,8 @@ static void x3f_setup_camf_property_entry(camf_entry_t *entry)
     entry->property_num = *(uint32_t *)v;
   uint32_t off = *(uint32_t *)(v + 4);
 -  entry->property_name = (char **)malloc(num*sizeof(uint8_t*));
 -  entry->property_value = (uint8_t **)malloc(num*sizeof(uint8_t*));
 +  entry->property_name = (char **)x3f_limited_malloc(num*sizeof(uint8_t*));
 +  entry->property_value = (uint8_t **)x3f_limited_malloc(num*sizeof(uint8_t*));
   for (i=0; i<num; i++) {
     uint32_t name_off = off + *(uint32_t *)(v + 8 + 8*i);
@@ -2198,7 +2219,7 @@ static void get_matrix_copy(camf_entry_t *entry)
 		 sizeof(double) :
 		 sizeof(uint32_t)) * elements;
 -  entry->matrix_decoded = malloc(size);
 +  entry->matrix_decoded = x3f_limited_malloc(size);
   switch (element_size) {
   case 4:
@@ -2271,7 +2292,7 @@ static void x3f_setup_camf_matrix_entry(camf_entry_t *entry)
 		entry->matrix_data_off = *(uint32_t *)(v + 8);
 	camf_dim_entry_t *dentry =
 		entry->matrix_dim_entry =
 -		(camf_dim_entry_t*)malloc(dim*sizeof(camf_dim_entry_t));
 +		(camf_dim_entry_t*)x3f_limited_malloc(dim*sizeof(camf_dim_entry_t));
 	for (i=0; i<dim; i++) {
 		uint32_t size =
@@ -2320,7 +2341,7 @@ static void x3f_setup_camf_entries(x3f_camf_t *CAMF)
 		}
 		/* TODO: lots of realloc - may be inefficient */
 -		entry = (camf_entry_t *)realloc(entry, (i+1)*sizeof(camf_entry_t));
 +		entry = (camf_entry_t *)x3f_limited_realloc(entry, (i+1)*sizeof(camf_entry_t));
 		/* Pointer */
 		entry[i].entry = p;
 diff --git a/libraw/libraw_const.h b/libraw/libraw_const.h
 index 66fae4d4c17f..39b2a8cc9c2e 100644
 --- a/libraw/libraw_const.h
 +++ b/libraw/libraw_const.h
@@ -34,6 +34,12 @@ it under the terms of the one of two licenses as you choose:
 #ifndef LIBRAW_NO_IOSPACE_CHECK
 #define LIBRAW_IOSPACE_CHECK
 #endif
 +
 +/* max data size for known foveon cameras: 30mpix * 3 channels * 2 bytes = 180Mb, so 512Mb is OK for everything until/if new cameras will arrive */
 +#ifndef LIBRAW_X3F_ALLOC_LIMIT_MB
 +#define LIBRAW_X3F_ALLOC_LIMIT_MB 512ULL
 +#endif
 +
 /* LibRaw uses own memory pool management, with LIBRAW_MSIZE (512)
 entries. It is enough for parsing/decoding non-damaged files, but
 may overflow on specially crafted files (eg. with many string values
 -- 
 2.53.0
--- a/SOURCES/LibRaw-pkgconfig.patch
+++ b/SOURCES/LibRaw-pkgconfig.patch
@ -0,0 +1,25 @@
 --- LibRaw-0.21.0/libraw.pc.in~	2022-12-18 01:26:41.000000000 -0600
 +++ LibRaw-0.21.0/libraw.pc.in	2022-12-19 10:27:02.793929537 -0600
@@ -6,7 +6,9 @@
 Name: libraw
 Description: Raw image decoder library (non-thread-safe)
 Requires: @PACKAGE_REQUIRES@
 +Requires.private: @PACKAGE_REQUIRES@
 Version: @PACKAGE_VERSION@
 -Libs: -L${libdir} -lraw -lstdc++@PC_OPENMP@
 +Libs: -L${libdir} -lraw@PC_OPENMP@
 +Libs.private: -lstdc++
 Libs.private: @PACKAGE_LIBS_PRIVATE@
 Cflags: -I${includedir}/libraw -I${includedir}
 --- LibRaw-0.21.0/libraw_r.pc.in~	2022-12-18 01:26:41.000000000 -0600
 +++ LibRaw-0.21.0/libraw_r.pc.in	2022-12-19 10:28:30.620571338 -0600
@@ -6,7 +6,8 @@
 Name: libraw
 Description: Raw image decoder library (thread-safe)
 Requires: @PACKAGE_REQUIRES@
 +Requires.private: @PACKAGE_REQUIRES@
 Version: @PACKAGE_VERSION@
 -Libs: -L${libdir} -lraw_r -lstdc++@PC_OPENMP@
 +Libs: -L${libdir} -lraw_r@PC_OPENMP@
 Libs.private: @PACKAGE_LIBS_PRIVATE@
 Cflags: -I${includedir}/libraw -I${includedir}
--- a/SPECS/LibRaw.spec
+++ b/SPECS/LibRaw.spec
@ -1,8 +1,14 @@
 # feature macro to enable samples (or not)
 %if 0%{?rhel} != 7
 %global samples 1
 %endif
 Summary: Library for reading RAW files obtained from digital photo cameras
 Name: LibRaw
-Version: 0.19.5
+Version: 0.21.1
-Release: 6%{?dist}
+Release: 1%{?dist}
-License: BSD-3-Clause and (CDDL-1.0 or LGPL-2.1-only)
+License: BSD and LGPLv2
 URL: http://www.libraw.org
 BuildRequires: gcc-c++
@ -10,15 +16,14 @@ BuildRequires: pkgconfig(lcms2)
 BuildRequires: pkgconfig(jasper)
 BuildRequires: pkgconfig(libjpeg)
 BuildRequires: autoconf automake libtool
 BuildRequires: make
-Source0: http://www.libraw.org/data/%{name}-%{version}.tar.gz
+Source0: http://github.com/LibRaw/LibRaw/archive/%{version}.tar.gz
-Patch0:  LibRaw-0.6.0-pkgconfig.patch
+
-Patch1:  LibRaw-CVE-2020-15503.patch
+Patch0: LibRaw-pkgconfig.patch
-Patch2:  LibRaw-CVE-2020-24870.patch
+
-Patch3:  LibRaw-CVE-2021-32142.patch
+# CVE-2023-1729
-Patch4:  LibRaw-CVE-2026-20889-TALOS-2026-2358.patch
+Patch1: 9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch
 Patch5:  LibRaw-CVE-2026-21413-TALOS-2026-2331.patch
 Patch6:  LibRaw-CVE-2026-24660-TALOS-2026-2359.patch
 Provides: bundled(dcraw) = 9.25
@ -46,34 +51,20 @@ Requires: %{name}-devel%{?_isa} = %{version}-%{release}
 %description static
 LibRaw static development libraries.
 %if 0%{?rhel} != 7
 %package samples
 Summary: LibRaw sample programs
 Requires: %{name} = %{version}-%{release}
 %description samples
 LibRaw sample programs
 %endif
 %prep
-%setup -q
+%autosetup -p1 -n %{name}-%{version}
 %patch0 -p0 -b .pkgconfig
 %patch1 -p1 -b .cve-2020-15503
 %patch2 -p1 -b .cve-2020-24870
 %patch3 -p1 -b .cve-2021-32142
 %patch4 -p1 -b .cve-2026-20889
 %patch5 -p1 -b .cve-2026-21413
 %patch6 -p1 -b .cve-2026-24660
 %build
 autoreconf -if
 %configure \
-%if 0%{?rhel} == 7
+    --enable-examples=%{?samples:yes}%{!?samples:no} \
    --enable-examples=no \
 %else
    --enable-examples=yes \
 %endif
    --enable-jasper \
    --enable-jpeg \
    --enable-lcms \
@ -104,8 +95,8 @@ rm -fv %{buildroot}%{_libdir}/lib*.la
 %files
 %doc Changelog.txt
 %license LICENSE.CDDL LICENSE.LGPL COPYRIGHT
-%{_libdir}/libraw.so.19*
+%{_libdir}/libraw.so.23*
-%{_libdir}/libraw_r.so.19*
+%{_libdir}/libraw_r.so.23*
 %files static
 %{_libdir}/libraw.a
@ -121,60 +112,118 @@ rm -fv %{buildroot}%{_libdir}/lib*.la
 %{_libdir}/pkgconfig/libraw_r.pc
 %exclude %{_docdir}/libraw/*
-%if 0%{?rhel} != 7
+%if 0%{?samples}
 %files samples
 %{_bindir}/*
 %endif
 %changelog
-* Thu Apr 30 2026 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-6
+* Mon Oct 02 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.21.1-1
- Backport fix for CVE-2026-24660 from upstream
+- 0.21.1
-Resolves: RHEL-165412
+- Include the fix for CVE-2023-1729 from Fedora
 Resolves: RHEL-768
-* Tue Apr 28 2026 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-5
+* Tue Apr 04 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.20.2-6
- Backport fixes for CVE-2026-20889 and CVE-2026-21413 from upstream
+- Fix CVE-2021-32142
- Migrate to SPDX license
+Resolves: #2172140
 Resolves: RHEL-165404, RHEL-165408
-* Mon Oct 23 2023 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-4
+* Mon Dec 13 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.20.2-5
- Backport fix for CVE-2021-32142 from upstream
+- CDDL is not an approved license
-Resolves: RHEL-9523
+Resolves: #2031918
-* Tue Apr 27 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-3
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.20.2-4
- Backport fix for CVE-2020-24870 from upstream
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-Resolves: #1931841
+  Related: rhbz#1991688
-* Mon Aug 10 2020 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-2
+* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.20.2-3
- Backport fix for CVE-2020-15503 from Fedora
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 Resolves: #1853529
-* Wed Oct 30 2019 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-1
+* Mon Jan 25 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.20.2-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Thu Oct 15 2020 Gwyn Ciesla <gwync@protonmail.com> - 0.20.2-1
 - 0.20.2
 * Wed Oct 14 2020 Gwyn Ciesla <gwync@protonmail.com> - 0.20.1-1
 - 0.20.1
 * Thu Sep 24 2020 Gwyn Ciesla <gwync@protonmail.com> - 0.20.0-3
 - Patch for CVE-2020-24890.
 * Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.20.0-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Thu Jul 23 2020 Gwyn Ciesla <gwync@protonmail.com> - 0.20.0-1
 - 0.20.0 final.
 * Thu Jul 02 2020 Gwyn Ciesla <gwync@protonmail.com> - 0.20-0.rc1.3
 - RC1
 * Mon Jun 29 2020 Gwyn Ciesla <gwync@protonmail.com>- 0.20-0.beta1.2
 - Patch for CVE-2020-15365
 * Wed May 13 2020 Kalev Lember <klember@redhat.com> - 0.20-0.beta1.1
 - Add back pkgconfig patch lost in the previous commit
 * Thu May 07 2020 Gwyn Ciesla <gwync@protonmail.com> - 0.20-0.beta1
 - 0.20 Beta 1
 * Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.19.5-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Tue Aug 20 2019 Gwyn Ciesla <gwync@protonmail.com> - 0.19.5-1
 - 0.19.5
 Resolves: #1671744
-* Fri Dec 14 2018 Debarshi Ray <rishi@fedoraproject.org> - 0.19.1-1
+* Mon Aug 05 2019 Gwyn Ciesla <gwync@protonmail.com> - 0.19.4-1
 - 0.19.4
 * Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.19.3-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 * Wed Jul 03 2019 Gwyn Ciesla <gwync@protonmail.com> - 0.19.3-1
 - 0.19.3
 * Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.19.2-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 * Wed Jan 02 2019 Debarshi Ray <rishi@fedoraproject.org> - 0.19.2-2
 - Remove the samples subpackage from RHEL 7
 * Wed Dec 26 2018 Gwyn Ciesla <limburgher@gmail.com> - 0.19.2-1
 - 0.19.2
 * Thu Nov 22 2018 Debarshi Ray <rishi@fedoraproject.org> - 0.19.1-1
 - 0.19.1
 Resolves: #1654688
-* Mon Oct 08 2018 Debarshi Ray <rishi@fedoraproject.org> - 0.19.0-3
+* Mon Oct 08 2018 Debarshi Ray <rishi@fedoraproject.org> - 0.19.0-6
 - Remove the build artifacts for the samples
 Resolves: #1633708
-* Mon Oct 08 2018 Debarshi Ray <rishi@fedoraproject.org> - 0.19.0-2
+* Mon Oct 08 2018 Debarshi Ray <rishi@fedoraproject.org> - 0.19.0-5
 - Bind the samples sub-package more tightly to the main package
 Resolves: #1633708
-* Thu Sep 27 2018 Debarshi Ray <rishi@fedoraproject.org> - 0.19.0-1
+* Tue Jul 31 2018 Debarshi Ray <rishi@fedoraproject.org> - 0.19.0-4
 - 0.19.0
 - Fix License
 - Explicitly enable JPEG and OpenMP support to avoid surprises
 - Tighten %%files, mostly so api/soname changes will no longer be a surpise
 - Use %%make_build %%ldconfig_scriptlets
 Resolves: #1633708
-* Thu Jul 19 2018 Debarshi Ray <rishi@fedoraproject.org> - 0.18.13-1
+* Thu Jul 19 2018 Rex Dieter <rdieter@fedoraproject.org> - 0.19.0-3
- 0.18.13.
+- tighten %%files, mostly so api/soname changes will no longer be a surpise
 - use %%make_build %%ldconfig_scriptlets
 * Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.19.0-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 * Fri Jun 29 2018 Gwyn Ciesla <limburgher@gmail.com> - 0.19.0-1
 - 0.19.0.
 * Mon Jun 11 2018 Gwyn Ciesla <limburgher@gmail.com> - 0.18.12-1
 - 0.18.12.
 * Thu May 10 2018 Gwyn Ciesla <limburgher@gmail.com> - 0.18.11-1
 - 0.18.11.
 * Thu May 03 2018 Gwyn Ciesla <limburgher@gmail.com> - 0.18.10-1
 - 0.18.10.
 * Wed Apr 25 2018 Gwyn Ciesla <limburgher@gmail.com> - 0.18.9-1
 - 0.18.9.
`@ -1 +1 @@`
	`c151995b6f17a0ccef7fbc1dcb982f0ccb04d934 SOURCES/LibRaw-0.19.5.tar.gz`	`0693a4ef073e277aec2b1f40f360e1dae2870fb1 SOURCES/0.21.1.tar.gz`
`@ -1 +1 @@`
	`SOURCES/LibRaw-0.19.5.tar.gz`	`SOURCES/0.21.1.tar.gz`