Compare commits

...

10 Commits

Author SHA1 Message Date
Jan Grulich d006d9d330 Fix test name in rpminspect.yaml 2023-05-18 11:07:29 +00:00
Jan Grulich 849ba0bdf9 Add rpminspect.yaml 2021-12-14 13:02:37 +01:00
Jan Grulich 56d4420af0 Remove RPATH
Resolves: bz#2018421
2021-11-15 09:10:09 +01:00
Jan Grulich 81d2c76e0d Exiv2 0.27.5
Resolves: bz#2018421

Fix stack exhaustion issue in the printIFDStructure function leading to DoS
Resolves: bz#2003670
2021-11-12 10:28:24 +01:00
Jan Grulich 0f6bad762c Properly install POC files
Resolves: bz#1993247
Resolves: bz#1993284
2021-08-24 17:49:36 +02:00
Jan Grulich 20a28a73c0 Bump build version
Resolves: bz#1993247
Resolves: bz#1993284
2021-08-24 13:26:09 +02:00
Jan Grulich c39924fe20 Include missing tests for CVEs
Resolves: bz#1993247
Resolves: bz#1993284
2021-08-24 13:17:10 +02:00
Jan Grulich 160330c325 Fix test for CVE-2021-29470
Resolves: bz#1993284
2021-08-19 12:26:02 +02:00
Jan Grulich 3c72a01f6b Fix out-of-bounds read in Exiv2::Jp2Image::printStructure
Resolves: bz#1993247

Fix out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header
Resolves: bz#1993284
2021-08-18 08:48:10 +02:00
Mohan Boddu c11c9e4733 Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-08-09 19:57:50 +00:00
6 changed files with 60 additions and 4 deletions

1
.exiv2.metadata Normal file
View File

@ -0,0 +1 @@
775f9c5ddeb92b682da8b7737f9811009595dc6a exiv2-0.27.5-Source.tar.gz

3
.gitignore vendored
View File

@ -3,3 +3,6 @@
/exiv2-0.27.2-Source.tar.gz
/exiv2-0.27.3-Source.tar.gz
/exiv2-0.27.4-Source.tar.gz
/issue_ghsa_mxw9_qx4c_6m8v_poc.jp2
/issue_ghsa_583f_w9pm_99r2_poc.jp2
/exiv2-0.27.5-Source.tar.gz

13
exiv2-no-rpath.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/cmake/mainSetup.cmake b/cmake/mainSetup.cmake
index fcaa21f..f69fc46 100644
--- a/cmake/mainSetup.cmake
+++ b/cmake/mainSetup.cmake
@@ -23,8 +23,6 @@ if (UNIX)
if (APPLE)
set(CMAKE_MACOSX_RPATH ON)
set(CMAKE_INSTALL_RPATH "@loader_path")
- else()
- join_paths(CMAKE_INSTALL_RPATH "$ORIGIN" ".." "${CMAKE_INSTALL_LIBDIR}")
endif()
endif()

View File

@ -3,7 +3,7 @@
Summary: Exif and Iptc metadata manipulation library
Name: exiv2
Version: 0.27.4
Version: 0.27.5
%global internal_ver %{version}
Release: 2%{?dist}
@ -20,6 +20,7 @@ Source0: http://exiv2.org/builds/%{name}-%{version}-Source.tar.gz
## security fixes
## upstreamable patches
Patch0: exiv2-no-rpath.patch
BuildRequires: cmake
BuildRequires: expat-devel
@ -69,11 +70,9 @@ BuildArch: noarch
%description doc
%{summary}.
%prep
%autosetup -n %{name}-%{version}-%{?beta}%{!?beta:Source} -p1
%build
%cmake \
-DCMAKE_INSTALL_DOCDIR="%{_pkgdocdir}" \
@ -126,6 +125,42 @@ test -x %{buildroot}%{_libdir}/libexiv2.so
%changelog
* Mon Nov 15 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.5-2
- Remove RPATH
Resolves: bz#2018421
* Fri Nov 12 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.5-1
- Exiv2 0.27.5
Resolves: bz#2018421
Fix stack exhaustion issue in the printIFDStructure function leading to DoS
Resolves: bz#2003670
* Tue Aug 24 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-7
- Properly install POC files
Resolves: bz#1993247
Resolves: bz#1993284
* Tue Aug 24 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-6
- Include missing tests for CVEs
Resolves: bz#1993247
Resolves: bz#1993284
* Wed Aug 18 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-5
- Fix test for CVE-2021-29470
Resolves: bz#1993284
* Wed Aug 18 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-4
- Fix out-of-bounds read in Exiv2::Jp2Image::printStructure
Resolves: bz#1993247
- Fix out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header
Resolves: bz#1993284
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.27.4-3
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Thu Aug 05 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-2
- Do not duplicate changelog file
Resolves: bz#1989848

4
rpminspect.yaml Normal file
View File

@ -0,0 +1,4 @@
---
badfuncs:
ignore:
- /usr/lib*/libexiv2.so*

View File

@ -1 +1 @@
SHA512 (exiv2-0.27.4-Source.tar.gz) = f6798baafb36a54ba5bc65c2d28d4f4469e298582c90b417eb437b5dbda8e11963fb3314e8419717b3815ee8c3a68955cddc79e45351d9f2c165a0b73eb7b7be
SHA512 (exiv2-0.27.5-Source.tar.gz) = 0f2d2dfbc976052a428dfeb597225d3ea3c725f584d05b99316bd4aa9cbf0ba5e1e37bcde71f9041975cf003b4fdb578c559adb144268d784bfd64494f451491