Compare commits

..

No commits in common. "d006d9d3301517c321c11cd7f6be6f139a9b2423" and "c648731b3ac142b816b998375c85264922fda02c" have entirely different histories.

6 changed files with 4 additions and 60 deletions

View File

@ -1 +0,0 @@
775f9c5ddeb92b682da8b7737f9811009595dc6a exiv2-0.27.5-Source.tar.gz

3
.gitignore vendored
View File

@ -3,6 +3,3 @@
/exiv2-0.27.2-Source.tar.gz
/exiv2-0.27.3-Source.tar.gz
/exiv2-0.27.4-Source.tar.gz
/issue_ghsa_mxw9_qx4c_6m8v_poc.jp2
/issue_ghsa_583f_w9pm_99r2_poc.jp2
/exiv2-0.27.5-Source.tar.gz

View File

@ -1,13 +0,0 @@
diff --git a/cmake/mainSetup.cmake b/cmake/mainSetup.cmake
index fcaa21f..f69fc46 100644
--- a/cmake/mainSetup.cmake
+++ b/cmake/mainSetup.cmake
@@ -23,8 +23,6 @@ if (UNIX)
if (APPLE)
set(CMAKE_MACOSX_RPATH ON)
set(CMAKE_INSTALL_RPATH "@loader_path")
- else()
- join_paths(CMAKE_INSTALL_RPATH "$ORIGIN" ".." "${CMAKE_INSTALL_LIBDIR}")
endif()
endif()

View File

@ -3,7 +3,7 @@
Summary: Exif and Iptc metadata manipulation library
Name: exiv2
Version: 0.27.5
Version: 0.27.4
%global internal_ver %{version}
Release: 2%{?dist}
@ -20,7 +20,6 @@ Source0: http://exiv2.org/builds/%{name}-%{version}-Source.tar.gz
## security fixes
## upstreamable patches
Patch0: exiv2-no-rpath.patch
BuildRequires: cmake
BuildRequires: expat-devel
@ -70,9 +69,11 @@ BuildArch: noarch
%description doc
%{summary}.
%prep
%autosetup -n %{name}-%{version}-%{?beta}%{!?beta:Source} -p1
%build
%cmake \
-DCMAKE_INSTALL_DOCDIR="%{_pkgdocdir}" \
@ -125,42 +126,6 @@ test -x %{buildroot}%{_libdir}/libexiv2.so
%changelog
* Mon Nov 15 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.5-2
- Remove RPATH
Resolves: bz#2018421
* Fri Nov 12 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.5-1
- Exiv2 0.27.5
Resolves: bz#2018421
Fix stack exhaustion issue in the printIFDStructure function leading to DoS
Resolves: bz#2003670
* Tue Aug 24 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-7
- Properly install POC files
Resolves: bz#1993247
Resolves: bz#1993284
* Tue Aug 24 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-6
- Include missing tests for CVEs
Resolves: bz#1993247
Resolves: bz#1993284
* Wed Aug 18 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-5
- Fix test for CVE-2021-29470
Resolves: bz#1993284
* Wed Aug 18 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-4
- Fix out-of-bounds read in Exiv2::Jp2Image::printStructure
Resolves: bz#1993247
- Fix out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header
Resolves: bz#1993284
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.27.4-3
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Thu Aug 05 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-2
- Do not duplicate changelog file
Resolves: bz#1989848

View File

@ -1,4 +0,0 @@
---
badfuncs:
ignore:
- /usr/lib*/libexiv2.so*

View File

@ -1 +1 @@
SHA512 (exiv2-0.27.5-Source.tar.gz) = 0f2d2dfbc976052a428dfeb597225d3ea3c725f584d05b99316bd4aa9cbf0ba5e1e37bcde71f9041975cf003b4fdb578c559adb144268d784bfd64494f451491
SHA512 (exiv2-0.27.4-Source.tar.gz) = f6798baafb36a54ba5bc65c2d28d4f4469e298582c90b417eb437b5dbda8e11963fb3314e8419717b3815ee8c3a68955cddc79e45351d9f2c165a0b73eb7b7be