Resolves: #1491888 - Rebase to the latest upstream version 2.0.14

2017-09-15 08:56:59 +02:00 · 2017-09-15 08:56:59 +02:00 · 9b4bfb1c53
commit 9b4bfb1c53
parent 3dd700edaf
5 changed files with 7 additions and 38 deletions
--- a/.gitignore
+++ b/.gitignore
@ -11,3 +11,4 @@ jasper-1.900.1.zip
 /jasper-2.0.2.tar.gz
 /jasper-2.0.10.tar.gz
 /jasper-2.0.12.tar.gz
+/jasper-2.0.14.tar.gz
--- a/jasper-1.900.1-CVE-2008-3520.patch
+++ b/jasper-1.900.1-CVE-2008-3520.patch
@ -1,13 +0,0 @@
-diff --git a/src/libjasper/jp2/jp2_cod.c b/src/libjasper/jp2/jp2_cod.c
-index 7f3608a..c4ba73c 100644
--- a/src/libjasper/jp2/jp2_cod.c
-+++ b/src/libjasper/jp2/jp2_cod.c
-@@ -248,7 +248,7 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
- 	box = 0;
- 	tmpstream = 0;
- 
-	if (!(box = jas_malloc(sizeof(jp2_box_t)))) {
-+	if (!(box = jas_calloc(1, sizeof(jp2_box_t)))) {
- 		goto error;
- 	}
- 
--- a/jasper-2.0.12-CVE-2017-1000050.patch
+++ b/jasper-2.0.12-CVE-2017-1000050.patch
@ -1,15 +0,0 @@
-diff -urNp old/src/libjasper/jp2/jp2_enc.c new/src/libjasper/jp2/jp2_enc.c
--- old/src/libjasper/jp2/jp2_enc.c	2017-08-25 12:49:46.242889564 +0200
-+++ new/src/libjasper/jp2/jp2_enc.c	2017-08-25 12:56:41.041654317 +0200
-@@ -115,6 +115,11 @@ int jp2_encode(jas_image_t *image, jas_s
- 	iccstream = 0;
- 	iccprof = 0;
- 
-+	if (jas_image_numcmpts(image) < 1) {
-+		jas_eprintf("image must have at least one component\n");
-+		goto error;
-+	}
-+
- 	allcmptssame = 1;
- 	sgnd = jas_image_cmptsgnd(image, 0);
- 	prec = jas_image_cmptprec(image, 0);
--- a/jasper.spec
+++ b/jasper.spec
@ -6,8 +6,8 @@
 Summary: Implementation of the JPEG-2000 standard, Part 1
 Name:    jasper
 Group:   System Environment/Libraries
-Version: 2.0.12
-Release: 4%{?dist}
+Version: 2.0.14
+Release: 1%{?dist}

 %if "%{version}" > "1.900.1"
 %define ext .tar.gz
@ -19,11 +19,6 @@ License: JasPer
 URL:     http://www.ece.uvic.ca/~frodo/jasper/
 Source0: http://www.ece.uvic.ca/~frodo/jasper/software/jasper-%{version}%{ext}

-# OpenBSD hardening patches addressing couple of possible integer overflows
-# during the memory allocations
-# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3520
-Patch1: jasper-1.900.1-CVE-2008-3520.patch
-Patch2: jasper-2.0.12-CVE-2017-1000050.patch

 # architecture related patches
 Patch100: jasper-2.0.2-test-ppc64-disable.patch
@ -73,8 +68,6 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}

 %prep
 %setup -q -n %{name}-%{version}
-%patch1 -p1 -b .CVE-2008-3520
-%patch2 -p1 -b .CVE-2017-1000050

 # Need to disable one test to be able to build it on ppc64 arch
 # At ppc64 this test just stuck (nothing happend - no exception or error)
@ -152,6 +145,9 @@ popd


 %changelog
+* Fri Sep 15 2017 rebase-helper <rebase-helper@localhost.local> - 2.0.14-1
+- New upstream release 2.0.14 (#1491888)
+
 * Fri Aug 25 2017 Josef Ridky <jridky@redhat.com> - 2.0.12-4
 - CVE-2017-1000050 jasper: NULL pointer exception in jp2_encode() (#1472888)

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (jasper-2.0.12.tar.gz) = 3b0f5a5640838b328d989a80461a23ca8ac98af054a7f15c13a543e769c98bb632b74114923c02c3b2de76747187747aec6e18a2cf14035a8d79eb3482fd553b
+SHA512 (jasper-2.0.14.tar.gz) = 9e5cffd2e899e37ba08890e2377ddfc3c2fb13d9fe00dea6b4612e4d241a6f4327de6835809b415c41ae4bf44208cf7871c1982ff5fc04ae6bc09fd376b0afc8