New release 1.900.3

.gitignore

@@ -4,3 +4,4 @@ jasper-1.701.0.zip
 jasper-1.900.0.zip
 jasper-1.900.1.zip
 /jasper-1.900.2.tar.gz
+/jasper-1.900.3.tar.gz

jasper-1.900.1-Coverity-UNREACHABLE.patch

@@ -1,37 +0,0 @@
-Error: UNREACHABLE
-jp2/jp2_cod.c:304: unreachable: This code cannot be reached: "abort();".
-
-jp2/jp2_cod.c:514: unreachable: This code cannot be reached: "abort();".
-
-jp2/jp2_enc.c:354: unreachable: This code cannot be reached: "abort();".
-
-diff -up jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.unreachable jasper-1.900.1/src/libjasper/jp2/jp2_cod.c
---- jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.unreachable	2007-01-19 22:43:05.000000000 +0100
-+++ jasper-1.900.1/src/libjasper/jp2/jp2_cod.c	2011-06-27 15:28:13.083137952 +0200
-@@ -301,7 +301,6 @@ jp2_box_t *jp2_box_get(jas_stream_t *in)
- 	}
- 
- 	return box;
--	abort();
- 
- error:
- 	if (box) {
-@@ -511,7 +510,6 @@ int jp2_box_put(jp2_box_t *box, jas_stre
- 	}
- 
- 	return 0;
--	abort();
- 
- error:
- 
-diff -up jasper-1.900.1/src/libjasper/jp2/jp2_enc.c.unreachable jasper-1.900.1/src/libjasper/jp2/jp2_enc.c
---- jasper-1.900.1/src/libjasper/jp2/jp2_enc.c.unreachable	2007-01-19 22:43:05.000000000 +0100
-+++ jasper-1.900.1/src/libjasper/jp2/jp2_enc.c	2011-06-27 15:27:58.858353979 +0200
-@@ -351,7 +351,6 @@ int sgnd;
- 	}
- 
- 	return 0;
--	abort();
- 
- error:
- 

jasper-CVE-2014-8137.patch

@@ -1,57 +0,0 @@
---- jasper-1.900.1.orig/src/libjasper/base/jas_icc.c	2014-12-11 14:06:44.000000000 +0100
-+++ jasper-1.900.1/src/libjasper/base/jas_icc.c	2014-12-11 15:16:37.971272386 +0100
-@@ -1009,7 +1009,6 @@ static int jas_icccurv_input(jas_iccattr
- 	return 0;
- 
- error:
--	jas_icccurv_destroy(attrval);
- 	return -1;
- }
- 
-@@ -1127,7 +1126,6 @@ static int jas_icctxtdesc_input(jas_icca
- #endif
- 	return 0;
- error:
--	jas_icctxtdesc_destroy(attrval);
- 	return -1;
- }
- 
-@@ -1206,8 +1204,6 @@ static int jas_icctxt_input(jas_iccattrv
- 		goto error;
- 	return 0;
- error:
--	if (txt->string)
--		jas_free(txt->string);
- 	return -1;
- }
- 
-@@ -1328,7 +1324,6 @@ static int jas_icclut8_input(jas_iccattr
- 		goto error;
- 	return 0;
- error:
--	jas_icclut8_destroy(attrval);
- 	return -1;
- }
- 
-@@ -1497,7 +1492,6 @@ static int jas_icclut16_input(jas_iccatt
- 		goto error;
- 	return 0;
- error:
--	jas_icclut16_destroy(attrval);
- 	return -1;
- }
- 
---- jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c	2014-12-11 14:30:54.193209780 +0100
-+++ jasper-1.900.1/src/libjasper/jp2/jp2_dec.c	2014-12-11 14:36:46.313217814 +0100
-@@ -291,7 +291,10 @@ jas_image_t *jp2_decode(jas_stream_t *in
- 	case JP2_COLR_ICC:
- 		iccprof = jas_iccprof_createfrombuf(dec->colr->data.colr.iccp,
- 		  dec->colr->data.colr.iccplen);
--		assert(iccprof);
-+		if (!iccprof) {
-+			jas_eprintf("error: failed to parse ICC profile\n");
-+			goto error;
-+		}
- 		jas_iccprof_gethdr(iccprof, &icchdr);
- 		jas_eprintf("ICC Profile CS %08x\n", icchdr.colorspc);
- 		jas_image_setclrspc(dec->image, fromiccpcs(icchdr.colorspc));

jasper-CVE-2016-2089-matrix-rows-NULL-check.diff

@@ -1,83 +0,0 @@
-diff -pru jasper-1.900.1.orig/src/libjasper/base/jas_image.c jasper-1.900.1/src/libjasper/base/jas_image.c
---- jasper-1.900.1.orig/src/libjasper/base/jas_image.c	2016-02-01 14:53:56.000000000 +0100
-+++ jasper-1.900.1/src/libjasper/base/jas_image.c	2016-02-01 21:49:58.746006339 +0100
-@@ -433,6 +433,10 @@ int jas_image_readcmpt(jas_image_t *imag
- 		return -1;
- 	}
- 
-+	if (!data->rows_) {
-+		return -1;
-+	}
-+
- 	if (jas_matrix_numrows(data) != height || jas_matrix_numcols(data) != width) {
- 		if (jas_matrix_resize(data, height, width)) {
- 			return -1;
-@@ -486,6 +490,10 @@ int jas_image_writecmpt(jas_image_t *ima
- 		return -1;
- 	}
- 
-+	if (!data->rows_) {
-+		return -1;
-+	}
-+
- 	if (jas_matrix_numrows(data) != height || jas_matrix_numcols(data) != width) {
- 		return -1;
- 	}
-diff -pru jasper-1.900.1.orig/src/libjasper/base/jas_seq.c jasper-1.900.1/src/libjasper/base/jas_seq.c
---- jasper-1.900.1.orig/src/libjasper/base/jas_seq.c	2016-02-01 14:53:56.000000000 +0100
-+++ jasper-1.900.1/src/libjasper/base/jas_seq.c	2016-02-01 21:53:45.149193159 +0100
-@@ -266,6 +266,10 @@ void jas_matrix_divpow2(jas_matrix_t *ma
- 	int rowstep;
- 	jas_seqent_t *data;
- 
-+	if (!matrix->rows_) {
-+		return;
-+	}
-+
- 	rowstep = jas_matrix_rowstep(matrix);
- 	for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
- 	  rowstart += rowstep) {
-@@ -286,6 +290,10 @@ void jas_matrix_clip(jas_matrix_t *matri
- 	jas_seqent_t *data;
- 	int rowstep;
- 
-+	if (!matrix->rows_) {
-+		return;
-+	}
-+
- 	rowstep = jas_matrix_rowstep(matrix);
- 	for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
- 	  rowstart += rowstep) {
-@@ -310,6 +318,10 @@ void jas_matrix_asr(jas_matrix_t *matrix
- 	int rowstep;
- 	jas_seqent_t *data;
- 
-+	if (!matrix->rows_) {
-+		return;
-+	}
-+
- 	assert(n >= 0);
- 	rowstep = jas_matrix_rowstep(matrix);
- 	for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
-@@ -329,6 +341,10 @@ void jas_matrix_asl(jas_matrix_t *matrix
- 	int rowstep;
- 	jas_seqent_t *data;
- 
-+	if (!matrix->rows_) {
-+		return;
-+	}
-+
- 	rowstep = jas_matrix_rowstep(matrix);
- 	for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
- 	  rowstart += rowstep) {
-@@ -371,6 +387,10 @@ void jas_matrix_setall(jas_matrix_t *mat
- 	int rowstep;
- 	jas_seqent_t *data;
- 
-+	if (!matrix->rows_) {
-+		return;
-+	}
-+
- 	rowstep = jas_matrix_rowstep(matrix);
- 	for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
- 	  rowstart += rowstep) {

jasper.spec

@@ -6,8 +6,8 @@
 Summary: Implementation of the JPEG-2000 standard, Part 1
 Name:    jasper
 Group:   System Environment/Libraries
-Version: 1.900.2
-Release: 2%{?dist}
+Version: 1.900.3
+Release: 1%{?dist}
 
 %if "%{version}" >= "1.900.2"
 %define ext .tar.gz
@@ -27,13 +27,10 @@ Patch1: patch-libjasper-stepsizes-overflow.diff
 # https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3520
 Patch2: jasper-1.900.1-CVE-2008-3520.patch
 Patch3: jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch
-Patch4: jasper-CVE-2014-8137.patch
-Patch5: jasper-CVE-2016-2089-matrix-rows-NULL-check.diff
 
 # Issues found by static analysis of code
 Patch110: jasper-1.900.1-Coverity-NULL_RETURNS.patch
 Patch111: jasper-1.900.1-Coverity-RESOURCE_LEAK.patch
-Patch112: jasper-1.900.1-Coverity-UNREACHABLE.patch
 
 # autoreconf
 BuildRequires: autoconf automake libtool
@@ -82,12 +79,9 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 %patch1 -p1 -b .CVE-2007-2721
 %patch2 -p1 -b .CVE-2008-3520
 %patch3 -p1 -b .CVE-2011-4516-4517
-%patch4 -p1 -b .CVE-2014-8137-variant2
-%patch5 -p1 -b .CVE-2016-2089
 
 %patch110 -p1 -b .NULL_RETURNS
 %patch111 -p1 -b .RESOURCE_LEAK
-%patch112 -p1 -b .UNREACHABLE
 
 autoreconf --verbose --force --install
 
@@ -157,6 +151,9 @@ make check
 
 
 %changelog
+* Thu Oct 13 2016 Josef Ridky <jridky@redhat.com> - 1.900.3-1
+- New upstream release 1.900.3
+
 * Tue Oct 11 2016 Josef Ridky <jridky@redhat.com> - 1.900.2-2
 - CVE-2016-2089 - matrix rows_ NULL pointer dereference in jas_matrix_clip() (#1302636)
 

sources

@@ -1 +1 @@
-7b5a75e769e03c94c5f4849001cfcfa5  jasper-1.900.2.tar.gz
+648c3b863516a5204e406de4011ab140  jasper-1.900.3.tar.gz