4 changed files with 95 additions and 97 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/jbig2dec-0.16.tar.gz
+SOURCES/jbig2dec-0.19.tar.gz
--- a/.jbig2dec.metadata
+++ b/.jbig2dec.metadata
@ -1 +1 @@
-38c62210d92102952b18400b15eb4e727a755bfd SOURCES/jbig2dec-0.16.tar.gz
+290c2c15f672b8d6d73351bbd94925d7bd2a293c SOURCES/jbig2dec-0.19.tar.gz
--- a/SOURCES/CVE-2020-12268.patch
+++ b/SOURCES/CVE-2020-12268.patch
@ -1,48 +0,0 @@
 From 24ddcfc7e37c0ce3b0f1852042ee431a53fd774c Mon Sep 17 00:00:00 2001
 From: Robin Watts <Robin.Watts@artifex.com>
 Date: Mon, 27 Jan 2020 10:12:24 -0800
 Subject: [PATCH] Fix OSS-Fuzz issue 20332: buffer overflow in
 jbig2_image_compose.
 With extreme values of x/y/w/h we can get overflow. Test for this
 and exit safely.
 Thanks for OSS-Fuzz for reporting.
 ---
 jbig2_image.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 diff --git a/jbig2_image.c b/jbig2_image.c
 index 22e21ef..f036cef 100644
 --- a/jbig2_image.c
 +++ b/jbig2_image.c
@@ -34,6 +34,10 @@
 #define INT32_MAX  0x7fffffff
 #endif
 +#if !defined (UINT32_MAX)
 +#define UINT32_MAX  0xffffffffu
 +#endif
 +
 /* allocate a Jbig2Image structure and its associated bitmap */
 Jbig2Image *
 jbig2_image_new(Jbig2Ctx *ctx, uint32_t width, uint32_t height)
@@ -255,6 +259,15 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int
     uint8_t *d, *dd;
     uint8_t mask, rightmask;
 +    if ((UINT32_MAX - src->width  < (x > 0 ? x : -x)) ||
 +        (UINT32_MAX - src->height < (y > 0 ? y : -y)))
 +    {
 +#ifdef JBIG2_DEBUG
 +        jbig2_error(ctx, JBIG2_SEVERITY_DEBUG, -1, "overflow in compose_image");
 +#endif
 +        return 0;
 +    }
 +
     if (src == NULL)
         return 0;
 -- 
 2.26.2
--- a/SPECS/jbig2dec.spec
+++ b/SPECS/jbig2dec.spec
@ -1,16 +1,14 @@
-Name:           jbig2dec
+Name:		jbig2dec
-Version:        0.16
+Version:	0.19
-Release:        1%{?dist}
+Release:	7%{?dist}
-Summary:        A decoder implementation of the JBIG2 image compression format 
+Summary:	A decoder implementation of the JBIG2 image compression format 
-
+License:	AGPLv3+
-Group:          System Environment/Libraries
+URL:		http://jbig2dec.sourceforge.net/
-License:        GPLv2
+Source0:	https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs952/%{name}-%{version}.tar.gz
-URL:            http://jbig2dec.sourceforge.net/
+Requires:	%{name}-libs = %{version}-%{release}
-Source0:        https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs927/%{name}-%{version}.tar.gz
+BuildRequires:	libtool
-BuildRequires:  libtool
+BuildRequires:	libpng-devel
-Requires:       %{name}-libs = %{version}-%{release}
+BuildRequires: make
 Patch0:         CVE-2020-12268.patch
 %description
 jbig2dec is a decoder implementation of the JBIG2 image compression format.
@ -19,11 +17,10 @@ monochrome) images at moderately high resolution, and in particular scanned
 paper documents. In this domain it is very efficient, offering compression
 ratios on the order of 100:1.
-%package  libs 
+%package libs 
-Summary:         A decoder implementation of the JBIG2 image compression format
+Summary:	A decoder implementation of the JBIG2 image compression format
 Group:           System Environment/Libraries
-%description  libs 
+%description libs 
 jbig2dec is a decoder implementation of the JBIG2 image compression format.
 JBIG2 is designed for lossy or lossless encoding of 'bilevel' (1-bit
 monochrome) images at moderately high resolution, and in particular scanned
@ -32,12 +29,11 @@ ratios on the order of 100:1.
 This package provides the shared jbig2dec library.
-%package  devel
+%package devel
-Summary:          Static library and header files for development with jbig2dec
+Summary:	Static library and header files for development with jbig2dec
-Group:            Development/Libraries
+Requires:	%{name}-libs = %{version}-%{release}
 Requires:         %{name}-libs = %{version}-%{release}
-%description  devel
+%description devel
 jbig2dec is a decoder implementation of the JBIG2 image compression format.
 JBIG2 is designed for lossy or lossless encoding of 'bilevel' (1-bit
 monochrome) images at moderately high resolution, and in particular scanned
@ -49,37 +45,34 @@ which requires the jbig2dec library.
 %prep
-%setup -q
+%autosetup
 %patch0 -p1
 %build
-autoreconf -i
+autoreconf -fi
-%configure
+%configure --disable-static
-make %{?_smp_mflags}
+%make_build
 %install
-make DESTDIR=%{buildroot} install
+%make_install
 rm -f %{buildroot}%{_libdir}/*.a
 rm -f %{buildroot}%{_libdir}/*.la
-%post libs -p /sbin/ldconfig
+%ldconfig_scriptlets libs
 %postun  libs -p /sbin/ldconfig
 %files
 %doc CHANGES COPYING LICENSE README
 %{_bindir}/jbig2dec
-%{_mandir}/man?/jbig2dec.1.gz
+%{_mandir}/man?/jbig2dec.1*
-%files  devel
+%files devel
 %doc CHANGES COPYING LICENSE README
 %{_includedir}/jbig2.h
 %{_libdir}/libjbig2dec.so
 %{_libdir}/pkgconfig/%{name}.pc
-%files  libs
+%files libs
 %doc CHANGES COPYING LICENSE README
 %{_libdir}/libjbig2dec.so.0
 %{_libdir}/libjbig2dec.so.0.0.0
@ -87,17 +80,70 @@ rm -f %{buildroot}%{_libdir}/*.la
 %changelog
-* Thu Oct 08 2020 Nikola Forró <nforro@redhat.com> - 0.16-1
+* Mon Jan 30 2023 Matej Mužila <mmuzila@redhat.com> - 0.19-7
- Update to 0.16
+- Rebuilt for RHEL-9.2.0
-  resolves: #1886011
+- Resolves: #2121499
-* Sun Jun 28 2020 Nikola Forró <nforro@redhat.com> - 0.14-4
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.19-6
- Add explicit package version requirement on jbig2dec-libs to jbig2dec
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
-  related: #1851058
+  Related: rhbz#1991688
-* Fri Jun 26 2020 Nikola Forró <nforro@redhat.com> - 0.14-3
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.19-5
- Fix CVE-2020-12268
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
-  resolves: #1851058
+
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.19-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Sun Dec 13 2020 Orion Poplawski <orion@nwra.com> - 0.19-3
 - Use autoreconf -f to remove rpath
 - Use --disable-static to disable static builds
 - Use current make macros
 * Fri Sep 18 2020 Michael J Gruber <mjg@fedoraproject.org> - 0.19-2
 - remove ABI patch (and coordinate builds)
 * Thu Sep 17 2020 Anna Khaitovich <akhaitov@redhat.com> - 0.19-1
 - Rebase to 0.19
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.18-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Wed Jul 08 2020 Michael J Gruber <mjg@fedoraproject.org> - 0.18-3
 - build with libpng
 * Wed Jul 08 2020 Nikola Forró <nforro@redhat.com> - 0.18-2
 - fix License
 * Mon May 11 2020 Michael J Gruber <mjg@fedoraproject.org> - 0.18-1
 - rebase to 0.18 (bz #1818706)
 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.17-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Sat Dec 14 2019 Michael J Gruber <mjg@fedoraproject.org> - 0.17-3
 - require exact libs version
 - clean up white space
 * Sat Nov 09 2019 Michael J Gruber <mjg@fedoraproject.org> - 0.17-2
 - restore ABI-compatibilty (#1770160)
 * Thu Nov 07 2019 Michael J Gruber <mjg@fedoraproject.org> - 0.17-1
 - bugfix release (bz #1761919)
 * Thu Aug 15 2019 Michael J Gruber <mjg@fedoraproject.org> - 0.16-1
 - rebase to 0.16 (bz #1741605)
 * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.14-6
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.14-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 * Tue Sep 18 2018 Owen Taylor <otaylor@redhat.com> - 0.14-4
 - Handle both compressed and uncompressed man pages
 * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.14-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 * Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.14-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
@ -114,10 +160,10 @@ rm -f %{buildroot}%{_libdir}/*.la
 * Thu May 11 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 0.13.4
 - Add fix for CVE-2017-7976 (#1443898)
-* Wed May  3 2017 Pavel Zhukov <pzhukov@redhat.com> - 0.13-3
+* Wed May 03 2017 Pavel Zhukov <pzhukov@redhat.com> - 0.13-3
 - Prevent segserv due to int overflow (#1443898)
-* Tue Mar 07 2017  Pavel Zhukov <landgraf@fedoraproject.org> - 0.13-1
+* Tue Mar 07 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 0.13-1
 - New release 0.13
 * Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.12-4
@ -157,7 +203,7 @@ rm -f %{buildroot}%{_libdir}/*.la
 * Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.11-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
-* Wed Jan 12 2011 Pavel Zhukov <landgraf@fedoraproject.org>  - 0.11-2.fc14
+* Wed Jan 12 2011 Pavel Zhukov <landgraf@fedoraproject.org> - 0.11-2.fc14
 - Fixed some spec errors
 * Tue Jan 11 2011 Pavel Zhukov <landgraf@fedoraproject.org> - 0.11-1.fc14
`@ -1 +1 @@`
	`SOURCES/jbig2dec-0.16.tar.gz`	`SOURCES/jbig2dec-0.19.tar.gz`
`@ -1 +1 @@`
	`38c62210d92102952b18400b15eb4e727a755bfd SOURCES/jbig2dec-0.16.tar.gz`	`290c2c15f672b8d6d73351bbd94925d7bd2a293c SOURCES/jbig2dec-0.19.tar.gz`