.gitignore

@@ -1 +1,2 @@
-SOURCES/jbigkit-2.1.tar.gz
+/jbigkit-2.0.tar.gz
+/jbigkit-2.1.tar.gz

.jbigkit.metadata

@@ -1 +0,0 @@
-4864646df004e8331d19f2fa103ed731fdb6c099 SOURCES/jbigkit-2.1.tar.gz

gating.yaml

@@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}

jbigkit-CVE-2013-6369.patch

@@ -0,0 +1,113 @@
+From 377085a7fd41e01c0c1ad5d1c1f90b59e8257593
+From: Markus Kuhn <Markus.Kuhn@cl.cam.ac.uk>
+Subject: [PATCH] Fix two DPPRIV buffer overflows and a bug
+
+* jbig.c:jbg_dec_in(): when a BIE with option DPPRIV=1 was received,
+  the included private DP table (1728 bytes) was loaded into
+  20-byte array s->buffer, creating a buffer overflow vulnerability.
+  It is now loaded instead into a malloc'ed temporary buffer.
+
+* jbig.c:jbg_dec_in(): buffer allocated for internal representation
+  of private DP table was 1728 bytes long, but must be 6912 bytes long,
+  creating another buffer overflow vulnerability.
+
+* jbig.c: a loop in the routines for converting between the internal and
+  external representations of a DP table terminated earlier than intended.
+  As a result, a private DP table provided to the decoder was not
+  interpreted correctly. Likewise, if a user asked the encoder to output
+  its standard DP table (which is only useful for testing), the result
+  would have been incorrect.
+
+* tstcodec.c: test case for DPPRIV=1 added.
+
+The buffer overflow vulnerability was reported by Florian Weimer (Red Hat)
+and has been assigned CVE-2013-6369.
+
+None of these fixes should affect ABI compatibility; jbig.h remains unchanged.
+
+All past releases of jbig.c are believed to be affected.
+The jbig85.c lightwight implementation was not affected.
+---
+ libjbig/jbig.c     |   16 ++++++++++------
+ libjbig/tstcodec.c |   11 ++++++++---
+ 2 files changed, 18 insertions(+), 9 deletions(-)
+
+diff --git a/libjbig/jbig.c b/libjbig/jbig.c
+index f3c35cc..48fc128 100644
+--- a/libjbig/jbig.c
++++ b/libjbig/jbig.c
+@@ -1738,7 +1738,7 @@ void jbg_int2dppriv(unsigned char *dptable, const char *internal)
+ #define FILL_TABLE1(offset, len, trans) \
+   for (i = 0; i < len; i++) { \
+     k = 0; \
+-    for (j = 0; j < 8; j++) \
++    for (j = 0; i >> j; j++) \
+       k |= ((i >> j) & 1) << trans[j]; \
+     dptable[(i + offset) >> 2] |= \
+       (internal[k + offset] & 3) << ((3 - (i&3)) << 1); \
+@@ -1769,7 +1769,7 @@ void jbg_dppriv2int(char *internal, const unsigned char *dptable)
+ #define FILL_TABLE2(offset, len, trans) \
+   for (i = 0; i < len; i++) { \
+     k = 0; \
+-    for (j = 0; j < 8; j++) \
++    for (j = 0; i >> j; j++) \
+       k |= ((i >> j) & 1) << trans[j]; \
+     internal[k + offset] = \
+       (dptable[(i + offset) >> 2] >> ((3 - (i & 3)) << 1)) & 3; \
+@@ -2574,6 +2574,7 @@ int jbg_dec_in(struct jbg_dec_state *s, unsigned char *data, size_t len,
+   unsigned long x, y;
+   unsigned long is[3], ie[3];
+   size_t dummy_cnt;
++  unsigned char *dppriv;
+ 
+   if (!cnt) cnt = &dummy_cnt;
+   *cnt = 0;
+@@ -2711,13 +2712,16 @@ int jbg_dec_in(struct jbg_dec_state *s, unsigned char *data, size_t len,
+       (s->options & (JBG_DPON | JBG_DPPRIV | JBG_DPLAST)) ==
+       (JBG_DPON | JBG_DPPRIV)) {
+     assert(s->bie_len >= 20);
++    if (!s->dppriv || s->dppriv == jbg_dptable)
++      s->dppriv = (char *) checked_malloc(1728, sizeof(char));
+     while (s->bie_len < 20 + 1728 && *cnt < len)
+-      s->buffer[s->bie_len++ - 20] = data[(*cnt)++];
++      s->dppriv[s->bie_len++ - 20] = data[(*cnt)++];
+     if (s->bie_len < 20 + 1728) 
+       return JBG_EAGAIN;
+-    if (!s->dppriv || s->dppriv == jbg_dptable)
+-      s->dppriv = (char *) checked_malloc(1728, sizeof(char));
+-    jbg_dppriv2int(s->dppriv, s->buffer);
++    dppriv = s->dppriv;
++    s->dppriv = (char *) checked_malloc(6912, sizeof(char));
++    jbg_dppriv2int(s->dppriv, dppriv);
++    checked_free(dppriv);
+   }
+ 
+   /*
+diff --git a/libjbig/tstcodec.c b/libjbig/tstcodec.c
+index 44bae57..6289748 100644
+--- a/libjbig/tstcodec.c
++++ b/libjbig/tstcodec.c
+@@ -483,11 +483,16 @@ int main(int argc, char **argv)
+   problems += test_cycle(&pp, 1960, 1951,
+ 			 JBG_DELAY_AT | JBG_TPBON | JBG_TPDON | JBG_DPON,
+ 			 0, 6, 1, 2, 8, 279314L, "3.4");
+-#if 0
+-  puts("Test 3.5: as Test 3.4 but with order bit SEQ set");
++  puts("Test 3.5: as Test 3.4 but with DPPRIV=1");
++  problems += test_cycle(&pp, 1960, 1951,
++			 JBG_DELAY_AT | JBG_TPBON | JBG_TPDON | JBG_DPON |
++			 JBG_DPPRIV,
++			 0, 6, 1, 2, 8, 279314L + 1728, "3.5");
++#if 0 /* Note: option SEQ is currently not supported by the decoder */
++  puts("Test 3.6: as Test 3.4 but with order bit SEQ set");
+   problems += test_cycle(&pp, 1960, 1951,
+ 			 JBG_DELAY_AT | JBG_TPBON | JBG_TPDON | JBG_DPON,
+-			 JBG_SEQ, 6, 1, 2, 8, 279314L, "3.5");
++			 JBG_SEQ, 6, 1, 2, 8, 279314L, "3.6");
+ #endif
+ #endif
+ 
+-- 
+1.7.9.5
+
+

jbigkit.spec

@@ -1,6 +1,6 @@
 Name:           jbigkit
 Version:        2.1
-Release:        14%{?dist}
+Release:        23%{?dist}
 Summary:        JBIG1 lossless image compression tools
 
 License:        GPLv2+
@@ -9,11 +9,14 @@ Source0:        http://www.cl.cam.ac.uk/~mgk25/download/jbigkit-%{version}.tar.g
 Patch0:         jbigkit-2.1-shlib.patch
 Patch1:         jbigkit-2.0-warnings.patch
 Patch2:         jbigkit-ldflags.patch
+# patch for coverity issues - backported from upstream
 Patch3:         jbigkit-covscan.patch
 
 # gcc is no longer in buildroot by default
 # gcc needed for libjbig library and several filters - jbigtopbm, pbmtojbig e.g.
 BuildRequires: gcc
+# uses make
+BuildRequires: make
 
 Requires:       jbigkit-libs%{?_isa} = %{version}-%{release}
 
@@ -53,7 +56,7 @@ formats.
 %patch1 -p1 -b .warnings
 # jbigkit: Partial Fedora build flags injection (bug #1548546)
 %patch2 -p1 -b .ldflags
-# 1602563 - covscan review - patch taken from upstream
+# covscan issues - backported from upstream
 %patch3 -p1 -b .covscan
 
 %build
@@ -83,9 +86,7 @@ install -p -m0644 pbmtools/*.1 $RPM_BUILD_ROOT%{_mandir}/man1
 %check
 make test
 
-%post libs -p /sbin/ldconfig
-
-%postun libs -p /sbin/ldconfig
+%ldconfig_scriptlets libs
 
 %files
 %{_bindir}/???to*
@@ -102,8 +103,36 @@ make test
 %{_includedir}/jbig*.h
 
 %changelog
-* Thu Oct 25 2018 Zdenek Dohnal <zdohnal@redhat.com> - 2.1-14
-- 1602563 - Please review important issues found by covscan in "jbigkit-2.1-12.el8+7" package
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.1-23
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.1-22
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.1-21
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Thu Nov 05 2020 Zdenek Dohnal <zdohnal@redhat.com> - 2.1-20
+- make is no longer in buildroot by default
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.1-19
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.1-18
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.1-17
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.1-16
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Thu Oct 25 2018 Zdenek Dohnal <zdohnal@redhat.com> - 2.1-15
+- fixed typo found by coverity
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.1-14
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 
 * Wed Jul 11 2018 Zdenek Dohnal <zdohnal@redhat.com> - 2.1-13
 - ship license in correct tag

sources

@@ -0,0 +1 @@
+ebcf09bed9f14d7fa188d3bd57349522  jbigkit-2.1.tar.gz