8 changed files with 100 additions and 263 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,9 @@
-SOURCES/libexif-0_6_22-release.tar.gz
+libexif-0.6.19.tar.bz2
 libexif-docs.tar.gz
 /libexif-0.6.20.tar.bz2
 /libexif-doc-0.6.20.tar.bz2
 /libexif-0.6.21.tar.bz2
 /libexif-libexif-0_6_22-release.tar.gz
 /libexif-0_6_22-release.tar.gz
 /libexif-0_6_23-release.tar.gz
 /libexif-0.6.24.tar.bz2
--- a/.libexif.metadata
+++ b/.libexif.metadata
@ -1 +0,0 @@
 9925660e70ee8b5ce480c6a6f30c84b382929142 SOURCES/libexif-0_6_22-release.tar.gz
--- a/SOURCES/CVE-2020-0181-CVE-2020-0198.patch
+++ b/SOURCES/CVE-2020-0181-CVE-2020-0198.patch
@ -1,58 +0,0 @@
 From ce03ad7ef4e8aeefce79192bf5b6f69fae396f0c Mon Sep 17 00:00:00 2001
 From: Marcus Meissner <marcus@jet.franken.de>
 Date: Mon, 8 Jun 2020 17:27:06 +0200
 Subject: [PATCH] fixed another unsigned integer overflow
 first fixed by google in android fork,
 https://android.googlesource.com/platform/external/libexif/+/1e187b62682ffab5003c702657d6d725b4278f16%5E%21/#F0
 (use a more generic overflow check method, also check second overflow instance.)
 https://security-tracker.debian.org/tracker/CVE-2020-0198
 ---
 libexif/exif-data.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)
 diff --git a/libexif/exif-data.c b/libexif/exif-data.c
 index 8b280d3..b495726 100644
 --- a/libexif/exif-data.c
 +++ b/libexif/exif-data.c
@@ -47,6 +47,8 @@
 #undef JPEG_MARKER_APP1
 #define JPEG_MARKER_APP1 0xe1
 +#define CHECKOVERFLOW(offset,datasize,structsize) (( offset >= datasize) || (structsize > datasize) || (offset > datasize - structsize ))
 +
 static const unsigned char ExifHeader[] = {0x45, 0x78, 0x69, 0x66, 0x00, 0x00};
 struct _ExifDataPrivate
@@ -327,7 +329,7 @@ exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d,
 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail offset (%u).", o);
 		return;
 	}
 -	if (s > ds - o) {
 +	if (CHECKOVERFLOW(o,ds,s)) {
 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail size (%u), max would be %u.", s, ds-o);
 		return;
 	}
@@ -420,9 +422,9 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
 	}
 	/* Read the number of entries */
 -	if ((offset + 2 < offset) || (offset + 2 < 2) || (offset + 2 > ds)) {
 +	if (CHECKOVERFLOW(offset, ds, 2)) {
 		exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData",
 -			  "Tag data past end of buffer (%u > %u)", offset+2, ds);
 +			  "Tag data past end of buffer (%u+2 > %u)", offset, ds);
 		return;
 	}
 	n = exif_get_short (d + offset, data->priv->order);
@@ -431,7 +433,7 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
 	offset += 2;
 	/* Check if we have enough data. */
 -	if (offset + 12 * n > ds) {
 +	if (CHECKOVERFLOW(offset, ds, 12*n)) {
 		n = (ds - offset) / 12;
 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
 				  "Short data; only loading %hu entries...", n);
--- a/SOURCES/CVE-2020-0452.patch
+++ b/SOURCES/CVE-2020-0452.patch
@ -1,32 +0,0 @@
 From 9266d14b5ca4e29b970fa03272318e5f99386e06 Mon Sep 17 00:00:00 2001
 From: Marcus Meissner <marcus@jet.franken.de>
 Date: Thu, 5 Nov 2020 09:50:08 +0100
 Subject: [PATCH] fixed a incorrect overflow check that could be optimized
 away.
 inspired by:
 https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b
 https://source.android.com/security/bulletin/2020-11-01
 CVE-2020-0452
 ---
 NEWS                 | 3 ++-
 libexif/exif-entry.c | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)
 diff --git a/libexif/exif-entry.c b/libexif/exif-entry.c
 index 3fc0ff9..4b866ce 100644
 --- a/libexif/exif-entry.c
 +++ b/libexif/exif-entry.c
@@ -1371,8 +1371,8 @@ exif_entry_get_value (ExifEntry *e, char *val, unsigned int maxlen)
 	{
 		unsigned char *utf16;
 -		/* Sanity check the size to prevent overflow */
 -		if (e->size+sizeof(uint16_t)+1 < e->size) break;
 +		/* Sanity check the size to prevent overflow. Note EXIF files are 64kb at most. */
 +		if (e->size >= 65536 - sizeof(uint16_t)*2) break;
 		/* The tag may not be U+0000-terminated , so make a local
 		   U+0000-terminated copy before converting it */
--- a/SOURCES/strip-gettext-nondeterminism
+++ b/SOURCES/strip-gettext-nondeterminism
@ -1,117 +0,0 @@
 #!/usr/bin/perl
 #
 # This is a hacked version of gettext.pm from Debian's strip-nondeterminism project.
 # It is a workaround for https://savannah.gnu.org/bugs/?49654
 #
 # Copyright 2016 Reiner Herrmann <reiner@reiner-h.de>
 # Copyright 2016 Chris Lamb <lamby@debian.org>
 #
 # This file is part of strip-nondeterminism.
 #
 # strip-nondeterminism is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # strip-nondeterminism is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with strip-nondeterminism.  If not, see <http://www.gnu.org/licenses/>.
 #
 use Time::Piece;
 use POSIX qw(strftime);
 use strict;
 use warnings;
 =head1 DEPRECATION PLAN
 Situation unclear. Whilst #792687 is closed, many Gettext related files are
 being normalised based on anecdotal viewings of build logs.
 =cut
 sub read_file($) {
 	my $filename = shift;
 	local $/ = undef;
 	open(my $fh, '<', $filename)
 	  or die "Can't open file $filename for reading: $!";
 	binmode($fh);
 	my $buf = <$fh>;
 	close($fh);
 	return $buf;
 }
 sub normalize {
 	my ($mo_filename, %options) = @_;
 	my $fmt;
 	my $buf = read_file($mo_filename);
 	my $magic = unpack("V", substr($buf, 0*4, 4));
 	if ($magic == 0x950412DE) {
 		# little endian
 		$fmt = "V";
 	} elsif ($magic == 0xDE120495) {
 		# big endian
 		$fmt = "N";
 	} else {
 		# unknown format
 		return 0;
 	}
 	my ($revision, $nstrings, $orig_to, $trans_to)
 	  = unpack($fmt x 4, substr($buf, 1*4, 4*4));
 	my $major = int($revision / 256);
 	my $minor = int($revision % 256);
 	return 0 if $major > 1;
 	my $modified = 0;
 	for (my $i=0; $i < $nstrings; $i++) {
 		my $len = unpack($fmt, substr($buf, $orig_to + $i*8, 4));
 		next if $len > 0;
 		my $offset = unpack($fmt, substr($buf, $orig_to + $i*8 + 4, 4));
 		my $trans_len = unpack($fmt, substr($buf, $trans_to + $i*8));
 		my $trans_offset = unpack($fmt, substr($buf, $trans_to + $i*8 + 4));
 		my $trans_msg = substr($buf, $trans_offset, $trans_len);
 		next unless $trans_msg =~ m/^POT-Creation-Date: (.*)/m;
 		my $pot_date = $1;
 		my $time;
 		eval {$time = Time::Piece->strptime($pot_date, "%Y-%m-%d %H:%M%z");};
 		next if $@;
 		my $new_time = strftime("%Y-%m-%d %H:%M+0000", gmtime(0));
 		$trans_msg
 		  =~ s/\QPOT-Creation-Date: $pot_date\E/POT-Creation-Date: $new_time/;
 		print("Replaced POT-Creation-Date $pot_date with $new_time.\n");
 		next if length($trans_msg) != $trans_len;
 		$buf
 		  = substr($buf, 0, $trans_offset)
 		  . $trans_msg
 		  . substr($buf, $trans_offset + $trans_len);
 		$modified = 1;
 	}
 	if ($modified) {
 		open(my $fh, '>', $mo_filename)
 		  or die "Can't open file $mo_filename for writing: $!";
 		binmode($fh);
 		print $fh $buf;
 		close($fh);
 	}
 	return $modified;
 }
 print("Removing timestamp from " . $ARGV[0] . "...\n");
 normalize($ARGV[0])
--- a/gating.yaml
+++ b/gating.yaml
@ -0,0 +1,6 @@
 --- !Policy
 product_versions:
  - rhel-10
 decision_context: osci_compose_gate
 rules:
  - !PassingTestCaseRule {test_case_name: desktop-qe.desktop-ci.tier1-gating.functional}
--- a/SPECS/libexif.spec
+++ b/SPECS/libexif.spec
@ -1,31 +1,19 @@
 Summary:	Library for extracting extra information from image files
 Name:		libexif
-Version:	0.6.22
+Version:	0.6.24
-Release:	5%{?dist}
+Release:	9%{?dist}
-Group:		System Environment/Libraries
+License:	LGPL-2.1-or-later
 License:	LGPLv2+
 URL:		https://libexif.github.io/
-%global tarball_version %(echo %{version} | sed -e 's|\\.|_|g')
+Source0:	https://github.com/libexif/libexif/releases/download/v%{version}/libexif-%{version}.tar.bz2
 Source0:	https://github.com/libexif/libexif/archive/libexif-%{tarball_version}-release.tar.gz
 Source1:        strip-gettext-nondeterminism
 # https://bugzilla.redhat.com/show_bug.cgi?id=1847753
 # https://bugzilla.redhat.com/show_bug.cgi?id=1847761
 Patch0:         CVE-2020-0181-CVE-2020-0198.patch
 # https://github.com/libexif/libexif/commit/9266d14b5ca4e29b970fa03272318e5f99386e06
 Patch1:         CVE-2020-0452.patch
 BuildRequires:	autoconf
 BuildRequires:	automake
 BuildRequires:	doxygen
 BuildRequires:	gettext-devel
 BuildRequires:	libtool
 BuildRequires:	make
 BuildRequires:	pkgconfig
 # For strip-gettext-nondeterminism
 BuildRequires:  perl(Time::Piece)
 %description
 Most digital cameras produce EXIF files, which are JPEG files with
 extra tags that contain information about the image. The EXIF library
@ -33,9 +21,7 @@ allows you to parse an EXIF file and read the data from those tags.
 %package devel
 Summary:	Files needed for libexif application development
 Group:		Development/Libraries
 Requires:	%{name}%{?_isa} = %{version}-%{release}
 Requires:	pkgconfig
 %description devel
 The libexif-devel package contains the libraries and header files
@ -43,68 +29,112 @@ for writing programs that use libexif.
 %package doc
 Summary:	The EXIF Library API documentation
 Group:		Development/Libraries
 Requires:	%{name}%{?_isa} = %{version}-%{release}
 %description doc
 API Documentation for programmers wishing to use libexif in their programs.
 %prep
-%autosetup -n libexif-libexif-%{tarball_version}-release -p1
+%autosetup -p1
 %build
 autoreconf -fiv
 %configure --disable-static
 make %{?_smp_mflags}
 %install
 make DESTDIR=%{buildroot} install
 find %{buildroot} -name "*.la" -exec rm -v {} \;
 rm -rf %{buildroot}%{_datadir}/doc/libexif
 cp -R doc/doxygen-output/libexif-api.html .
 iconv -f latin1 -t utf-8 < COPYING > COPYING.utf8; cp COPYING.utf8 COPYING
 iconv -f latin1 -t utf-8 < README > README.utf8; cp README.utf8 README
-find %{buildroot} -type f -name '*.mo' -exec %{SOURCE1} {} \;
+
 %build
 %configure --disable-static
 %make_build
 %install
 %make_install
 rm -rf %{buildroot}%{_datadir}/doc/libexif
 %find_lang libexif-12
 %check
 make check
-%ldconfig_scriptlets
+%check
 %make_build check
 %files -f libexif-12.lang
-%doc COPYING README NEWS
+%doc README NEWS
 %license COPYING
 %{_libdir}/libexif.so.12*
 %files devel
 %{_includedir}/libexif
-%{_libdir}/*.so
+%{_libdir}/libexif.so
 %{_libdir}/pkgconfig/libexif.pc
 %files doc
-%doc libexif-api.html
+%doc doc/doxygen-output/libexif-api.html
 %changelog
-* Mon Dec 07 2020 Richard Hughes <rhughes@redhat.com> - 0.6.22-5
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 0.6.24-9
- Fix CVE-2020-0452
+- Bump release for October 2024 mass rebuild:
- Resolves: #1902593
+  Resolves: RHEL-64018
-* Thu Jun 25 2020 Michael Catanzaro <mcatanzaro@redhat.com> - 0.6.22-4
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 0.6.24-8
- Add patch for CVE-2020-0181/CVE-2020-0198
+- Bump release for June 2024 mass rebuild
 - Resolves: #1847753
 - Resolves: #1847761
-* Thu Jun 04 2020 Michael Catanzaro <mcatanzaro@redhat.com> - 0.6.22-3
+* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.24-7
- Also remove timezone from the .mo files
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
 - Related: #1841320
-* Wed Jun 03 2020 Michael Catanzaro <mcatanzaro@redhat.com> - 0.6.22-2
+* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.24-6
- Remove timestamps from the .mo files to avoid multilib conflicts
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
 - Related: #1841320
-* Mon Jun 01 2020 Michael Catanzaro <mcatanzaro@redhat.com> - 0.6.22-1
+* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.24-5
- Upgrade to 0.6.22
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
- Resolves: #1841320
+
 * Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.24-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
 * Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.24-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
 * Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.24-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
 * Tue Nov 30 2021 Yaakov Selkowitz <yselkowi@redhat.com> - 0.6.24-1
 - 0.6.24 (#2026626)
 * Wed Sep 15 2021 Rex Dieter <rdieter@fedoraproject.org> - 0.6.23-1
 - 0.6.23 (#2003457)
 * Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.22-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.22-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Mon Nov 09 2020 Michael Catanzaro <mcatanzaro@redhat.com> - 0.6.22-3
 - Fix CVE-2020-0181, CVE-2020-0198, and CVE-2020-0452
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.22-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Mon May 18 2020 Rex Dieter <rdieter@fedoraproject.org> - 0.6.22-1
 - 0.6.22
 - .spec cleanup
 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.21-21
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.21-20
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 * Tue Feb 12 2019 Yaakov Selkowitz <yselkowi@redhat.com> - 0.6.21-19
 - Fix for CVE-2018-20030 (#1663879)
 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.21-18
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.21-17
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 * Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.21-16
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--- a/1
+++ b/1
@ -0,0 +1 @@
 SHA512 (libexif-0.6.24.tar.bz2) = 35c9e7af2c3d44a638dc6bbe8f96962d41c0f3fe4a257494f7a73baefab9aba507477175289ccf9002a66cc16ca53d5d1f44d6fef9e014b27f687ecdc58f5111
		`@ -1 +0,0 @@`
			`9925660e70ee8b5ce480c6a6f30c84b382929142 SOURCES/libexif-0_6_22-release.tar.gz`
		`@ -0,0 +1 @@`
							`SHA512 (libexif-0.6.24.tar.bz2) = 35c9e7af2c3d44a638dc6bbe8f96962d41c0f3fe4a257494f7a73baefab9aba507477175289ccf9002a66cc16ca53d5d1f44d6fef9e014b27f687ecdc58f5111`