.gitignore

@@ -1 +1 @@
-SOURCES/v0.2.9.tar.gz
+SOURCES/v0.2.12.tar.gz

.libwmf.metadata

@@ -1 +1 @@
-b63f95da60db128f53ca61c2941f1c07c820d02f SOURCES/v0.2.9.tar.gz
+490a26175ad667fbc0c009d390bf56644919bed6 SOURCES/v0.2.12.tar.gz

SOURCES/0001-merge-in-fixes-for-libgd-CVE-2019-6978.patch

@@ -1,148 +0,0 @@
-From f58c813f8afcd08acdd630f378cff1a5009655cc Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
-Date: Thu, 31 Jan 2019 16:02:19 +0000
-Subject: [PATCH] merge in fixes for libgd CVE-2019-6978
-
----
- README                 |  5 +++++
- configure.ac           |  2 +-
- src/extra/gd/gd_jpeg.c | 21 +++++++++++++++++----
- src/extra/gd/gd_wbmp.c | 24 ++++++++++++++++++++++--
- 4 files changed, 45 insertions(+), 7 deletions(-)
-
-diff --git a/src/extra/gd/gd_jpeg.c b/src/extra/gd/gd_jpeg.c
-index 7e6dfbb..b270186 100644
---- a/src/extra/gd/gd_jpeg.c
-+++ b/src/extra/gd/gd_jpeg.c
-@@ -72,6 +72,8 @@ fatal_jpeg_error (j_common_ptr cinfo)
-   exit (99);
- }
- 
-+static int _gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality);
-+
- /*
-  * Write IM to OUTFILE as a JFIF-formatted JPEG image, using quality
-  * QUALITY.  If QUALITY is in the range 0-100, increasing values
-@@ -93,8 +95,12 @@ gdImageJpegPtr (gdImagePtr im, int *size, int quality)
- {
-   void *rv;
-   gdIOCtx *out = gdNewDynamicCtx (2048, NULL);
--  gdImageJpegCtx (im, out, quality);
--  rv = gdDPExtractData (out, size);
-+  if (out == NULL) return NULL;
-+  if (!_gdImageJpegCtx(im, out, quality)) {
-+    rv = gdDPExtractData(out, size);
-+  } else {
-+    rv = NULL;
-+  }
-   out->free (out);
-   return rv;
- }
-@@ -103,6 +109,12 @@ static void jpeg_gdIOCtx_dest (j_compress_ptr cinfo, gdIOCtx * outfile);
- 
- void
- gdImageJpegCtx (gdImagePtr im, gdIOCtx * outfile, int quality)
-+{
-+  _gdImageJpegCtx(im, outfile, quality);
-+}
-+
-+/* returns 0 on success, 1 on failure */
-+static int _gdImageJpegCtx(gdImagePtr im, gdIOCtx *outfile, int quality)
- {
-   struct jpeg_compress_struct cinfo;
-   struct jpeg_error_mgr jerr;
-@@ -139,7 +151,7 @@ gdImageJpegCtx (gdImagePtr im, gdIOCtx * outfile, int quality)
-       /* we're here courtesy of longjmp */
-       if (row)
- 	gdFree (row);
--      return;
-+      return 1;
-     }
- 
-   cinfo.err->error_exit = fatal_jpeg_error;
-@@ -173,7 +185,7 @@ gdImageJpegCtx (gdImagePtr im, gdIOCtx * outfile, int quality)
-       fprintf (stderr, "gd-jpeg: error: unable to allocate JPEG row "
- 	       "structure: gdCalloc returns NULL\n");
-       jpeg_destroy_compress (&cinfo);
--      return;
-+      return 1;
-     }
- 
-   rowptr[0] = row;
-@@ -254,6 +266,7 @@ error:
- #endif
-   jpeg_destroy_compress (&cinfo);
-   gdFree (row);
-+  return 0;
- }
- 
- gdImagePtr
-diff --git a/src/extra/gd/gd_wbmp.c b/src/extra/gd/gd_wbmp.c
-index f1258da..4b27043 100644
---- a/src/extra/gd/gd_wbmp.c
-+++ b/src/extra/gd/gd_wbmp.c
-@@ -85,6 +85,7 @@ gd_getin (void *in)
-   return (gdGetC ((gdIOCtx *) in));
- }
- 
-+static int _gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out);
- 
- /*      gdImageWBMPCtx
-    **  --------------
-@@ -97,6 +98,12 @@ gd_getin (void *in)
-  */
- void
- gdImageWBMPCtx (gdImagePtr image, int fg, gdIOCtx * out)
-+{
-+  _gdImageWBMPCtx(image, fg, out);
-+}
-+
-+/* returns 0 on success, 1 on failure */
-+static int _gdImageWBMPCtx(gdImagePtr image, int fg, gdIOCtx *out)
- {
- 
-   int x, y, pos;
-@@ -107,7 +114,7 @@ gdImageWBMPCtx (gdImagePtr image, int fg, gdIOCtx * out)
-   if ((wbmp = createwbmp (gdImageSX (image), gdImageSY (image), WBMP_WHITE)) == NULL)
-     {
-       fprintf (stderr, "Could not create WBMP\n");
--      return;
-+      return 1;
-     }
- 
-   /* fill up the WBMP structure */
-@@ -126,9 +133,16 @@ gdImageWBMPCtx (gdImagePtr image, int fg, gdIOCtx * out)
- 
-   /* write the WBMP to a gd file descriptor */
-   if (writewbmp (wbmp, &gd_putout, out))
-+  {
-     fprintf (stderr, "Could not save WBMP\n");
-+    freewbmp (wbmp);
-+    return 1;
-+  }
-+
-   /* des submitted this bugfix: gdFree the memory. */
-   freewbmp (wbmp);
-+
-+  return 0;
- }
- 
- 
-@@ -214,8 +228,12 @@ gdImageWBMPPtr (gdImagePtr im, int *size, int fg)
- {
-   void *rv;
-   gdIOCtx *out = gdNewDynamicCtx (2048, NULL);
--  gdImageWBMPCtx (im, fg, out);
--  rv = gdDPExtractData (out, size);
-+  if (out == NULL) return NULL;
-+  if (!_gdImageWBMPCtx(im, fg, out)) {
-+    rv = gdDPExtractData(out, size);
-+  } else {
-+    rv = NULL;
-+  }
-   out->free (out);
-   return rv;
- }
--- 
-2.20.1
-

SPECS/libwmf.spec

@@ -1,8 +1,7 @@
 Summary: Windows MetaFile Library
 Name: libwmf
-Version: 0.2.9
+Version: 0.2.12
-Release: 8%{?dist}
+Release: 10%{?dist}
-Group: System Environment/Libraries
 #libwmf is under the LGPLv2+, however...
 #1. The tarball contains an old version of the urw-fonts under GPL+.
 #   Those fonts are not installed
@@ -12,8 +11,7 @@ License: LGPLv2+ and GPLv2+ and GPL+
 Source: https://github.com/caolanm/libwmf/archive/v%{version}.tar.gz
 URL: https://github.com/caolanm/libwmf
 
-Patch0: covscan.patch
+Provides: bundled(gd) = 2.0.0
-Patch1: 0001-merge-in-fixes-for-libgd-CVE-2019-6978.patch
 
 Requires: urw-fonts
 Requires: %{name}-lite = %{version}-%{release}
@@ -23,20 +21,19 @@ Requires: gdk-pixbuf2%{?_isa} >= 2.31.5-2.fc24
 
 BuildRequires: gtk2-devel, libtool, libxml2-devel, libpng-devel
 BuildRequires: libjpeg-devel, libXt-devel, libX11-devel, dos2unix, libtool
+BuildRequires: make
 
 %description
 A library for reading and converting Windows MetaFile vector graphics (WMF).
 
 %package lite
 Summary: Windows Metafile parser library
-Group: System Environment/Libraries
 
 %description lite
 A library for parsing Windows MetaFile vector graphics (WMF).
 
 %package devel
 Summary: Support files necessary to compile applications with libwmf
-Group: Development/Libraries
 Requires: libwmf = %{version}-%{release}
 Requires: gtk2-devel, libxml2-devel, libjpeg-devel
 
@@ -46,17 +43,15 @@ using libwmf.
 
 %prep
 %setup -q
-%patch0  -p1 -b .covscan
-%patch1  -p1 -b .CVE-2019-6978
 f=README ; iconv -f iso-8859-2 -t utf-8 $f > $f.utf8 ; mv $f.utf8 $f
 
 %build
 autoreconf -i -f -Ipatches
 %configure --with-libxml2 --disable-static --disable-dependency-tracking --with-gsfontdir=/usr/share/fonts/urw-base35
-make %{?_smp_mflags}
+%make_build
 
 %install
-make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
+%make_install
 find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
 
 rm -rf $RPM_BUILD_ROOT%{_includedir}/libwmf/gd
@@ -67,16 +62,11 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/libwmf/fonts/*afm
 rm -rf $RPM_BUILD_ROOT%{_datadir}/libwmf/fonts/*t1
 sed -i $RPM_BUILD_ROOT%{_datadir}/libwmf/fonts/fontmap -e 's#libwmf/fonts#fonts/urw-base35#g'
 
-%post -p /sbin/ldconfig
+%ldconfig_scriptlets
-
+%ldconfig_scriptlets lite
-%post lite -p /sbin/ldconfig
-
-%postun -p /sbin/ldconfig
-
-%postun lite -p /sbin/ldconfig
 
 %files
-%{_libdir}/libwmf-*.so.*
+%{_libdir}/libwmf-0.2.so.7*
 %{_libdir}/gdk-pixbuf-2.0/*/loaders/*.so
 %{_bindir}/wmf2svg
 %{_bindir}/wmf2gd
@@ -87,8 +77,9 @@ sed -i $RPM_BUILD_ROOT%{_datadir}/libwmf/fonts/fontmap -e 's#libwmf/fonts#fonts/
 %{_datadir}/libwmf/
 
 %files lite
-%doc AUTHORS COPYING README
+%doc AUTHORS README
-%{_libdir}/libwmflite-*.so.*
+%license COPYING
+%{_libdir}/libwmflite-0.2.so.7*
 
 %files devel
 %doc doc/*.html
@@ -96,28 +87,60 @@ sed -i $RPM_BUILD_ROOT%{_datadir}/libwmf/fonts/fontmap -e 's#libwmf/fonts#fonts/
 %doc doc/*.gif
 %doc doc/html
 %doc doc/caolan
-%{_libdir}/*.so
+%{_libdir}/libwmf*.so
 %{_libdir}/pkgconfig/libwmf.pc
-%{_includedir}/libwmf
+%{_includedir}/libwmf/
 %{_bindir}/libwmf-config
 
 
 %changelog
-* Wed Aug 14 2019 Caolán McNamara <caolanm@redhat.com> - 0.2.9-8
+* Mon Aug 15 2022 Josef Ridky <jridky@redhat.com> - 0.2.12-10
-- Related: rhbz1717799 fix clang warning
+- ship libwmf-devel in CRB
 
-* Wed Aug 14 2019 Caolán McNamara <caolanm@redhat.com> - 0.2.9-7
+* Wed Feb 09 2022 Josef Ridky <jridky@redhat.com> - 0.2.12-9
-- Related: rhbz1717799 bump n-v-r
+- add gating.yaml file
 
-* Wed Mar 06 2019 Caolán McNamara <caolanm@redhat.com> - 0.2.9-6
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.12-8
-- Related: rhbz1679006 bump n-v-r
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
 
-* Tue Feb 26 2019 Caolán McNamara <caolanm@redhat.com> - 0.2.9-5
+* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.12-7
-- Resolves: rhbz1679006 libgd CVE-2019-6978
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
 
-* Fri Aug 10 2018 Caolán McNamara <caolanm@redhat.com> - 0.2.9-4
+* Tue May 18 2021 Caolán McNamara <caolanm@redhat.com> - 0.2.12-6
+- document that libwmf bundles a modified old copy of gd 2.0.1
+  https://fedoraproject.org/wiki/Bundled_Libraries#Requirement_if_you_bundle
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.12-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.12-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.12-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.12-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri Feb 01 2019 Caolán McNamara <caolanm@redhat.com> - 0.2.12-1
+- Related: rhbz#1671392/rhbz#1671621 unwanted soname bump
+
+* Fri Feb 01 2019 Rex Dieter <rdieter@fedoraproject.org> - 0.2.11-2
+- track library sonames so bumps aren't a surprise
+- use %%make_build %%make_install macros
+
+* Thu Jan 31 2019 Caolán McNamara <caolanm@redhat.com> - 0.2.11-1
+- Resolves: rhbz#1671392 CVE-2019-6978 latest version
+
+* Fri Aug 10 2018 Caolán McNamara <caolanm@redhat.com> - 0.2.10-1
+- latest version
+
+* Fri Aug 10 2018 Caolán McNamara <caolanm@redhat.com> - 0.2.9-5
 - Related: rhbz#1602602 fix more clang warnings
 
+* Fri Aug 10 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.2.9-4
+- Switch to %%ldconfig_scriptlets
+
 * Fri Aug 10 2018 Caolán McNamara <caolanm@redhat.com> - 0.2.9-3
 - Related: rhbz#1602602 fix more clang warnings
 
@@ -128,6 +151,15 @@ sed -i $RPM_BUILD_ROOT%{_datadir}/libwmf/fonts/fontmap -e 's#libwmf/fonts#fonts/
 - Resolves: rhbz#1602602 new version with covscan warnings fixed
 - all cve fixes merged to that new upstream
 
+* Wed Aug 08 2018 Caolán McNamara <caolanm@redhat.com> - 0.2.8.4-56
+- Resolves: rhbz#1595490 make libwmf work again with recent urw-fonts
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.8.4-55
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.8.4-54
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
 * Tue Sep 12 2017 Caolán McNamara <caolanm@redhat.com> - 0.2.8.4-53
 - Resolves: rhbz#1489844 CVE-2017-6362 remove afflicted but unused function