Update to 2.0.5

.gitignore

@@ -10,3 +10,4 @@
 /libjpeg-turbo-2.0.2.tar.gz
 /libjpeg-turbo-2.0.3.tar.gz
 /libjpeg-turbo-2.0.4.tar.gz
+/libjpeg-turbo-2.0.5.tar.gz

libjpeg-turbo-CVE-2020-13790.patch

@@ -1,32 +0,0 @@
-From a224e4dfd34823a4d993dcb97819bdcee8471676 Mon Sep 17 00:00:00 2001
-From: DRC <information@libjpeg-turbo.org>
-Date: Tue, 2 Jun 2020 14:15:37 -0500
-Subject: [PATCH] rdppm.c: Fix buf overrun caused by bad binary PPM
-
-This extends the fix in 1e81b0c3ea26f4ea8f56de05367469333de64a9f to
-include binary PPM files with maximum values < 255, thus preventing a
-malformed binary PPM input file with those specifications from
-triggering an overrun of the rescale array and potentially crashing
-cjpeg, TJBench, or any program that uses the tjLoadImage() function.
-
-Fixes #433
----
- rdppm.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/rdppm.c b/rdppm.c
-index 87bc330..71dd146 100644
---- a/rdppm.c
-+++ b/rdppm.c
-@@ -720,7 +720,7 @@ start_input_ppm(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
-     /* On 16-bit-int machines we have to be careful of maxval = 65535 */
-     source->rescale = (JSAMPLE *)
-       (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
--                                  (size_t)(((long)maxval + 1L) *
-+                                  (size_t)(((long)MAX(maxval, 255) + 1L) *
-                                            sizeof(JSAMPLE)));
-     half_maxval = maxval / 2;
-     for (val = 0; val <= (long)maxval; val++) {
--- 
-2.26.2
-

libjpeg-turbo-match-autoconf-behavior.patch

@@ -1,6 +1,6 @@
-diff -rupN --no-dereference libjpeg-turbo-2.0.4/win/jconfig.h.in libjpeg-turbo-2.0.4-new/win/jconfig.h.in
---- libjpeg-turbo-2.0.4/win/jconfig.h.in	2019-12-31 08:10:30.000000000 +0100
-+++ libjpeg-turbo-2.0.4-new/win/jconfig.h.in	2020-01-09 11:17:50.042476396 +0100
+diff -rupN --no-dereference libjpeg-turbo-2.0.5/win/jconfig.h.in libjpeg-turbo-2.0.5-new/win/jconfig.h.in
+--- libjpeg-turbo-2.0.5/win/jconfig.h.in	2020-06-19 06:40:20.000000000 +0200
++++ libjpeg-turbo-2.0.5-new/win/jconfig.h.in	2020-07-04 09:54:58.390069926 +0200
 @@ -9,13 +9,13 @@
  
  #define BITS_IN_JSAMPLE  @BITS_IN_JSAMPLE@      /* use 8 or 12 */

mingw-libjpeg-turbo.spec

@@ -5,8 +5,8 @@
 %global build_programs 0
 
 Name:           mingw-libjpeg-turbo
-Version:        2.0.4
-Release:        3%{?dist}
+Version:        2.0.5
+Release:        1%{?dist}
 Summary:        MinGW Windows Libjpeg-turbo library
 
 License:        wxWidgets
@@ -16,7 +16,6 @@ Source0:        http://downloads.sourceforge.net/libjpeg-turbo/libjpeg-turbo-%{v
 # Make jconfig.h more autoconf friendly
 # https://bugzilla.redhat.com/show_bug.cgi?id=843193
 Patch0:         libjpeg-turbo-match-autoconf-behavior.patch
-Patch2:         libjpeg-turbo-CVE-2020-13790.patch
 
 BuildArch:      noarch
 
@@ -83,11 +82,11 @@ Static version of the MinGW Windows cross compiled Libjpeg-turbo library.
 
 %build
 %mingw_cmake
-%mingw_make %{?_smp_mflags}
+%mingw_make_build
 
 
 %install
-%mingw_make install DESTDIR=%{buildroot}
+%mingw_make_install
 
 # Remove manual pages and docs which duplicate Fedora native.
 rm -rf %{buildroot}%{mingw32_mandir}
@@ -157,6 +156,9 @@ chmod -x README.md
 
 
 %changelog
+* Sat Jul 04 2020 Sandro Mani <manisandro@gmail.com> - 2.0.5-1
+- Update to 2.0.5
+
 * Tue Jun 16 2020 Kalev Lember <klember@redhat.com> - 2.0.4-3
 - Fix CVE-2020-13790 (#1847160)
 

sources

@@ -1 +1 @@
-SHA512 (libjpeg-turbo-2.0.4.tar.gz) = 708c2e7418d9ed5abca313e2ff5a08f8176d79cad2127573cda6036583c201973db4cfb0eafc0fc8f57ecc7b000d2b4af95980de54de5a0aed45969e993a5bf9
+SHA512 (libjpeg-turbo-2.0.5.tar.gz) = 5bf9ecf069b43783ff24365febf36dda69ccb92d6397efec6069b2b4f359bfd7b87934a6ce4311873220fccc73acabdacef5ce0604b79209eb1912e8ba478555