diff --git a/.gitignore b/.gitignore index b852e30..83c4e4d 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,4 @@ /netpbm-10.78.00.tar.xz /netpbm-10.79.00.tar.xz /netpbm-10.80.00.tar.xz +/netpbm-10.81.00.tar.xz diff --git a/netpbm-security-code.patch b/netpbm-security-code.patch index d2c88cc..94eea26 100644 --- a/netpbm-security-code.patch +++ b/netpbm-security-code.patch @@ -40,10 +40,10 @@ index aac7479..5f1a51a 100644 /* allocate input row data structure */ int plane; diff --git a/converter/other/jpegtopnm.c b/converter/other/jpegtopnm.c -index ab3b18e..c324b86 100644 +index 98552c0..311298c 100644 --- a/converter/other/jpegtopnm.c +++ b/converter/other/jpegtopnm.c -@@ -861,6 +861,8 @@ convertImage(FILE * const ofP, +@@ -862,6 +862,8 @@ convertImage(FILE * const ofP, /* Calculate output image dimensions so we can allocate space */ jpeg_calc_output_dimensions(cinfoP); @@ -85,10 +85,10 @@ index ac02e42..a2f045b 100644 ip.bits_per_pixel = 24; ip.spectral = 5; diff --git a/converter/other/pnmtojpeg.c b/converter/other/pnmtojpeg.c -index ce231c9..1279040 100644 +index 4482624..757d08d 100644 --- a/converter/other/pnmtojpeg.c +++ b/converter/other/pnmtojpeg.c -@@ -605,7 +605,11 @@ read_scan_script(j_compress_ptr const cinfo, +@@ -606,7 +606,11 @@ read_scan_script(j_compress_ptr const cinfo, want JPOOL_PERMANENT. */ const unsigned int scan_info_size = nscans * sizeof(jpeg_scan_info); @@ -101,7 +101,7 @@ index ce231c9..1279040 100644 (jpeg_scan_info *) (*cinfo->mem->alloc_small) ((j_common_ptr) cinfo, JPOOL_IMAGE, scan_info_size); -@@ -937,6 +941,8 @@ compute_rescaling_array(JSAMPLE ** const rescale_p, const pixval maxval, +@@ -938,6 +942,8 @@ compute_rescaling_array(JSAMPLE ** const rescale_p, const pixval maxval, const long half_maxval = maxval / 2; long val; @@ -110,7 +110,7 @@ index ce231c9..1279040 100644 *rescale_p = (JSAMPLE *) (cinfo.mem->alloc_small) ((j_common_ptr) &cinfo, JPOOL_IMAGE, (size_t) (((long) maxval + 1L) * -@@ -1015,6 +1021,7 @@ convert_scanlines(struct jpeg_compress_struct * const cinfo_p, +@@ -1016,6 +1022,7 @@ convert_scanlines(struct jpeg_compress_struct * const cinfo_p, */ /* Allocate the libpnm output and compressor input buffers */ @@ -119,10 +119,10 @@ index ce231c9..1279040 100644 ((j_common_ptr) cinfo_p, JPOOL_IMAGE, (unsigned int) cinfo_p->image_width * cinfo_p->input_components, diff --git a/converter/other/pnmtops.c b/converter/other/pnmtops.c -index c1dadc3..8f9f608 100644 +index de0dfd8..09c28d5 100644 --- a/converter/other/pnmtops.c +++ b/converter/other/pnmtops.c -@@ -293,17 +293,21 @@ parseCommandLine(int argc, const char ** argv, +@@ -294,17 +294,21 @@ parseCommandLine(int argc, const char ** argv, validateCompDimension(width, 72, "-width value"); validateCompDimension(height, 72, "-height value"); @@ -146,7 +146,7 @@ index c1dadc3..8f9f608 100644 } else diff --git a/converter/other/rletopnm.c b/converter/other/rletopnm.c -index ff37cfe..a1dd7b9 100644 +index 018456c..35ea7f7 100644 --- a/converter/other/rletopnm.c +++ b/converter/other/rletopnm.c @@ -19,6 +19,8 @@ @@ -171,10 +171,10 @@ index fafcc91..9fe49d0 100644 planesize = cols * rows; if ( !( sirarray = (unsigned char*) malloc( picsize ) ) ) diff --git a/converter/other/tifftopnm.c b/converter/other/tifftopnm.c -index f9e602f..4637afa 100644 +index c1e7af8..ef9253b 100644 --- a/converter/other/tifftopnm.c +++ b/converter/other/tifftopnm.c -@@ -1317,7 +1317,9 @@ convertRasterByRows(pnmOut * const pnmOutP, +@@ -1372,7 +1372,9 @@ convertRasterByRows(pnmOut * const pnmOutP, if (scanbuf == NULL) pm_error("can't allocate memory for scanline buffer"); @@ -186,10 +186,10 @@ index f9e602f..4637afa 100644 pm_error("can't allocate memory for row buffer"); diff --git a/converter/other/xwdtopnm.c b/converter/other/xwdtopnm.c -index d49a2b0..3a6b335 100644 +index df3c737..6c19ade 100644 --- a/converter/other/xwdtopnm.c +++ b/converter/other/xwdtopnm.c -@@ -209,6 +209,10 @@ processX10Header(X10WDFileHeader * const h10P, +@@ -210,6 +210,10 @@ processX10Header(X10WDFileHeader * const h10P, *colorsP = pnm_allocrow(2); PNM_ASSIGN1((*colorsP)[0], 0); PNM_ASSIGN1((*colorsP)[1], *maxvalP); @@ -200,7 +200,7 @@ index d49a2b0..3a6b335 100644 *padrightP = (((h10P->pixmap_width + 15) / 16) * 16 - h10P->pixmap_width) * 8; *bits_per_itemP = 16; -@@ -634,6 +638,7 @@ processX11Header(X11WDFileHeader * const h11P, +@@ -635,6 +639,7 @@ processX11Header(X11WDFileHeader * const h11P, *colsP = h11FixedP->pixmap_width; *rowsP = h11FixedP->pixmap_height; @@ -334,10 +334,10 @@ index 2f8a42b..1c8d236 100644 memcpy (pbm->revdata, data, (pbm->width+7)/8); pbm->current_line--; diff --git a/converter/pbm/pbmtoppa/pbmtoppa.c b/converter/pbm/pbmtoppa/pbmtoppa.c -index f43c08a..98e0284 100644 +index ff4a599..aa510ec 100644 --- a/converter/pbm/pbmtoppa/pbmtoppa.c +++ b/converter/pbm/pbmtoppa/pbmtoppa.c -@@ -452,6 +452,7 @@ main(int argc, char *argv[]) { +@@ -453,6 +453,7 @@ main(int argc, char *argv[]) { pm_error("main(): unrecognized parameter '%s'", argv[argn]); } @@ -346,10 +346,10 @@ index f43c08a..98e0284 100644 printer.fptr=out; diff --git a/converter/pbm/pbmtoxbm.c b/converter/pbm/pbmtoxbm.c -index 14c6b85..6323483 100644 +index ecb72b3..fc0eb9c 100644 --- a/converter/pbm/pbmtoxbm.c +++ b/converter/pbm/pbmtoxbm.c -@@ -351,6 +351,8 @@ convertRaster(FILE * const ifP, +@@ -352,6 +352,8 @@ convertRaster(FILE * const ifP, unsigned char * bitrow; unsigned int row; @@ -794,10 +794,10 @@ index c673798..af2b445 100644 if (verbose) pm_message("entry->size_in_bytes = %d + %d + %d = %d", diff --git a/converter/ppm/ppmtoxpm.c b/converter/ppm/ppmtoxpm.c -index 38d9997..904c98d 100644 +index 0e31692..1b3923f 100644 --- a/converter/ppm/ppmtoxpm.c +++ b/converter/ppm/ppmtoxpm.c -@@ -197,6 +197,7 @@ genNumstr(unsigned int const input, int const digits) { +@@ -198,6 +198,7 @@ genNumstr(unsigned int const input, int const digits) { unsigned int i; /* Allocate memory for printed number. Abort if error. */ @@ -805,7 +805,7 @@ index 38d9997..904c98d 100644 if (!(str = (char *) malloc(digits + 1))) pm_error("out of memory"); -@@ -314,6 +315,7 @@ genCmap(colorhist_vector const chv, +@@ -315,6 +316,7 @@ genCmap(colorhist_vector const chv, unsigned int charsPerPixel; unsigned int xpmMaxval; @@ -827,23 +827,221 @@ index 935463e..653084c 100644 pm_error( "out of memory" ); diff --git a/converter/ppm/sldtoppm.c b/converter/ppm/sldtoppm.c -index 6ba4cb4..fc6a498 100644 +index 5ce92c2..2a482be 100644 --- a/converter/ppm/sldtoppm.c +++ b/converter/ppm/sldtoppm.c -@@ -464,6 +464,8 @@ slider(slvecfn slvec, - +@@ -154,127 +154,85 @@ vscale(int * const px, + + + +-static void +-upcase(const char * const sname, +- char * const uname) { +- +- unsigned int i; +- const char * ip; +- +- for (i = 0, ip = sname; i < 31; ++i) { +- char const ch = *ip++; +- +- if (ch != EOS) +- uname[i] = islower(ch) ? toupper(ch) : ch; +- } +- uname[i] = EOS; +-} +- +- +- +-static void +-skipBytes(FILE * const fileP, +- unsigned int const count) { +- +- unsigned int i; +- +- for (i = 0; i < count; ++i) +- getc(fileP); +-} +- +- +- +-static void +-scanDirectory(FILE * const slFileP, +- long const dirPos, +- bool const dirOnly, +- const char * const uname, +- bool * const foundP) { +-/*---------------------------------------------------------------------------- +- Scan the directory at the current position in *slFileP, either listing +- the directory ('dirOnly' true) or searching for a slide named +- 'uname' ('dirOnly' false). +- +- 'dirPos' is the offset in the file of the directory, i.e. the current +- position of *slFileP. +- +- In the latter case, return as *foundP whether the slide name is there. +------------------------------------------------------------------------------*/ +- bool found; +- bool eof; +- long pos; +- unsigned char libent[36]; +- +- for (found = false, eof = false, pos = dirPos; !found && !eof; ) { +- size_t readCt; +- readCt = fread(libent, 36, 1, slFileP); +- if (readCt != 1) +- eof = true; +- else { +- /* The directory entry is 32 bytes of NUL-terminated slide name +- followed by 4 bytes of offset of the next directory entry. +- */ +- const char * const slideName = (const char *)(&libent[0]); +- if (strnlen(slideName, 32) == 32) +- pm_error("Invalid input: slide name field is not " +- "nul-terminated"); +- else { +- if (strlen(slideName) == 0) +- eof = true; +- else { +- pos += 36; +- if (dirOnly) { +- pm_message(" %s", slideName); +- } else if (streq(slideName, uname)) { +- long const dpos = +- (((((libent[35] << 8) | libent[34]) << 8) | +- libent[33]) << 8) | libent[32]; +- +- if ((slFileP == stdin) || +- (fseek(slFileP, dpos, 0) == -1)) { +- +- skipBytes(slFileP, dpos - pos); +- } +- found = true; +- } +- } +- } +- } +- } +- *foundP = found; +-} +- + /* SLIDEFIND -- Find a slide in a library or, if DIRONLY is + nonzero, print a directory listing of the library. + If UCASEN is nonzero, the requested slide name is + converted to upper case. */ + + static void +-slidefind(const char * const slideName, +- bool const dirOnly, ++slidefind(const char * const sname, ++ bool const dironly, + bool const ucasen) { + +- char uname[32]; /* upper case translation of 'slideName' */ +- char header[32]; /* (supposed) header read from file */ ++ char uname[32]; ++ unsigned char libent[36]; ++ long pos; + bool found; ++ bool eof; + +- if (dirOnly) ++ if (dironly) + pm_message("Slides in library:"); + else { +- upcase(slideName, uname); ++ unsigned int i; ++ const char * ip; ++ ++ ip = sname; /* initial value */ ++ ++ for (i = 0; i < 31; ++i) { ++ char const ch = *ip++; ++ if (ch == EOS) ++ break; ++ ++ { ++ char const upperCh = ++ ucasen && islower(ch) ? toupper(ch) : ch; ++ ++ uname[i] = upperCh; ++ } ++ } ++ uname[i] = EOS; + } + + /* Read slide library header and verify. */ +- +- if ((fread(header, 32, 1, slfile) != 1) || +- (!STRSEQ(header, "AutoCAD Slide Library 1.0\r\n\32"))) { ++ ++ if ((fread(libent, 32, 1, slfile) != 1) || ++ (!streq((char *)libent, "AutoCAD Slide Library 1.0\015\012\32"))) { + pm_error("not an AutoCAD slide library file."); + } ++ pos = 32; ++ ++ /* Search for a slide with the requested name or list the directory */ ++ ++ for (found = false, eof = false; !found && !eof; ) { ++ size_t readCt; ++ readCt = fread(libent, 36, 1, slfile); ++ if (readCt != 1) ++ eof = true; ++ else if (strlen((char *)libent) == 0) ++ eof = true; ++ } ++ if (!eof) { ++ pos += 36; ++ if (dironly) { ++ pm_message(" %s", libent); ++ } else if (streq((char *)libent, uname)) { ++ long dpos; ++ ++ dpos = (((((libent[35] << 8) | libent[34]) << 8) | ++ libent[33]) << 8) | libent[32]; ++ ++ if ((slfile == stdin) || (fseek(slfile, dpos, 0) == -1)) { ++ dpos -= pos; ++ ++ while (dpos-- > 0) ++ getc(slfile); ++ } ++ found = true; ++ } ++ } + +- scanDirectory(slfile, 32, dirOnly, ucasen ? uname : slideName, &found); +- +- if (!found && !dirOnly) +- pm_error("slide '%s' not in library.", slideName); ++ if (!found && !dironly) ++ pm_error("slide '%s' not in library.", sname); + } + + +@@ -392,7 +350,7 @@ slider(slvecfn slvec, + + /* Verify that slide format is compatible with this program. */ + +- if (!STRSEQ(slfrof.slh, slhi.slh)) ++ if (streq(slfrof.slh, slhi.slh)) + pm_error("this is not an AutoCAD slide file."); + + /* Verify that the number format and file level in the header are +@@ -506,6 +464,8 @@ slider(slvecfn slvec, + /* Allocate image buffer and clear it to black. */ - + + overflow_add(ixdots, 1); + overflow_add(iydots, 1); pixels = ppm_allocarray(pixcols = ixdots + 1, pixrows = iydots + 1); PPM_ASSIGN(rgbcolor, 0, 0, 0); ppmd_filledrectangle(pixels, pixcols, pixrows, pixmaxval, 0, 0, diff --git a/converter/ppm/ximtoppm.c b/converter/ppm/ximtoppm.c -index ce5e639..a39b689 100644 +index 75faac6..5758739 100644 --- a/converter/ppm/ximtoppm.c +++ b/converter/ppm/ximtoppm.c -@@ -117,6 +117,7 @@ ReadXimHeader(FILE * const in_fp, +@@ -118,6 +118,7 @@ ReadXimHeader(FILE * const in_fp, header->bits_channel = atoi(a_head.bits_per_channel); header->alpha_flag = atoi(a_head.alpha_channel); if (strlen(a_head.author)) { @@ -851,7 +1049,7 @@ index ce5e639..a39b689 100644 if (!(header->author = calloc((unsigned int)strlen(a_head.author)+1, 1))) { pm_message("ReadXimHeader: can't calloc author string" ); -@@ -126,6 +127,7 @@ ReadXimHeader(FILE * const in_fp, +@@ -127,6 +128,7 @@ ReadXimHeader(FILE * const in_fp, strncpy(header->author, a_head.author, strlen(a_head.author)); } if (strlen(a_head.date)) { @@ -859,7 +1057,7 @@ index ce5e639..a39b689 100644 if (!(header->date =calloc((unsigned int)strlen(a_head.date)+1,1))){ pm_message("ReadXimHeader: can't calloc date string" ); return(0); -@@ -134,6 +136,7 @@ ReadXimHeader(FILE * const in_fp, +@@ -135,6 +137,7 @@ ReadXimHeader(FILE * const in_fp, strncpy(header->date, a_head.date, strlen(a_head.date)); } if (strlen(a_head.program)) { @@ -867,7 +1065,7 @@ index ce5e639..a39b689 100644 if (!(header->program = calloc( (unsigned int)strlen(a_head.program) + 1, 1))) { pm_message("ReadXimHeader: can't calloc program string" ); -@@ -160,6 +163,7 @@ ReadXimHeader(FILE * const in_fp, +@@ -161,6 +164,7 @@ ReadXimHeader(FILE * const in_fp, if (header->nchannels == 3 && header->bits_channel == 8) header->ncolors = 0; else if (header->nchannels == 1 && header->bits_channel == 8) { @@ -925,10 +1123,10 @@ index c6f1e84..c513a84 100755 # # Copyright (C) 1991 by Jef Poskanzer. diff --git a/editor/pnmpad.c b/editor/pnmpad.c -index 168b73e..c248924 100644 +index 9c7a77e..1aa578c 100644 --- a/editor/pnmpad.c +++ b/editor/pnmpad.c -@@ -631,6 +631,8 @@ main(int argc, const char ** argv) { +@@ -634,6 +634,8 @@ main(int argc, const char ** argv) { computePadSizes(cmdline, cols, rows, &lpad, &rpad, &tpad, &bpad); @@ -1017,10 +1215,10 @@ index 6cb8d3a..6f4bde9 100644 if (hist == NULL) pm_error("Unable to allocate memory for histogram."); diff --git a/generator/pbmtext.c b/generator/pbmtext.c -index cfb858a..e5c7bd1 100644 +index e25c6bb..e545b8e 100644 --- a/generator/pbmtext.c +++ b/generator/pbmtext.c -@@ -122,8 +122,10 @@ parseCommandLine(int argc, const char ** argv, +@@ -125,8 +125,10 @@ parseCommandLine(int argc, const char ** argv, for (i = 1; i < argc; ++i) { if (i > 1) { @@ -1032,7 +1230,7 @@ index cfb858a..e5c7bd1 100644 totaltextsize += strlen(argv[i]) + 1; if (totaltextsize > MAXLINECHARS) pm_error("input text too long"); -@@ -744,6 +746,7 @@ getText(char const cmdlineText[], +@@ -782,6 +784,7 @@ getText(char const cmdlineText[], pm_error("A line of input text is longer than %u characters." "Cannot process", (unsigned int) MAXLINECHARS-1); if (lineCount >= maxlines) { @@ -1041,10 +1239,10 @@ index cfb858a..e5c7bd1 100644 REALLOCARRAY(textArray, maxlines); if (textArray == NULL) diff --git a/lib/libpam.c b/lib/libpam.c -index cc6368e..4e10572 100644 +index fa1be8f..e5cef1a 100644 --- a/lib/libpam.c +++ b/lib/libpam.c -@@ -224,8 +224,9 @@ allocPamRow(const struct pam * const pamP) { +@@ -225,8 +225,9 @@ allocPamRow(const struct pam * const pamP) { unsigned int const bytesPerTuple = allocationDepth(pamP) * sizeof(sample); tuple * tuplerow; @@ -1072,10 +1270,10 @@ index 2222491..ba27a4c 100644 + pamP->depth * sizeof(sample); diff --git a/lib/libpm.c b/lib/libpm.c -index 4374bbe..5ab7f83 100644 +index f9aa1ae..36c49c7 100644 --- a/lib/libpm.c +++ b/lib/libpm.c -@@ -841,5 +841,53 @@ pm_parse_height(const char * const arg) { +@@ -888,5 +888,53 @@ pm_parse_height(const char * const arg) { return height; } diff --git a/netpbm.spec b/netpbm.spec index a29f4ec..5ea7c61 100644 --- a/netpbm.spec +++ b/netpbm.spec @@ -1,10 +1,9 @@ Summary: A library for handling different graphics file formats Name: netpbm -Version: 10.80.00 -Release: 2%{?dist} +Version: 10.81.00 +Release: 1%{?dist} # See copyright_summary for details License: BSD and GPLv2 and IJG and MIT and Public Domain -Group: System Environment/Libraries URL: http://netpbm.sourceforge.net/ # Source0 is prepared by # svn checkout https://netpbm.svn.sourceforge.net/svnroot/netpbm/advanced netpbm-%{version} @@ -31,7 +30,6 @@ programs for handling various graphics file formats, including .pbm %package devel Summary: Development tools for programs which will use the netpbm libraries -Group: Development/Libraries Requires: netpbm = %{version}-%{release} %description devel @@ -45,7 +43,6 @@ to have the netpbm package installed. %package progs Summary: Tools for manipulating graphics files in netpbm supported formats -Group: Applications/Multimedia Requires: ghostscript Requires: netpbm = %{version}-%{release} @@ -61,7 +58,6 @@ netpbm-progs. You'll also need to install the netpbm package. %package doc Summary: Documentation for tools manipulating graphics files in netpbm supported formats -Group: Applications/Multimedia Requires: netpbm-progs = %{version}-%{release} %description doc @@ -72,12 +68,7 @@ If you need to look into the HTML documentation, you should install netpbm-doc. You'll also need to install the netpbm-progs package. %prep -%setup -q -%patch0 -p1 -b .security-scripts -%patch1 -p1 -b .security-code -%patch2 -p1 -b .ppmfadeusage -%patch3 -p1 -b .noppmtompeg -%patch4 -p1 -b .CVE-2587 +%autosetup -p1 %build ./configure < - 10.81.00-1 +- New upstream release 10.81.00 (#1529904) +- update spec file + * Thu Oct 19 2017 Josef Ridky - 10.80.00-2 - Rebuilt for python package diff --git a/sources b/sources index 42c6aef..1fba39a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (netpbm-10.80.00.tar.xz) = aa4b6e376aefcad6080fa821a7351bb9fef3e10bffe61741e3be37a3bca848cafe51af029fd681f92caaa801194c664a7aa686ed0745f875a0a0b2b849336179 +SHA512 (netpbm-10.81.00.tar.xz) = a38a439a31af872fec35f5fbd4c7a6963788e044a41d8077848efe4bb4aa957fe2e7ca4970d23f241ab3febdfc06b86a962360ff7e9558daafae3075b1fead65