Fix CVE-2022-1122

Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>

.gitignore

@@ -7,3 +7,4 @@
 /openjpeg-2.2.0.tar.gz
 /openjpeg-2.3.0.tar.gz
 /openjpeg-2.3.1.tar.gz
+/openjpeg-2.4.0.tar.gz

.openjpeg2.metadata

@@ -0,0 +1 @@
+bbbf4dc4d9ce95286843cd39ac2febd3fd516c9d openjpeg-2.4.0.tar.gz

gating.yaml

@@ -0,0 +1,7 @@
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
+  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}

openjpeg2-CVE-2021-29338.patch

@@ -0,0 +1,165 @@
+From efbfbbb723e100cfbcea287a30958bf678e83458 Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Tue, 27 Apr 2021 09:37:40 -0600
+Subject: [PATCH] opj_{compress,decompress,dump}: fix possible buffer overflows
+ in path manipulation functions
+
+---
+ src/bin/jp2/opj_compress.c   | 12 ++++++------
+ src/bin/jp2/opj_decompress.c | 13 ++++++-------
+ src/bin/jp2/opj_dump.c       | 14 +++++++-------
+ 3 files changed, 19 insertions(+), 20 deletions(-)
+
+diff --git a/src/bin/jp2/opj_compress.c b/src/bin/jp2/opj_compress.c
+index 6827484..d8f894c 100644
+--- a/src/bin/jp2/opj_compress.c
++++ b/src/bin/jp2/opj_compress.c
+@@ -543,8 +543,8 @@ static char * get_file_name(char *name)
+ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+                           opj_cparameters_t *parameters)
+ {
+-    char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
+-         outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
++    char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
++         outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
+     char *temp_p, temp1[OPJ_PATH_LEN] = "";
+ 
+     strcpy(image_filename, dirptr->filename[imageno]);
+@@ -553,7 +553,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+     if (parameters->decod_format == -1) {
+         return 1;
+     }
+-    sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
++    snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
+     if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
+                      infilename) != 0) {
+         return 1;
+@@ -566,7 +566,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+         sprintf(temp1, ".%s", temp_p);
+     }
+     if (img_fol->set_out_format == 1) {
+-        sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
++        snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
+                 img_fol->out_format);
+         if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
+                          outfilename) != 0) {
+@@ -1910,9 +1910,9 @@ int main(int argc, char **argv)
+         num_images = get_num_images(img_fol.imgdirpath);
+         dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
+         if (dirptr) {
+-            dirptr->filename_buf = (char*)malloc(num_images * OPJ_PATH_LEN * sizeof(
++            dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN * sizeof(
+                     char)); /* Stores at max 10 image file names*/
+-            dirptr->filename = (char**) malloc(num_images * sizeof(char*));
++            dirptr->filename = (char**) calloc(num_images, sizeof(char*));
+             if (!dirptr->filename_buf) {
+                 ret = 0;
+                 goto fin;
+diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
+index 2634907..e54e54f 100644
+--- a/src/bin/jp2/opj_decompress.c
++++ b/src/bin/jp2/opj_decompress.c
+@@ -455,13 +455,13 @@ const char* path_separator = "/";
+ char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+                    opj_decompress_parameters *parameters)
+ {
+-    char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
+-         outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
++    char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
++         outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
+     char *temp_p, temp1[OPJ_PATH_LEN] = "";
+ 
+     strcpy(image_filename, dirptr->filename[imageno]);
+     fprintf(stderr, "File Number %d \"%s\"\n", imageno, image_filename);
+-    sprintf(infilename, "%s%s%s", img_fol->imgdirpath, path_separator,
++    snprintf(infilename, OPJ_PATH_LEN * 2, "%s%s%s", img_fol->imgdirpath, path_separator,
+             image_filename);
+     parameters->decod_format = infile_format(infilename);
+     if (parameters->decod_format == -1) {
+@@ -479,7 +479,7 @@ char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+         sprintf(temp1, ".%s", temp_p);
+     }
+     if (img_fol->set_out_format == 1) {
+-        sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
++        snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
+                 img_fol->out_format);
+         if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
+                          outfilename) != 0) {
+@@ -1357,14 +1357,13 @@ int main(int argc, char **argv)
+             return EXIT_FAILURE;
+         }
+         /* Stores at max 10 image file names */
+-        dirptr->filename_buf = (char*)malloc(sizeof(char) *
+-                                             (size_t)num_images * OPJ_PATH_LEN);
++        dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN);
+         if (!dirptr->filename_buf) {
+             failed = 1;
+             goto fin;
+         }
+ 
+-        dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
++        dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
+ 
+         if (!dirptr->filename) {
+             failed = 1;
+diff --git a/src/bin/jp2/opj_dump.c b/src/bin/jp2/opj_dump.c
+index 6e15fee..4e19c61 100644
+--- a/src/bin/jp2/opj_dump.c
++++ b/src/bin/jp2/opj_dump.c
+@@ -201,8 +201,8 @@ static int get_file_format(const char *filename)
+ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+                           opj_dparameters_t *parameters)
+ {
+-    char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
+-         outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
++    char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
++         outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
+     char *temp_p, temp1[OPJ_PATH_LEN] = "";
+ 
+     strcpy(image_filename, dirptr->filename[imageno]);
+@@ -211,7 +211,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+     if (parameters->decod_format == -1) {
+         return 1;
+     }
+-    sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
++    snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
+     if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
+                      infilename) != 0) {
+         return 1;
+@@ -224,7 +224,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
+         sprintf(temp1, ".%s", temp_p);
+     }
+     if (img_fol->set_out_format == 1) {
+-        sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
++        snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
+                 img_fol->out_format);
+         if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
+                          outfilename) != 0) {
+@@ -457,7 +457,7 @@ int main(int argc, char *argv[])
+     opj_codestream_info_v2_t* cstr_info = NULL;
+     opj_codestream_index_t* cstr_index = NULL;
+ 
+-    OPJ_INT32 num_images, imageno;
++    int num_images, imageno;
+     img_fol_t img_fol;
+     dircnt_t *dirptr = NULL;
+ 
+@@ -486,13 +486,13 @@ int main(int argc, char *argv[])
+         if (!dirptr) {
+             return EXIT_FAILURE;
+         }
+-        dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof(
++        dirptr->filename_buf = (char*) calloc((size_t) num_images, OPJ_PATH_LEN * sizeof(
+                 char)); /* Stores at max 10 image file names*/
+         if (!dirptr->filename_buf) {
+             free(dirptr);
+             return EXIT_FAILURE;
+         }
+-        dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
++        dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
+ 
+         if (!dirptr->filename) {
+             goto fails;
+-- 
+2.31.1
+

openjpeg2-CVE-2021-3575.patch

@@ -0,0 +1,35 @@
+From 409907d89878222cf9dea80f0add8f73e9383834 Mon Sep 17 00:00:00 2001
+From: Mehdi Sabwat <mehdisabwat@gmail.com>
+Date: Fri, 7 May 2021 01:50:37 +0200
+Subject: [PATCH] fix heap buffer overflow #1347
+
+---
+ src/bin/common/color.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/src/bin/common/color.c b/src/bin/common/color.c
+index 27f15f1..935fa44 100644
+--- a/src/bin/common/color.c
++++ b/src/bin/common/color.c
+@@ -368,12 +368,15 @@ static void sycc420_to_rgb(opj_image_t *img)
+ 
+             sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
+ 
+-            ++y;
++            if (*y != img->comps[0].data[loopmaxh])
++                ++y;
+             ++r;
+             ++g;
+             ++b;
+-            ++cb;
+-            ++cr;
++            if (*cb != img->comps[1].data[loopmaxh])
++                ++cb;
++            if (*cr != img->comps[2].data[loopmaxh])
++                ++cr;
+         }
+         if (j < maxw) {
+             sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
+-- 
+2.31.1
+

openjpeg2-CVE-2022-1122.patch

@@ -0,0 +1,26 @@
+From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001
+From: xiaoxiaoafeifei <lliangliang2007@163.com>
+Date: Wed, 14 Jul 2021 09:35:13 +0800
+Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to
+ uninitialized pointer (fixes #1368) (#1369)
+
+---
+ src/bin/jp2/opj_decompress.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
+index 0e028735..18ead672 100644
+--- a/src/bin/jp2/opj_decompress.c
++++ b/src/bin/jp2/opj_decompress.c
+@@ -1356,7 +1356,7 @@ int main(int argc, char **argv)
+         int it_image;
+         num_images = get_num_images(img_fol.imgdirpath);
+ 
+-        dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
++        dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t));
+         if (!dirptr) {
+             destroy_parameters(&parameters);
+             return EXIT_FAILURE;
+-- 
+2.34.1
+

openjpeg2.spec

@@ -7,8 +7,8 @@
 %global _target_platform %{_vendor}-%{_target_os}
 
 Name:           openjpeg2
-Version:        2.3.1
-Release:        8%{?dist}
+Version:        2.4.0
+Release:        7%{?dist}
 Summary:        C-Library for JPEG 2000
 
 # windirent.h is MIT, the rest is BSD
@@ -22,16 +22,11 @@ Source1:        data.tar.xz
 
 # Rename tool names to avoid conflicts with openjpeg-1.x
 Patch0:         openjpeg2_opj2.patch
-# Backport patch for CVE 2020-6851
-# https://github.com/uclouvain/openjpeg/issues/1228
-Patch1:         openjpeg2_CVE-2020-6851.patch
-# Backport patch for CVE 2020-8112
-# https://github.com/uclouvain/openjpeg/pull/1232/commits/05f9b91e60debda0e83977e5e63b2e66486f7074
-Patch2:         openjpeg2_CVE-2020-8112.patch
-# Backport patch for CVE-2020-27814
-# https://github.com/uclouvain/openjpeg/commit/eaa098b59b346cb88e4d10d505061f669d7134fc
-Patch3:         openjpeg2_CVE-2020-27814.patch
-
+# Fix CVE-2021-29338
+Patch1:         openjpeg2-CVE-2021-29338.patch
+# Fix CVE-2021-3575
+Patch2:         openjpeg2-CVE-2021-3575.patch
+Patch3:         openjpeg2-CVE-2022-1122.patch
 
 BuildRequires:  cmake
 # The library itself is C only, but there is some optional C++ stuff, hence the project is not marked as C-only in cmake and hence cmake looks for a c++ compiler
@@ -268,12 +263,12 @@ chmod +x %{buildroot}%{_bindir}/opj2_jpip_viewer
 %{_mandir}/man3/libopenjp2.3*
 
 %files devel
-%dir %{_includedir}/openjpeg-2.3/
-%{_includedir}/openjpeg-2.3/openjpeg.h
-%{_includedir}/openjpeg-2.3/opj_config.h
-%{_includedir}/openjpeg-2.3/opj_stdint.h
+%dir %{_includedir}/openjpeg-2.4/
+%{_includedir}/openjpeg-2.4/openjpeg.h
+%{_includedir}/openjpeg-2.4/opj_config.h
+%{_includedir}/openjpeg-2.4/opj_stdint.h
 %{_libdir}/libopenjp2.so
-%{_libdir}/openjpeg-2.3/
+%{_libdir}/openjpeg-2.4/
 %{_libdir}/pkgconfig/libopenjp2.pc
 
 %files devel-docs
@@ -333,6 +328,34 @@ chmod +x %{buildroot}%{_bindir}/opj2_jpip_viewer
 
 
 %changelog
+* Wed Jun 15 2022 Matej Mužila <mmuzila@redhat.com> - 2.4.0-7
+- Fix CVE-2022-1122
+
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-6
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Fri Jun 25 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-5
+- Fix CVE-2021-3575 (#1969280)
+
+* Fri Jun 25 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-4
+- Fix CVE-2021-29338 (#1951333)
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-3
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Tue Dec 29 2020 Sandro Mani <manisandro@gmail.com> - 2.4.0-1
+- Update to 2.4.0
+
+* Thu Dec 17 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-10
+* Backport patches for CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845
+
+* Thu Dec 10 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-9
+* Backport patches for CVE-2020-27824 and CVE-2020-27823
+
 * Sat Nov 28 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-8
 - Backport patch for CVE-2020-27814
 

openjpeg2_CVE-2020-27814.patch

@@ -1,16 +0,0 @@
-diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/tcd.c openjpeg-2.3.1-new/src/lib/openjp2/tcd.c
---- openjpeg-2.3.1/src/lib/openjp2/tcd.c	2020-11-28 23:29:38.701863373 +0100
-+++ openjpeg-2.3.1-new/src/lib/openjp2/tcd.c	2020-11-28 23:29:38.704863383 +0100
-@@ -1235,9 +1235,11 @@ static OPJ_BOOL opj_tcd_code_block_enc_a
- 
-     /* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
-     /* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
-+    /* and +7 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 3) */
-+    /* and +26 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 7) */
-     /* TODO: is there a theoretical upper-bound for the compressed code */
-     /* block size ? */
--    l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
-+    l_data_size = 26 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
-                                    (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
- 
-     if (l_data_size > p_code_block->data_size) {

openjpeg2_CVE-2020-6851.patch

@@ -1,18 +0,0 @@
-diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/j2k.c openjpeg-2.3.1-new/src/lib/openjp2/j2k.c
---- openjpeg-2.3.1/src/lib/openjp2/j2k.c	2019-04-02 14:45:15.000000000 +0200
-+++ openjpeg-2.3.1-new/src/lib/openjp2/j2k.c	2020-11-28 23:29:38.618863089 +0100
-@@ -9236,6 +9236,14 @@ static OPJ_BOOL opj_j2k_update_image_dim
-     l_img_comp = p_image->comps;
-     for (it_comp = 0; it_comp < p_image->numcomps; ++it_comp) {
-         OPJ_INT32 l_h, l_w;
-+        if (p_image->x0 > (OPJ_UINT32)INT_MAX ||
-+                p_image->y0 > (OPJ_UINT32)INT_MAX ||
-+                p_image->x1 > (OPJ_UINT32)INT_MAX ||
-+                p_image->y1 > (OPJ_UINT32)INT_MAX) {
-+            opj_event_msg(p_manager, EVT_ERROR,
-+                          "Image coordinates above INT_MAX are not supported\n");
-+            return OPJ_FALSE;
-+        }
- 
-         l_img_comp->x0 = (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)p_image->x0,
-                          (OPJ_INT32)l_img_comp->dx);

openjpeg2_CVE-2020-8112.patch

@@ -1,30 +0,0 @@
-diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/tcd.c openjpeg-2.3.1-new/src/lib/openjp2/tcd.c
---- openjpeg-2.3.1/src/lib/openjp2/tcd.c	2019-04-02 14:45:15.000000000 +0200
-+++ openjpeg-2.3.1-new/src/lib/openjp2/tcd.c	2020-11-28 23:29:38.662863239 +0100
-@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile
-             /* p. 64, B.6, ISO/IEC FDIS15444-1 : 2000 (18 august 2000)  */
-             l_tl_prc_x_start = opj_int_floordivpow2(l_res->x0, (OPJ_INT32)l_pdx) << l_pdx;
-             l_tl_prc_y_start = opj_int_floordivpow2(l_res->y0, (OPJ_INT32)l_pdy) << l_pdy;
--            l_br_prc_x_end = opj_int_ceildivpow2(l_res->x1, (OPJ_INT32)l_pdx) << l_pdx;
--            l_br_prc_y_end = opj_int_ceildivpow2(l_res->y1, (OPJ_INT32)l_pdy) << l_pdy;
-+            {
-+                OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->x1,
-+                                  (OPJ_INT32)l_pdx)) << l_pdx;
-+                if (tmp > (OPJ_UINT32)INT_MAX) {
-+                    opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+                    return OPJ_FALSE;
-+                }
-+                l_br_prc_x_end = (OPJ_INT32)tmp;
-+            }
-+            {
-+                OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->y1,
-+                                  (OPJ_INT32)l_pdy)) << l_pdy;
-+                if (tmp > (OPJ_UINT32)INT_MAX) {
-+                    opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+                    return OPJ_FALSE;
-+                }
-+                l_br_prc_y_end = (OPJ_INT32)tmp;
-+            }
-             /*fprintf(stderr, "\t\t\tprc_x_start=%d, prc_y_start=%d, br_prc_x_end=%d, br_prc_y_end=%d \n", l_tl_prc_x_start, l_tl_prc_y_start, l_br_prc_x_end ,l_br_prc_y_end );*/
- 
-             l_res->pw = (l_res->x0 == l_res->x1) ? 0U : (OPJ_UINT32)((

openjpeg2_opj2.patch

@@ -1,6 +1,6 @@
-diff -rupN --no-dereference openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt
---- openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt	2019-04-02 14:45:15.000000000 +0200
-+++ openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt	2020-11-28 23:29:38.576862946 +0100
+diff -rupN --no-dereference openjpeg-2.4.0/src/bin/jp2/CMakeLists.txt openjpeg-2.4.0-new/src/bin/jp2/CMakeLists.txt
+--- openjpeg-2.4.0/src/bin/jp2/CMakeLists.txt	2020-12-28 21:59:39.000000000 +0100
++++ openjpeg-2.4.0-new/src/bin/jp2/CMakeLists.txt	2020-12-29 15:45:09.466819414 +0100
 @@ -44,6 +44,8 @@ endif()
  # Loop over all executables:
  foreach(exe opj_decompress opj_compress opj_dump)

sources

@@ -1 +1 @@
-SHA512 (openjpeg-2.3.1.tar.gz) = 339fbc899bddf2393d214df71ed5d6070a3a76b933b1e75576c8a0ae9dfcc4adec40bdc544f599e4b8d0bc173e4e9e7352408497b5b3c9356985605830c26c03
+SHA512 (openjpeg-2.4.0.tar.gz) = 55daab47d33823af94e32e5d345b52c251a5410f0c8e0a13b693f17899eedc8b2bb107489ddcba9ab78ef17dfd7cd80d3c5ec80c1e429189cb041124b67e07a8