summaryrefslogtreecommitdiffstats
path: root/openjpeg2-static.spec
diff options
context:
space:
mode:
Diffstat (limited to 'openjpeg2-static.spec')
-rw-r--r--openjpeg2-static.spec48
1 files changed, 21 insertions, 27 deletions
diff --git a/openjpeg2-static.spec b/openjpeg2-static.spec
index 2ee7543..f0339cc 100644
--- a/openjpeg2-static.spec
+++ b/openjpeg2-static.spec
@@ -10,8 +10,8 @@
%global _target_platform %{_vendor}-%{_target_os}
Name: openjpeg2-static
-Version: 2.3.1
-Release: 9%{?dist}
+Version: 2.4.0
+Release: 1%{?dist}
Summary: C-Library for JPEG 2000
# windirent.h is MIT, the rest is BSD
@@ -25,21 +25,13 @@ Source1: data.tar.xz
# Rename tool names to avoid conflicts with openjpeg-1.x
Patch0: openjpeg2_opj2.patch
-# Backport patch for CVE 2020-6851
-# https://github.com/uclouvain/openjpeg/issues/1228
-Patch1: openjpeg2_CVE-2020-6851.patch
-# Backport patch for CVE 2020-8112
-# https://github.com/uclouvain/openjpeg/pull/1232/commits/05f9b91e60debda0e83977e5e63b2e66486f7074
-Patch2: openjpeg2_CVE-2020-8112.patch
-# Backport patch for CVE-2020-27814
-# https://github.com/uclouvain/openjpeg/commit/eaa098b59b346cb88e4d10d505061f669d7134fc
-Patch3: openjpeg2_CVE-2020-27814.patch
-# Backport patch for CVE-2020-27824
-# https://github.com/uclouvain/openjpeg/pull/1292/commits/6daf5f3e1ec6eff03b7982889874a3de6617db8d
-Patch4: openjpeg2_CVE-2020-27824.patch
-# Backport patch for CVE-2020-27823
-# https://github.com/uclouvain/openjpeg/commit/b2072402b7e14d22bba6fb8cde2a1e9996e9a919
-Patch5: openjpeg2_CVE-2020-27823.patch
+# Backport proposed patch for CVE-2021-29338
+# See https://github.com/uclouvain/openjpeg/issues/1338
+# and https://github.com/uclouvain/openjpeg/pull/1346
+Patch1: CVE-2021-29338.patch
+# Backport proposed patch for heap buffer overflow (#1957616)
+# See https://github.com/uclouvain/openjpeg/issues/1347
+Patch2: heap-buffer-overflow.patch
BuildRequires: cmake
@@ -224,9 +216,6 @@ OpenJPEG2 JP3D module command line tools
%patch0 -p1
%patch1 -p1
%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
# Remove all third party libraries just to be sure
find thirdparty/ -mindepth 1 -maxdepth 1 -type d -exec rm -rf {} \;
@@ -247,7 +236,7 @@ export CFLAGS="%{optflags} -fPIC"
-DBUILD_STATIC_LIBS=ON \
-DBUILD_SHARED_LIBS=OFF \
%{?runcheck:-DBUILD_TESTING:BOOL=ON -DOPJ_DATA_ROOT=$PWD/../data} \
- ..
+ -B . -S ..
popd
%make_build VERBOSE=1 -C %{_target_platform}
@@ -290,15 +279,15 @@ make test -C %{_target_platform}
%{!?_licensedir:%global license %doc}
%license LICENSE
%doc AUTHORS.md NEWS.md README.md THANKS.md
-%{_mandir}/man3/libopenjp2.3*
+%{_mandir}/man3/libopenjp2.*
%files devel
-%dir %{_includedir}/openjpeg-2.3/
-%{_includedir}/openjpeg-2.3/openjpeg.h
-%{_includedir}/openjpeg-2.3/opj_config.h
-%{_includedir}/openjpeg-2.3/opj_stdint.h
+%dir %{_includedir}/openjpeg-2.4/
+%{_includedir}/openjpeg-2.4/openjpeg.h
+%{_includedir}/openjpeg-2.4/opj_config.h
+%{_includedir}/openjpeg-2.4/opj_stdint.h
%{_libdir}/libopenjp2.a
-%{_libdir}/openjpeg-2.3/
+%{_libdir}/openjpeg-2.4/
%{_libdir}/pkgconfig/libopenjp2.pc
%files devel-docs
@@ -358,6 +347,11 @@ make test -C %{_target_platform}
%changelog
+* Mon May 31 2021 Remi Collet <remi@remirepo.net> - 2.4.0-1
+- sync with Fedora
+- Update to 2.4.0
+- Apply proposed patches for CVE-2021-29338 and a heap buffer overflow (#1957616)
+
* Thu Feb 13 2020 Remi Collet <remi@remirepo.net> - 2.3.1-9
- sync with Fedora
- Backport patches for CVE-2020-27824 and CVE-2020-27823