From f6c67fc2c1f3444940b9aeba8ce299e5dbe37ce4 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Tue, 29 Mar 2022 14:11:15 +0200 Subject: sync with Fedora Backport fix for CVE-2022-1122 --- openjpeg2-static.spec | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'openjpeg2-static.spec') diff --git a/openjpeg2-static.spec b/openjpeg2-static.spec index f0339cc..0eac83c 100644 --- a/openjpeg2-static.spec +++ b/openjpeg2-static.spec @@ -11,7 +11,7 @@ Name: openjpeg2-static Version: 2.4.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: C-Library for JPEG 2000 # windirent.h is MIT, the rest is BSD @@ -32,6 +32,9 @@ Patch1: CVE-2021-29338.patch # Backport proposed patch for heap buffer overflow (#1957616) # See https://github.com/uclouvain/openjpeg/issues/1347 Patch2: heap-buffer-overflow.patch +# Backport patch for CVE-2022-1122 +# See https://github.com/uclouvain/openjpeg/commit/0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d +Patch3: CVE-2022-1122.patch BuildRequires: cmake @@ -216,6 +219,7 @@ OpenJPEG2 JP3D module command line tools %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch3 -p1 # Remove all third party libraries just to be sure find thirdparty/ -mindepth 1 -maxdepth 1 -type d -exec rm -rf {} \; @@ -347,6 +351,10 @@ make test -C %{_target_platform} %changelog +* Tue Mar 29 2022 Remi Collet - 2.4.0-2 +- sync with Fedora +- Backport fix for CVE-2022-1122 + * Mon May 31 2021 Remi Collet - 2.4.0-1 - sync with Fedora - Update to 2.4.0 -- cgit