Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

jasper-1.900.14-173.1 RPM for armv7hl

From OpenSuSE 42.2 updates for armv7hl

Name: jasper Distribution: openSUSE Leap 42.2
Version: 1.900.14 Vendor: openSUSE
Release: 173.1 Build date: Thu Mar 9 16:28:49 2017
Group: Productivity/Graphics/Convertors Build host: armbuild26
Size: 549102 Source RPM: jasper-1.900.14-173.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://www.ece.uvic.ca/~mdadams/jasper/
Summary: An Implementation of the JPEG-2000 Standard, Part 1
This package contains an implementation of the image compression
standard, JPEG-2000, Part 1. It consists of tools for conversion to and
from the JP2 and JPC formats.

Provides

Requires

License

SUSE-Public-Domain

Changelog

* Mon Mar 06 2017 sbrabec@suse.com
  - Add -D_BSD_SOURCE to fix redefinition of system types in
    jas_config.h and breakage in ppc64le, s390 and s390x
    (bsc#1028070).
* Wed Dec 21 2016 fstrba@suse.com
  - Added patch:
    * jasper-CVE-2016-9591.patch
    - Fix for bsc#1015993, CVE-2016-9591: Use-after-free on heap in
      jas_matrix_destroy
* Tue Dec 13 2016 fstrba@suse.com
  - Added patches:
    * jasper-CVE-2016-8654.patch
    - Upstream fix for bsc#1012530, CVE-2016-8654: Heap-based
    buffer overflow in QMFB code in JPC codec
    * jasper-CVE-2016-9395.patch
    - Upstream fix for bsc#1010977, CVE-2016-9395: jas_seq.c:90:
    jas_matrix_t *jas_seq2d_create(int, int, int, int): Assertion
    'xstart <= xend && ystart <= yend' failed
    * jasper-CVE-2016-9398.patch
    - Fix for bsc#1010979, CVE-2016-9398: jpc_math.c:94: int
    jpc_floorlog2(int): Assertion 'x > 0' failed
    * jasper-CVE-2016-9560.patch
    - Upstream fix for bsc#1011830, CVE-2016-9560: stack-based
    buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c)
* Wed Oct 26 2016 fstrba@suse.com
  - Updated to bugfix release 1.900.14
    * Security fixes
      + bsc#941919, CVE-2015-5203
      + bsc#1006591, CVE-2016-8880
      + bsc#1006593, CVE-2016-8881
      + bsc#1006597, CVE-2016-8882
      + bsc#1006598, CVE-2016-8883
      + bsc#1007009, CVE-2016-8884, CVE-2016-8885
      + bsc#1006599, CVE-2016-8886
      + bsc#1006836, bsc#1006839, CVE-2016-8887
    * Changes
      + Add another data file for testing (Michael Adams)
      + Ensure that not all tiles lie outside the image area (Michael
      Adams)
      + Added a note on sanitizer options (Michael Adams)
      + Added a simple test script (Michael Adams)
      + Added an --enable-memory-limit configure option (Michael
      Adams)
      + Manually merged and edited a few changes from Bob Friesenhahn
      (GraphicsMagick Maintainer) for Windows (Michael Adams)
      + Added some new mostly small image files (many of which are
      corrupt/invalid) that are useful for testing purposes
      (Michael Adams)
      + The debugging function jpc_dec_dump did not consider the case
      that a band can have a null data pointer (when a band
      contains no samples). This caused a null pointer to be
      dereferenced (Michael Adams)
      + Changed the JPC bitstream code to more gracefully handle a
      request for a larger sized integer than what can be handled
      (i.e., return with an error instead of failing an assert).
      (Michael Adams)
      + The component domains must be the same for the ICT/RCT in the
      JPC codec. This was previously enforced with an assertion.
      Now, it is handled in a more graceful manner (Michael Adams)
      + Fixed a few bugs in the RAS encoder and decoder where errors
      were tested with assertions instead of being gracefully
      handled (Michael Adams)
* Mon Oct 24 2016 fstrba@suse.com
  - Updated to bugfix release 1.900.13
    * Changes
      + Fixed another problem with incorrect cleanup of JP2 box data
      upon error. (Michael Adams)
      + Fixed another integer overflow problem. (Michael Adams)
      + Replaced the remaining left and right shifts in the QMFB/MCT
      code that can result in undefined behavior (due to shifting
      negative values) with call to inline functions.
      These functions collect all of the undefined behavior in one
      place and also allow code sanitizers to ignore this ugliness
      (via function attributes). (Michael Adams)
      + Fixed a bug in the row/column split operations for QMFBs.
      (Michael Adams)
      + Made the PNM decoder more gracefully handle the not-fully-
      supported feature of signed sample data. (Michael Adams)
      + The PNM decoder did not gracefully handle an invalid magic
      number in the PNM header. (Michael Adams)
      + Fixed a MIF decoder bug. (Michael Adams)
      + The imginfo command did not correctly handle an image with
      zero components. (Michael Adams)
      + Fixed an integer overflow problem. (Michael Adams)
      + A new experimental memory allocator has been introduced. The
      allocator is experimental in the sense that its API is not
      considered stable and the allocator may change or disappear
      entirely in future versions of the code. This new allocator
      tracks how much memory is being used by jas_malloc and friends.
      A maximum upper bound on the memory usage can be set via the
      experimental API provided and a default value can be set at
      build time as well. Such functionality may be useful in
      run-time environments where the user wants to be able to limit
      the amount of memory used by JasPer. This allocator is not
      used by default. (Michael Adams)
      + Changed the configure setup so that if GCC is used warnings
      and pedantic errors are enabled. (Michael Adams)
      + Fixed a bug that resulted in the destruction of JP2 box data
      that had never been constructed in the first place. (Michael
      Adams)
      + The memory stream interface allows for a buffer size of zero.
      The case of a zero-sized buffer was not handled correctly, as
      it could lead to a double free (bsc#1005242, CVE-2016-8693).
      (Michael Adams)
      + Fixed a small memory leak for CRG marker segments. (Michael
      Adams)
      + Fixed a problem with a null pointer dereference in the BMP
      decoder. (Michael Adams)
      + Introduced jas_fast32_asl, jas_fast32_asr, and friends in
      order to pull all undefined behavior for left and right shift
      of (negative) integers into a small number of places and
      provide a means to have UBSAN ignore this ugliness. (Michael
      Adams)
      + Fixed an integral type promotion problem by adding a JAS_CAST.
      Modified the jpc_tsfb_synthesize function so that it will be a
      noop for an empty sequence (in order to avoid dereferencing a
      null pointer). (Michael Adams)
      + Added some extra debugging log messages for memory
      allocation/deallocation. (Michael Adams)
      + The RCT and ICT require at least three components. Previously,
      this was enforced with an assertion. Now, the assertion has
      been replaced with a proper error check. (Michael Adams)
      + The member (pi) in tiles was not properly initialized. This is
      now corrected. Also, each tile is now only cleaned up once.
      (Michael Adams)
      + Initialize uninitialized variable. (Michael Adams)
      + Added some options to configure for enabling various code
      sanitizers. (Michael Adams)
      + Added some range checks on parameters in some JPC marker
      segments. (Michael Adams)
      + Fixed potential integer overflow problem. (Michael Adams)
      + Added some functions for safe integer arithmetic (for size_t)
      in jas_math.h. (Michael Adams)
      + Fixed some indentation issues. (Michael Adams)
      + Converted a few raw mallocs to use jas_alloc2. Added code in
      the jas_* memory allocation/deallocation functions to generate
      debugging log messages. Only disable JAS_DBGLOG message if
      NDEBUG is defined. (Michael Adams)
      + Added more error/log messages for debugging in the JPEG
      decoder. (Michael Adams)
      + Added some extra log messages for debugging. Added check of
      value returned by jas_matrix_create. (Michael Adams)
      + Applied fix for VPATH builds (Michael Adams)
      + Did some configure.ac cleanup (Michael Adams)
      + Fixed 'inline' for older version of Visual Studio. (dirk)
      + Fix a potential double fclose of a FILE* in the JPEG decoder.
      (Michael Adams)
      + Changed jas_types.h to assume that header files required by
      the C99 standard are present. (Michael Adams)
      + Incorporated changes from patch
      jasper-1.900.3-libjasper-stepsizes-overflow.patch (Michael
      Adams)
      + Incorporated changes from patch
      jasper-1.900.3-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch
      (Michael Adams)
      + Incorporated changes from patch
      jasper-1.900.3-Coverity-RESOURCE_LEAK.patch (Michael Adams)
      + Incorporated patch jasper-1.900.3-Coverity-NULL_RETURNS.patch
      (Michael Adams)
      + Fixed memory leak in jiv. (Michael Adams)
      + Fixed a sanitizer failure in the BMP codec (bsc#1005084,
      CVE-2016-8690). Also, added a --debug-level command line
      option to the imginfo command for debugging purposes.
      (Michael Adams)
      + Added some missing type casts to ensure promotion to the
      correct unsigned type to avoid undefined behavior (and stop
      warnings from USAN). (Michael Adams)
      + Fixed a linking problem with newer versions of GCC. (Michael
      Adams)
      + Changed --enable-debug configure option to enable some GCC
      sanitizers. (Michael Adams)
      + Added range check on XRsiz and YRsiz fields of SIZ marker
      segment (bsc#1005090, CVE-2016-8691, CVE-2016-8692). (Michael
      Adams)
      + At many places in the code, jas_malloc or jas_recalloc was
      being invoked with the size argument being computed in a
      manner that would not allow integer overflow to be detected.
      Now, these places in the code have been modified to use
      special-purpose memory allocation functions (e.g., jas_alloc2,
      jas_alloc3, jas_realloc2) that check for overflow.
      (Michael Adams)
      + Add fixes for CVE-2014-8137. (Michael Adams)
      + Added fix for CVE-2016-2089. (Michael Adams)
      + Moved abort into default case of switch statement. (Michael
      Adams)
      + Remove auto-generated file aclocal.m4 from repository.
      (Michael Adams)
      + Removed HAVE_VLA stuff from various configuration and build
      files. Also, changed a few INCLUDES to AM_CPPFLAGS in automake
      files (since INCLUDES is deprecated). (Michael Adams)
      + 1.701.0-GL (Richard Hughes)
      + pkgconfig (Richard Hughes)
      + Coverity-UNREACHABLE (Richard Hughes)
      + CVE-2016-1867 (Richard Hughes)
      + CVE-2014-9029 (Richard Hughes)
      + CVE-2014-8158 (Richard Hughes)
      + CVE-2014-8157 (Richard Hughes)
      + CVE-2014-8138 (Richard Hughes)
      + CVE-2015-5221 (Richard Hughes)
      + CVE-2016-2116 (Richard Hughes)
      + Coverity-FORWARD_NULL (Richard Hughes)
      + jpc_dec.c (Richard Hughes)
      + Coverity-CHECKED_RETURN (Richard Hughes)
      + CVE-2016-1577 (Richard Hughes)
      + Coverity-UNUSED_VALUE (Richard Hughes)
      + Coverity-BAD_SIZEOF (Richard Hughes)
      + CVE-2008-3522 (Richard Hughes)
  - Removed patches:
    * jasper-1.900.1-bug258253.patch
    * jasper-1.900.1-bug392410.patch
    * jasper-1.900.1-no-undef-true-false.patch
    * jasper-1.900.1-bug725758.patch
    * jasper-overflow-bnc906364.patch
    * jasper-CVE-2014-8137.patch
    * jasper-CVE-2014-8138.patch
    * jasper-CVE-2014-8157.patch
    * jasper-CVE-2014-8158.patch
    * jasper-jpc_dec.patch
    * jasper-CVE-2016-1867.patch
    * jasper-CVE-2016-2089.patch
      + Fixed upstream
  - Force -std=c99, since the upstream sources assume C99
* Tue Feb 02 2016 fstrba@suse.com
  - Modified patch
    * jasper-CVE-2016-2089.patch
      + Use the new version of patch from
      https://bugzilla.redhat.com/show_bug.cgi?id=1302636
      with more targetted checks.
  - Version the Obsoletes/Provides so that the package does not
    obsolete itself
* Thu Jan 28 2016 fstrba@suse.com
  - Add jasper-CVE-2016-2089.patch
    * CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip()
      function (bsc#963983)
* Thu Jan 14 2016 fstrba@suse.com
  - Add jasper-CVE-2016-1867.patch
    * CVE-2016-1867: Out-of-bounds Read in the JasPer's
      jpc_pi_nextcprl() function (bsc#961886)
* Sun Jul 12 2015 badshah400@gmail.com
  - Add jasper-jpc_dec.patch to fix failure when manipulating images
    with 4 component color using reversible color translation
    (deb#469786); patch taken from Fedora.
* Wed Jan 14 2015 nadvornik@suse.com
  - fixed CVE-2014-8157, CVE-2014-8158 (bnc#911837)
* Fri Dec 19 2014 nadvornik@suse.com
  - fixed CVE-2014-8137, CVE-2014-8138 (bnc#909474, bnc#909475)
* Tue Dec 02 2014 nadvornik@suse.com
  - fixed possible overflow CVE-2014-9029 (bnc#906364)
* Thu Jun 12 2014 nadvornik@suse.com
  - added obsoletes and provides of libjasper-32bit (bnc#881716)
* Wed Mar 05 2014 nadvornik@suse.com
  - fixed possible overflow (bnc#725758, bnc#830803)
* Wed Sep 11 2013 pgajdos@suse.com
  - added no-undef-true-false.patch to fix [bnc#839584]
* Thu Mar 28 2013 mmeister@suse.com
  - Added url as source.
    Please see http://en.opensuse.org/SourceUrls
* Sat Jan 12 2013 coolo@suse.com
  - remove suse_update_config
* Sun Nov 13 2011 coolo@suse.com
  - add libtool as explicit buildrequire to avoid implicit dependency from prjconf
* Wed Oct 05 2011 uli@suse.com
  - cross-build fix: use %configure macro
* Mon Aug 02 2010 coolo@novell.com
  - fix baselibs.conf
* Thu Jul 29 2010 coolo@novell.com
  - do not build the highlevel image viewer in a basic library
    (in case someone needs it, we better do a 2nd spec file)
  - follow shared library policy
* Wed Dec 16 2009 jengelh@medozas.de
  - add baselibs.conf as a source
  - enable parallel building

Files

/usr/bin/imgcmp
/usr/bin/imginfo
/usr/bin/jasper
/usr/share/doc/packages/jasper
/usr/share/doc/packages/jasper/COPYRIGHT
/usr/share/doc/packages/jasper/INSTALL
/usr/share/doc/packages/jasper/LICENSE
/usr/share/doc/packages/jasper/NEWS
/usr/share/doc/packages/jasper/README
/usr/share/doc/packages/jasper/README.doc
/usr/share/doc/packages/jasper/jasper.pdf
/usr/share/doc/packages/jasper/jpeg2000.pdf
/usr/share/man/man1/imgcmp.1.gz
/usr/share/man/man1/imginfo.1.gz
/usr/share/man/man1/jasper.1.gz
/usr/share/man/man1/jiv.1.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Dec 14 23:33:39 2017