[arch-commits] Commit in jasper/trunk (PKGBUILD jasper-1.900.1-CVE-2016-2089.patch)
Levente Polyak
anthraxx at archlinux.org
Wed Nov 9 23:15:28 UTC 2016
Date: Wednesday, November 9, 2016 @ 23:15:27
Author: anthraxx
Revision: 280274
upgpkg: jasper 1.900.24-1
Modified:
jasper/trunk/PKGBUILD
Deleted:
jasper/trunk/jasper-1.900.1-CVE-2016-2089.patch
------------------------------------+
PKGBUILD | 36 ++++++++++++++++++-----------------
jasper-1.900.1-CVE-2016-2089.patch | 33 --------------------------------
2 files changed, 19 insertions(+), 50 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-11-09 21:10:51 UTC (rev 280273)
+++ PKGBUILD 2016-11-09 23:15:27 UTC (rev 280274)
@@ -1,37 +1,39 @@
-# $Id$
+# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
# Maintainer: Eric Bélanger <eric at archlinux.org>
pkgname=jasper
-pkgver=1.900.5
+pkgver=1.900.24
pkgrel=1
-pkgdesc="A software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard"
+pkgdesc='Software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard'
+url='http://www.ece.uvic.ca/~mdadams/jasper/'
arch=('i686' 'x86_64')
-url="http://www.ece.uvic.ca/~mdadams/jasper/"
license=('custom:JasPer2.0')
depends=('libjpeg')
makedepends=('freeglut' 'libxmu' 'glu')
-optdepends=('freeglut: for jiv support' 'glu: for jiv support')
-source=(http://www.ece.uvic.ca/~mdadams/${pkgname}/software/${pkgname}-${pkgver}.tar.gz
- jasper-1.900.1-fix-filename-buffer-overflow.patch
- jasper-1.900.1-CVE-2016-2089.patch)
-sha1sums=('ca335fc2eccbd01019bf402dac810de1f02f98ac'
- '577dfce40da75818c4d32eb1c4532b1370950bee'
- '981d622402f6ce82975489d76a373e4abd252418')
+optdepends=('freeglut: jiv support'
+ 'glu: jiv support')
+options=('staticlibs')
+source=(${pkgname}-${pkgver}.tar.gz::https://github.com/mdadams/jasper/archive/version-${pkgver}.tar.gz
+ jasper-1.900.1-fix-filename-buffer-overflow.patch)
+sha512sums=('8d9871a651d75290b7ee1172a295a5af9fe1772367ed67412cfbf47834f1628718100b4201b574c4fdd14ae74134e05756cae55b52ccb8590b96c6735c6e2426'
+ '741a2200b12e7ba4a06a312c44d08c35e05f312bed0b652c044bad3e080fde9865dbebbe76e4bf2436f1e27d3e4c1784240f530db7a7012a8da6fc89bf8e6978')
prepare() {
- cd ${pkgname}-${pkgver}
- patch -p1 -i "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch"
- patch -p1 -i "${srcdir}/jasper-1.900.1-CVE-2016-2089.patch"
+ cd ${pkgname}-version-${pkgver}
+ patch -p1 < "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch"
+ autoreconf -fvi
}
build() {
- cd ${pkgname}-${pkgver}
+ cd ${pkgname}-version-${pkgver}
./configure --prefix=/usr --mandir=/usr/share/man --enable-shared
make
}
package() {
- cd ${pkgname}-${pkgver}
+ cd ${pkgname}-version-${pkgver}
make DESTDIR="${pkgdir}" install
- install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
+ install -Dm 644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
}
+
+# vim: ts=2 sw=2 et:
Deleted: jasper-1.900.1-CVE-2016-2089.patch
===================================================================
--- jasper-1.900.1-CVE-2016-2089.patch 2016-11-09 21:10:51 UTC (rev 280273)
+++ jasper-1.900.1-CVE-2016-2089.patch 2016-11-09 23:15:27 UTC (rev 280274)
@@ -1,33 +0,0 @@
-Description: CVE-2016-2089: matrix rows_ NULL pointer dereference in jas_matrix_clip()
-Origin: vendor
-Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1302636
-Bug-Debian: https://bugs.debian.org/812978
-Forwarded: not-needed
-Author: Tomas Hoger <thoger at redhat.com>
-Reviewed-by: Salvatore Bonaccorso <carnil at debian.org>
-Last-Update: 2016-03-05
-
---- a/src/libjasper/base/jas_image.c
-+++ b/src/libjasper/base/jas_image.c
-@@ -426,6 +426,10 @@ int jas_image_readcmpt(jas_image_t *imag
- return -1;
- }
-
-+ if (!data->rows_) {
-+ return -1;
-+ }
-+
- if (jas_matrix_numrows(data) != height || jas_matrix_numcols(data) != width) {
- if (jas_matrix_resize(data, height, width)) {
- return -1;
-@@ -479,6 +483,10 @@ int jas_image_writecmpt(jas_image_t *ima
- return -1;
- }
-
-+ if (!data->rows_) {
-+ return -1;
-+ }
-+
- if (jas_matrix_numrows(data) != height || jas_matrix_numcols(data) != width) {
- return -1;
- }
More information about the arch-commits
mailing list