|
|
|
|
Changelog for leptonica-devel-1.77.0-35.4.x86_64.rpm :
* Mon Dec 17 2018 Karol Babioch - Update to 1.77.0 * CVE-2018-7442: potential injection attack because \'/\' is allowed in gplot rootdir. (bsc#1082748) * CVE-2018-7186: number of characters not limited in fscanf or sscanf, allowing possible attack with buffer overflow. (bsc#1081576) * CVE-2018-3836: command injection vulnerability in gplotMakeOutput(). (bsc#1079358) * CVE-2017-18196: duplicated path components. (bsc#1082843) * CVE-2018-7441: hardcoded /tmp pathnames. (bsc#1082749) * CVE-2018-7247: input \'rootname\' can overflow a buffer. (bsc#1081631) * CVE-2018-7440: command injection in gplotMakeOutput using $(command). (bsc#1082747) * Using a packed struct for bmp headers to avoid crash on some big-endians. * Fixed a bug in the prototype parser for xtractprotos that was surfaced by a typedef declaration for the bmp headers. * Added some basic pixa functions for rotation and translation. * Added an iterative method to find rectangular coverings for arbitrary connected components. * Enabled read/write for standard jpeg compressed tiff images. * Enabled reading for the old (deprecated) jpeg-encoded tiffs. * Fix range selectors for pixa, pixaa, boxa, boxaa, pta: Now, last = -1 goes to the end. * When reading tiff --> pix, insert IMAGEDESCRIPTION into text field. * Fri May 04 2018 lazy.kentAATTopensuse.org- Update to 1.76.0. * Modify infrastructure to fix outstanding security issues. By default, you can no longer create temp directories and temp files whose names are known to the compiler. Also, prevent \"system\" calls, which were used for image display and gnuplot. * Replaced remaining sprintf() with snprintf() in prog tests. * Added non-transcoding functions for generating pdf from jpeg pixacomp. * Add control of jpeg quality from pixWriteMem() and pixWriteStream(). * Fixed getFilenamesInDirectory() to properly identify directories. * Prevent size overflow in calloc for kernel; cleaned it up fpix and dpix. * bmp reading now accepts negative height. * Simplified splitimage2pdf; it no longer uses ps2pdf. * Remove name-mangling WRITE_AS_NAMED compile option. * Removed 2 deprecated write functions. * Added these regression tests: locminmax_reg, speckle_reg, watershed_reg. * Mon Feb 19 2018 kbabiochAATTsuse.com- Update to 1.75.3: * See changes in the version-notes.html file. * Fixed a stack based buffer overflows in gplotRead() and ptaReadStream() when parsing crafted files can lead to denial of service (CVE-2018-7186 bsc#1081576) * Fixed a buffer overflow in pixHtmlViewer in prog/htmlviewer.c (unsanitized input (rootname)), which could potentially lead to arbitrary code exeuction. (CVE-2018-7247 bsc#1081631) * Sun Feb 04 2018 jengelhAATTinai.de- Fix RPM groups. * Fri Feb 02 2018 lazy.kentAATTopensuse.org- Update to 1.75.1. * See changes in the version-notes.html file.- Add leptonica-license.txt, version-notes.html, moller52.jpg to docs of the liblept package. * Mon Dec 11 2017 lazy.kentAATTopensuse.org- Update to 1.74.4. * See changes in the version-notes.html file.- Add BuildRequires: gnuplot. * Fri Feb 17 2017 idonmezAATTsuse.com- Update to version 1.74.1 Version 1.74.1 4 Jan 17 * Configuration changes to support the patch number in the version (major.minor.patch). * Removed all remaining pixDisplayWrite() calls in prog/. * Cleaned up and/or promoted about 15 programs to full regression tests. There are now 95 tests in the regression set. * Over half the initial coverity scan warnings have been removed. Version 1.74.0 10 Dec 16 * Leptonica development was moved to github. The master is at: github.com/danbloomberg/leptonica * New modes for RGB --> gray conversion. * New functions added for displaying a pix from a pixa. * Split out sort/hash/set/map functions for dna, sarray and pta. * More robust horizontal deskew on multi-column page images. * Improve webpio_reg test. * Remove X11 display for gplot; it is no longer supported. * Remove most sleep calls, which were put in for gplot; no longer needed. * Removed use of gthumb in library. * Removed use of pixDisplayWrite() in the library; still in some progs. * Improved test for endianness in makefile.static; no longer requires any local files or building and running a program. * Modified all files for doxygen output (spearheaded by Jurgen Buchmuller) * Improved plotting of the boxes in a boxa. * Replaced the slow point hash function with a simple fast one. * Added pam (4 component) format writing to pnmio.c (Jurgen Buchmuller) * Improved rendering of pixa in side/by/sides. * Better utilities for pixa and pixacomp. * Add read/write serialization functions from/to memory for all the major data structures that do not already have them. * More serialized boot recognizers stored as self-generating code. * Cleaned up generating an adapted recognizer from the boot recognizer. * Simplified temp file naming; removed most instances of named temp files from non-debug code; use tmpfile() and a wrapper l_makeTempFilename(). * Simplify and streamline multipage tiff reading (Jeff Breidenbach). * Improvement of Otsu thresholding. * Recognize outstanding contributors to leptonica over the years. * New gif mem read/write interface that avoids writing a temp file, contributed by Tobias Peirick. * Use double arrays (dna) instead of float (numa) for set ops. * Cleanup of gray quantization functions and tests. * Refactored connectivity-conserving operations, to make them more useful. * Provided methods for measuring and regularizing the width of strokes. * Removed viewfiles.c from library; code is now in prog htmlviewer.c. * Better debugging in page segmentation (pageseg.c) * Deprecated the pixDisplayWrite *() debugging methods. * Added about 15 regression tests to the framework in alltests_reg.c * Final mods for compatibility with tesseract 4.00. * Tue Feb 02 2016 lazy.kentAATTopensuse.org- Update to 1.73. * All lept_ * functions have been rewritten to avoid path rewrites for output to temp files, which were introduced in 1.72. * Added grayscale histogram functions that can be used to compare images. * Added functions to determine if an image region has horizontal text lines. * Added functions to compare photo regions of images to determine if they\'re essentially the same. * Added red-black tree utility functions to implement maps and sets. * Improved security of tiff and gif reading, to prevent memory corruption when reading bad data.- Change major library version to 5.- Change programs prefix from \"leptonica\" to \"lept\" (make the names simpler to use). * Sun Sep 27 2015 asterios.dramisAATTgmail.com- Update to 1.72: * Better handling of 1 bpp colormap read/write with png so that they are losseless. The colormap is always removed on read and the conversion is to the simplest non-cmapped pix that can fully represent the input -- both with and without alpha. * Fixed overflow bug in pixCorrelationBinary(). * Fixed orientation flags and handling of 16 bit RGB in tiff. * Also new wrappers to TIFFClientOpen(), so we no longer go through the file descriptor for memory operations. * Improvements in the dewarp functions. * New box sequence smoothings. * New antialiased painting through mask; previously it was only implemented for connected components in a mask. * Better error handling and debug output with jpeg2000 read/write. * Implemented base64 encoding. This allows binary data to be represented as a C string that can be compiled. Used this in bmf utility. * Implemented automatic code generation for deserialization from compiled strings (stringcode. *) * Regression tests write to leptonica subdir of in windows; in unix it is optional. This avoids spamming the directory. * Added new colorspace conversions (XYZ, LAB). * New source files: encoding.c, bmfdata.h, stringcode.c, stringcode.h, bootnumgen.c. * Removed source files: convolvelow.c, graymorphlow.c * New programs: genfonts_reg, colorize_reg, texturefill_reg, autogentest1, autogentest2. * alltests_reg now has 66 tests.- Added new build requirement openjpeg2-devel for openSUSE > 13.1. * Sat Sep 27 2014 lazy.kentAATTopensuse.org- Update to 1.71. * This version supports tesseract 3.0.4. In particular, 3.0.4 has automatic conversion of a set of scanned images, either in a directory or coming directly from a scanner, into pdf with injected text. This is something we\'ve wanted to do for several years! * Improved jp2k header reading, including resolution. * Removed src files: rotateorthlow.c, pdfio.c, pdfiostub.c. * Renamed jp2kio.c, jp2kiostub.c ==> jp2kheader.c, jp2kheaderstub.c. These header reading functions parse the jp2k files, and don\'t require a jpeg2000 library. * New jp2kio.c, jp2kiostub.c, that uses openjpeg-2.X to read and write jp2k. We now support I/O from these formats: png, tiff, jpeg, bmp, pnm, webp, gif and jp2k as well as writing to PostScript and pdf. * New pdfio1.c, pdfio1stub.c, pdfio2.c pdfio2stub.c, where we\'ve split functions into high and low level. * Fixed memory bug in bilateral.c. * Improved reading/write of binary data from file. For example, l_binaryReadStream() can now be used to capture data piped in via stdin. * Font directory now arg passed in everywhere (not hardcoded). * Don\'t write temporary files to /tmp; only to a small number of subdirectories, to avoid spamming the /tmp directory. E.g., for regression tests, the current output is now to /tmp/regout/. * For jpeg reading modify pixReadJpeg() to take as a hint a bit flag that allows extraction of only the luminance channel. * Allow wrapping of pdf objects from png images without transcoding. * Better support for alpha on read/write with png, including 1 bpp with colormap, alpha (supported in png with transparency array).
|
|
|