|
|
|
|
Changelog for exiv2-lang-0.26-lp152.8.2.noarch.rpm :
* Tue Mar 24 2020 Dirk Mueller - add 0001-Avoid-null-pointer-exception-due-to-NULL-return-valu.patch (bsc#1142684, CVE-2019-13114): * fixes null-pointer dereference in http.c causing denial of service- add 0001-IptcData-printStructure-Remove-buffer-overrun.patch (bsc#1088424, CVE-2018-9305): * fixes an out-of-bounds read in IptcData::printStructure in iptc.c- add 0001-Fix-SEGV-in-DataValue-Copy.patch (bsc#1109299, CVE-2018-17282): * fixes null pointer dereference in Exiv2:DataValue:copy in value.cpp- add 0001-PSD-Use-Safe-add-for-preventing-overflows-in-PSD-fil.patch, 0002-PSD-enforce-Length-of-image-resource-section-file-si.patch (CVE-2018-19108, bsc#1115364): * fixes denial of service in Exiv2::PsdImage::readMetadata- add 0001-Fix-561.-Use-proper-counter-for-the-idx-variable.patch (CVE-2018-19607, bsc#1117513): * fixes a denial of service (NULL pointer dereference and application crash) * Tue Oct 16 2018 Dirk Mueller - update to latest 0.26 branch: * Fixes CVE-2018-12264, CVE-2018-12265 (bsc#1097599) * Fixes CVE-2017-9239 (bsc#1040973): null pointer dereference in doWriteImage * Fixes CVE-2018-17229 (bsc#1109175): (Heap buffer overflow in Exiv2::d2Data) * Fixes CVE-2018-17230 (bsc#1109176): (heap-based buffer overflow in Exiv2::ul2Data) * Fixes CVE-2017-1000126 (Stack out of bounds read in webp parser) (bsc#1068873) * Fri Jun 29 2018 tchvatalAATTsuse.com- Fix build on python3 only system by making sure we use python3 when building * Wed May 30 2018 dmuellerAATTsuse.com- update to latest 0.26 branch: * obsoletes 0001-Use-more-GNUInstallDirs.patch d4e4288d839d0d9546a05986771f8738c382060c.patch gcc-version-check.patch 7f5b0778fa301b68c1c88e3820ec3afbd09dd0a5.patch fix-crash.patch * adds exiv2-update-to-0.26-branch.patch * Fixes CVE-2017-14864 (bsc#1060995), CVE-2017-14862 (bsc#1060996), CVE-2017-14859 (bsc#1061000) CVE-2017-14860 (bsc#1048883), CVE-2017-11337 (bsc#1048883), CVE-2017-11338 (bsc#1048883), CVE-2017-11339 (bsc#1048883), CVE-2017-11340 (bsc#1048883), CVE-2017-11553, CVE-2017-12955 (bsc#1054593), CVE-2017-12956, CVE-2017-12957, CVE-2017-11683, CVE-2017-11592, CVE-2017-11591 (bsc#1050257) * Fri Nov 24 2017 cfeckAATTkde.org- split developer documentation into separate package * Tue Oct 17 2017 dmuellerAATTsuse.com- add 0001-Use-more-GNUInstallDirs.patch (bsc#938600)- add d4e4288d839d0d9546a05986771f8738c382060c.patch ( CVE-2017-14864 bsc#1060995, CVE-2017-14862 bsc#1060996, CVE-2017-14859 bsc#1061000) * Wed Aug 09 2017 wbauerAATTtmo.at- Add fix-crash.patch to prevent crashes in gwenview with certain images (boo#1051782)- Update source tarball to the fixed upstream re-release and remove the workaround in the spec file- Replace gcc-version-check.patch with the version committed upstream * Tue Jul 04 2017 wbauerAATTtmo.at- Fix baselibs.conf * Fri Jun 30 2017 wbauerAATTtmo.at- Update to version 0.26 * See http://www.exiv2.org/changelog.html- Add gcc-version-check.patch to fix build on Tumbleweed- Dropped the following upstreamed patches: * exiv2-cmake-libsuffix.patch * exiv2_r3889_r3890_fix_boo964344.diff * Thu May 05 2016 suse-betaAATTcboltz.de- add exiv2_r3889_r3890_fix_boo964344.diff (taken from revisions linked in http://dev.exiv2.org/issues/1106) to fix crash in darktable (boo#964344) * Wed Jul 15 2015 jengelhAATTinai.de- Adjust RPM groups- Put manpage in proper subpackage * Tue Jun 23 2015 dmuellerAATTsuse.com- readd parallel-build-dep.patch * Mon Jun 22 2015 tittiatcokeAATTgmail.com- Update to version 0.25 * exivsimple has array index errors when stripping quotes form trivial input strings * Use SVN eol-style LF on all files * Access violation on IptcData::operator[] when key is invalid * PNG images with tiff tags throw exceptions * Plasma kde crashes when specific jpeg is on the Desktop * TIFF parser,Binary array elements should be decoded using the Makernote\'s endianness, not that of the image * Coverity scan : Issue CID 981992 , 981993 * Wrong key name in output of addmodel sample * Printing tags does not honor multi-byte label widths correctly * Wrong ApertureValue written * pyexiv2 fails on cifs shares on an Ubuntu client * TIFF parser,Parse TIFF PageNumber * Add new sample applications exifdata and exivvalue * Add option -K Key (--key Key) to specify one or more keys to output * \"exiv2 -eX\" followed by \"exiv2 -iX\" produces invalid XMP metadata packet * Sony NEX Lens Information * Handle Pentax makernotes in samsung-rebranded cameras * Olympus XZ-1 FocusDistance incorrect * Support Panasonic Makernote * detection of Pentax DA 35/2.4 lens * Canon EOS M EF-M lenses * Lens matching on Canon * Tamron 18-270 is not detected anymore * Wrong aperture for Tamron 70-300? * Recognize Samsung NX 10mm Fisheye * Pentax/Sigma 24-70mm F2.8 IF EX DG HSM data * See also http://www.exiv2.org/changelog.html- Dropped the following upstreamed patches: * fix-overflow-in-info-tags-r3264.patch * fix-video-timescale-handling.patch * parallel-build-dep.patch * fix-parallel-build.patch * Thu Jun 18 2015 dimstarAATTopensuse.org- Switch to cmake build system: there are various code snips that use variables that are only defined in the cmake build system (e.g. src/utils.cpp uses EXV_HAVE_UNISTD_H to include unistd.h, which is not done with configure. With gcc5 this results now in a failure, as unistd.h is no longer implicit).- Add exiv2-cmake-libsuffix.patch: Install the library to lib64 on the respective archs. * Sun May 24 2015 gernotAATThillier.de- add fix-video-timescale-handling.patch: Fix crash when scanning mp4 videos. * Tue May 12 2015 dmuellerAATTsuse.com- add parallel-build-dep.patch: Fix build dependencies * Mon Feb 09 2015 nico.kruberAATTgmail.com- fix a Buffer Overflow in INFO tags of RIFFVIDEO.CPP (fix-overflow-in-info-tags-r3264.patch) (CVE-2014-9449).
|
|
|