SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libopenjpeg1-32bit-1.5.2-150000.4.7.1.x86_64.rpm :

* Fri Apr 01 2022 hpjAATTsuse.com- Add security fixes: openjpeg-CVE-2018-14423.patch (CVE-2018-14423, bsc#1102016), openjpeg-CVE-2018-16376.patch (CVE-2018-16376, bsc#1106881), openjpeg-CVE-2020-8112.patch (CVE-2020-8112, bsc#1162090), openjpeg-CVE-2020-15389.patch (CVE-2020-15389, bsc#1173578), openjpeg-CVE-2020-27823.patch (CVE-2020-27823, bsc#1180457), openjpeg-CVE-2021-29338.patch (CVE-2021-29338, bsc#1184774).
* Wed Sep 20 2017 tchvatalAATTsuse.com- Convert to pkgconfig- Remove fedora conditionals as nothing in opensuse actually builds against it- Add patch to fix ffast-math issue bsc#1029609 bsc#1059440:
* openjpeg-fast-math.patch
* Fri Feb 03 2017 asterios.dramisAATTgmail.com- Add openjpeg-bsc999817-cve2016-7445-null-deref.patch to fix null pointer dereference in convert.c (bsc#999817, CVE-2016-7445).
* Mon Mar 02 2015 mpluskalAATTsuse.com- Use cmake macros for building- Small spec file cleanups, use pkgconfig style dependencies
* Fri Aug 08 2014 asterios.dramisAATTgmail.com- Update to version 1.5.2: Security:
* Fixes: CVE-2013-4289 CVE-2013-4290
* Fixes: CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 CVE-2013-6054 CVE-2013-6053 CVE-2013-6887 New Features:
* Compile Java with source/target specific java version
* Do not set SONAME for Java module, fix linking (missing math lib)
* Support some BMP/RGB8 files
* Fix compilation on ARM Misc:
* Remove BSD-4 license from getopt copy, since upstream switched to BSD-3
* Support compilation against system installed getopt
* Fix Big Endian checking (autotools)
* Huge amount of bug fixes. See CHANGES for details.- Removed the following patches (fixed upstream):
* openjpeg-1.5-r2029.patch
* openjpeg-1.5-r2032.patch
* openjpeg-1.5-r2033.patch
* openjpeg-1.5.1-cve-2013-6045-1.patch
* openjpeg-1.5.1-cve-2013-6045-2.patch
* CVE-2013-6052.patch
* CVE-2013-6053.patch
* CVE-2013-1447.patch
* CVE-2013-6887.patch
* Wed Feb 12 2014 asterios.dramisAATTgmail.com- Added the following security patches (based also on Redhat/Fedora patches):
* openjpeg-1.5-r2029.patch From upstream. Fix issue 155, jp2_read_boxhdr() can trigger random pointer memory access
* openjpeg-1.5-r2032.patch From upstream. Fix issue 169, division by zero in j2k_read_siz
* openjpeg-1.5-r2033.patch From upstream. Fix issue 166, missing range check in j2k_read_coc et al
* CVE-2013-1447.patch Fix multiple denial of service flaws, CVE-2013-1447, bnc#853834
* CVE-2013-6052.patch Fix heap OOB reads, information leaks, CVE-2013-6052, bnc#853644
* CVE-2013-6053.patch Fix heap OOB reads, information leaks, CVE-2013-6053, bnc#853644
* CVE-2013-6887.patch Fix multiple denial of service flaws, CVE-2013-6887, bnc#853644- Removed part of openjpeg-1.5.1-cve-2013-6045-1.patch that is already upstream, included in openjpeg-1.5-r2033.patch (slightly modified).
* Fri Jan 10 2014 vpereiraAATTnovell.com- Security:
* Patches openjpeg-1.5.1-cve-2013-6045-1.patch and openjpeg-1.5.1-cve-2013-6045-2.patch fix heap overflow described in CVE-2013-6045, bnc#853838.
* Mon Nov 19 2012 sleep_walkerAATTsuse.cz- do fdupes only for SUSE distributions
* Mon Oct 15 2012 asterios.dramisAATTgmail.com- Update to version 1.5.1: Security:
* Fixes: CVE-2012-3535
* Fixes: CVE-2012-3358 New Features:
* Use a new API scheme and solve the SOVERSIONing in OpenJPEG
* Allow better integration with multi-arch system
* Compile & Install Java bindings (CMake)
* Install required addXMLinJP2 (JPIP) Misc:
* Fix linker error by resolving all symbols (eg. missing -lm)
* Fix some man page typos
* Huge amount of bug fixes. See CHANGES for details.- Removed the following patches (fixed upstream):
* heap_buffer_overflow_fix.patch
* heap_buffer_overflow_2_fix.patch
* heap_corruption_fix.patch
* openjpeg-1.5.0-cmake_Config.patch
* openjpeg-1.5.0-cmake_libdir.patch
* openjpeg-1.5.0-pkgconfig_includedir.patch- Replaced openjpeg-1.5.0-cmake_header_symlink.patch with a fix inside the spec file.- Removed symlink from %{_includedir}/openjpeg-1.5 to %{_includedir}/openjpeg (not needed).- Added the following patches (taken from Fedora):
* openjpeg-1.5.1-cmake_libdir.patch Fix libopenjpeg.pc symlink
* openjpeg-1.5.1-soname.patch Revert soname bump compared to 1.5.0 release
* Mon Sep 17 2012 sleep_walkerAATTsuse.cz- fix fedora build
 
ICM