SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for exiv2-lang-0.28.3-lp156.196.1.noarch.rpm :

* Mon Jul 08 2024 Dirk Müller - update to 0.28.3 (bsc#1227528, CVE-2024-39695):
* Release Notes: + https://github.com/Exiv2/exiv2/issues/3008 + https://github.com/Exiv2/exiv2/milestone/14?closed=1
* This release also fixes a low-severity security issue in asfvideo.cpp: out-of-bounds read in AsfVideo::streamProperties.
* Mon Jul 08 2024 Dirk Müller - use --parallel as single-dash parameters are eaten by ctest\'s rpm macro
* Wed Mar 06 2024 Bernhard Wiedemann - Fix build with --nochecks
* Wed Feb 28 2024 Dirk Müller - update to 0.28.2 (bsc#1219870, CVE-2024-24826, bsc#1219871, CVE-2024-25112):
* CVE-2024-24826: out-of-bounds read in QuickTimeVideo::NikonTagsDecoder.
* CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder.
* Tue Nov 07 2023 Dirk Müller - update to 0.28.1 (bsc#1216923, CVE-2023-44398):
* Release Notes: https://github.com/Exiv2/exiv2/issues/2813- drop exiv2-metadata-null-checks.patch (upstream)
* Fri Jul 07 2023 Konstantin Voinov - add exiv2-metadata-null-checks.patch fixes gwenview crashes and other apps https://github.com/Exiv2/exiv2/issues/2638
* Fri Jun 30 2023 Dirk Müller - add a x86-64-v3 build, remove 32bit build (not used)
* Wed Jun 21 2023 Michal Kubecek - drop old C++ standard hack (patched line dropped in 0.28)- use g++-11 for Leap 15 builds (fix for failed std::filesystem check)
* Mon Jun 19 2023 Dirk Müller - update to 0.28.0: - long list of improvements and security fixes, see https://github.com/Exiv2/exiv2/issues/2406#issuecomment-1529139799- drop always-use-signed-char-for-conversion.patch (code no longer exists)- drop CVE-2022-3953.patch (merged upstream)- drop xml-static subpackage, cannot be built from shared builds anymore and appears to be unused
* Tue Jan 24 2023 Dirk Müller - add always-use-signed-char-for-conversion.patch for test suite fixes on non-x86_64
* Tue Jan 24 2023 Guillaume GARDET - Disable bugfixes.github.test_CVE_2018_12265.AdditionOverflowInLoaderExifJpeg as it is broken on some archs See: https://github.com/Exiv2/exiv2/issues/933
* Sat Jan 21 2023 Dirk Müller - update to 0.27.6:
* Add Nikon3.WhiteBalanceBias2
* Add Nikon LensData v0802
* Add some F mount lenses
* Initial support for OM System MakerNote
* Add Sony ARW compression to dict
* Exif start can be at any byte in payload, not word aligned
* Fix exception type when writing BMFF file
* Add more MIME type mappings for TIFF-based raws
* Fix naming of canon EF 35-80mm
* Replace assert with enforce
* PNG: always strip the existing iCCP chunk
* Account for header bytes for Exif and XMP boxes
* Fix Integer overflow in Photoshop::setIptcIrb
* Fix Integer-overflow in sumToLong
* Fix out of bounds read in isValidBoxFileType()
* Fix in Jp2 metadata writing & improvements in reading
* Strip XMP raw packet before decoding
* Add tiff tags
* Add more DNG 1.6 tags
* Fix bug in iterating over the elements of dateStrings
* Use memmove in TiffEncoder::updateDirEntry
* Treat Exif.Sony1.PreviewImage as undefined tag
* Wed Jan 04 2023 Dirk Müller - switch to ctest for running the testsuite
* Mon Dec 12 2022 Dirk Müller - switch to pkgconfig(zlib) so that alternative providers can be used- require zlib from devel package
* Mon Nov 14 2022 Dirk Müller - spec-cleaner run- add CVE-2022-3953.patch (CVE-2022-3953, bsc#1205391)
* Wed Sep 28 2022 Dirk Müller - add tracker for SLE (jsc#PED-1393)
* Sat Nov 13 2021 Dirk Müller - update to 0.27.5 (bsc#1189332, CVE-2021-37620, bsc#1189333, CVE-2021-37621, bsc#1189334, CVE-2021-37622, bsc#1189338, CVE-2021-34334, bsc#1189335, CVE-2021-37623, bsc#1189337, CVE-2021-32815, bsc#1189340, CVE-2021-34335, bsc#1189341, CVE-2021-37615, bsc#1185003, CVE-2021-29458):
* BMFF bug fixes including CR3 previews
* Security fixes
* libFuzzer target
* Exiv2 monitored by oss-fuzz
* Minor bugs and fixes
* Fri Jun 18 2021 Marcus Rueckert - enable bmff format- disable docs for now: - graphviz was failing for a long time when trying to render the pngs as graphviz-gd was missing - even after adding this it still fails with missing fonts
* Fri Jun 18 2021 Marcus Rueckert - Update to 0.27.4 (bsc#1186053, CVE-2021-29623, bsc#1185447, CVE-2021-29470, bsc#1185002, CVE-2021-29457, bsc#1188733, CVE-2021-31291, bsc#1186192, CVE-2021-32617, bsc#1185913, CVE-2021-29463): - Support for bmff files (HEIC, HEIF, AVIF, CR3, JXL/bmff) - Bash test scripts rewritten in python - DNG 1.6 and Exif 2.32 support - Bug and Security fixes - Updated build and test environments - Localisation support on Crowdin - Revised documentation - Other improvements- drop 1271.patch: included in update
* Wed May 12 2021 Dominique Leuenberger - Add 1271.patch: Fix build using GCC 11 (boo#1185218).- Drop the sed hack to remove -fcf-protection: this is properly solved with the above patch.
* Wed May 12 2021 Ludwig Nussel - -fcf-protection doesn\'t work on i586 with gcc11 either (boo#1185218)
* Thu Aug 20 2020 Guillaume GARDET - Fix build on non-x86 by dropping -fcf-protection flag on non-x86 architectures
* Sun Aug 16 2020 Dirk Mueller - Update to 0.27.3:
* Bug and security fixes
* UNIX suppport
* Support for building with C++11 and C++14
* Revised build and test environments
* Revised documentation
* Improved charset handling in UserComment
* Other improvements
* Fri Apr 17 2020 Stefan Brüns - Use C++11 for building instead of C++98. Googletest 1.10 is no longer compatible with C++98. For details, see https://github.com/Exiv2/exiv2/issues/1163
* Fri Aug 02 2019 Martin Liška - Use FAT LTO objects in order to provide proper static library.
* Mon Jul 29 2019 Andreas Schneider - Update to 0.27.2 (bsc#1188645, CVE-2020-19716, bsc#1214582, CVE-2020-18831)
* Bug and security fixes
* Support for Nikon/AutoFocus and Sony/FocusPosition Metadata
* Documentation and man page revisions
* Updated Catalan Localisation
* Using mergify to sync select PRs between 0.27-maintenance and 0.28
* Monitoring API changes for v0.27 dot releases
* Prelinary Dutch Localisation
* Prelinary Support for Unix (FreeBSD and NetBSD)
* Better Build Bundle Dependency handling
* Wed Jul 03 2019 Dan Čermák - Update exiv2-build-date.patch to new source tarball- Enable testsuite run in %check on x86_64 for Leap >= 15.0, SLE >= 15 and Tumbleweed- Use libcurl for HTTP- Enable webready (webp image support)- Add licenses to %license & add BSD 3 clause license (used for some CMake scripts)
* Thu Jun 06 2019 Dirk Stoecker - update to 0.27.1 (CVE-2019-13108, bsc#1142675)
* Bug and security fixes.
* Deprecation warnings for Video, EPS and SSH support.
* Branch 0.27-maintenance for \"dots\" to avoid confusion with tag 0.27 (== 0.27.0 code).
* Support for Visual Studio 2019 using Conan and CMake- Update patch exiv2-build-date.patch- Drop exiv2-cmake-installdir.patch (included upstream)- Drop exiv2-rename-libxmp.patch (included upstream)- Drop exiv2-install-headers.patch (included upstream)- Drop exiv2-BanAllEntityUsage.patch (included upstream)
* Thu Jan 10 2019 Andreas Schneider - Create libexiv2-xmp-static subpackage
* Tue Jan 08 2019 Andreas Schneider - Updated exiv2-build-date.patch- Added exiv2-cmake-installdir.patch (exiv2 bug #623)- Added exiv2-rename-libxmp.patch (exiv2 bug #624)
* This should prevent possible issues with libxmp project- Added exiv2-install-headers.patch (exiv2 bug #627)- Added exiv2-BanAllEntityUsage.patch
* This prevents a denial of service attack related to XML entity expansion
* Thu Jan 03 2019 Wolfgang Bauer - Add libxmp.a to the devel package instead of deleting it, it\'s needed by the new exiv2Config.cmake that\'s installed now- Add libexpat-devel requirement to the devel package, also needed by exiv2Config.cmake
* Fri Dec 28 2018 Stefan Brüns - update to final 0.27.0 release
* Thu Nov 22 2018 Dirk Mueller - update to official RC2 tarball release: which obsoletes the following patches in previous dists as backports that have always been upstream:
* obsoletes 0001-PSD-Use-Safe-add-for-preventing-overflows-in-PSD-fil.patch
* obsoletes 0002-PSD-enforce-Length-of-image-resource-section-file-si.patch (CVE-2018-19108, bsc#1115364)
* obsoletes 0001-Fix-561.-Use-proper-counter-for-the-idx-variable.patch (CVE-2018-19607, bsc#1117513)
* obsoletes 0001-Avoid-null-pointer-exception-due-to-NULL-return-valu.patch (bsc#1142684, CVE-2019-13114)
* obsoletes 0001-IptcData-printStructure-Remove-buffer-overrun.patch (bsc#1088424, CVE-2018-9305)
* obsoletes 0001-Fix-SEGV-in-DataValue-Copy.patch (bsc#1109299, CVE-2018-17282)
* Fri Nov 16 2018 Dirk Mueller - update to current 0.27-RC2 git state to fix SONAME change issues- drop exiv2-0.27-rc2-branch.patch: built git tarball instead.
* Tue Oct 30 2018 Dirk Mueller - update to 0.27-RC1 (bsc#1080734, CVE-2017-17725):
* Security Fixes.
* New build and test infrastructure.
* Many bug fixes.
* Support for MinGW/msys2.
* Buildserver rewritten.
* Support for Adobe XMPsdk- drop exiv2-update-to-0.26-branch.patch, parallel-build-dep.patch: obsolete- add exiv2-0.27-rc2-branch.patch: add fixes staged for RC2
* Tue Oct 16 2018 Dirk Mueller - update to latest 0.26 branch:
* Fixes CVE-2018-12264, CVE-2018-12265 (bsc#1097599)
* Fixes CVE-2017-9239 (bsc#1040973): null pointer dereference in doWriteImage
* Fixes CVE-2018-17229 (bsc#1109175): (Heap buffer overflow in Exiv2::d2Data)
* Fixes CVE-2018-17230 (bsc#1109176): (heap-based buffer overflow in Exiv2::ul2Data)
* Fixes CVE-2017-1000126 (Stack out of bounds read in webp parser) (bsc#1068873)
* Fri Jun 29 2018 tchvatalAATTsuse.com- Fix build on python3 only system by making sure we use python3 when building
* Wed May 30 2018 dmuellerAATTsuse.com- update to latest 0.26 branch:
* obsoletes 0001-Use-more-GNUInstallDirs.patch d4e4288d839d0d9546a05986771f8738c382060c.patch gcc-version-check.patch 7f5b0778fa301b68c1c88e3820ec3afbd09dd0a5.patch fix-crash.patch
* adds exiv2-update-to-0.26-branch.patch
* Fixes CVE-2017-14864 (bsc#1060995),
* Fixes CVE-2017-1000128 (bsc#1068871) CVE-2017-14862 (bsc#1060996), CVE-2017-14859 (bsc#1061000) CVE-2017-14860 (bsc#1048883), CVE-2017-11337 (bsc#1048883), CVE-2017-11338 (bsc#1048883), CVE-2017-11339 (bsc#1048883), CVE-2017-11340 (bsc#1048883), CVE-2017-11553, CVE-2017-12955 (bsc#1054593), CVE-2017-12956, CVE-2017-12957, CVE-2017-11683, CVE-2017-11592, CVE-2017-11591 (bsc#1050257)
* Fri Nov 24 2017 cfeckAATTkde.org- split developer documentation into separate package
* Tue Oct 17 2017 dmuellerAATTsuse.com- add 0001-Use-more-GNUInstallDirs.patch (bsc#938600)- add d4e4288d839d0d9546a05986771f8738c382060c.patch ( CVE-2017-14864 bsc#1060995, CVE-2017-14862 bsc#1060996, CVE-2017-14859 bsc#1061000)
* Wed Aug 09 2017 wbauerAATTtmo.at- Add fix-crash.patch to prevent crashes in gwenview with certain images (boo#1051782)- Update source tarball to the fixed upstream re-release and remove the workaround in the spec file- Replace gcc-version-check.patch with the version committed upstream
* Tue Jul 04 2017 wbauerAATTtmo.at- Fix baselibs.conf
* Fri Jun 30 2017 wbauerAATTtmo.at- Update to version 0.26
* See http://www.exiv2.org/changelog.html- Add gcc-version-check.patch to fix build on Tumbleweed- Dropped the following upstreamed patches:
* exiv2-cmake-libsuffix.patch
* exiv2_r3889_r3890_fix_boo964344.diff
* Thu May 05 2016 suse-betaAATTcboltz.de- add exiv2_r3889_r3890_fix_boo964344.diff (taken from revisions linked in http://dev.exiv2.org/issues/1106) to fix crash in darktable (boo#964344)
* Wed Jul 15 2015 jengelhAATTinai.de- Adjust RPM groups- Put manpage in proper subpackage
* Tue Jun 23 2015 dmuellerAATTsuse.com- readd parallel-build-dep.patch
* Mon Jun 22 2015 tittiatcokeAATTgmail.com- Update to version 0.25
* exivsimple has array index errors when stripping quotes form trivial input strings
* Use SVN eol-style LF on all files
* Access violation on IptcData::operator[] when key is invalid
* PNG images with tiff tags throw exceptions
* Plasma kde crashes when specific jpeg is on the Desktop
* TIFF parser,Binary array elements should be decoded using the Makernote\'s endianness, not that of the image
* Coverity scan : Issue CID 981992 , 981993
* Wrong key name in output of addmodel sample
* Printing tags does not honor multi-byte label widths correctly
* Wrong ApertureValue written
* pyexiv2 fails on cifs shares on an Ubuntu client
* TIFF parser,Parse TIFF PageNumber
* Add new sample applications exifdata and exivvalue
* Add option -K Key (--key Key) to specify one or more keys to output
* \"exiv2 -eX\" followed by \"exiv2 -iX\" produces invalid XMP metadata packet
* Sony NEX Lens Information
* Handle Pentax makernotes in samsung-rebranded cameras
* Olympus XZ-1 FocusDistance incorrect
* Support Panasonic Makernote
* detection of Pentax DA 35/2.4 lens
* Canon EOS M EF-M lenses
* Lens matching on Canon
* Tamron 18-270 is not detected anymore
* Wrong aperture for Tamron 70-300?
* Recognize Samsung NX 10mm Fisheye
* Pentax/Sigma 24-70mm F2.8 IF EX DG HSM data
* See also http://www.exiv2.org/changelog.html- Dropped the following upstreamed patches:
* fix-overflow-in-info-tags-r3264.patch
* fix-video-timescale-handling.patch
* parallel-build-dep.patch
* fix-parallel-build.patch
* Thu Jun 18 2015 dimstarAATTopensuse.org- Switch to cmake build system: there are various code snips that use variables that are only defined in the cmake build system (e.g. src/utils.cpp uses EXV_HAVE_UNISTD_H to include unistd.h, which is not done with configure. With gcc5 this results now in a failure, as unistd.h is no longer implicit).- Add exiv2-cmake-libsuffix.patch: Install the library to lib64 on the respective archs.
* Sun May 24 2015 gernotAATThillier.de- add fix-video-timescale-handling.patch: Fix crash when scanning mp4 videos.
* Tue May 12 2015 dmuellerAATTsuse.com- add parallel-build-dep.patch: Fix build dependencies
* Mon Feb 09 2015 nico.kruberAATTgmail.com- fix a Buffer Overflow in INFO tags of RIFFVIDEO.CPP (fix-overflow-in-info-tags-r3264.patch) (CVE-2014-9449).
 
ICM