SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for openjpeg-devel-1.5.2-2.1.x86_64.rpm :

* Wed Sep 21 2016 hpjAATTsuse.com- Add openjpeg-bsc999817-cve2016-7445-null-deref.patch (bsc#999817, CVE-2016-7445).
* Mon Mar 02 2015 mpluskalAATTsuse.com- Use cmake macros for building- Small spec file cleanups, use pkgconfig style dependencies
* Sat Aug 09 2014 asterios.dramisAATTgmail.com- Update to version 1.5.2: Security:
* Fixes: CVE-2013-4289 CVE-2013-4290
* Fixes: CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 CVE-2013-6054 CVE-2013-6053 CVE-2013-6887 New Features:
* Compile Java with source/target specific java version
* Do not set SONAME for Java module, fix linking (missing math lib)
* Support some BMP/RGB8 files
* Fix compilation on ARM Misc:
* Remove BSD-4 license from getopt copy, since upstream switched to BSD-3
* Support compilation against system installed getopt
* Fix Big Endian checking (autotools)
* Huge amount of bug fixes. See CHANGES for details.- Removed the following patches (fixed upstream):
* openjpeg-1.5-r2029.patch
* openjpeg-1.5-r2032.patch
* openjpeg-1.5-r2033.patch
* openjpeg-1.5.1-cve-2013-6045-1.patch
* openjpeg-1.5.1-cve-2013-6045-2.patch
* CVE-2013-6052.patch
* CVE-2013-6053.patch
* CVE-2013-1447.patch
* CVE-2013-6887.patch
* Wed Feb 12 2014 asterios.dramisAATTgmail.com- Added the following security patches (based also on Redhat/Fedora patches):
* openjpeg-1.5-r2029.patch From upstream. Fix issue 155, jp2_read_boxhdr() can trigger random pointer memory access
* openjpeg-1.5-r2032.patch From upstream. Fix issue 169, division by zero in j2k_read_siz
* openjpeg-1.5-r2033.patch From upstream. Fix issue 166, missing range check in j2k_read_coc et al
* CVE-2013-1447.patch Fix multiple denial of service flaws, CVE-2013-1447, bnc#853834
* CVE-2013-6052.patch Fix heap OOB reads, information leaks, CVE-2013-6052, bnc#853644
* CVE-2013-6053.patch Fix heap OOB reads, information leaks, CVE-2013-6053, bnc#853644
* CVE-2013-6887.patch Fix multiple denial of service flaws, CVE-2013-6887, bnc#853644- Removed part of openjpeg-1.5.1-cve-2013-6045-1.patch that is already upstream, included in openjpeg-1.5-r2033.patch (slightly modified).
* Fri Jan 10 2014 vpereiraAATTnovell.com- Security:
* Patches openjpeg-1.5.1-cve-2013-6045-1.patch and openjpeg-1.5.1-cve-2013-6045-2.patch fix heap overflow described in CVE-2013-6045, bnc#853838.
* Tue Nov 20 2012 sleep_walkerAATTsuse.cz- do fdupes only for SUSE distributions
* Mon Oct 15 2012 asterios.dramisAATTgmail.com- Update to version 1.5.1: Security:
* Fixes: CVE-2012-3535
* Fixes: CVE-2012-3358 New Features:
* Use a new API scheme and solve the SOVERSIONing in OpenJPEG
* Allow better integration with multi-arch system
* Compile & Install Java bindings (CMake)
* Install required addXMLinJP2 (JPIP) Misc:
* Fix linker error by resolving all symbols (eg. missing -lm)
* Fix some man page typos
* Huge amount of bug fixes. See CHANGES for details.- Removed the following patches (fixed upstream):
* heap_buffer_overflow_fix.patch
* heap_buffer_overflow_2_fix.patch
* heap_corruption_fix.patch
* openjpeg-1.5.0-cmake_Config.patch
* openjpeg-1.5.0-cmake_libdir.patch
* openjpeg-1.5.0-pkgconfig_includedir.patch- Replaced openjpeg-1.5.0-cmake_header_symlink.patch with a fix inside the spec file.- Removed symlink from %{_includedir}/openjpeg-1.5 to %{_includedir}/openjpeg (not needed).- Added the following patches (taken from Fedora):
* openjpeg-1.5.1-cmake_libdir.patch Fix libopenjpeg.pc symlink
* openjpeg-1.5.1-soname.patch Revert soname bump compared to 1.5.0 release
* Mon Sep 17 2012 sleep_walkerAATTsuse.cz- fix fedora build
* Tue Sep 11 2012 asterios.dramisAATTgmail.com- Added a patch (heap_buffer_overflow_2_fix.patch) to fix heap-based buffer overflow when processing JPEG2000 images - (CVE-2012-3535), (bnc#777445).
* Tue Jul 17 2012 idonmezAATTsuse.com- Add baselibs.conf
* Wed Jul 11 2012 asterios.dramisAATTgmail.com- Added a patch (heap_buffer_overflow_fix.patch) to fix heap-based buffer overflow when processing JPEG2000 images - (CVE-2012-3358), (bnc#770649).
* Thu Jun 28 2012 asterios.dramisAATTgmail.com- Added a patch (heap_corruption_fix.patch) to fix heap corruption when processing certain Gray16 TIFF images - (CVE-2009-5030), (bnc#757260).
* Mon Feb 27 2012 asterios.dramisAATTgmail.com- Update to version 1.5.0: New Features:
* openjpip: + complete client-server architecture for remote browsing of jpeg 2000 images. + see corresponding README for more details. API modifications:
* \'bool\' type has been replaced by \'opj_bool\' type. \'stdbool.h\' is no more required. Misc:
* improved cmake and autotools build methods.
* removed manual makefiles, VS project files and XCode project files.
* added a \'thirdparty\' directory to contain all dependencies. + These libraries will be build only if there are not found on the system. + Note that libopenjpeg itself does not have any dependency.
* changed the directory hierarchy of the whole project. See README files for details.
* tests : a complete test suite has been setup. + both JPEG 2000 conformance tests and non-regressions tests are configured. + results are submitted to the OpenJPEG dashboard (http://my.cdash.org/index.php?project=OPENJPEG) + images are located in \'http://openjpeg.googlecode.com/svn/data\' folder. + configuration files and utilities are located in \'tests\' folder.
* OPJViewer re-activated (need wxWidgets)
* Huge amount of bug fixes. See CHANGES for details.- Removed the following patches (fixed upstream):
* fix_no_undefined.patch
* fix_soversion.patch
* install_pkgconfig_file.patch- Replaced openjpeg-1.4-OpenJPEGConfig.patch with openjpeg-1.5.0-cmake_Config.patch (taken from Fedora)- Replaced openjpeg-1.4-cmake_symlink_fix.patch with openjpeg-1.5.0-cmake_header_symlink.patch (taken from Fedora)- Added 2 patches (taken from Fedora):
* openjpeg-1.5.0-cmake_libdir.patch -- Fix installation directories
* openjpeg-1.5.0-pkgconfig_includedir.patch -- Fix includedir in pkgconfig file- Spec file updates:
* Added doxygen in BuildRequires: to enable compilation of devel docs.
* Updated BuildRequires: to include also liblcms2-devel and zlib-devel.
* Fixed rpmlint warning \"file-contains-date-and-time\"- No need to remove the JavaOpenJPEG/ directory from the package source anymore (the Sun proprietary code was removed from the package).
* Tue Dec 06 2011 cfarrellAATTsuse.com- license update: BSD-2-Clause SPDX format
* Fri Dec 02 2011 asterios.dramisAATTgmail.com- Removed the JavaOpenJPEG/ directory from the package source (fix for bnc#733009 - openjpg contains Sun proprietary code).
* Thu Oct 13 2011 asterios.dramisAATTgmail.com- Initial release (version 1.4).- Added 5 patches (taken from upstream and Fedora):
* openjpeg-1.4-OpenJPEGConfig.patch -- Fix OpenJPEGConfig.cmake
* openjpeg-1.4-cmake_symlink_fix.patch -- Fix cmake create_symlink usage for header file
* fix_no_undefined.patch -- Fix libopenjpeg undefined references
* fix_soversion.patch -- Fix so version to 1 instead of 1.4
* install_pkgconfig_file.patch -- Fix cmake to install pkgconfig file(s)
  
ICM