rpms/libjpeg/devel libjpeg-buf-oflo.patch, NONE, 1.1 libjpeg.spec, 1.20, 1.21
Tom Lane (tgl)
fedora-extras-commits at redhat.com
Tue Jun 26 02:52:10 UTC 2007
Author: tgl
Update of /cvs/pkgs/rpms/libjpeg/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10178
Modified Files:
libjpeg.spec
Added Files:
libjpeg-buf-oflo.patch
Log Message:
Catch up on libjpeg bugzilla backlog.
libjpeg-buf-oflo.patch:
--- NEW FILE libjpeg-buf-oflo.patch ---
Dike out a section of code that has no usefulness on Unix-like systems,
and will crash if fed a comment string exceeding 64K. Per report from
Lubomir Kundrak, RH bug #226965
diff -Naur jpeg-6b.orig/wrjpgcom.c jpeg-6b/wrjpgcom.c
--- jpeg-6b.orig/wrjpgcom.c 1997-10-23 00:47:03.000000000 -0400
+++ jpeg-6b/wrjpgcom.c 2007-06-25 22:26:42.000000000 -0400
@@ -446,6 +446,8 @@
} else if (keymatch(arg, "comment", 1)) {
if (++argn >= argc) usage();
comment_arg = argv[argn];
+#if 0
+#error "There is a buffer overflow in the code below"
/* If the comment text starts with '"', then we are probably running
* under MS-DOG and must parse out the quoted string ourselves. Sigh.
*/
@@ -466,6 +468,7 @@
strcat(comment_arg, argv[argn]);
}
}
+#endif
comment_length = (unsigned int) strlen(comment_arg);
} else
usage();
Index: libjpeg.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libjpeg/devel/libjpeg.spec,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- libjpeg.spec 27 Jul 2006 18:07:29 -0000 1.20
+++ libjpeg.spec 26 Jun 2007 02:51:34 -0000 1.21
@@ -1,23 +1,20 @@
-%define LIBVER 62.0.0
-Summary: A library for manipulating JPEG image format files.
+Summary: A library for manipulating JPEG image format files
Name: libjpeg
Version: 6b
-Release: 37
-License: distributable
+Release: 38%{?dist}
+License: BSD
Group: System Environment/Libraries
+URL: http://www.ijg.org/
+
Source0: ftp://ftp.uu.net/graphics/jpeg/jpegsrc.v6b.tar.bz2
Patch0: libjpeg-6b-arm.patch
Patch1: jpeg-c++.patch
Patch2: libjpeg-shared.patch
Patch3: libjpeg-rpath.patch
Patch4: libjpeg-cflags.patch
-URL: http://www.ijg.org/
-Buildroot: %{_tmppath}/%{name}-root
+Patch5: libjpeg-buf-oflo.patch
-%package devel
-Summary: Development tools for programs which will use the libjpeg library.
-Group: Development/Libraries
-Requires: libjpeg = %{version}
+Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root
%description
The libjpeg package contains a library of functions for manipulating
@@ -29,8 +26,13 @@
files. Rdjpgcom displays any text comments included in a JPEG file.
Wrjpgcom inserts text comments into a JPEG file.
+%package devel
+Summary: Development tools for programs which will use the libjpeg library
+Group: Development/Libraries
+Requires: libjpeg = %{version}-%{release}
+
%description devel
-The libjpeg-devel package includes the header files and static libraries
+The libjpeg-devel package includes the header files and documentation
necessary for developing programs which will manipulate JPEG files using
the libjpeg library.
@@ -38,18 +40,32 @@
you should install libjpeg-devel. You'll also need to have the libjpeg
package installed.
+%package static
+Summary: Static JPEG image format file library
+Group: Development/Libraries
+Requires: libjpeg-devel = %{version}-%{release}
+
+%description static
+The libjpeg-static package contains the statically linkable version of libjpeg.
+Linking to static libraries is discouraged for most applications, but it is
+necessary for some boot packages.
+
%prep
%setup -q -n jpeg-6b
+
%patch0 -p1 -b .arm
%patch1 -p1 -b .c++
%patch2 -p1 -b .ppcshared
-%patch3 -p1 -b .cflags
+%patch3 -p1 -b .rpath
+%patch4 -p1 -b .cflags
+%patch5 -p1 -b .oflo
%build
%configure --enable-shared --enable-static
make libdir=%{_libdir} %{?_smp_mflags}
-LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD make test
+
+LD_LIBRARY_PATH=$PWD:$LD_LIBRARY_PATH make test
%install
rm -rf $RPM_BUILD_ROOT
@@ -59,21 +75,17 @@
mkdir -p $RPM_BUILD_ROOT%{_mandir}/man1
%makeinstall
+
# Work around the broken makefiles...
mv $RPM_BUILD_ROOT%{_mandir}/*.1 $RPM_BUILD_ROOT%{_mandir}/man1
-/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_libdir}
-
+# We don't ship .la files.
rm $RPM_BUILD_ROOT%{_libdir}/*.la
-rm $RPM_BUILD_ROOT%{_libdir}/*.a
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
-%clean
-rm -rf $RPM_BUILD_ROOT
-
%files
%defattr(-,root,root)
%doc usage.doc README
@@ -87,7 +99,26 @@
%{_libdir}/*.so
/usr/include/*.h
+%files static
+%defattr(-,root,root)
+%{_libdir}/*.a
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
%changelog
+* Mon Jun 25 2007 Tom Lane <tgl at redhat.com> - 6b-38
+- Initial review of package by new (old?) maintainer; marginal specfile cleanup
+- Restore libjpeg.a to distribution, in a separate -static subpackage
+Resolves: #186060, #215537
+- Fix non-security-significant buffer overrun in wrjpgcom, per Lubomir Kundrak
+Resolves: #226965
+- Apply patch4 that was added by previous maintainer, but never applied
+Resolves: #244778
+Related: #238936
+- Fix inter-RPM dependencies to include release
+Resolves: #238780
+
* Thu Jul 27 2006 Matthias Clasen <mclasen at redhat.com> - 6b-37
- Use CFLAGS consistently
@@ -190,7 +221,7 @@
* Wed May 5 2000 Bill Nottingham <notting at redhat.com>
- configure tweaks for ia64; remove alpha patch (it's pointless)
-* Sat Feb 5 2000 Bernhard Rosenkränzer <bero at redhat.com>
+* Sat Feb 5 2000 Bernhard Rosenkraenzer <bero at redhat.com>
- rebuild to get compressed man pages
- fix description
- some minor tweaks to the spec file
More information about the scm-commits
mailing list