Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package jasper for openSUSE:Factory checked in at 2022-09-17 20:10:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/jasper (Old) and /work/SRC/openSUSE:Factory/.jasper.new.2083 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "jasper" Sat Sep 17 20:10:12 2022 rev:21 rq:1004089 version:3.0.6 Changes: -------- --- /work/SRC/openSUSE:Factory/jasper/jasper.changes 2022-07-18 18:32:55.329670846 +0200 +++ /work/SRC/openSUSE:Factory/.jasper.new.2083/jasper.changes 2022-09-17 20:10:16.445145460 +0200 @@ -1,0 +2,7 @@ +Fri Sep 16 11:34:42 UTC 2022 - Michael Vetter <mvet...@suse.com> + +- security update: + * CVE-2022-2963 [bsc#1202642] + + jasper-CVE-2022-2963.patch + +------------------------------------------------------------------- New: ---- jasper-CVE-2022-2963.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ jasper.spec ++++++ --- /var/tmp/diff_new_pack.K6Y7JQ/_old 2022-09-17 20:10:16.957146937 +0200 +++ /var/tmp/diff_new_pack.K6Y7JQ/_new 2022-09-17 20:10:16.961146949 +0200 @@ -28,6 +28,7 @@ URL: https://jasper-software.github.io/jasper Source: https://github.com/jasper-software/jasper/archive/version-%{version}.tar.gz Source1: baselibs.conf +Patch0: jasper-CVE-2022-2963.patch BuildRequires: Mesa-libGL-devel BuildRequires: cmake BuildRequires: doxygen @@ -66,6 +67,7 @@ %prep %setup -q -n %{name}-version-%{version} +%patch0 -p1 %build export CFLAGS="%{optflags} -Wall -std=c99 -D_BSD_SOURCE" ++++++ jasper-CVE-2022-2963.patch ++++++ Index: jasper-version-3.0.6/src/app/jasper.c =================================================================== --- jasper-version-3.0.6.orig/src/app/jasper.c +++ jasper-version-3.0.6/src/app/jasper.c @@ -523,6 +523,7 @@ cmdopts_t *cmdopts_parse(int argc, char cmdopts->enable_all_formats = 1; break; default: + cmdopts_destroy(cmdopts); badusage(); break; } @@ -541,6 +542,7 @@ cmdopts_t *cmdopts_parse(int argc, char if (!cmdopts->outfmt_str && !cmdopts->outfile) { fprintf(stderr, "error: cannot determine output format\n"); + cmdopts_destroy(cmdopts); badusage(); }
