jlec 14/12/05 08:05:52
Added: jasper-1.701.0-GL.patch jasper-CVE-2014-9029.patch
jasper-1.701.0-GL-ac.patch jasper-pkgconfig.patch
Log:
media-libs/jasper: Import security fix from fedora for CVE-2014-9029, #531688
(Portage version: 2.2.15/cvs/Linux x86_64, signed Manifest commit with key
B9D4F231BD1558AB!)
Revision Changes Path
1.1 media-libs/jasper/files/jasper-1.701.0-GL.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/jasper/files/jasper-1.701.0-GL.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/jasper/files/jasper-1.701.0-GL.patch?rev=1.1&content-type=text/plain
Index: jasper-1.701.0-GL.patch
===================================================================
--- jasper-1.701.0.GEO/configure.GL 2006-02-20 20:01:30.000000000 -0600
+++ jasper-1.701.0.GEO/configure 2006-02-24 07:40:46.000000000 -0600
@@ -9464,7 +9464,7 @@
OPENGL_LIBS=""
if test $ENABLE_OPENGL = yes; then
if test $HAVE_OPENGL = no; then
- TMPLIBS="-lglut -lGL -lGLU $X_PRE_LIBS -lX11 -lXmu -lXi -lXext
-lXt $X_EXTRA_LIBS $X_LIBS"
+ TMPLIBS="-lglut -lGL -lGLU"
echo "$as_me:$LINENO: checking for glutInit in -lglut" >&5
echo $ECHO_N "checking for glutInit in -lglut... $ECHO_C" >&6
if test "${ac_cv_lib_glut_glutInit+set}" = set; then
1.1 media-libs/jasper/files/jasper-CVE-2014-9029.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/jasper/files/jasper-CVE-2014-9029.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/jasper/files/jasper-CVE-2014-9029.patch?rev=1.1&content-type=text/plain
Index: jasper-CVE-2014-9029.patch
===================================================================
--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c 2014-11-27
12:45:44.000000000 +0100
+++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2014-11-27 12:44:58.000000000
+0100
@@ -1281,7 +1281,7 @@ static int jpc_dec_process_coc(jpc_dec_t
jpc_coc_t *coc = &ms->parms.coc;
jpc_dec_tile_t *tile;
- if (JAS_CAST(int, coc->compno) > dec->numcomps) {
+ if (JAS_CAST(int, coc->compno) >= dec->numcomps) {
jas_eprintf("invalid component number in COC marker segment\n");
return -1;
}
@@ -1307,7 +1307,7 @@ static int jpc_dec_process_rgn(jpc_dec_t
jpc_rgn_t *rgn = &ms->parms.rgn;
jpc_dec_tile_t *tile;
- if (JAS_CAST(int, rgn->compno) > dec->numcomps) {
+ if (JAS_CAST(int, rgn->compno) >= dec->numcomps) {
jas_eprintf("invalid component number in RGN marker segment\n");
return -1;
}
@@ -1356,7 +1356,7 @@ static int jpc_dec_process_qcc(jpc_dec_t
jpc_qcc_t *qcc = &ms->parms.qcc;
jpc_dec_tile_t *tile;
- if (JAS_CAST(int, qcc->compno) > dec->numcomps) {
+ if (JAS_CAST(int, qcc->compno) >= dec->numcomps) {
jas_eprintf("invalid component number in QCC marker segment\n");
return -1;
}
1.1 media-libs/jasper/files/jasper-1.701.0-GL-ac.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/jasper/files/jasper-1.701.0-GL-ac.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/jasper/files/jasper-1.701.0-GL-ac.patch?rev=1.1&content-type=text/plain
Index: jasper-1.701.0-GL-ac.patch
===================================================================
--- jasper-1.701.0.GEO/configure.ac.GL 2006-02-20 19:58:02.000000000 -0600
+++ jasper-1.701.0.GEO/configure.ac 2006-02-24 07:40:38.000000000 -0600
@@ -242,7 +242,7 @@
OPENGL_LIBS=""
if test $ENABLE_OPENGL = yes; then
if test $HAVE_OPENGL = no; then
- TMPLIBS="-lglut -lGL -lGLU $X_PRE_LIBS -lX11 -lXmu -lXi -lXext
-lXt $X_EXTRA_LIBS $X_LIBS"
+ TMPLIBS="-lglut -lGL -lGLU"
AC_CHECK_LIB(glut, glutInit, [HAVE_OPENGL=yes;
OPENGL_LIBS=$TMPLIBS], HAVE_OPENGL=no, $TMPLIBS)
fi
1.1 media-libs/jasper/files/jasper-pkgconfig.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/jasper/files/jasper-pkgconfig.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/jasper/files/jasper-pkgconfig.patch?rev=1.1&content-type=text/plain
Index: jasper-pkgconfig.patch
===================================================================
diff -Naur jasper-1.900.1/configure.ac jasper-1.900.1.new/configure.ac
--- jasper-1.900.1/configure.ac 2007-01-19 21:47:11.000000000 +0000
+++ jasper-1.900.1.new/configure.ac 2009-10-29 13:37:02.000000000 +0000
@@ -399,6 +399,8 @@
src/libjasper/pnm/Makefile
src/libjasper/ras/Makefile
src/msvc/Makefile
+pkgconfig/Makefile
+pkgconfig/jasper.pc
jasper.spec
])
AC_OUTPUT
diff -Naur jasper-1.900.1/Makefile.am jasper-1.900.1.new/Makefile.am
--- jasper-1.900.1/Makefile.am 2007-01-19 21:43:14.000000000 +0000
+++ jasper-1.900.1.new/Makefile.am 2009-10-29 13:36:28.000000000 +0000
@@ -64,7 +64,7 @@
# Note: We need to put the derived file "jasper.spec" in the distribution
# in order to facilitate RPM building.
-SUBDIRS = src
+SUBDIRS = src pkgconfig
rpm: dist
for i in BUILD RPMS SRPMS SOURCES SPECS; do \
diff -Naur jasper-1.900.1/pkgconfig/jasper.pc.in
jasper-1.900.1.new/pkgconfig/jasper.pc.in
--- jasper-1.900.1/pkgconfig/jasper.pc.in 1970-01-01 01:00:00.000000000
+0100
+++ jasper-1.900.1.new/pkgconfig/jasper.pc.in 2009-10-29 16:30:43.000000000
+0000
@@ -0,0 +1,11 @@
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: Jasper
+Description: JPEG 2000 encoding and decoding library
+Version: @VERSION@
+
+Libs: -L${libdir} -ljasper
+Cflags: -I${includedir}/jasper
diff -Naur jasper-1.900.1/pkgconfig/Makefile.am
jasper-1.900.1.new/pkgconfig/Makefile.am
--- jasper-1.900.1/pkgconfig/Makefile.am 1970-01-01 01:00:00.000000000
+0100
+++ jasper-1.900.1.new/pkgconfig/Makefile.am 2009-10-29 13:38:59.000000000
+0000
@@ -0,0 +1,5 @@
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = jasper.pc
+
+EXTRA_DIST = \
+ jasper.pc.in
