commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2018-01-13 21:48:34
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng"
Sat Jan 13 21:48:34 2018 rev:36 rq:563780 version:0.7.7
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2017-11-27
22:18:31.458388237 +0100
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2018-01-13
21:48:38.459295751 +0100
@@ -1,0 +2,18 @@
+Fri Jan 12 07:57:59 UTC 2018 - pgaj...@suse.com
+
+- update to 0.7.7:
+* Upgraded minitiff to version 0.2.
+ !! Fixed a buffer overflow vulnerability in the GIF decoder.
+ [Reported by Joonun Jang]
+ !! Fixed an integer overflow vulnerability in the TIFF decoder.
+ [Reported by Jaeseung Choi]
+! Fixed the build on macOS High Sierra.
+ [Reported by various users]
+ [Fixed by Yuen Ho Wong and Friedrich Preuss]
+! Fixed the build on DJGPP.
+* Disallowed out-of-bounds values in rangeset options.
+- removed upstream patches:
+ - optipng-CVE-2017-1000229.patch
+ - optipng-CVE-2017-16938.patch
+
+---
Old:
optipng-0.7.6.tar.gz
optipng-CVE-2017-1000229.patch
optipng-CVE-2017-16938.patch
New:
optipng-0.7.7.tar.gz
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.uixEgK/_old 2018-01-13 21:48:40.015223210 +0100
+++ /var/tmp/diff_new_pack.uixEgK/_new 2018-01-13 21:48:40.031222464 +0100
@@ -1,7 +1,7 @@
#
# spec file for package optipng
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: optipng
-Version:0.7.6
+Version:0.7.7
Release:0
Summary:A PNG File Compressor
License:Zlib
@@ -25,8 +25,6 @@
Url:http://optipng.sourceforge.net/
Source0:
http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz
Source1:macros.optipng
-Patch0: optipng-CVE-2017-1000229.patch
-Patch1: optipng-CVE-2017-16938.patch
BuildRequires: libpng-devel
BuildRequires: zlib-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -39,8 +37,6 @@
%prep
%setup -q
-%patch0 -p1
-%patch1 -p1
%build
# not autotools generated configure
++ optipng-0.7.6.tar.gz -> optipng-0.7.7.tar.gz ++
49542 lines of diff (skipped)
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2017-11-27 22:18:21
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng"
Mon Nov 27 22:18:21 2017 rev:35 rq:545849 version:0.7.6
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2017-11-20
17:07:28.949252300 +0100
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2017-11-27
22:18:31.458388237 +0100
@@ -1,0 +2,7 @@
+Mon Nov 27 08:19:44 UTC 2017 - pgaj...@suse.com
+
+- security update:
+ * CVE-2017-16938 [bsc#1069774]
++ optipng-CVE-2017-16938.patch
+
+---
New:
optipng-CVE-2017-16938.patch
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.uXgLU7/_old 2017-11-27 22:18:32.290358041 +0100
+++ /var/tmp/diff_new_pack.uXgLU7/_new 2017-11-27 22:18:32.290358041 +0100
@@ -26,6 +26,7 @@
Source0:
http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz
Source1:macros.optipng
Patch0: optipng-CVE-2017-1000229.patch
+Patch1: optipng-CVE-2017-16938.patch
BuildRequires: libpng-devel
BuildRequires: zlib-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -39,6 +40,7 @@
%prep
%setup -q
%patch0 -p1
+%patch1 -p1
%build
# not autotools generated configure
++ optipng-CVE-2017-16938.patch ++
--- a/src/gifread/gifread.c
+++ b/src/gifread/gifread.c
@@ -499,6 +499,8 @@ static int LZWReadByte(int init_flag, int input_code_size,
FILE *stream)
*sp++ = table[1][code];
if (code == table[0][code])
GIFError("GIF/LZW error: circular table entry");
+if ((size_t)(sp - stack) >= sizeof(stack) / sizeof(stack[0]))
+GIFError("GIF/LZW error: circular table");
code = table[0][code];
}
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2017-11-20 17:06:58
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng"
Mon Nov 20 17:06:58 2017 rev:34 rq:543842 version:0.7.6
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2016-04-06
11:52:51.0 +0200
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2017-11-20
17:07:28.949252300 +0100
@@ -1,0 +2,7 @@
+Mon Nov 20 10:28:38 UTC 2017 - pgaj...@suse.com
+
+- security update:
+ * CVE-2017-1000229 [bsc#1068720]
++ optipng-CVE-2017-1000229.patch
+
+---
New:
optipng-CVE-2017-1000229.patch
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.lLXJX7/_old 2017-11-20 17:07:29.56523 +0100
+++ /var/tmp/diff_new_pack.lLXJX7/_new 2017-11-20 17:07:29.569229855 +0100
@@ -1,7 +1,7 @@
#
# spec file for package optipng
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -25,6 +25,7 @@
Url:http://optipng.sourceforge.net/
Source0:
http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz
Source1:macros.optipng
+Patch0: optipng-CVE-2017-1000229.patch
BuildRequires: libpng-devel
BuildRequires: zlib-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -37,6 +38,7 @@
%prep
%setup -q
+%patch0 -p1
%build
# not autotools generated configure
++ optipng-CVE-2017-1000229.patch ++
>From 77ac8e9fd9b2c1aeec3951e2bb50f7cc2c1e92d2 Mon Sep 17 00:00:00 2001
From: Sebastian Pipping
Date: Sun, 19 Nov 2017 16:04:26 +0100
Subject: [PATCH] Prevent integer overflow (bug #65, CVE-2017-1000229)
---
src/minitiff/tiffread.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/minitiff/tiffread.c b/src/minitiff/tiffread.c
index b4910ec..5f9b376 100644
--- a/src/minitiff/tiffread.c
+++ b/src/minitiff/tiffread.c
@@ -350,6 +350,8 @@ minitiff_read_info(struct minitiff_info *tiff_ptr, FILE *fp)
count = tiff_ptr->strip_offsets_count;
if (count == 0 || count > tiff_ptr->height)
goto err_invalid;
+if (count > (size_t)-1 / sizeof(long))
+goto err_memory;
tiff_ptr->strip_offsets = (long *)malloc(count * sizeof(long));
if (tiff_ptr->strip_offsets == NULL)
goto err_memory;
--
2.14.2
commit optipng for openSUSE:Factory
Hello community, here is the log from the commit of package optipng for openSUSE:Factory checked in at 2016-04-06 11:52:49 Comparing /work/SRC/openSUSE:Factory/optipng (Old) and /work/SRC/openSUSE:Factory/.optipng.new (New) Package is "optipng" Changes: --- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2015-04-27 22:09:20.0 +0200 +++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2016-04-06 11:52:51.0 +0200 @@ -1,0 +2,5 @@ +Tue Apr 5 08:15:40 UTC 2016 - pgaj...@suse.com + +- updated to 0.7.6, fixes CVE-2016-2191 + +--- Old: optipng-0.7.5.tar.gz New: optipng-0.7.6.tar.gz Other differences: -- ++ optipng.spec ++ --- /var/tmp/diff_new_pack.RjsdpK/_old 2016-04-06 11:52:52.0 +0200 +++ /var/tmp/diff_new_pack.RjsdpK/_new 2016-04-06 11:52:52.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package optipng # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: optipng -Version:0.7.5 +Version:0.7.6 Release:0 Summary:A PNG File Compressor License:Zlib ++ optipng-0.7.5.tar.gz -> optipng-0.7.6.tar.gz ++ 55687 lines of diff (skipped)
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2015-04-27 22:08:57
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng"
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2014-03-31
20:44:05.0 +0200
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2015-04-27
22:09:20.0 +0200
@@ -1,0 +2,7 @@
+Mon Apr 27 14:23:20 UTC 2015 - mplus...@suse.com
+
+- Cleanup spec file with spec-clener
+- Update dependencies
+- Enable checks
+
+---
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.Jm9lm9/_old 2015-04-27 22:09:21.0 +0200
+++ /var/tmp/diff_new_pack.Jm9lm9/_new 2015-04-27 22:09:21.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package optipng
#
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -25,8 +25,8 @@
Url:http://optipng.sourceforge.net/
Source0:
http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz
Source1:macros.optipng
-# patch sent at cos...@cs.toronto.edu
BuildRequires: libpng-devel
+BuildRequires: zlib-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -39,8 +39,14 @@
%setup -q
%build
+# not autotools generated configure
export CFLAGS="%{optflags}"
-./configure -with-system-zlib -with-system-libpng -prefix=%{_prefix}
-mandir=%{_mandir}
+./configure \
+ -with-system-zlib \
+ -with-system-libpng \
+ -prefix=%{_prefix} \
+ -mandir=%{_mandir}
+
#don't strip binaries
sed -i "s:\(LDFLAGS = \)-s:\1:" src/optipng/Makefile
make %{?_smp_mflags}
@@ -49,11 +55,14 @@
make DESTDIR=%{buildroot} install %{?_smp_mflags}
install -D -m644 %{SOURCE1} %{buildroot}%{_sysconfdir}/rpm/macros.optipng
+%check
+make %{?_smp_mflags} check
+
%files
%defattr(-,root,root)
%doc README.txt doc
%{_bindir}/optipng
%{_mandir}/man1/optipng.1.gz
-%{_sysconfdir}/rpm/macros.optipng
+%config %{_sysconfdir}/rpm/macros.optipng
%changelog
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2014-03-31 20:44:04
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng"
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2013-02-15
18:49:13.0 +0100
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2014-03-31
20:44:05.0 +0200
@@ -1,0 +2,11 @@
+Mon Mar 31 07:56:27 UTC 2014 - pgaj...@suse.com
+
+- updated to 0.7.5:
+ ! Fixed various build issues with libpng-1.5 and libpng-1.6.
+ * Allowed the handling of huge image files (> millions of pixels
+per row or column) to be independent of the libpng version.
+ + Allowed the option -preserve to save the file ownership (UID/GID)
+on Unix. (Thanks to Otto Kekäläinen for the suggestion.)
+- removed libpng16.patch
+
+---
Old:
optipng-0.7.4.tar.gz
optipng-libpng16.patch
New:
optipng-0.7.5.tar.gz
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.rzF46b/_old 2014-03-31 20:44:06.0 +0200
+++ /var/tmp/diff_new_pack.rzF46b/_new 2014-03-31 20:44:06.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package optipng
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,18 +17,17 @@
Name: optipng
-BuildRequires: libpng-devel
+Version:0.7.5
+Release:0
Summary:A PNG File Compressor
License:Zlib
Group: Productivity/Archiving/Compression
-Version:0.7.4
-Release:0
Url:http://optipng.sourceforge.net/
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source0:%name-%{version}.tar.gz
+Source0:
http://downloads.sourceforge.net/project/optipng/OptiPNG/optipng-%{version}/optipng-%{version}.tar.gz
Source1:macros.optipng
# patch sent at cos...@cs.toronto.edu
-Patch0: optipng-libpng16.patch
+BuildRequires: libpng-devel
+BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
OptiPNG is a PNG optimizer that recompresses image files to a smaller
@@ -36,32 +35,25 @@
external formats (BMP, GIF, PNM; TIFF support is coming up) to
optimized PNG, and performs PNG integrity checks and corrections.
-
-
-Authors:
-
-Cosmin Truta cos...@cs.toronto.edu
-
%prep
%setup -q
-%patch0 -p1
%build
-export CFLAGS="$RPM_OPT_FLAGS"
+export CFLAGS="%{optflags}"
./configure -with-system-zlib -with-system-libpng -prefix=%{_prefix}
-mandir=%{_mandir}
#don't strip binaries
sed -i "s:\(LDFLAGS = \)-s:\1:" src/optipng/Makefile
-make
+make %{?_smp_mflags}
%install
-%makeinstall
-install -D -m644 %{SOURCE1} $RPM_BUILD_ROOT/etc/rpm/macros.optipng
+make DESTDIR=%{buildroot} install %{?_smp_mflags}
+install -D -m644 %{SOURCE1} %{buildroot}%{_sysconfdir}/rpm/macros.optipng
%files
%defattr(-,root,root)
%doc README.txt doc
-/usr/bin/optipng
-/usr/share/man/man1/optipng.1.gz
-/etc/rpm/macros.optipng
+%{_bindir}/optipng
+%{_mandir}/man1/optipng.1.gz
+%{_sysconfdir}/rpm/macros.optipng
%changelog
++ optipng-0.7.4.tar.gz -> optipng-0.7.5.tar.gz ++
164455 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2013-02-15 18:49:12
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng", Maintainer is "pgaj...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2012-11-28
16:19:22.0 +0100
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2013-02-15
18:49:13.0 +0100
@@ -1,0 +2,6 @@
+Fri Feb 15 12:35:19 UTC 2013 - pgaj...@suse.com
+
+- build also agains libpng16
+ * libpng16.patch
+
+---
New:
optipng-libpng16.patch
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.iEZMPF/_old 2013-02-15 18:49:14.0 +0100
+++ /var/tmp/diff_new_pack.iEZMPF/_new 2013-02-15 18:49:14.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package optipng
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -27,6 +27,8 @@
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source0:%name-%{version}.tar.gz
Source1:macros.optipng
+# patch sent at cos...@cs.toronto.edu
+Patch0: optipng-libpng16.patch
%description
OptiPNG is a PNG optimizer that recompresses image files to a smaller
@@ -42,6 +44,7 @@
%prep
%setup -q
+%patch0 -p1
%build
export CFLAGS="$RPM_OPT_FLAGS"
++ optipng-libpng16.patch ++
Index: optipng-0.7.4/src/opngreduc/opngreduc.c
===
--- optipng-0.7.4.orig/src/opngreduc/opngreduc.c
+++ optipng-0.7.4/src/opngreduc/opngreduc.c
@@ -20,6 +20,8 @@
#include "opngreduc.h"
+#include
+
#ifndef OPNG_ASSERT
#include
#define OPNG_ASSERT(cond) assert(cond)
Index: optipng-0.7.4/src/pngxtern/pngxmem.c
===
--- optipng-0.7.4.orig/src/pngxtern/pngxmem.c
+++ optipng-0.7.4/src/pngxtern/pngxmem.c
@@ -8,6 +8,7 @@
#include "pngxutil.h"
+#include
#ifdef PNG_INFO_IMAGE_SUPPORTED
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2012-11-28 16:19:18
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng", Maintainer is "pgaj...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2012-09-25
10:44:23.0 +0200
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2012-11-28
16:19:22.0 +0100
@@ -1,0 +2,7 @@
+Tue Nov 20 12:24:53 UTC 2012 - pgaj...@suse.com
+
+- updated to 0.7.4:
+ !! Fixed the previous fix, which failed to fix the option -fix.
+ (Thanks to Gynvael Coldwind and Mateusz Jurczyk for the report.)
+
+---
Old:
optipng-0.7.3.tar.gz
New:
optipng-0.7.4.tar.gz
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.Y7cUpz/_old 2012-11-28 16:19:24.0 +0100
+++ /var/tmp/diff_new_pack.Y7cUpz/_new 2012-11-28 16:19:24.0 +0100
@@ -21,7 +21,7 @@
Summary:A PNG File Compressor
License:Zlib
Group: Productivity/Archiving/Compression
-Version:0.7.3
+Version:0.7.4
Release:0
Url:http://optipng.sourceforge.net/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
++ optipng-0.7.3.tar.gz -> optipng-0.7.4.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/optipng-0.7.3/AUTHORS.txt
new/optipng-0.7.4/AUTHORS.txt
--- old/optipng-0.7.3/AUTHORS.txt 2012-09-16 16:16:00.0 +0200
+++ new/optipng-0.7.4/AUTHORS.txt 2012-10-22 03:41:00.0 +0200
@@ -1,4 +1,4 @@
-# OptiPNG version 0.7.3
+# OptiPNG version 0.7.4
# Copyright (C) 2001-2012 Cosmin Truta and the Contributing Authors.
# See the accompanying LICENSE file for details.
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/optipng-0.7.3/README.txt new/optipng-0.7.4/README.txt
--- old/optipng-0.7.3/README.txt2012-09-16 16:16:00.0 +0200
+++ new/optipng-0.7.4/README.txt2012-10-22 03:41:00.0 +0200
@@ -1,5 +1,5 @@
-OptiPNG 0.7.3: Advanced PNG optimizer.
+OptiPNG 0.7.4: Advanced PNG optimizer.
Copyright (C) 2001-2012 Cosmin Truta.
==
@@ -23,14 +23,14 @@
Build instructions
--
On Unix, or under a Bourne-compatible shell, run ./configure and make:
-cd optipng-0.7.3/
+cd optipng-0.7.4/
./configure
make
make test
Alternatively, use a pre-configured makefile that matches your compiler;
e.g.:
-cd optipng-0.7.3/
+cd optipng-0.7.4/
nmake -f build/visualc.mk
nmake -f build/visualc.mk test
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/optipng-0.7.3/doc/history.txt
new/optipng-0.7.4/doc/history.txt
--- old/optipng-0.7.3/doc/history.txt 2012-09-16 16:16:00.0 +0200
+++ new/optipng-0.7.4/doc/history.txt 2012-10-22 03:41:00.0 +0200
@@ -13,6 +13,11 @@
(crash, data/metadata loss or security hazard).
* Other modification (e.g. architectural improvement).
+Version 0.7.4 21-oct-2012
+-
+!! Fixed the previous fix, which failed to fix the option -fix.
+ (Thanks to Gynvael Coldwind and Mateusz Jurczyk for the report.)
+
Version 0.7.3 16-sep-2012
-
!! Fixed a use-after-free vulnerability in the palette reduction code.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/optipng-0.7.3/doc/optipng.man.html
new/optipng-0.7.4/doc/optipng.man.html
--- old/optipng-0.7.3/doc/optipng.man.html 2012-09-16 16:16:00.0
+0200
+++ new/optipng-0.7.4/doc/optipng.man.html 2012-10-22 03:41:00.0
+0200
@@ -1,5 +1,5 @@
-
+
http://www.w3.org/TR/html4/loose.dtd";>
Files old/optipng-0.7.3/doc/optipng.man.pdf and
new/optipng-0.7.4/doc/optipng.man.pdf differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/optipng-0.7.3/doc/optipng.man.txt
new/optipng-0.7.4/doc/optipng.man.txt
--- old/optipng-0.7.3/doc/optipng.man.txt 2012-09-16 16:16:00.0
+0200
+++ new/optipng-0.7.4/doc/optipng.man.txt 2012-10-22 03:41:00.0
+0200
@@ -295,4 +295,4 @@
the Debian Project. It was later updated by Cosmin Truta, and is now
part of the OptiPNG distribution.
-OptiPNG version 0.7.3 2012-Sep-16 OPTIPNG(1)
+OptiPNG version 0.7.4 2012-Oct-21 OPTIPNG(1)
diff -urN '--exclude=CVS' '--ex
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2012-09-25 10:44:21
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng", Maintainer is "pgaj...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2012-08-08
11:20:05.0 +0200
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2012-09-25
10:44:23.0 +0200
@@ -1,0 +2,7 @@
+Mon Sep 24 11:58:03 UTC 2012 - pgaj...@suse.com
+
+- updated to 0.7.3:
+ * fixed 'OptiPNG Palette Reduction Use-After-Free Vulnerability'
+[bnc#780874]
+
+---
Old:
optipng-0.7.1.tar.gz
New:
optipng-0.7.3.tar.gz
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.CKTJ5K/_old 2012-09-25 10:44:26.0 +0200
+++ /var/tmp/diff_new_pack.CKTJ5K/_new 2012-09-25 10:44:26.0 +0200
@@ -21,7 +21,7 @@
Summary:A PNG File Compressor
License:Zlib
Group: Productivity/Archiving/Compression
-Version:0.7.1
+Version:0.7.3
Release:0
Url:http://optipng.sourceforge.net/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -54,9 +54,6 @@
%makeinstall
install -D -m644 %{SOURCE1} $RPM_BUILD_ROOT/etc/rpm/macros.optipng
-%clean
-rm -rf $RPM_BUILD_ROOT
-
%files
%defattr(-,root,root)
%doc README.txt doc
++ optipng-0.7.1.tar.gz -> optipng-0.7.3.tar.gz ++
22542 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2012-08-08 11:19:56
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng", Maintainer is "pgaj...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2012-03-02
13:49:23.0 +0100
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2012-08-08
11:20:05.0 +0200
@@ -1,0 +2,8 @@
+Tue Aug 7 12:41:22 UTC 2012 - pgaj...@suse.com
+
+- updated to 0.7.1:
+ !! Fixed a regression in the reduction of palette-encoded grayscale
+ images. This regression was introduced in version 0.7.
+ (Thanks to Adam Ciarcinski for the fix.)
+
+---
Old:
optipng-0.7.tar.gz
New:
optipng-0.7.1.tar.gz
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.M96HNO/_old 2012-08-08 11:20:15.0 +0200
+++ /var/tmp/diff_new_pack.M96HNO/_new 2012-08-08 11:20:15.0 +0200
@@ -15,16 +15,14 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-# norootforbuild
-
Name: optipng
BuildRequires: libpng-devel
+Summary:A PNG File Compressor
License:Zlib
Group: Productivity/Archiving/Compression
-Summary:A PNG File Compressor
-Version:0.7
-Release:1
+Version:0.7.1
+Release:0
Url:http://optipng.sourceforge.net/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source0:%name-%{version}.tar.gz
++ optipng-0.7.tar.gz -> optipng-0.7.1.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/optipng-0.7/AUTHORS.txt new/optipng-0.7.1/AUTHORS.txt
--- old/optipng-0.7/AUTHORS.txt 1970-01-01 01:00:00.0 +0100
+++ new/optipng-0.7.1/AUTHORS.txt 2012-03-20 01:19:00.0 +0100
@@ -0,0 +1,25 @@
+# OptiPNG version 0.7.1
+# Copyright (C) 2001-2012 Cosmin Truta and the Contributing Authors.
+# See the accompanying LICENSE file for details.
+#
+# A Contributing Author is a person or company who contributed code that
+# is now part of OptiPNG.
+#
+# For the purpose of copyright and licensing, this is the official list
+# of Contributing Authors, in alphabetic order.
+
+Adam Ciarcinski
+Brian McQuade
+Elias Pipping
+Fabien Barbier
+Maciej Pilichowski
+Matthew Fearnley
+Nelson A. de Oliveira
+Niels de Koning
+Petr Gajdos
+Piotr Bandurski
+Ramona C. Truta
+Sebastian Pipping
+Stefan Br�ns
+Till Maas
+Ville Skytt�
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/optipng-0.7/LICENSE.txt new/optipng-0.7.1/LICENSE.txt
--- old/optipng-0.7/LICENSE.txt 2011-01-24 07:05:00.0 +0100
+++ new/optipng-0.7.1/LICENSE.txt 2012-03-01 04:09:00.0 +0100
@@ -1,5 +1,7 @@
-Copyright (C) 2001-2011 Cosmin Truta.
+Copyright (C) 2001-2012 Cosmin Truta and the Contributing Authors.
+For the purpose of copyright and licensing, the list of Contributing
+Authors is available in the accompanying AUTHORS file.
This software is provided 'as-is', without any express or implied
warranty. In no event will the author(s) be held liable for any damages
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/optipng-0.7/README.txt new/optipng-0.7.1/README.txt
--- old/optipng-0.7/README.txt 2011-12-19 19:40:00.0 +0100
+++ new/optipng-0.7.1/README.txt2012-03-20 01:19:00.0 +0100
@@ -1,6 +1,6 @@
-OptiPNG 0.7: Advanced PNG optimizer.
-Copyright (C) 2001-2011 Cosmin Truta.
+OptiPNG 0.7.1: Advanced PNG optimizer.
+Copyright (C) 2001-2012 Cosmin Truta.
=
License
@@ -23,12 +23,12 @@
Build instructions
--
On Unix, or under a Bourne-compatible shell, run ./configure and make:
-cd optipng-0.7/
+cd optipng-0.7.1/
./configure && make
Alternatively, use a pre-configured makefile that matches your compiler;
e.g.:
-cd optipng-0.7/
+cd optipng-0.7.1/
nmake -f build/visualc.mk
Installation instructions
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/optipng-0.7/doc/history.txt
new/optipng-0.7.1/doc/history.txt
--- old/optipng-0.7/doc/history.txt 2012-02-29 18:07:00.0 +0100
+++ new/optipng-0.7.1/doc/history.txt 2012-03-20 01:19:00.0 +0100
@@ -13,6 +13,12 @@
(crash, data/metadata loss or security hazard).
* Other modification (e.g. architectural improvement).
+Version 0.7.1 19-mar-2012
+-
+!! Fixed a regre
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory checked
in at 2012-03-02 13:49:18
Comparing /work/SRC/openSUSE:Factory/optipng (Old)
and /work/SRC/openSUSE:Factory/.optipng.new (New)
Package is "optipng", Maintainer is "pgaj...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/optipng/optipng.changes 2011-09-23
12:21:05.0 +0200
+++ /work/SRC/openSUSE:Factory/.optipng.new/optipng.changes 2012-03-02
13:49:23.0 +0100
@@ -1,0 +2,19 @@
+Fri Mar 2 11:54:06 UTC 2012 - pgaj...@suse.com
+
+- updated to 0.7:
+ + Added the popularly-requested option -strip.
+ + Added the option -backup, as an alias of -keep.
+ + Added the option -silent, as an alias of -quiet.
+ - Deprecated the option -log.
+ * Changed the activity display output from STDOUT to STDERR.
+ + Allowed the option -preserve to save high-resolution timestamps
+ on Unix, if the POSIX-1.2008 API is available. This feature was
+ previously available on Windows only.
+ ! Fixed a minor precision error in the display of file size percents.
+ ! Fixed a memory leak that occurred when reading broken GIF images.
+ ! Fixed various build issues.
+(Thanks to Sebastian Pipping and Ville Skytta for the fixes.)
+ * Resolved all remaining compatibility issues with libpng-1.5.
+(Thanks in part to Adam Ciarcinski for the contribution.)
+
+---
Old:
optipng-0.6.5.tar.bz2
optipng-libpng14.patch
optipng-suse-paths.diff
New:
optipng-0.7.tar.gz
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.WtRMbI/_old 2012-03-02 13:49:24.0 +0100
+++ /var/tmp/diff_new_pack.WtRMbI/_new 2012-03-02 13:49:24.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package optipng
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -23,14 +23,12 @@
License:Zlib
Group: Productivity/Archiving/Compression
Summary:A PNG File Compressor
-Version:0.6.5
+Version:0.7
Release:1
Url:http://optipng.sourceforge.net/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Source0:%name-%{version}.tar.bz2
+Source0:%name-%{version}.tar.gz
Source1:macros.optipng
-Patch0: %{name}-suse-paths.diff
-Patch1: %{name}-libpng14.patch
%description
OptiPNG is a PNG optimizer that recompresses image files to a smaller
@@ -46,13 +44,13 @@
%prep
%setup -q
-%patch0
-# upstream uses pngpriv.h from libpng, which is not allowed
-%patch1 -p1
%build
-./configure -with-system-zlib -with-system-libpng -prefix=/usr
-make CFLAGS="$RPM_OPT_FLAGS"
+export CFLAGS="$RPM_OPT_FLAGS"
+./configure -with-system-zlib -with-system-libpng -prefix=%{_prefix}
-mandir=%{_mandir}
+#don't strip binaries
+sed -i "s:\(LDFLAGS = \)-s:\1:" src/optipng/Makefile
+make
%install
%makeinstall
@@ -63,7 +61,7 @@
%files
%defattr(-,root,root)
-#%doc FEATURES HISTORY DESIGN TODO CAVEAT
+%doc README.txt doc
/usr/bin/optipng
/usr/share/man/man1/optipng.1.gz
/etc/rpm/macros.optipng
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit optipng for openSUSE:Factory
Hello community,
here is the log from the commit of package optipng for openSUSE:Factory
checked in at Fri Mar 4 09:38:06 CET 2011.
--- optipng/optipng.changes 2010-08-23 16:48:56.0 +0200
+++ /mounts/work_src_done/STABLE/optipng/optipng.changes2011-03-03
13:03:16.0 +0100
@@ -1,0 +2,9 @@
+Thu Mar 3 12:07:53 CET 2011 - pgaj...@suse.cz
+
+- updated to 0.6.5:
+ * Fixed processing of PNG files with chunks of size 0.
+ * Fixed a display error in the TIFF import.
+ * Improved checking of the arguments of -f, -zc, -zm and -zs.
+ * Removed quirks from the rangeset option argument syntax.
+
+---
calling whatdependson for head-i586
Old:
optipng-0.6.4.tar.bz2
New:
optipng-0.6.5.tar.bz2
Other differences:
--
++ optipng.spec ++
--- /var/tmp/diff_new_pack.FZ4Ke6/_old 2011-03-04 09:25:49.0 +0100
+++ /var/tmp/diff_new_pack.FZ4Ke6/_new 2011-03-04 09:25:49.0 +0100
@@ -1,7 +1,7 @@
#
-# spec file for package optipng (Version 0.6.4)
+# spec file for package optipng
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -23,7 +23,7 @@
License:Zlib
Group: Productivity/Archiving/Compression
Summary:A PNG File Compressor
-Version:0.6.4
+Version:0.6.5
Release:1
Url:http://optipng.sourceforge.net/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
++ optipng-0.6.4.tar.bz2 -> optipng-0.6.5.tar.bz2 ++
37382 lines of diff (skipped)
++ optipng-libpng14.patch ++
--- /var/tmp/diff_new_pack.FZ4Ke6/_old 2011-03-04 09:25:49.0 +0100
+++ /var/tmp/diff_new_pack.FZ4Ke6/_new 2011-03-04 09:25:49.0 +0100
@@ -1,7 +1,7 @@
-Index: optipng-0.6.4/src/pngpriv.h
+Index: optipng-0.6.5/src/pngpriv.h
===
--- /dev/null
-+++ optipng-0.6.4/src/pngpriv.h
optipng-0.6.5/src/pngpriv.h
@@ -0,0 +1,24 @@
+#if PNG_LIBPNG_VER >= 10400
+#define PNG_FILLER 0x8000L
@@ -27,17 +27,32 @@
+ }
+#endif
+
-Index: optipng-0.6.4/src/opngoptim.c
+Index: optipng-0.6.5/src/cexcept.h
===
optipng-0.6.4.orig/src/opngoptim.c
-+++ optipng-0.6.4/src/opngoptim.c
-@@ -23,6 +23,9 @@
- #include "cexcept.h"
- #include "cbitset.h"
- #include "osys.h"
-+#if PNG_LIBPNG_VER >= 10400
-+#include "pngpriv.h"
-+#endif
+--- optipng-0.6.5.orig/src/cexcept.h
optipng-0.6.5/src/cexcept.h
+@@ -191,7 +191,7 @@ is subject to change.
+ #define CEXCEPT_H
+
+
+-#include
++#include
+
+ #define define_exception_type(etype) \
+ struct exception_context { \
+Index: optipng-0.6.5/src/opngreduc.c
+===
+--- optipng-0.6.5.orig/src/opngreduc.c
optipng-0.6.5/src/opngreduc.c
+@@ -25,9 +25,9 @@
+ #include "opngreduc.h"
+ #if PNG_LIBPNG_VER >= 10400
+-#ifdef PNG_USER_PRIVATEBUILD
++/*#ifdef PNG_USER_PRIVATEBUILD*/
+ #include "pngpriv.h"
+-#endif
++/*#endif*/
+ #endif
- /*
+ #ifndef OPNG_ASSERT
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
