Hello community,
here is the log from the commit of package imlib2
checked in at Fri Jul 11 22:42:52 CEST 2008.
--------
--- imlib2/imlib2.changes 2007-10-26 14:02:15.000000000 +0200
+++ imlib2/imlib2.changes 2008-06-19 14:49:43.000000000 +0200
@@ -1,0 +2,13 @@
+Tue Jun 17 18:40:13 CEST 2008 - meissner@suse.de
+
+- upgraded to 1.4.1 upstream
+ - security fixes, some bugfixes
+- removed non-executable stack patch
+- redone Xorg rgb.txt patch
+
+-------------------------------------------------------------------
+Mon Jun 2 15:01:59 CEST 2008 - mweckbecker@suse.de
+
+- Fix xpm buffer overflow (bnc#394703, CVE-2008-2426)
+
+-------------------------------------------------------------------
Old:
----
imlib2-1.4.0-fixes.patch
imlib2-1.4.0.tar.bz2
New:
----
imlib2-1.4.1.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ imlib2.spec ++++++
--- /var/tmp/diff_new_pack.W14916/_old 2008-07-11 22:41:57.000000000 +0200
+++ /var/tmp/diff_new_pack.W14916/_new 2008-07-11 22:41:57.000000000 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package imlib2 (Version 1.4.0)
+# spec file for package imlib2 (Version 1.4.1)
#
-# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
@@ -9,19 +9,19 @@
#
+
Name: imlib2
BuildRequires: freetype2-devel giflib-devel libpng-devel libtiff-devel xorg-x11-devel
Summary: Imlib 2, the Successor to Imlib
-Version: 1.4.0
+Version: 1.4.1
Release: 1
License: BSD 3-Clause
Group: Development/Libraries/X11
Source: %name-%version.tar.bz2
-Patch0: imlib2-1.4.0-fixes.patch
Patch1: imlib2-X11R6-xorg.patch
Patch2: imlib2-1.4.0-more-fixes.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Url: http://www.enlightenment.org/Libraries/Imlib2/
+Url: http://sourceforge.net/projects/enlightenment/
Suggests: imlib2-loaders
%description
@@ -37,6 +37,7 @@
Rasterman
%package devel
+License: BSD 3-Clause
Summary: Imlib 2 - development libraries
Group: Development/Libraries/X11
Requires: %{name} = %{version} glibc-devel xorg-x11-devel freetype2-devel zlib-devel libpng-devel
@@ -56,6 +57,7 @@
Rasterman
%package filters
+License: BSD 3-Clause
Summary: Imlib 2 - plugin filters
Group: Development/Libraries/X11
Requires: %{name} = %{version}
@@ -75,6 +77,7 @@
Rasterman
%package loaders
+License: BSD 3-Clause
Summary: Imlib 2 - image loaders
Group: Development/Libraries/X11
Provides: imlib2-loader_jpeg imlib2-loader_png imlib2-loader_argb imlib2-loader_tiff imlib2-loader_gif imlib2-loader_zlib imlib2-loader_bz2 imlib2-loader_pnm imlib2-loader_bmp imlib2-loader_xpm imlib2-loader_tga
@@ -96,14 +99,10 @@
%prep
%setup -q
-%patch0 -p1
%patch1 -p1
%patch2 -p0
%build
-%if %suse_version > 1000
-export RPM_OPT_FLAGS="$RPM_OPT_FLAGS -fstack-protector"
-%endif
export CFLAGS="$RPM_OPT_FLAGS -DRGB_TXT_PATH=/usr/share/X11/rgb.txt"
autoreconf --force --install
%configure --prefix=%{_prefix} \
@@ -112,6 +111,9 @@
%else
--disable-mmx \
%endif
+%ifarch x86_64
+ --enable-amd64 \
+%endif
--bindir=%{_bindir} \
--libdir=%{_libdir} \
--includedir=%{_includedir} \
@@ -134,11 +136,9 @@
%clean
rm -rf $RPM_BUILD_ROOT
-%post
-%run_ldconfig
+%post -p /sbin/ldconfig
-%postun
-%run_ldconfig
+%postun -p /sbin/ldconfig
%files
%defattr(-,root,root,0755)
@@ -171,75 +171,83 @@
%files loaders
%attr(755,root,root) %dir %{_libdir}/imlib2
%attr(755,root,root) %{_libdir}/imlib2/loaders
+
%changelog
-* Fri Oct 26 2007 - meissner@suse.de
+* Tue Jun 17 2008 meissner@suse.de
+- upgraded to 1.4.1 upstream
+ - security fixes, some bugfixes
+- removed non-executable stack patch
+- redone Xorg rgb.txt patch
+* Mon Jun 02 2008 mweckbecker@suse.de
+- Fix xpm buffer overflow (bnc#394703, CVE-2008-2426)
+* Fri Oct 26 2007 meissner@suse.de
- upgraded to 1.4.0 upstream
- mostly merged security fixes
- cleaned up and redid patches were necessary
- enabled visibility hiding option
-* Tue Aug 21 2007 - meissner@suse.de
+* Tue Aug 21 2007 meissner@suse.de
- moved provides to the right subpackage.
- suggests: imlib2-loaders in the mainpackage. #299389
-* Sun Jul 22 2007 - aj@suse.de
+* Sun Jul 22 2007 aj@suse.de
- Reduce BuildRequires.
-* Mon Dec 11 2006 - jw@suse.de
+* Mon Dec 11 2006 jw@suse.de
- uninitialized variable bug
patched and sent upstream.
-* Tue Nov 14 2006 - meissner@suse.de
+* Tue Nov 14 2006 meissner@suse.de
- Removed the incorrect loader_jpeg hunk of fix
for #214313. #220671
-* Wed Nov 08 2006 - meissner@suse.de
+* Wed Nov 08 2006 meissner@suse.de
- Upgraded to 1.3.0:
- several bug fixes
- lots of symbols marked as hidden
-* Wed Nov 08 2006 - meissner@suse.de
+* Wed Nov 08 2006 meissner@suse.de
- Added an additional JPEG fix.
- Also added a fix for TIFF images on 64bit systems.
-* Wed Oct 25 2006 - meissner@suse.de
+* Wed Oct 25 2006 meissner@suse.de
- fixed various buffer and integer overflows
in various loaders and decoders. #214313
-* Wed Sep 20 2006 - schwab@suse.de
+* Wed Sep 20 2006 schwab@suse.de
- Use AM_PROG_AS.
-* Fri Aug 11 2006 - jw@suse.de
+* Fri Aug 11 2006 jw@suse.de
- RGB_TXT_PATH added to loader_xpm.c
defined now as /usr/share/X11/rgb.txt
-* Tue Feb 07 2006 - ro@suse.de
+* Tue Feb 07 2006 ro@suse.de
- fix build for < 10.1
-* Wed Jan 25 2006 - mls@suse.de
+* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
-* Wed Jan 11 2006 - jw@suse.de
+* Wed Jan 11 2006 jw@suse.de
- $RPM_OPT_FLAGS + -fstack-protector added.
-* Mon Jan 02 2006 - aj@suse.de
+* Mon Jan 02 2006 aj@suse.de
- Fix filelist.
-* Thu Dec 22 2005 - jw@suse.de
+* Thu Dec 22 2005 jw@suse.de
- upgraded to 1.2.1, removed upstreamed patches
-* Wed Sep 21 2005 - ro@suse.de
+* Wed Sep 21 2005 ro@suse.de
- only remove .la files for plugins
- add requires to devel package
-* Tue Sep 20 2005 - jw@suse.de
+* Wed Sep 21 2005 jw@suse.de
- offending \*.la files removed.
-* Tue Mar 08 2005 - jw@suse.de
+* Tue Mar 08 2005 jw@suse.de
- Provides for all the loaders added
to satisfy building e.g. eterm [#64296]
-* Tue Feb 01 2005 - coolo@suse.de
+* Tue Feb 01 2005 coolo@suse.de
- put devel files in -devel subpackage
-* Wed Jan 05 2005 - meissner@suse.de
+* Wed Jan 05 2005 meissner@suse.de
- Added missing security fixes to BMP and XPM loader #49562.
- Added libstdc++-devel and libtiff-devel to neededforbuild.
-* Thu Aug 26 2004 - meissner@suse.de
+* Thu Aug 26 2004 meissner@suse.de
- Upgraded to 1.1.1.
- Fixed buffer overflow in BMP loader.
-* Sun Jan 18 2004 - meissner@suse.de
+* Mon Jan 19 2004 meissner@suse.de
- fixed "label at end of compound statement" errors in gcc 3.4
-* Mon Jan 12 2004 - adrian@suse.de
+* Mon Jan 12 2004 adrian@suse.de
- revert last change (%%run_ldconfig already exist before)
-* Sun Jan 11 2004 - adrian@suse.de
+* Sun Jan 11 2004 adrian@suse.de
- add %%run_ldconfig
-* Sat Aug 16 2003 - mmj@suse.de
+* Sat Aug 16 2003 mmj@suse.de
- Update to 1.1.0
-* Fri Jun 13 2003 - kukuk@suse.de
+* Fri Jun 13 2003 kukuk@suse.de
- Add missing directories to filelist
-* Wed May 28 2003 - ro@suse.de
+* Wed May 28 2003 ro@suse.de
- fix build even without archprefix
-* Fri Mar 14 2003 - mmj@suse.de
+* Fri Mar 14 2003 mmj@suse.de
- Initial package of imlib2-1.0.6
++++++ imlib2-1.4.0-more-fixes.patch ++++++
--- /var/tmp/diff_new_pack.W14916/_old 2008-07-11 22:41:57.000000000 +0200
+++ /var/tmp/diff_new_pack.W14916/_new 2008-07-11 22:41:57.000000000 +0200
@@ -20,7 +20,7 @@
fclose(f);
--- src/modules/loaders/loader_bmp.c
+++ src/modules/loaders/loader_bmp.c
-@@ -519,6 +519,7 @@
+@@ -565,6 +565,7 @@
unsigned char *buffer_end_minus_1 = buffer_end - 1;
x = 0;
y = 0;
@@ -98,17 +98,6 @@
if (im->data) free(im->data);
im->data = NULL;
}
---- src/modules/loaders/loader_pnm.c
-+++ src/modules/loaders/loader_pnm.c
-@@ -68,7 +68,7 @@
- int i = 0;
-
- /* read numbers */
-- while (c != EOF && !isspace(c))
-+ while (c != EOF && (i+1 < sizeof(buf)) && !isspace(c))
- {
- buf[i++] = c;
- c = fgetc(f);
--- src/modules/loaders/loader_tga.c
+++ src/modules/loaders/loader_tga.c
@@ -350,7 +350,7 @@
@@ -133,7 +122,7 @@
{
--- src/modules/loaders/loader_xpm.c
+++ src/modules/loaders/loader_xpm.c
-@@ -154,6 +154,9 @@
+@@ -155,6 +155,9 @@
pixels = 0;
count = 0;
line = malloc(lsz);
++++++ imlib2-1.4.0.tar.bz2 -> imlib2-1.4.1.tar.bz2 ++++++
++++ 57286 lines of diff (skipped)
++++++ imlib2-X11R6-xorg.patch ++++++
--- /var/tmp/diff_new_pack.W14916/_old 2008-07-11 22:41:59.000000000 +0200
+++ /var/tmp/diff_new_pack.W14916/_new 2008-07-11 22:41:59.000000000 +0200
@@ -1,17 +1,15 @@
---- imlib2-1.2.1/src/modules/loaders/loader_xpm.c.orig 2005-05-18 07:26:16.000000000 +0200
-+++ imlib2-1.2.1/src/modules/loaders/loader_xpm.c 2006-08-11 15:37:18.000000000 +0200
-@@ -65,8 +65,13 @@
- }
+--- imlib2-1.4.1/src/modules/loaders/loader_xpm.c
++++ imlib2-1.4.1/src/modules/loaders/loader_xpm.c
+@@ -52,7 +52,11 @@
/* look in rgb txt database */
if (!rgb_txt)
-+
-+#ifndef RGB_TXT_PATH
-+# define RGB_TXT_PATH /usr/X11R6/lib/X11/rgb.txt
-+#endif
-+#define __QQ(a) #a
#ifndef __EMX__
-- rgb_txt = fopen("/usr/X11R6/lib/X11/rgb.txt", "r");
-+ rgb_txt = fopen(__QQ(RGB_TXT_PATH), "r");
+- rgb_txt = fopen("/usr/X11R6/lib/X11/rgb.txt", "r");
++# ifndef RGB_TXT_PATH
++# define RGB_TXT_PATH /usr/X11R6/lib/X11/rgb.txt
++# endif
++# define __QQ(a) #a
++ rgb_txt = fopen(__QQ(RGB_TXT_PATH), "r");
+ if (!rgb_txt)
+ rgb_txt = fopen("/usr/openwin/lib/X11/rgb.txt", "r");
#else
- rgb_txt = fopen(__XOS2RedirRoot("/XFree86/lib/X11/rgb.txt"), "rt");
- #endif
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org