commit libavif for openSUSE:Factory

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libavif for openSUSE:Factory checked in at 2023-11-30 21:59:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libavif (Old) and /work/SRC/openSUSE:Factory/.libavif.new.25432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libavif" Thu Nov 30 21:59:07 2023 rev:22 rq:1129716 version:1.0.2 Changes: -------- --- /work/SRC/openSUSE:Factory/libavif/libavif.changes 2023-08-31 13:42:48.181972032 +0200 +++ /work/SRC/openSUSE:Factory/.libavif.new.25432/libavif.changes 2023-11-30 21:59:46.081626679 +0100 @@ -1,0 +2,11 @@ +Tue Nov 28 20:40:32 UTC 2023 - Andreas Stieger + +- update to 1.0.2: + * Update avifCropRectConvertCleanApertureBox() to the revised + requirements in ISO/IEC 23000-22:2019/Amd. 2:2021 Section + 7.3.6.7. + * CVE-2023-6350: Out of bounds memory to alphaItemIndices (boo#1217614) + * CVE-2023-6351: use-after-free in colorProperties (boo#1217615) +- drop fix-gdkpixbuf.patch + +------------------------------------------------------------------- Old: ---- fix-gdkpixbuf.patch libavif-1.0.0.tar.gz New: ---- libavif-1.0.2.tar.gz BETA DEBUG BEGIN: Old: * CVE-2023-6351: use-after-free in colorProperties (boo#1217615) - drop fix-gdkpixbuf.patch BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libavif.spec ++++++ --- /var/tmp/diff_new_pack.RwJorM/_old 2023-11-30 21:59:47.033661751 +0100 +++ /var/tmp/diff_new_pack.RwJorM/_new 2023-11-30 21:59:47.037661898 +0100 @@ -16,6 +16,9 @@ # +# Also update baselibs.conf if you bump the version +%global lib_soversion 16 +%global lib_name libavif%{lib_soversion} %if 0%{?suse_version} >= 1550 %bcond_without aom %bcond_without yuv @@ -23,13 +26,8 @@ %bcond_with aom %bcond_with yuv %endif - -# Also update baselibs.conf if you bump the version -%global lib_soversion 16 -%global lib_name libavif%{lib_soversion} - Name: libavif -Version: 1.0.0 +Version: 1.0.2 Release: 0 Summary: Library for encoding and decoding .avif files License: BSD-2-Clause @@ -37,11 +35,10 @@ URL: https://github.com/AOMediaCodec/libavif Source: https://github.com/AOMediaCodec/libavif/archive/v%{version}/%{name}-%{version}.tar.gz Source99: baselibs.conf -# PATCH-FIX-UPSTREAM https://github.com/AOMediaCodec/libavif/pull/1528 -Patch0: fix-gdkpixbuf.patch +BuildRequires: c++_compiler BuildRequires: cmake -BuildRequires: gcc-c++ BuildRequires: libjpeg8-devel +BuildRequires: pkgconfig BuildRequires: pkgconfig(dav1d) BuildRequires: pkgconfig(gdk-pixbuf-2.0) BuildRequires: pkgconfig(glib-2.0) @@ -97,10 +94,10 @@ A pixbuf-loader plugin to load AVIF images in GTK+ applications. %package devel -Requires: %{lib_name} = %{version}-%{release} # Summary: Development files for libavif Group: Development/Libraries/C and C++ +Requires: %{lib_name} = %{version}-%{release} %description devel This library aims to be a friendly, portable C implementation of the AV1 Image @@ -148,6 +145,7 @@ %{_bindir}/avifenc %files -n gdk-pixbuf-loader-libavif +%license LICENSE %{_libdir}/gdk-pixbuf-2.0/*/loaders/libpixbufloader-avif.so %dir %{_datadir}/thumbnailers %{_datadir}/thumbnailers/avif.thumbnailer ++++++ libavif-1.0.0.tar.gz -> libavif-1.0.2.tar.gz ++++++ /work/SRC/openSUSE:Factory/libavif/libavif-1.0.0.tar.gz /work/SRC/openSUSE:Factory/.libavif.new.25432/libavif-1.0.2.tar.gz differ: char 29, line 1