Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libavif for openSUSE:Factory checked in at 2023-11-30 21:59:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libavif (Old)
and /work/SRC/openSUSE:Factory/.libavif.new.25432 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libavif"
Thu Nov 30 21:59:07 2023 rev:22 rq:1129716 version:1.0.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/libavif/libavif.changes 2023-08-31 13:42:48.181972032 +0200
+++ /work/SRC/openSUSE:Factory/.libavif.new.25432/libavif.changes 2023-11-30 21:59:46.081626679 +0100
@@ -1,0 +2,11 @@
+Tue Nov 28 20:40:32 UTC 2023 - Andreas Stieger
+
+- update to 1.0.2:
+ * Update avifCropRectConvertCleanApertureBox() to the revised
+ requirements in ISO/IEC 23000-22:2019/Amd. 2:2021 Section
+ 7.3.6.7.
+ * CVE-2023-6350: Out of bounds memory to alphaItemIndices (boo#1217614)
+ * CVE-2023-6351: use-after-free in colorProperties (boo#1217615)
+- drop fix-gdkpixbuf.patch
+
+-------------------------------------------------------------------
Old:
----
fix-gdkpixbuf.patch
libavif-1.0.0.tar.gz
New:
----
libavif-1.0.2.tar.gz
BETA DEBUG BEGIN:
Old: * CVE-2023-6351: use-after-free in colorProperties (boo#1217615)
- drop fix-gdkpixbuf.patch
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libavif.spec ++++++
--- /var/tmp/diff_new_pack.RwJorM/_old 2023-11-30 21:59:47.033661751 +0100
+++ /var/tmp/diff_new_pack.RwJorM/_new 2023-11-30 21:59:47.037661898 +0100
@@ -16,6 +16,9 @@
#
+# Also update baselibs.conf if you bump the version
+%global lib_soversion 16
+%global lib_name libavif%{lib_soversion}
%if 0%{?suse_version} >= 1550
%bcond_without aom
%bcond_without yuv
@@ -23,13 +26,8 @@
%bcond_with aom
%bcond_with yuv
%endif
-
-# Also update baselibs.conf if you bump the version
-%global lib_soversion 16
-%global lib_name libavif%{lib_soversion}
-
Name: libavif
-Version: 1.0.0
+Version: 1.0.2
Release: 0
Summary: Library for encoding and decoding .avif files
License: BSD-2-Clause
@@ -37,11 +35,10 @@
URL: https://github.com/AOMediaCodec/libavif
Source: https://github.com/AOMediaCodec/libavif/archive/v%{version}/%{name}-%{version}.tar.gz
Source99: baselibs.conf
-# PATCH-FIX-UPSTREAM https://github.com/AOMediaCodec/libavif/pull/1528
-Patch0: fix-gdkpixbuf.patch
+BuildRequires: c++_compiler
BuildRequires: cmake
-BuildRequires: gcc-c++
BuildRequires: libjpeg8-devel
+BuildRequires: pkgconfig
BuildRequires: pkgconfig(dav1d)
BuildRequires: pkgconfig(gdk-pixbuf-2.0)
BuildRequires: pkgconfig(glib-2.0)
@@ -97,10 +94,10 @@
A pixbuf-loader plugin to load AVIF images in GTK+ applications.
%package devel
-Requires: %{lib_name} = %{version}-%{release}
#
Summary: Development files for libavif
Group: Development/Libraries/C and C++
+Requires: %{lib_name} = %{version}-%{release}
%description devel
This library aims to be a friendly, portable C implementation of the AV1 Image
@@ -148,6 +145,7 @@
%{_bindir}/avifenc
%files -n gdk-pixbuf-loader-libavif
+%license LICENSE
%{_libdir}/gdk-pixbuf-2.0/*/loaders/libpixbufloader-avif.so
%dir %{_datadir}/thumbnailers
%{_datadir}/thumbnailers/avif.thumbnailer
++++++ libavif-1.0.0.tar.gz -> libavif-1.0.2.tar.gz ++++++
/work/SRC/openSUSE:Factory/libavif/libavif-1.0.0.tar.gz /work/SRC/openSUSE:Factory/.libavif.new.25432/libavif-1.0.2.tar.gz differ: char 29, line 1