summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbsiegert <bsiegert@pkgsrc.org>2019-04-10 09:40:04 +0000
committerbsiegert <bsiegert@pkgsrc.org>2019-04-10 09:40:04 +0000
commit0490786bc05c9ae637d8988a56eb24368cdc8b12 (patch)
tree56f01e124f46721fc88ecf8751f744864483d0c9
parent978b12584108f12dac59900259d01268cbba976e (diff)
downloadpkgsrc-0490786bc05c9ae637d8988a56eb24368cdc8b12.tar.gz
Pullup ticket #5932 - requested by taca
graphics/openjpeg: security fix Revisions pulled up: - graphics/openjpeg/Makefile 1.17 - graphics/openjpeg/distinfo 1.14 --- Module Name: pkgsrc Committed By: adam Date: Wed Apr 3 08:04:08 UTC 2019 Modified Files: pkgsrc/graphics/openjpeg: Makefile distinfo Log Message: openjpeg: updated to 2.3.1 v2.3.1: v2.2.0 regression for decoding images where TNsot == 0 Int overflow in jp3d Heap buffer overflow in opj_j2k_update_image_data() triggered with Ghostscript LINUX install doesn't work when building shared libraries is disabled OPENJPEG null ptr dereference in openjpeg-2.3.0/src/bin/jp2/convert.c:2243 How to drop certain subbands/layers in DWT where is the MQ-Coder ouput stream in t2.c? OpenJPEG 2.3 (and 2.2?) multi component image fails to decode with KDU v7.10 Missing checks for header_info.height and header_info.width in function pnmtoimage in src/bin/jpwl/convert.c, which can lead to heap buffer overflow Assertion Failure in jp2.c Division-by-zero vulnerabilities in the function pi_next_pcrl, pi_next_cprl and pi_next_rpcl in src/lib/openjp3d/pi.c Precinct switch (-c) doesn't right-shift last record to remaining resolution levels Sample: encode J2K a data using streams??? HIGH THROUGHPUT JPEG 2000 (HTJ2K) How to build openjpeg for arm linux? crash JP2000 returning OPJ_CLRSPC_UNKNOWN color space Compilation successful but install unsuccessful: Calling executables throws libraries missing error fprintf format string requires 1 parameter but only 0 are given fprintf format string requires 1 parameter but only 0 are given sprintf buffer overflow sprintf buffer overflow Infinite loop when reading jp2 missing format string parameter Excessive Iteration in opj_t1_encode_cblks (src/lib/openjp2/t1.c) Out-of-bound left shift in opj_j2k_setup_encoder (src/lib/openjp2/j2k.c) Encode image on Unsplash Integer overflow in opj_t1_encode_cblks (src/lib/openjp2/t1.c) Signed Integer Overflow - 68065512 Similar vulnerable functions related to CVE-2017-14041 [ERROR] COD marker already read. No more than one COD marker per tile. failing to install latest version of openjpeg from source Trouble compressing large raw image Download and installed code from 2.3 archive. Installing 2.2? missing fclose NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) Heap Buffer Overflow in function imagetotga of convert.c(jp2):942 Merged pull requests: abi-check.sh: fix broken download URL opj_t1_encode_cblks: fix UBSAN signed integer overflow convertbmp: detect invalid file dimensions early (CVE-2018-6616) color_apply_icc_profile: avoid potential heap buffer overflow Fix multiple potential vulnerabilities and bugs Fix several memory and resource leaks Fix some potential overflow issues jp3d/jpwl convert: fix write stack buffer overflow Int overflow fixed Update knownfailures- files given current configurations CVE-2018-5785: fix issues with zero bitmasks openjp2/jp2: Fix two format strings Changes in pnmtoimage if image data are missing Relative path to header files is hardcoded in OpenJPEGConfig.cmake.in file Cast on uint ceildiv Add -DBUILD_PKGCONFIG_FILES to install instructions Fix some typos in code comments and documentation Fix regression in reading files with TNsot == 0 (refs Use local type declaration for POSIX standard type only for MS compiler Fix Mac builds jp3d: Replace sprintf() by snprintf() in volumetobin() opj_mj2_extract: Rename output_location to output_prefix mj2: Add missing variable to format string in fprintf() invocation in meta_out.c Convert files to UTF-8 encoding fix unchecked integer multiplication overflow Fixed typos Note that seek uses SEEK_SET behavior. Some Doxygen tags are removed Fix resource leak (CID 179466) Changed cmake version test to allow for cmake 2.8.11.x Add missing fclose() statement in error condition.
-rw-r--r--graphics/openjpeg/Makefile4
-rw-r--r--graphics/openjpeg/distinfo10
2 files changed, 7 insertions, 7 deletions
diff --git a/graphics/openjpeg/Makefile b/graphics/openjpeg/Makefile
index ba1812bd369..6219e9351a0 100644
--- a/graphics/openjpeg/Makefile
+++ b/graphics/openjpeg/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.16 2017/10/06 21:00:44 adam Exp $
+# $NetBSD: Makefile,v 1.16.12.1 2019/04/10 09:40:04 bsiegert Exp $
-DISTNAME= openjpeg-2.3.0
+DISTNAME= openjpeg-2.3.1
CATEGORIES= graphics
MASTER_SITES= ${MASTER_SITE_GITHUB:=uclouvain/}
GITHUB_TAG= v${PKGVERSION_NOREV}
diff --git a/graphics/openjpeg/distinfo b/graphics/openjpeg/distinfo
index 4a3a06665e3..a834fb68752 100644
--- a/graphics/openjpeg/distinfo
+++ b/graphics/openjpeg/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.13 2017/10/06 21:00:44 adam Exp $
+$NetBSD: distinfo,v 1.13.12.1 2019/04/10 09:40:04 bsiegert Exp $
-SHA1 (openjpeg-2.3.0.tar.gz) = 430b9949b65a11fdf53323009ffedf0c6bb075ea
-RMD160 (openjpeg-2.3.0.tar.gz) = c58d9bfe41c1c108401743a884175e965cfcf4e0
-SHA512 (openjpeg-2.3.0.tar.gz) = 0a9d427be4a820b1d759fca4b50e293721b45fe4885aa61ca1ae09e099f75ed93520448090c780d62f51076d575cc03618cd6d5181bdb6b34e4fc07b4cfdd568
-Size (openjpeg-2.3.0.tar.gz) = 2207329 bytes
+SHA1 (openjpeg-2.3.1.tar.gz) = 38321fa9730252039ad0b7f247a160a8164f5871
+RMD160 (openjpeg-2.3.1.tar.gz) = 31b75aa70f5d26dd1b7e374a9e4b6be1842fefe7
+SHA512 (openjpeg-2.3.1.tar.gz) = 339fbc899bddf2393d214df71ed5d6070a3a76b933b1e75576c8a0ae9dfcc4adec40bdc544f599e4b8d0bc173e4e9e7352408497b5b3c9356985605830c26c03
+Size (openjpeg-2.3.1.tar.gz) = 2214401 bytes
SHA1 (patch-CMakeLists.txt) = 3738946db63df4d623c6ce486bd22fa4d57336e2
SHA1 (patch-src_bin_jp2_CMakeLists.txt) = c9f709c23d6bab7a3c705640d66a00ec90ddabc7
SHA1 (patch-src_lib_openjp2_CMakeLists.txt) = d839121ec2d008e5d3e1676d3e7ac3642bc946f7