From ec1f88c52e2feb20f17654b826176c84bb067e7e Mon Sep 17 00:00:00 2001 From: Tomas Smetana Date: Wed, 20 Oct 2021 17:06:10 +0200 Subject: [PATCH] New upstream version Fix rhbz#2015742 - Compile with WebP support --- .gitignore | 1 + imlib2-1.6.1-ico-overflow.patch | 30 ------------------------------ imlib2.spec | 12 +++++++----- sources | 2 +- 4 files changed, 9 insertions(+), 36 deletions(-) delete mode 100644 imlib2-1.6.1-ico-overflow.patch diff --git a/.gitignore b/.gitignore index d9f3de7..12172b3 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,4 @@ imlib2-1.4.3.tar.bz2 /imlib2-1.4.9.tar.bz2 /imlib2-1.5.1.tar.bz2 /imlib2-1.6.1.tar.bz2 +/imlib2-1.7.4.tar.bz2 diff --git a/imlib2-1.6.1-ico-overflow.patch b/imlib2-1.6.1-ico-overflow.patch deleted file mode 100644 index cea031e..0000000 --- a/imlib2-1.6.1-ico-overflow.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff -up imlib2-1.6.1/src/modules/loaders/loader_ico.c.overflow imlib2-1.6.1/src/modules/loaders/loader_ico.c ---- imlib2-1.6.1/src/modules/loaders/loader_ico.c.overflow 2020-05-21 09:42:21.592650197 +0200 -+++ imlib2-1.6.1/src/modules/loaders/loader_ico.c 2020-05-21 09:45:06.339214806 +0200 -@@ -8,6 +8,7 @@ - #include "loader_common.h" - - #include -+#include - - #define DEBUG 0 - #if DEBUG -@@ -168,6 +169,8 @@ ico_read_icon(ico_t * ico, int ino) - case 4: - case 8: - D("Allocating a %d slot colormap\n", ie->bih.colors); -+ if (UINT_MAX / sizeof(DATA32) < ie->bih.colors) -+ goto bail; - size = ie->bih.colors * sizeof(DATA32); - ie->cmap = malloc(size); - nr = fread(ie->cmap, 1, size, ico->fp); -@@ -183,6 +186,9 @@ ico_read_icon(ico_t * ico, int ino) - } - - size = ((ie->bih.bpp * ie->w + 31) / 32 * 4) * ie->h; -+ if (!IMAGE_DIMENSIONS_OK(ie->w, ie->h) || ie->bih.bpp == 0 || -+ UINT_MAX / ie->bih.bpp < ie->w * ie->h) -+ goto bail; - ie->pxls = malloc(size); - nr = fread(ie->pxls, 1, size, ico->fp); - if (nr != size) diff --git a/imlib2.spec b/imlib2.spec index 11ec6e1..45acf59 100644 --- a/imlib2.spec +++ b/imlib2.spec @@ -1,14 +1,12 @@ Summary: Image loading, saving, rendering, and manipulation library Name: imlib2 -Version: 1.6.1 -Release: 4%{?dist} +Version: 1.7.4 +Release: 1%{?dist} License: Imlib2 URL: http://docs.enlightenment.org/api/imlib2/html/ Source0: http://downloads.sourceforge.net/enlightenment/%{name}-%{version}.tar.bz2 # Fedora specific multilib hack, upstream should switch to pkgconfig one day Patch0: imlib2-1.4.7-multilib.patch -# Fix for CVE-1834969, backport from upstream -Patch1: imlib2-1.6.1-ico-overflow.patch BuildRequires: libjpeg-devel BuildRequires: libpng-devel @@ -20,6 +18,7 @@ BuildRequires: bzip2-devel BuildRequires: libX11-devel BuildRequires: libXext-devel BuildRequires: libid3tag-devel +BuildRequires: libwebp-devel BuildRequires: pkgconfig BuildRequires: make @@ -68,7 +67,6 @@ conditions of the GPL version 2 (or at your option) any later version. %prep %setup -q %patch0 -p1 -b .multilib -%patch1 -p1 -b .overflow %build asmopts="--disable-mmx --disable-amd64" @@ -128,6 +126,10 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -f \{\} \; %changelog +* Wed Oct 20 2021 Tomas Smetana - 1.7.4-1 +- New upstream version +- Fix rhbz#2015742 - Compile with WebP support + * Thu Jul 22 2021 Fedora Release Engineering - 1.6.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild diff --git a/sources b/sources index febb2b9..3fcd58a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (imlib2-1.6.1.tar.bz2) = ecdbdbfe8767ec2b1f22ce664cbab5e1d3f75be7a3c8f37488f5243b3c31dbc433414b8d50d2d1b70c67a80e31e42cc5398161991ce3955e991c114c82ddd58f +SHA512 (imlib2-1.7.4.tar.bz2) = 54c213de38535f14359d9e407b9ae5911a158347525a298673ba53d122c3e506449feb34203e764e43d5aa163f3024093803cd976a23c0f0f65b843ed9685d66