diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b5e43be --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/jasper-2.0.14.tar.gz diff --git a/.jasper.metadata b/.jasper.metadata new file mode 100644 index 0000000..31b3ed1 --- /dev/null +++ b/.jasper.metadata @@ -0,0 +1 @@ +32c959d883fdb661c32afd76c94b206638972cb1 SOURCES/jasper-2.0.14.tar.gz diff --git a/SOURCES/jasper-2.0.14-CVE-2016-9396.patch b/SOURCES/jasper-2.0.14-CVE-2016-9396.patch new file mode 100644 index 0000000..197ea7c --- /dev/null +++ b/SOURCES/jasper-2.0.14-CVE-2016-9396.patch @@ -0,0 +1,13 @@ +diff -urNp old/src/libjasper/jpc/jpc_cs.c new/src/libjasper/jpc/jpc_cs.c +--- old/src/libjasper/jpc/jpc_cs.c 2018-05-30 09:01:54.160406645 +0200 ++++ new/src/libjasper/jpc/jpc_cs.c 2018-05-30 09:05:24.527094308 +0200 +@@ -795,6 +795,9 @@ static int jpc_cox_getcompparms(jpc_ms_t + if (compparms->numdlvls > 32) { + goto error; + } ++ if (compparms->qmfbid != JPC_COX_INS && ++ compparms->qmfbid != JPC_COX_RFT) ++ goto error; + compparms->numrlvls = compparms->numdlvls + 1; + if (compparms->numrlvls > JPC_MAXRLVLS) { + goto error; diff --git a/SOURCES/jasper-2.0.14-CVE-2020-27828.patch b/SOURCES/jasper-2.0.14-CVE-2020-27828.patch new file mode 100644 index 0000000..5a3677c --- /dev/null +++ b/SOURCES/jasper-2.0.14-CVE-2020-27828.patch @@ -0,0 +1,14 @@ +diff -urNp a/src/libjasper/jpc/jpc_enc.c b/src/libjasper/jpc/jpc_enc.c +--- a/src/libjasper/jpc/jpc_enc.c 2021-06-01 14:07:34.988061153 +0200 ++++ b/src/libjasper/jpc/jpc_enc.c 2021-06-01 14:08:32.100584582 +0200 +@@ -508,6 +508,10 @@ static jpc_enc_cp_t *cp_create(const cha + break; + case OPT_MAXRLVLS: + tccp->maxrlvls = atoi(jas_tvparser_getval(tvp)); ++ if(tccp->maxrlvls > JPC_MAXRLVLS) { ++ jas_eprintf("invalid number of resolution levels upper than %d\n",JPC_MAXRLVLS); ++ goto error; ++ } + break; + case OPT_SOP: + cp->tcp.csty |= JPC_COD_SOP; diff --git a/SOURCES/jasper-2.0.14-CVE-2021-26927.patch b/SOURCES/jasper-2.0.14-CVE-2021-26927.patch new file mode 100644 index 0000000..aeebae1 --- /dev/null +++ b/SOURCES/jasper-2.0.14-CVE-2021-26927.patch @@ -0,0 +1,47 @@ +diff -urNp a/src/libjasper/jp2/jp2_dec.c b/src/libjasper/jp2/jp2_dec.c +--- a/src/libjasper/jp2/jp2_dec.c 2021-06-01 13:32:59.330396797 +0200 ++++ b/src/libjasper/jp2/jp2_dec.c 2021-06-01 13:46:16.982925961 +0200 +@@ -230,7 +230,8 @@ jas_image_t *jp2_decode(jas_stream_t *in + the value specified in the code stream? */ + if (dec->ihdr->data.ihdr.numcmpts != JAS_CAST(jas_uint, + jas_image_numcmpts(dec->image))) { +- jas_eprintf("warning: number of components mismatch\n"); ++ jas_eprintf("error: number of components mismatch (IHDR)\n"); ++ goto error; + } + + /* At least one component must be present. */ +@@ -253,7 +254,8 @@ jas_image_t *jp2_decode(jas_stream_t *in + with the data in the code stream? */ + if ((samedtype && dec->ihdr->data.ihdr.bpc != JP2_DTYPETOBPC(dtype)) || + (!samedtype && dec->ihdr->data.ihdr.bpc != JP2_IHDR_BPCNULL)) { +- jas_eprintf("warning: component data type mismatch\n"); ++ jas_eprintf("error: component data type mismatch (IHDR)\n"); ++ goto error; + } + + /* Is the compression type supported? */ +@@ -265,9 +267,10 @@ jas_image_t *jp2_decode(jas_stream_t *in + if (dec->bpcc) { + /* Is the number of components indicated in the BPCC box + consistent with the code stream data? */ +- if (dec->bpcc->data.bpcc.numcmpts != JAS_CAST(jas_uint, jas_image_numcmpts( +- dec->image))) { +- jas_eprintf("warning: number of components mismatch\n"); ++ if (dec->bpcc->data.bpcc.numcmpts != ++ JAS_CAST(jas_uint, jas_image_numcmpts(dec->image))) { ++ jas_eprintf("error: number of components mismatch (BPCC)\n"); ++ goto error; + } + /* Is the component data type information indicated in the BPCC + box consistent with the code stream data? */ +@@ -276,7 +279,8 @@ jas_image_t *jp2_decode(jas_stream_t *in + ++i) { + if (jas_image_cmptdtype(dec->image, i) != + JP2_BPCTODTYPE(dec->bpcc->data.bpcc.bpcs[i])) { +- jas_eprintf("warning: component data type mismatch\n"); ++ jas_eprintf("error: component data type mismatch (BPCC)\n"); ++ goto error; + } + } + } else { diff --git a/SOURCES/jasper-2.0.14-CVE-2021-3272.patch b/SOURCES/jasper-2.0.14-CVE-2021-3272.patch new file mode 100644 index 0000000..c239ad5 --- /dev/null +++ b/SOURCES/jasper-2.0.14-CVE-2021-3272.patch @@ -0,0 +1,18 @@ +diff -urNp a/src/libjasper/jp2/jp2_dec.c b/src/libjasper/jp2/jp2_dec.c +--- a/src/libjasper/jp2/jp2_dec.c 2021-06-01 13:50:54.213552191 +0200 ++++ b/src/libjasper/jp2/jp2_dec.c 2021-06-01 14:02:40.016274587 +0200 +@@ -396,6 +396,14 @@ jas_image_t *jp2_decode(jas_stream_t *in + } + } + ++ /* Ensure that the number of channels being used by the decoder ++ matches the number of image components. */ ++ if (dec->numchans != jas_image_numcmpts(dec->image)) { ++ jas_eprintf("error: mismatch in number of components (%d != %d)\n", ++ dec->numchans, jas_image_numcmpts(dec->image)); ++ goto error; ++ } ++ + /* Mark all components as being of unknown type. */ + + for (i = 0; i < JAS_CAST(jas_uint, jas_image_numcmpts(dec->image)); ++i) { diff --git a/SOURCES/jasper-2.0.2-test-ppc64-disable.patch b/SOURCES/jasper-2.0.2-test-ppc64-disable.patch new file mode 100644 index 0000000..6e3575f --- /dev/null +++ b/SOURCES/jasper-2.0.2-test-ppc64-disable.patch @@ -0,0 +1,15 @@ +diff -uprN old/test/bin/codec_tests new/test/bin/codec_tests +--- old/test/bin/codec_tests 2016-12-01 04:04:07.000000000 +0100 ++++ new/test/bin/codec_tests 2016-12-01 10:49:34.191522973 +0100 +@@ -241,7 +241,10 @@ BEGIN id=prg_4 PRGTEST0 prg=pcrl bug=JAS + BEGIN id=prg_5 PRGTEST1 prg=lrcp bug=OJ_BUG + BEGIN id=prg_6 PRGTEST1 prg=rlcp bug=OJ_BUG + BEGIN id=prg_7 PRGTEST1 prg=rpcl bug=JASPER_ENC_BUG,OJ_BUG +-BEGIN id=prg_8 PRGTEST1 prg=cprl bug=JASPER_ENC_BUG,OJ_BUG ++ ++/* On ppc64 and ppc64le arch, this test stuck without any exception or error code ++BEGIN id=prg_8 PRGTEST1 prg=cprl bug=JASPER_ENC_BUG,OJ_BUG */ ++ + BEGIN id=prg_9 PRGTEST1 prg=pcrl bug=JASPER_ENC_BUG,OJ_BUG + + /* Note: The testcases prg_8 and prg_9 cause an exception in the JJ2000 diff --git a/SOURCES/jasper-2.0.2-test-ppc64le-disable.patch b/SOURCES/jasper-2.0.2-test-ppc64le-disable.patch new file mode 100644 index 0000000..46d43d0 --- /dev/null +++ b/SOURCES/jasper-2.0.2-test-ppc64le-disable.patch @@ -0,0 +1,27 @@ +diff -urpN old/test/bin/codec_tests new/test/bin/codec_tests +--- old/test/bin/codec_tests 2016-12-01 04:04:07.000000000 +0100 ++++ new/test/bin/codec_tests 2016-12-01 12:07:43.496822875 +0100 +@@ -230,7 +230,10 @@ BEGIN id=gbit_4 image=stawamuschief_gray + BEGIN id=prg_0 PRGTEST0 prg=lrcp bug=OJ_BUG + BEGIN id=prg_1 PRGTEST0 prg=rlcp bug=OJ_BUG + BEGIN id=prg_2 PRGTEST0 prg=rpcl bug=JASPER_ENC_BUG,OJ_BUG +-BEGIN id=prg_3 PRGTEST0 prg=cprl bug=JASPER_ENC_BUG,OJ_BUG ++ ++/* On ppc64le arch, this test stuck without any exception or error code ++BEGIN id=prg_3 PRGTEST0 prg=cprl bug=JASPER_ENC_BUG,OJ_BUG */ ++ + BEGIN id=prg_4 PRGTEST0 prg=pcrl bug=JASPER_ENC_BUG,OJ_BUG + + #define PRGTEST1 \ +@@ -241,7 +244,10 @@ BEGIN id=prg_4 PRGTEST0 prg=pcrl bug=JAS + BEGIN id=prg_5 PRGTEST1 prg=lrcp bug=OJ_BUG + BEGIN id=prg_6 PRGTEST1 prg=rlcp bug=OJ_BUG + BEGIN id=prg_7 PRGTEST1 prg=rpcl bug=JASPER_ENC_BUG,OJ_BUG +-BEGIN id=prg_8 PRGTEST1 prg=cprl bug=JASPER_ENC_BUG,OJ_BUG ++ ++/* On ppc64 and ppc64le arch, this test stuck without any exception or error code ++BEGIN id=prg_8 PRGTEST1 prg=cprl bug=JASPER_ENC_BUG,OJ_BUG */ ++ + BEGIN id=prg_9 PRGTEST1 prg=pcrl bug=JASPER_ENC_BUG,OJ_BUG + + /* Note: The testcases prg_8 and prg_9 cause an exception in the JJ2000 diff --git a/SPECS/jasper.spec b/SPECS/jasper.spec new file mode 100644 index 0000000..5b1b653 --- /dev/null +++ b/SPECS/jasper.spec @@ -0,0 +1,396 @@ + +# NOTE: packages that can use jasper: +# ImageMagick +# netpbm + +Summary: Implementation of the JPEG-2000 standard, Part 1 +Name: jasper +Version: 2.0.14 +Release: 5%{?dist} + +License: JasPer +URL: http://www.ece.uvic.ca/~frodo/jasper/ +Source0: http://www.ece.uvic.ca/~frodo/jasper/software/jasper-%{version}.tar.gz + + +Patch1: jasper-2.0.14-CVE-2016-9396.patch +Patch2: jasper-2.0.14-CVE-2021-26927.patch +Patch3: jasper-2.0.14-CVE-2021-3272.patch +Patch4: jasper-2.0.14-CVE-2020-27828.patch + +# architecture related patches +Patch100: jasper-2.0.2-test-ppc64-disable.patch +Patch101: jasper-2.0.2-test-ppc64le-disable.patch + +# autoreconf +BuildRequires: cmake +BuildRequires: freeglut-devel +BuildRequires: libGLU-devel +BuildRequires: libjpeg-devel +BuildRequires: libXmu-devel libXi-devel +BuildRequires: pkgconfig doxygen +BuildRequires: mesa-libGL-devel +BuildRequires: gcc + +Requires: %{name}-libs%{?_isa} = %{version}-%{release} + +%description +This package contains an implementation of the image compression +standard JPEG-2000, Part 1. It consists of tools for conversion to and +from the JP2 and JPC formats. + +%package devel +Summary: Header files, libraries and developer documentation +Provides: libjasper-devel = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Requires: libjpeg-devel +Requires: pkgconfig +%description devel +%{summary}. + +%package libs +Summary: Runtime libraries for %{name} +Conflicts: jasper < 1.900.1-4 +%description libs +%{summary}. + +%package utils +Summary: Nonessential utilities for %{name} +Requires: %{name} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +%description utils +%{summary}, including jiv and tmrdemo. + + +%prep +%setup -q -n %{name}-%{version} + +%patch1 -p1 -b .CVE-2016-9396 +%patch2 -p1 -b .CVE-2021-26927 +%patch3 -p1 -b .CVE-2021-3272 +%patch4 -p1 -b .CVE-2020-27828 +# Need to disable one test to be able to build it on ppc64 arch +# At ppc64 this test just stuck (nothing happend - no exception or error) + +%if "%{_arch}" == "ppc64" +%patch100 -p1 -b .test-ppc64-disable +%endif + +# Need to disable two tests to be able to build it on ppc64le arch +# At ppc64le this tests just stuck (nothing happend - no exception or error) + +%if "%{_arch}" == "ppc64le" +%patch101 -p1 -b .test-ppc64le-disable +%endif + + +mkdir -p builder + +%cmake -G "Unix Makefiles" \ + -H%{_builddir}/%{name}-%{version} \ + -B%{_builddir}/%{name}-%{version}/builder + + +%build +pushd builder +make clean all + +popd + +%install +pushd builder +make install DESTDIR=%{buildroot} + +#%if "%{_arch}" != "arm" && "%{_arch}" != "i386" +# mv %{buildroot}/usr/lib %{buildroot}/usr/lib64 +#%endif + +# Unpackaged files +rm -f doc/README +rm -f %{buildroot}%{_libdir}/lib*.la +popd + +%check +pushd builder +make test + +popd + +%ldconfig_scriptlets libs + + +%files +%{_bindir}/imgcmp +%{_bindir}/imginfo +%{_bindir}/jasper +%{_mandir}/man1/img* +%{_mandir}/man1/jasper.1* +%{_docdir}/JasPer/* + +%files devel +%doc doc/* +%{_includedir}/jasper/ +%{_libdir}/libjasper.so +%{_libdir}/pkgconfig/jasper.pc + +%files libs +%doc COPYRIGHT LICENSE README +%{_libdir}/libjasper.so* + +%files utils +%{_bindir}/jiv +%{_mandir}/man1/jiv.1* + + +%changelog +* Tue Jun 01 2021 Josef Ridky - 2.0.14-5 +- Fix CVE-2021-26927 (#1933860) +- Fix CVE-2021-26926 (#1922316) +- Fix CVE-2021-3272 (#1922283) +- Fix CVE-2020-27828 (#1905692) + +* Wed May 30 2018 Josef Ridky - 2.0.14-4 +- Fix CVE-2016-9396 (#1583722) + +* Mon Feb 26 2018 Josef Ridky - 2.0.14-3 +- Clean spec file +- Remove unused Group tag +- Add gcc requirement +- Use ldconfig scriptlet + +* Wed Feb 07 2018 Fedora Release Engineering - 2.0.14-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Fri Sep 15 2017 rebase-helper - 2.0.14-1 +- New upstream release 2.0.14 (#1491888) + +* Fri Aug 25 2017 Josef Ridky - 2.0.12-4 +- CVE-2017-1000050 jasper: NULL pointer exception in jp2_encode() (#1472888) + +* Wed Aug 02 2017 Fedora Release Engineering - 2.0.12-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 2.0.12-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Mar 03 2017 Josef Ridky - 2.0.12-1 +- New upstream release 2.0.12 (#1428622) + +* Fri Feb 10 2017 Fedora Release Engineering - 2.0.10-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Tue Jan 17 2017 Josef Ridky - 2.0.10-1 +- New upstream release 2.0.10 (#1403401) + +* Thu Dec 1 2016 Josef Ridky - 2.0.2-1 +- New upstream release 2.0.2 (#1395929) +- CVE-2016-9262 jasper: Multiple overflow vulnerabilities leading to use after free (#1393883) +- CVE-2016-8654 jasper: Heap-based buffer overflow in QMFB code in JPC codec (#1399168) +- CVE-2016-9388 jasper: Reachable assertion in RAS encoder/decoder +- CVE-2016-9389 jasper: Improper equality testing of component domains via assertion +- CVE-2016-9390 jasper: Assertion failure when tiles lie outside of the image area +- CVE-2016-9391 jasper: reachable assertions in the JPC bitstream code +- CVE-2016-9392 jasper: Missing sanity checks on the date in SIZ marker segment +- CVE-2016-9393 jasper: Missing sanity checks on the date in SIZ marker segment +- CVE-2016-9394 jasper: Missing sanity checks on the data in a SIZ marker segment +- CVE-2016-9395 jasper: Assertion failure in jas_seq2d_create +- CVE-2016-9557 jasper: Signed integer overflow in jas_image.c +- CVE-2016-9560 jasper: Stack-based buffer overflow in jpc_tsfb.c +- Upgrade libjasper.so.1* to libjasper.so.4* + +* Mon Oct 24 2016 Josef Ridky - 1.900.13-1 +- New upstream release 1.900.13 (#1385637) +- Release contains security fix for CVE-2016-8690, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693 (#1385516) + +* Thu Oct 13 2016 Josef Ridky - 1.900.3-1 +- New upstream release 1.900.3 + +* Tue Oct 11 2016 Josef Ridky - 1.900.2-2 +- CVE-2016-2089 - matrix rows_ NULL pointer dereference in jas_matrix_clip() (#1302636) + +* Mon Oct 10 2016 Josef Ridky - 1.900.2-1 +- New upstream release 1.900.2 (#1382188) + +* Thu Sep 15 2016 Dave Airlie - 1.900.1-34 +- patch 14 is an ABI break, this breaks gnome-software and steam +- this would require a new revision of the .so to fix properly +- as sizeof (int) != sizeof (size_t) + +* Fri Aug 12 2016 Josef Ridky - 1.900.1-33 +- CVE-2015-5203 - double free in jasper_image_stop_load() (#1254244) +- CVE-2015-5221 - Use-after-free and double-free flaws (#1255714) +- CVE-2016-1867 - out-of-bounds read in the jpc_pi_nextcprl() function (#1298138) +- CVE-2016-1577 - double free vulnerability in jas_iccattrval_destroy (#1314468) +- CVE-2016-2116 - memory leak in jas_iccprof_createfrombuf causing + memory consumption (#1314473) + +* Thu Feb 04 2016 Fedora Release Engineering - 1.900.1-32 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jun 17 2015 Fedora Release Engineering - 1.900.1-31 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Thu Jan 22 2015 Jiri Popelka - 1.900.1-30 +- CVE-2014-8157 - dec->numtiles off-by-one check in jpc_dec_process_sot() (#1184750) +- CVE-2014-8158 - unrestricted stack memory use in jpc_qmfb.c (#1184750) + +* Thu Dec 18 2014 Jiri Popelka - 1.900.1-29 +- CVE-2014-8137 - double-free in jas_iccattrval_destroy() (oCERT-2014-012) (#1175761) +- CVE-2014-8138 - heap overflow in jp2_decode() (oCERT-2014-012) (#1175761) + +* Thu Dec 04 2014 Jiri Popelka - 1.900.1-28 +- CVE-2014-9029 - incorrect component number check in COC, RGN and QCC + marker segment decoders (#1170650) + +* Sat Aug 16 2014 Fedora Release Engineering - 1.900.1-27 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 1.900.1-26 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sat Aug 03 2013 Fedora Release Engineering - 1.900.1-25 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon Mar 25 2013 Jiri Popelka - 1.900.1-24 +- added --force option to autoreconf (#925604) + +* Thu Feb 14 2013 Fedora Release Engineering - 1.900.1-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Fri Jan 18 2013 Adam Tkac - 1.900.1-22 +- rebuild due to "jpeg8-ABI" feature drop + +* Thu Dec 06 2012 Jiri Popelka - 1.900.1-21 +- build with -fno-strict-overflow + +* Thu Jul 19 2012 Fedora Release Engineering - 1.900.1-20 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jan 13 2012 Fedora Release Engineering - 1.900.1-19 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Fri Dec 09 2011 Jiri Popelka - 1.900.1-18 +- CVE-2011-4516, CVE-2011-4517 jasper: heap buffer overflow flaws + lead to arbitrary code execution (CERT VU#887409) (#765660) +- Fixed problems found by static analysis of code (#761440) +- spec file modernized + +* Wed Feb 09 2011 Fedora Release Engineering - 1.900.1-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Jun 30 2010 Rex Dieter - 1.900.1-16 +- rebuild + +* Sun Feb 14 2010 Rex Dieter - 1.900.1-15 +- FTBFS jasper-1.900.1-14.fc12: ImplicitDSOLinking (#564794) + +* Thu Oct 29 2009 Rex Dieter - 1.900.1-14 +- add pkgconfig support + +* Tue Oct 13 2009 Rex Dieter - 1.900.1-13 +- CVE-2008-3520 jasper: multiple integer overflows in jas_alloc calls (#461476) +- CVE-2008-3522 jasper: possible buffer overflow in + jas_stream_printf() (#461478) + +* Fri Jul 24 2009 Fedora Release Engineering - 1.900.1-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Sat Jul 18 2009 Rex Dieter - 1.900.1-11 +- FTBFS jasper-1.900.1-10.fc11 (#511743) + +* Wed Feb 25 2009 Fedora Release Engineering - 1.900.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Sun Jan 25 2009 Rex Dieter 1.900.1-9 +- patch for "jpc_dec_tiledecode: Assertion `dec->numcomps == 3' failed) + (#481284, #481291) + +* Fri Feb 08 2008 Rex Dieter 1.900.1-8 +- respin (gcc43) + +* Mon Oct 15 2007 Rex Dieter 1.900.1-7 +- -libs: %%post/%%postun -p /sbin/ldconfig + +* Mon Sep 17 2007 Rex Dieter 1.900.1-6 +- -libs: -Requires: %%name +- -devel: +Provides: libjasper-devel +- drop (unused) geojasper bits + +* Wed Aug 22 2007 Rex Dieter 1.900.1-4 +- -libs subpkg to be multilib friendlier +- -utils subpkg for non-essential binaries jiv, tmrdemo (#244153) + +* Fri Aug 17 2007 Rex Dieter 1.900.1-3 +- License: JasPer + +* Wed May 23 2007 Rex Dieter 1.900.1-2 +- CVE-2007-2721 (#240397) + +* Thu Mar 29 2007 Rex Dieter 1.900.1-1 +- jasper-1.900.1 + +* Fri Dec 08 2006 Rex Dieter 1.900.0-3 +- omit deprecated memleak patch + +* Fri Dec 08 2006 Rex Dieter 1.900.0-2 +- jasper-1.900.0 (#218947) + +* Mon Sep 18 2006 Rex Dieter 1.701.0-15 +- memory leak (#207006) + +* Tue Aug 29 2006 Rex Dieter 1.701.0-13 +- fc6 respin + +* Wed Mar 1 2006 Rex Dieter 1.701.0-12 +- fixup build issues introduced by geojasper integration + +* Wed Mar 1 2006 Rex Dieter 1.701.0-10 +- support/use geojasper (optional, default no) +- fc5: gcc/glibc respin + +* Fri Feb 10 2006 Rex Dieter +- fc5: gcc/glibc respin + +* Tue Jan 31 2006 Rex Dieter 1.701.0-9 +- workaround "freeglut-devel should Requires: libGL-devel, libGLU-devel" + (#179464) + +* Tue Jan 31 2006 Rex Dieter 1.701.0-8 +- revert jasper to jaspertool rename (#176773) +- actually use/apply GL patch + +* Tue Oct 18 2005 Rex Dieter 1.701.0-7 +- GL patch to remove libGL dependancy (using only freeglut) + +* Tue Oct 18 2005 Rex Dieter 1.701.0-6 +- token %%check section +- --enable-shared + +* Mon Oct 17 2005 Rex Dieter 1.701.0-5 +- use %%{?dist} +- BR: libGL-devel + +* Thu Apr 7 2005 Michael Schwendt +- rebuilt + +* Sat Oct 23 2004 Rex Dieter 0:1.701.0-0.fdr.3 +- Capitalize summary +- remove 0-length ChangeLog + +* Fri Jun 04 2004 Rex Dieter 0:1.701.0-0.fdr.2 +- nuke .la file +- BR: glut-devel -> freeglut-devel + +* Tue Jun 01 2004 Rex Dieter 0:1.701.0-0.fdr.1 +- 1.701.0 + +* Tue Jun 01 2004 Rex Dieter 0:1.700.5-0.fdr.2 +- avoid conflicts with fc'2 tomcat by renaming /usr/bin/jasper -> jaspertool + +* Mon Mar 08 2004 Rex Dieter 0:1.700.5-0.fdr.1 +- use Epochs. +- -devel: Requires: %%name = %%epoch:%%version + +* Thu Jan 22 2004 Rex Dieter 1.700.5-0.fdr.0 +- first try +