From 6805a5c69d7bb9494ccf0bfafc9e95a23522e1ba Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: May 18 2021 06:51:38 +0000 Subject: import jbig2dec-0.16-1.el8 --- diff --git a/.gitignore b/.gitignore index f9178ef..01a77dd 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/jbig2dec-0.14.tar.gz +SOURCES/jbig2dec-0.16.tar.gz diff --git a/.jbig2dec.metadata b/.jbig2dec.metadata index 7e673c2..5532383 100644 --- a/.jbig2dec.metadata +++ b/.jbig2dec.metadata @@ -1 +1 @@ -c4c834962d1357f9aaacecd7fca8236326e45975 SOURCES/jbig2dec-0.14.tar.gz +38c62210d92102952b18400b15eb4e727a755bfd SOURCES/jbig2dec-0.16.tar.gz diff --git a/SOURCES/CVE-2020-12268.patch b/SOURCES/CVE-2020-12268.patch index cd7c58a..a77ffa4 100644 --- a/SOURCES/CVE-2020-12268.patch +++ b/SOURCES/CVE-2020-12268.patch @@ -1,4 +1,4 @@ -From df29c989c7578476921d4f5ec277ee3cc9e87350 Mon Sep 17 00:00:00 2001 +From 24ddcfc7e37c0ce3b0f1852042ee431a53fd774c Mon Sep 17 00:00:00 2001 From: Robin Watts Date: Mon, 27 Jan 2020 10:12:24 -0800 Subject: [PATCH] Fix OSS-Fuzz issue 20332: buffer overflow in @@ -13,12 +13,12 @@ Thanks for OSS-Fuzz for reporting. 1 file changed, 13 insertions(+) diff --git a/jbig2_image.c b/jbig2_image.c -index 23e12ae..74050b9 100644 +index 22e21ef..f036cef 100644 --- a/jbig2_image.c +++ b/jbig2_image.c -@@ -30,6 +30,10 @@ - #include "jbig2_priv.h" - #include "jbig2_image.h" +@@ -34,6 +34,10 @@ + #define INT32_MAX 0x7fffffff + #endif +#if !defined (UINT32_MAX) +#define UINT32_MAX 0xffffffffu @@ -27,7 +27,7 @@ index 23e12ae..74050b9 100644 /* allocate a Jbig2Image structure and its associated bitmap */ Jbig2Image * jbig2_image_new(Jbig2Ctx *ctx, uint32_t width, uint32_t height) -@@ -229,6 +233,15 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int +@@ -255,6 +259,15 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2Image *dst, Jbig2Image *src, int x, int uint8_t *d, *dd; uint8_t mask, rightmask; @@ -40,9 +40,9 @@ index 23e12ae..74050b9 100644 + return 0; + } + - if (op != JBIG2_COMPOSE_OR) { - /* hand off the the general routine */ - return jbig2_image_compose_unopt(ctx, dst, src, x, y, op); + if (src == NULL) + return 0; + -- 2.26.2 diff --git a/SPECS/jbig2dec.spec b/SPECS/jbig2dec.spec index 3d7fdea..e80e992 100644 --- a/SPECS/jbig2dec.spec +++ b/SPECS/jbig2dec.spec @@ -1,12 +1,12 @@ Name: jbig2dec -Version: 0.14 -Release: 4%{?dist} +Version: 0.16 +Release: 1%{?dist} Summary: A decoder implementation of the JBIG2 image compression format Group: System Environment/Libraries License: GPLv2 URL: http://jbig2dec.sourceforge.net/ -Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs922/%{name}-%{version}.tar.gz +Source0: https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs927/%{name}-%{version}.tar.gz BuildRequires: libtool Requires: %{name}-libs = %{version}-%{release} @@ -87,13 +87,17 @@ rm -f %{buildroot}%{_libdir}/*.la %changelog +* Thu Oct 08 2020 Nikola Forró - 0.16-1 +- Update to 0.16 + resolves: #1886011 + * Sun Jun 28 2020 Nikola Forró - 0.14-4 - Add explicit package version requirement on jbig2dec-libs to jbig2dec - related: #1851057 + related: #1851058 * Fri Jun 26 2020 Nikola Forró - 0.14-3 - Fix CVE-2020-12268 - resolves: #1851057 + resolves: #1851058 * Wed Feb 07 2018 Fedora Release Engineering - 0.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild