diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..1defb6e
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/libjpeg-turbo-1.2.90.tar.gz
diff --git a/.libjpeg-turbo.metadata b/.libjpeg-turbo.metadata
new file mode 100644
index 0000000..52fdca3
--- /dev/null
+++ b/.libjpeg-turbo.metadata
@@ -0,0 +1 @@
+62dde4af23a5e55200eafd5ca521105e291f1508 SOURCES/libjpeg-turbo-1.2.90.tar.gz
diff --git a/SOURCES/libjpeg-turbo12-CVE-2013-6629.patch b/SOURCES/libjpeg-turbo12-CVE-2013-6629.patch
new file mode 100644
index 0000000..4a880b0
--- /dev/null
+++ b/SOURCES/libjpeg-turbo12-CVE-2013-6629.patch
@@ -0,0 +1,17 @@
+diff --git a/jdmarker.c b/jdmarker.c
+index 737a17c..381835b 100644
+--- a/jdmarker.c
++++ b/jdmarker.c
+@@ -348,6 +348,12 @@ get_sos (j_decompress_ptr cinfo)
+
+ TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,
+ compptr->dc_tbl_no, compptr->ac_tbl_no);
++
++ /* This CSi (cc) should differ from the previous CSi */
++ for (ci = 0; ci < i; ci++) {
++ if (cinfo->cur_comp_info[ci] == compptr)
++ ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
++ }
+ }
+
+ /* Collect the additional scan parameters Ss, Se, Ah/Al. */
diff --git a/SOURCES/libjpeg-turbo12-CVE-2013-6630.patch b/SOURCES/libjpeg-turbo12-CVE-2013-6630.patch
new file mode 100644
index 0000000..ca304a9
--- /dev/null
+++ b/SOURCES/libjpeg-turbo12-CVE-2013-6630.patch
@@ -0,0 +1,12 @@
+diff --git a/jdmarker.c b/jdmarker.c
+index 77f7274..737a17c 100644
+--- a/jdmarker.c
++++ b/jdmarker.c
+@@ -465,6 +465,7 @@ get_dht (j_decompress_ptr cinfo)
+ for (i = 0; i < count; i++)
+ INPUT_BYTE(cinfo, huffval[i], return FALSE);
+
++ MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8));
+ length -= count;
+
+ if (index & 0x10) { /* AC table definition */
diff --git a/SOURCES/libjpeg-turbo12-CVE-2016-3616_CVE-2018-11213_CVE-2018-11214.patch b/SOURCES/libjpeg-turbo12-CVE-2016-3616_CVE-2018-11213_CVE-2018-11214.patch
new file mode 100644
index 0000000..9dbe592
--- /dev/null
+++ b/SOURCES/libjpeg-turbo12-CVE-2016-3616_CVE-2018-11213_CVE-2018-11214.patch
@@ -0,0 +1,111 @@
+From 779fbd23c0297aa571a7e0c99e48c58f7c766d56 Mon Sep 17 00:00:00 2001
+From: Frank Bossen <frank@bossentech.com>
+Date: Mon, 29 Dec 2014 19:42:20 +0100
+Subject: [PATCH 2/3] Check range of integer values in PPM text file
+
+Add checks to ensure values are within the specified range.
+
+Fixes mozilla/mozjpeg#141, closes #8
+---
+ cderror.h | 1 +
+ rdppm.c | 24 ++++++++++++++++--------
+ 2 files changed, 17 insertions(+), 8 deletions(-)
+
+diff --git a/cderror.h b/cderror.h
+index e19c475..d69b501 100644
+--- a/cderror.h
++++ b/cderror.h
+@@ -74,6 +74,7 @@ JMESSAGE(JWRN_GIF_NOMOREDATA, "Ran out of GIF bits")
+ #ifdef PPM_SUPPORTED
+ JMESSAGE(JERR_PPM_COLORSPACE, "PPM output must be grayscale or RGB")
+ JMESSAGE(JERR_PPM_NONNUMERIC, "Nonnumeric data in PPM file")
++JMESSAGE(JERR_PPM_TOOLARGE, "Integer value too large in PPM file")
+ JMESSAGE(JERR_PPM_NOT, "Not a PPM/PGM file")
+ JMESSAGE(JTRC_PGM, "%ux%u PGM image")
+ JMESSAGE(JTRC_PGM_TEXT, "%ux%u text PGM image")
+diff --git a/rdppm.c b/rdppm.c
+index a757022..5da1646 100644
+--- a/rdppm.c
++++ b/rdppm.c
+@@ -76,6 +76,7 @@ typedef struct {
+ JSAMPROW pixrow; /* FAR pointer to same */
+ size_t buffer_width; /* width of I/O buffer */
+ JSAMPLE *rescale; /* => maxval-remapping array, or NULL */
++ int maxval;
+ } ppm_source_struct;
+
+ typedef ppm_source_struct * ppm_source_ptr;
+@@ -99,7 +100,7 @@ pbm_getc (FILE * infile)
+
+
+ LOCAL(unsigned int)
+-read_pbm_integer (j_compress_ptr cinfo, FILE * infile)
++read_pbm_integer (j_compress_ptr cinfo, FILE * infile, int maxval)
+ /* Read an unsigned decimal integer from the PPM file */
+ /* Swallows one trailing character after the integer */
+ /* Note that on a 16-bit-int machine, only values up to 64k can be read. */
+@@ -123,6 +124,10 @@ read_pbm_integer (j_compress_ptr cinfo, FILE * infile)
+ val *= 10;
+ val += ch - '0';
+ }
++
++ if (val > maxval)
++ ERREXIT(cinfo, JERR_PPM_TOOLARGE);
++
+ return val;
+ }
+
+@@ -147,10 +152,11 @@ get_text_gray_row (j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ register JSAMPROW ptr;
+ register JSAMPLE *rescale = source->rescale;
+ JDIMENSION col;
++ int maxval = source->maxval;
+
+ ptr = source->pub.buffer[0];
+ for (col = cinfo->image_width; col > 0; col--) {
+- *ptr++ = rescale[read_pbm_integer(cinfo, infile)];
++ *ptr++ = rescale[read_pbm_integer(cinfo, infile, maxval)];
+ }
+ return 1;
+ }
+@@ -165,12 +171,13 @@ get_text_rgb_row (j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ register JSAMPROW ptr;
+ register JSAMPLE *rescale = source->rescale;
+ JDIMENSION col;
++ int maxval = source->maxval;
+
+ ptr = source->pub.buffer[0];
+ for (col = cinfo->image_width; col > 0; col--) {
+- *ptr++ = rescale[read_pbm_integer(cinfo, infile)];
+- *ptr++ = rescale[read_pbm_integer(cinfo, infile)];
+- *ptr++ = rescale[read_pbm_integer(cinfo, infile)];
++ *ptr++ = rescale[read_pbm_integer(cinfo, infile, maxval)];
++ *ptr++ = rescale[read_pbm_integer(cinfo, infile, maxval)];
++ *ptr++ = rescale[read_pbm_integer(cinfo, infile, maxval)];
+ }
+ return 1;
+ }
+@@ -319,9 +326,9 @@ start_input_ppm (j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ }
+
+ /* fetch the remaining header info */
+- w = read_pbm_integer(cinfo, source->pub.input_file);
+- h = read_pbm_integer(cinfo, source->pub.input_file);
+- maxval = read_pbm_integer(cinfo, source->pub.input_file);
++ w = read_pbm_integer(cinfo, source->pub.input_file, 65535);
++ h = read_pbm_integer(cinfo, source->pub.input_file, 65535);
++ maxval = read_pbm_integer(cinfo, source->pub.input_file, 65535);
+
+ if (w <= 0 || h <= 0 || maxval <= 0) /* error check */
+ ERREXIT(cinfo, JERR_PPM_NOT);
+@@ -329,6 +336,7 @@ start_input_ppm (j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ cinfo->data_precision = BITS_IN_JSAMPLE; /* we always rescale data to this */
+ cinfo->image_width = (JDIMENSION) w;
+ cinfo->image_height = (JDIMENSION) h;
++ source->maxval = maxval;
+
+ /* initialize flags to most common settings */
+ need_iobuffer = TRUE; /* do we need an I/O buffer? */
+--
+2.17.2
+
diff --git a/SOURCES/libjpeg-turbo12-CVE-2018-11212.patch b/SOURCES/libjpeg-turbo12-CVE-2018-11212.patch
new file mode 100644
index 0000000..f22ad12
--- /dev/null
+++ b/SOURCES/libjpeg-turbo12-CVE-2018-11212.patch
@@ -0,0 +1,29 @@
+From 7dab681ec8e28c3174d00729b76f109e91e408f9 Mon Sep 17 00:00:00 2001
+From: Frank Bossen <frank@bossentech.com>
+Date: Mon, 29 Dec 2014 18:38:36 +0100
+Subject: [PATCH 1/3] Check image size when reading targa file
+
+Throw an error when image width or height is 0.
+
+Fixes mozilla/mozjpeg#140, closes #7.
+---
+ rdtarga.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/rdtarga.c b/rdtarga.c
+index 4c2cd26..d305f1f 100644
+--- a/rdtarga.c
++++ b/rdtarga.c
+@@ -363,7 +363,8 @@ start_input_tga (j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ if (cmaptype > 1 || /* cmaptype must be 0 or 1 */
+ source->pixel_size < 1 || source->pixel_size > 4 ||
+ (UCH(targaheader[16]) & 7) != 0 || /* bits/pixel must be multiple of 8 */
+- interlace_type != 0) /* currently don't allow interlaced image */
++ interlace_type != 0 || /* currently don't allow interlaced image */
++ width == 0 || height == 0) /* image width/height must be non-zero */
+ ERREXIT(cinfo, JERR_TGA_BADPARMS);
+
+ if (subtype > 8) {
+--
+2.17.2
+
diff --git a/SOURCES/libjpeg-turbo12-CVE-2018-11813.patch b/SOURCES/libjpeg-turbo12-CVE-2018-11813.patch
new file mode 100644
index 0000000..44d23a9
--- /dev/null
+++ b/SOURCES/libjpeg-turbo12-CVE-2018-11813.patch
@@ -0,0 +1,49 @@
+From fbdaee2d3ef393d67386c1a07a9b71f6b6ef3b25 Mon Sep 17 00:00:00 2001
+From: DRC <information@libjpeg-turbo.org>
+Date: Tue, 12 Jun 2018 16:08:26 -0500
+Subject: [PATCH 3/3] Fix CVE-2018-11813
+
+Refer to change log for details.
+
+Fixes #242
+---
+ rdtarga.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/rdtarga.c b/rdtarga.c
+index d305f1f..459e8b3 100644
+--- a/rdtarga.c
++++ b/rdtarga.c
+@@ -123,11 +123,10 @@ METHODDEF(void)
+ read_non_rle_pixel (tga_source_ptr sinfo)
+ /* Read one Targa pixel from the input file; no RLE expansion */
+ {
+- register FILE *infile = sinfo->pub.input_file;
+ register int i;
+
+ for (i = 0; i < sinfo->pixel_size; i++) {
+- sinfo->tga_pixel[i] = (U_CHAR) getc(infile);
++ sinfo->tga_pixel[i] = (U_CHAR) read_byte(sinfo);
+ }
+ }
+
+@@ -136,7 +135,6 @@ METHODDEF(void)
+ read_rle_pixel (tga_source_ptr sinfo)
+ /* Read one Targa pixel from the input file, expanding RLE data as needed */
+ {
+- register FILE *infile = sinfo->pub.input_file;
+ register int i;
+
+ /* Duplicate previously read pixel? */
+@@ -158,7 +156,7 @@ read_rle_pixel (tga_source_ptr sinfo)
+
+ /* Read next pixel */
+ for (i = 0; i < sinfo->pixel_size; i++) {
+- sinfo->tga_pixel[i] = (U_CHAR) getc(infile);
++ sinfo->tga_pixel[i] = (U_CHAR) read_byte(sinfo);
+ }
+ }
+
+--
+2.17.2
+
diff --git a/SOURCES/libjpeg-turbo12-CVE-2018-14498.patch b/SOURCES/libjpeg-turbo12-CVE-2018-14498.patch
new file mode 100644
index 0000000..d2bdda3
--- /dev/null
+++ b/SOURCES/libjpeg-turbo12-CVE-2018-14498.patch
@@ -0,0 +1,121 @@
+From c51b66ebcace2adec0cfbe42d25cb418ed0c02a2 Mon Sep 17 00:00:00 2001
+From: DRC <information@libjpeg-turbo.org>
+Date: Fri, 20 Jul 2018 17:21:36 -0500
+Subject: [PATCH] cjpeg: Fix OOB read caused by malformed 8-bit BMP
+
+... in which one or more of the color indices is out of range for the
+number of palette entries.
+
+Fix partly borrowed from jpeg-9c. This commit also adopts Guido's
+JERR_PPM_OUTOFRANGE enum value in lieu of our project-specific
+JERR_PPM_TOOLARGE enum value.
+
+Fixes #258
+---
+ cderror.h | 5 +++--
+ rdbmp.c | 7 ++++++-
+ rdppm.c | 4 ++--
+ 3 files changed, 11 insertions(+), 5 deletions(-)
+
+diff --git a/cderror.h b/cderror.h
+index d69b501..46b0f49 100644
+--- a/cderror.h
++++ b/cderror.h
+@@ -2,7 +2,7 @@
+ * cderror.h
+ *
+ * Copyright (C) 1994-1997, Thomas G. Lane.
+- * Modified 2009 by Guido Vollbeding.
++ * Modified 2009-2017 by Guido Vollbeding.
+ * This file is part of the Independent JPEG Group's software.
+ * For conditions of distribution and use, see the accompanying README file.
+ *
+@@ -48,6 +48,7 @@ JMESSAGE(JERR_BMP_COLORSPACE, "BMP output must be grayscale or RGB")
+ JMESSAGE(JERR_BMP_COMPRESSED, "Sorry, compressed BMPs not yet supported")
+ JMESSAGE(JERR_BMP_EMPTY, "Empty BMP image")
+ JMESSAGE(JERR_BMP_NOT, "Not a BMP file - does not start with BM")
++JMESSAGE(JERR_BMP_OUTOFRANGE, "Numeric value out of range in BMP file")
+ JMESSAGE(JTRC_BMP, "%ux%u 24-bit BMP image")
+ JMESSAGE(JTRC_BMP_MAPPED, "%ux%u 8-bit colormapped BMP image")
+ JMESSAGE(JTRC_BMP_OS2, "%ux%u 24-bit OS2 BMP image")
+@@ -74,8 +75,8 @@ JMESSAGE(JWRN_GIF_NOMOREDATA, "Ran out of GIF bits")
+ #ifdef PPM_SUPPORTED
+ JMESSAGE(JERR_PPM_COLORSPACE, "PPM output must be grayscale or RGB")
+ JMESSAGE(JERR_PPM_NONNUMERIC, "Nonnumeric data in PPM file")
+-JMESSAGE(JERR_PPM_TOOLARGE, "Integer value too large in PPM file")
+ JMESSAGE(JERR_PPM_NOT, "Not a PPM/PGM file")
++JMESSAGE(JERR_PPM_OUTOFRANGE, "Numeric value out of range in PPM file")
+ JMESSAGE(JTRC_PGM, "%ux%u PGM image")
+ JMESSAGE(JTRC_PGM_TEXT, "%ux%u text PGM image")
+ JMESSAGE(JTRC_PPM, "%ux%u PPM image")
+diff --git a/rdbmp.c b/rdbmp.c
+index c053074..7a27cab 100644
+--- a/rdbmp.c
++++ b/rdbmp.c
+@@ -3,7 +3,7 @@
+ *
+ * This file was part of the Independent JPEG Group's software:
+ * Copyright (C) 1994-1996, Thomas G. Lane.
+- * Modified 2009-2010 by Guido Vollbeding.
++ * Modified 2009-2017 by Guido Vollbeding.
+ * Modifications:
+ * Modified 2011 by Siarhei Siamashka.
+ * For conditions of distribution and use, see the accompanying README file.
+@@ -64,6 +64,7 @@ typedef struct _bmp_source_struct {
+ JDIMENSION row_width; /* Physical width of scanlines in file */
+
+ int bits_per_pixel; /* remembers 8- or 24-bit format */
++ int cmap_length; /* colormap length */
+ } bmp_source_struct;
+
+
+@@ -124,6 +125,7 @@ get_8bit_row (j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ {
+ bmp_source_ptr source = (bmp_source_ptr) sinfo;
+ register JSAMPARRAY colormap = source->colormap;
++ int cmaplen = source->cmap_length;
+ JSAMPARRAY image_ptr;
+ register int t;
+ register JSAMPROW inptr, outptr;
+@@ -140,6 +142,8 @@ get_8bit_row (j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ outptr = source->pub.buffer[0];
+ for (col = cinfo->image_width; col > 0; col--) {
+ t = GETJSAMPLE(*inptr++);
++ if (t >= cmaplen)
++ ERREXIT(cinfo, JERR_BMP_OUTOFRANGE);
+ *outptr++ = colormap[0][t]; /* can omit GETJSAMPLE() safely */
+ *outptr++ = colormap[1][t];
+ *outptr++ = colormap[2][t];
+@@ -399,6 +403,7 @@ start_input_bmp (j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ source->colormap = (*cinfo->mem->alloc_sarray)
+ ((j_common_ptr) cinfo, JPOOL_IMAGE,
+ (JDIMENSION) biClrUsed, (JDIMENSION) 3);
++ source->cmap_length = (int)biClrUsed;
+ /* and read it from the file */
+ read_colormap(source, (int) biClrUsed, mapentrysize);
+ /* account for size of colormap */
+diff --git a/rdppm.c b/rdppm.c
+index 5da1646..59da2bb 100644
+--- a/rdppm.c
++++ b/rdppm.c
+@@ -76,7 +76,7 @@ typedef struct {
+ JSAMPROW pixrow; /* FAR pointer to same */
+ size_t buffer_width; /* width of I/O buffer */
+ JSAMPLE *rescale; /* => maxval-remapping array, or NULL */
+- int maxval;
++ unsigned int maxval;
+ } ppm_source_struct;
+
+ typedef ppm_source_struct * ppm_source_ptr;
+@@ -126,7 +126,7 @@ read_pbm_integer (j_compress_ptr cinfo, FILE * infile, int maxval)
+ }
+
+ if (val > maxval)
+- ERREXIT(cinfo, JERR_PPM_TOOLARGE);
++ ERREXIT(cinfo, JERR_PPM_OUTOFRANGE);
+
+ return val;
+ }
+--
+2.17.2
+
diff --git a/SOURCES/libjpeg-turbo12-noinst.patch b/SOURCES/libjpeg-turbo12-noinst.patch
new file mode 100644
index 0000000..210f2a3
--- /dev/null
+++ b/SOURCES/libjpeg-turbo12-noinst.patch
@@ -0,0 +1,29 @@
+diff -up libjpeg-turbo-1.2.90-20130204svn922/Makefile.am.noinst libjpeg-turbo-1.2.90-20130204svn922/Makefile.am
+--- libjpeg-turbo-1.2.90-20130204svn922/Makefile.am.noinst 2013-01-19 02:06:46.000000000 +0100
++++ libjpeg-turbo-1.2.90-20130204svn922/Makefile.am 2013-02-04 15:55:18.824110574 +0100
+@@ -89,9 +89,7 @@ noinst_PROGRAMS = jcstest
+
+ if WITH_TURBOJPEG
+
+-bin_PROGRAMS += tjbench
+-
+-noinst_PROGRAMS += tjunittest
++noinst_PROGRAMS += tjbench tjunittest
+
+ tjbench_SOURCES = tjbench.c bmp.h bmp.c tjutil.h tjutil.c rdbmp.c rdppm.c \
+ wrbmp.c wrppm.c
+@@ -144,14 +142,6 @@ dist_man1_MANS = cjpeg.1 djpeg.1 jpegtra
+ DOCS= coderules.txt jconfig.txt change.log rdrle.c wrrle.c BUILDING.txt \
+ ChangeLog.txt
+
+-docdir = $(datadir)/doc
+-dist_doc_DATA = README README-turbo.txt libjpeg.txt structure.txt usage.txt \
+- wizard.txt
+-
+-exampledir = $(datadir)/doc
+-dist_example_DATA = example.c
+-
+-
+ EXTRA_DIST = win release $(DOCS) testimages md5cmp CMakeLists.txt \
+ sharedlib/CMakeLists.txt cmakescripts libjpeg.map.in doc doxygen.config \
+ jccolext.c jdcolext.c jdmrgext.c
diff --git a/SOURCES/libjpeg-turbo12-pkgconfig.patch b/SOURCES/libjpeg-turbo12-pkgconfig.patch
new file mode 100644
index 0000000..2cdb60f
--- /dev/null
+++ b/SOURCES/libjpeg-turbo12-pkgconfig.patch
@@ -0,0 +1,67 @@
+diff --git a/Makefile.am b/Makefile.am
+index 728e30f..8717d3c 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -10,6 +10,8 @@ endif
+
+ nodist_include_HEADERS = jconfig.h
+
++pkgconfigdir = $(libdir)/pkgconfig
++pkgconfig_DATA = pkgscripts/libjpeg.pc pkgscripts/libturbojpeg.pc
+
+ HDRS = jchuff.h jdct.h jdhuff.h jerror.h jinclude.h jmemsys.h jmorecfg.h \
+ jpegint.h jpeglib.h jversion.h jsimd.h jsimddct.h jpegcomp.h
+diff --git a/configure.ac b/configure.ac
+index 8e75dce..534558c 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -21,6 +21,8 @@ AC_PROG_INSTALL
+ AC_PROG_LIBTOOL
+ AC_PROG_LN_S
+
++PKG_PROG_PKG_CONFIG
++
+ # Check whether compiler supports pointers to undefined structures
+ AC_MSG_CHECKING(whether compiler supports pointers to undefined structures)
+ AC_TRY_COMPILE([ typedef struct undefined_structure * undef_struct_ptr; ], ,
+@@ -411,6 +413,8 @@ AC_CONFIG_FILES([pkgscripts/makemacpkg:release/makemacpkg.in])
+ AC_CONFIG_FILES([pkgscripts/Description.plist:release/Description.plist.in])
+ AC_CONFIG_FILES([pkgscripts/Info.plist:release/Info.plist.in])
+ AC_CONFIG_FILES([pkgscripts/uninstall:release/uninstall.in])
++AC_CONFIG_FILES([pkgscripts/libjpeg.pc:release/libjpeg.pc.in])
++AC_CONFIG_FILES([pkgscripts/libturbojpeg.pc:release/libturbojpeg.pc.in])
+ if test "x$with_turbojpeg" != "xno"; then
+ AC_CONFIG_FILES([tjbenchtest])
+ fi
+diff --git a/release/libjpeg.pc.in b/release/libjpeg.pc.in
+new file mode 100644
+index 0000000..40795f7
+--- /dev/null
++++ b/release/libjpeg.pc.in
+@@ -0,0 +1,10 @@
++prefix=@prefix@
++exec_prefix=@exec_prefix@
++libdir=@libdir@
++includedir=@includedir@
++
++Name: libjpeg
++Description: A SIMD-accelerated JPEG codec that provides the libjpeg API
++Version: @PACKAGE_VERSION@
++Libs: -L${libdir} -ljpeg
++Cflags: -I${includedir}
+diff --git a/release/libturbojpeg.pc.in b/release/libturbojpeg.pc.in
+new file mode 100644
+index 0000000..7d4b656
+--- /dev/null
++++ b/release/libturbojpeg.pc.in
+@@ -0,0 +1,10 @@
++prefix=@prefix@
++exec_prefix=@exec_prefix@
++libdir=@libdir@
++includedir=@includedir@
++
++Name: libturbojpeg
++Description: A SIMD-accelerated JPEG codec that provides the TurboJPEG API
++Version: @PACKAGE_VERSION@
++Libs: -L${libdir} -lturbojpeg
++Cflags: -I${includedir}
diff --git a/SPECS/libjpeg-turbo.spec b/SPECS/libjpeg-turbo.spec
new file mode 100644
index 0000000..92ccfe8
--- /dev/null
+++ b/SPECS/libjpeg-turbo.spec
@@ -0,0 +1,326 @@
+Name: libjpeg-turbo
+Version: 1.2.90
+Release: 8%{?dist}
+Summary: A MMX/SSE2 accelerated library for manipulating JPEG image files
+
+Group: System Environment/Libraries
+License: IJG
+URL: http://sourceforge.net/projects/libjpeg-turbo
+Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
+BuildRequires: autoconf, automake, libtool
+%ifarch %{ix86} x86_64
+BuildRequires: nasm
+%endif
+
+# moved this from -utils, in an attempt to get it to better override
+# libjpeg in rawhide -- Rex
+Obsoletes: libjpeg < 6b-47
+# add provides (even if it not needed) to workaround bad packages, like
+# java-1.6.0-openjdk (#rh607554) -- atkac
+Provides: libjpeg = 6b-47%{?dist}
+%if "%{?_isa}" != ""
+Provides: libjpeg%{_isa} = 6b-47%{?dist}
+%endif
+
+Patch0: libjpeg-turbo12-noinst.patch
+Patch1: libjpeg-turbo12-CVE-2013-6630.patch
+Patch2: libjpeg-turbo12-CVE-2013-6629.patch
+Patch3: libjpeg-turbo12-pkgconfig.patch
+Patch4: libjpeg-turbo12-CVE-2018-11212.patch
+Patch5: libjpeg-turbo12-CVE-2016-3616_CVE-2018-11213_CVE-2018-11214.patch
+Patch6: libjpeg-turbo12-CVE-2018-11813.patch
+Patch7: libjpeg-turbo12-CVE-2018-14498.patch
+
+%description
+The libjpeg-turbo package contains a library of functions for manipulating
+JPEG images.
+
+%package devel
+Summary: Headers for the libjpeg-turbo library
+Group: Development/Libraries
+Obsoletes: libjpeg-devel < 6b-47
+Provides: libjpeg-devel = 6b-47%{?dist}
+%if "%{?_isa}" != ""
+Provides: libjpeg-devel%{_isa} = 6b-47%{?dist}
+%endif
+Requires: libjpeg-turbo%{?_isa} = %{version}-%{release}
+
+%description devel
+This package contains header files necessary for developing programs which
+will manipulate JPEG files using the libjpeg-turbo library.
+
+%package utils
+Summary: Utilities for manipulating JPEG images
+Group: Applications/Multimedia
+Requires: libjpeg-turbo%{?_isa} = %{version}-%{release}
+
+%description utils
+The libjpeg-turbo-utils package contains simple client programs for
+accessing the libjpeg functions. It contains cjpeg, djpeg, jpegtran,
+rdjpgcom and wrjpgcom. Cjpeg compresses an image file into JPEG format.
+Djpeg decompresses a JPEG file into a regular image file. Jpegtran
+can perform various useful transformations on JPEG files. Rdjpgcom
+displays any text comments included in a JPEG file. Wrjpgcom inserts
+text comments into a JPEG file.
+
+%package static
+Summary: Static version of the libjpeg-turbo library
+Group: Development/Libraries
+Obsoletes: libjpeg-static < 6b-47
+Provides: libjpeg-static = 6b-47%{?dist}
+%if "%{?_isa}" != ""
+Provides: libjpeg-static%{_isa} = 6b-47%{?dist}
+%endif
+Requires: libjpeg-turbo-devel%{?_isa} = %{version}-%{release}
+
+%description static
+The libjpeg-turbo-static package contains static library for manipulating
+JPEG images.
+
+%package -n turbojpeg
+Summary: TurboJPEG library
+Group: System Environment/Libraries
+
+%description -n turbojpeg
+The turbojpeg package contains the TurboJPEG shared library.
+
+%package -n turbojpeg-devel
+Summary: Headers for the TurboJPEG library
+Group: Development/Libraries
+Requires: turbojpeg%{?_isa} = %{version}-%{release}
+
+%description -n turbojpeg-devel
+This package contains header files necessary for developing programs which
+will manipulate JPEG files using the TurboJPEG library.
+
+%prep
+%setup -q
+
+%patch0 -p1 -b .noinst
+%patch1 -p1 -b .CVE-2013-6630
+%patch2 -p1 -b .CVE-2013-6629
+%patch3 -p1 -b .pkgconfig
+%patch4 -p1 -b .CVE-2018-11212
+%patch5 -p1 -b .CVE-2016-3616_CVE-2018-11213_CVE-2018-11214
+%patch6 -p1 -b .CVE-2018-11813
+%patch7 -p1 -b .CVE-2018-14498
+
+%build
+autoreconf -fiv
+
+%configure
+
+make %{?_smp_mflags}
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make install DESTDIR=$RPM_BUILD_ROOT
+
+# Fix perms
+chmod -x README-turbo.txt
+
+# Remove unwanted files
+rm -f $RPM_BUILD_ROOT/%{_libdir}/lib{,turbo}jpeg.la
+
+# Don't distribute libjpegturbo.a
+rm -f $RPM_BUILD_ROOT/%{_libdir}/libturbojpeg.a
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%check
+make test
+
+%post -p /sbin/ldconfig
+%postun -p /sbin/ldconfig
+
+%post -n turbojpeg -p /sbin/ldconfig
+%postun -n turbojpeg -p /sbin/ldconfig
+
+%files
+%defattr(-,root,root,-)
+%doc README README-turbo.txt change.log ChangeLog.txt
+%{_libdir}/libjpeg.so.62*
+
+%files devel
+%defattr(-,root,root,-)
+%doc coderules.txt jconfig.txt libjpeg.txt structure.txt example.c
+%{_includedir}/jconfig.h
+%{_includedir}/jerror.h
+%{_includedir}/jmorecfg.h
+%{_includedir}/jpeglib.h
+%{_libdir}/libjpeg.so
+%{_libdir}/pkgconfig/libjpeg.pc
+
+%files utils
+%defattr(-,root,root,-)
+%doc usage.txt wizard.txt
+%{_bindir}/cjpeg
+%{_bindir}/djpeg
+%{_bindir}/jpegtran
+%{_bindir}/rdjpgcom
+%{_bindir}/wrjpgcom
+%{_mandir}/man1/cjpeg.1*
+%{_mandir}/man1/djpeg.1*
+%{_mandir}/man1/jpegtran.1*
+%{_mandir}/man1/rdjpgcom.1*
+%{_mandir}/man1/wrjpgcom.1*
+
+%files static
+%defattr(-,root,root,-)
+%{_libdir}/libjpeg.a
+
+%files -n turbojpeg
+%{_libdir}/libturbojpeg.so.0*
+
+%files -n turbojpeg-devel
+%{_includedir}/turbojpeg.h
+%{_libdir}/libturbojpeg.so
+%{_libdir}/pkgconfig/libturbojpeg.pc
+
+%changelog
+* Wed Mar 20 2019 Nikola Forró <nforro@redhat.com> - 1.2.90-8
+- Fix CVE-2018-14498 (#1687475)
+
+* Thu Dec 06 2018 Nikola Forró <nforro@redhat.com> - 1.2.90-7
+- Fix CVE-2018-11212 (#1586062)
+- Fix CVE-2016-3616 (#1318509), CVE-2018-11213 (#1589091)
+ and CVE-2018-11214 (#1589110)
+- Fix CVE-2018-11813 (#1591203)
+
+* Thu May 24 2018 Nikola Forró <nforro@redhat.com> - 1.2.90-6
+- Add pkgconfig scripts (#1581687)
+
+* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 1.2.90-5
+- Mass rebuild 2014-01-24
+
+* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 1.2.90-4
+- Mass rebuild 2013-12-27
+
+* Tue Nov 26 2013 Petr Hracek <phracek@redhat.com> - 1.2.90-3
+- Resolves: #1031739 app patches CVE-2013-6629 and CVE-2013-6630
+
+* Tue Mar 26 2013 Adam Tkac <atkac redhat com> - 1.2.90-2
+- rebuild for ARM64 support
+
+* Fri Feb 08 2013 Adam Tkac <atkac redhat com> 1.2.90-1
+- update to 1.2.90
+
+* Mon Feb 04 2013 Adam Tkac <atkac redhat com> 1.2.90-0.1.20130204svn922
+- update to 1.2.80 snapshot (#854695)
+- run `make test` during build
+
+* Fri Jan 18 2013 Adam Tkac <atkac redhat com> 1.2.1-6
+- build with jpeg6 API/ABI (jpeg8-ABI feature was dropped)
+
+* Tue Dec 04 2012 Adam Tkac <atkac redhat com> 1.2.1-5
+- change license to IJG (#877517)
+
+* Wed Oct 24 2012 Adam Tkac <atkac redhat com> 1.2.1-4
+- build with jpeg8 API/ABI (#854695)
+
+* Thu Oct 18 2012 Adam Tkac <atkac redhat com> 1.2.1-3
+- minor provides tuning (#863231)
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Mon Jul 16 2012 Adam Tkac <atkac redhat com> 1.2.1-1
+- update to 1.2.1
+
+* Thu Mar 08 2012 Adam Tkac <atkac redhat com> 1.2.0-1
+- update to 1.2.0
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Mon Nov 21 2011 Orion Poplawski <orion cora nwra com> 1.1.1-3
+- Make turobojpeg-devel depend on turbojpeg
+
+* Fri Oct 7 2011 Orion Poplawski <orion cora nwra com> 1.1.1-2
+- Ship the turbojpeg library (#744258)
+
+* Mon Jul 11 2011 Adam Tkac <atkac redhat com> 1.1.1-1
+- update to 1.1.1
+ - ljt11-rh688712.patch merged
+
+* Tue Mar 22 2011 Adam Tkac <atkac redhat com> 1.1.0-2
+- handle broken JPEGs better (#688712)
+
+* Tue Mar 01 2011 Adam Tkac <atkac redhat com> 1.1.0-1
+- update to 1.1.0
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.90-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Mon Jan 17 2011 Adam Tkac <atkac redhat com> 1.0.90-1
+- update to 1.0.90
+- libjpeg-turbo10-rh639672.patch merged
+
+* Fri Oct 29 2010 Adam Tkac <atkac redhat com> 1.0.1-3
+- add support for arithmetic coded files into decoder (#639672)
+
+* Wed Sep 29 2010 jkeating - 1.0.1-2
+- Rebuilt for gcc bug 634757
+
+* Mon Sep 13 2010 Adam Tkac <atkac redhat com> 1.0.1-1
+- update to 1.0.1
+ - libjpeg-turbo10-rh617469.patch merged
+- add -static subpkg (#632859)
+
+* Wed Aug 04 2010 Adam Tkac <atkac redhat com> 1.0.0-3
+- fix huffman decoder to handle broken JPEGs well (#617469)
+
+* Fri Jul 02 2010 Adam Tkac <atkac redhat com> 1.0.0-2
+- add libjpeg-devel%%{_isa} provides to -devel subpkg to satisfy imlib-devel
+ deps
+
+* Fri Jul 02 2010 Adam Tkac <atkac redhat com> 1.0.0-1
+- update to 1.0.0
+- patches merged
+ - libjpeg-turbo-programs.patch
+ - libjpeg-turbo-nosimd.patch
+- add libjpeg provides to the main package to workaround problems with broken
+ java-1.6.0-openjdk package
+
+* Fri Jul 02 2010 Adam Tkac <atkac redhat com> 0.0.93-13
+- remove libjpeg provides from -utils subpkg
+
+* Wed Jun 30 2010 Rex Dieter <rdieter@fedoraproject.org> 0.0.93-12
+- move Obsoletes: libjpeg to main pkg
+
+* Wed Jun 30 2010 Rex Dieter <rdieter@fedoraproject.org> 0.0.93-11
+- -utils: Requires: %%name ...
+
+* Wed Jun 30 2010 Adam Tkac <atkac redhat com> 0.0.93-10
+- add Provides = libjpeg to -utils subpackage
+
+* Mon Jun 28 2010 Adam Tkac <atkac redhat com> 0.0.93-9
+- merge review related fixes (#600243)
+
+* Wed Jun 16 2010 Adam Tkac <atkac redhat com> 0.0.93-8
+- merge review related fixes (#600243)
+
+* Mon Jun 14 2010 Adam Tkac <atkac redhat com> 0.0.93-7
+- obsolete -static libjpeg subpackage (#600243)
+
+* Mon Jun 14 2010 Adam Tkac <atkac redhat com> 0.0.93-6
+- improve package description a little (#600243)
+- include example.c as %%doc in the -devel subpackage
+
+* Fri Jun 11 2010 Adam Tkac <atkac redhat com> 0.0.93-5
+- don't use "fc12" disttag in obsoletes/provides (#600243)
+
+* Thu Jun 10 2010 Adam Tkac <atkac redhat com> 0.0.93-4
+- fix compilation on platforms without MMX/SSE (#600243)
+
+* Thu Jun 10 2010 Adam Tkac <atkac redhat com> 0.0.93-3
+- package review related fixes (#600243)
+
+* Wed Jun 09 2010 Adam Tkac <atkac redhat com> 0.0.93-2
+- package review related fixes (#600243)
+
+* Fri Jun 04 2010 Adam Tkac <atkac redhat com> 0.0.93-1
+- initial package