From 56185e68b91c27d418ff3e5952569eedbc930a59 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 02 2019 21:42:54 +0000 Subject: import libpng12-1.2.50-10.el7 --- diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..59680ce --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/libpng-1.2.50.tar.bz2 diff --git a/.libpng12.metadata b/.libpng12.metadata new file mode 100644 index 0000000..4c7b1fc --- /dev/null +++ b/.libpng12.metadata @@ -0,0 +1 @@ +c4d1881a376836a45688446624fd5d834ea118f0 SOURCES/libpng-1.2.50.tar.bz2 diff --git a/SOURCES/libpng12-CVE-2013-6954.patch b/SOURCES/libpng12-CVE-2013-6954.patch new file mode 100644 index 0000000..afd80ef --- /dev/null +++ b/SOURCES/libpng12-CVE-2013-6954.patch @@ -0,0 +1,35 @@ +diff --git a/pngrtran.c b/pngrtran.c +index 7f0ff92..b57ce81 100644 +--- a/pngrtran.c ++++ b/pngrtran.c +@@ -1216,6 +1216,9 @@ png_read_transform_info(png_structp png_ptr, png_infop info_ptr) + info_ptr->color_type = PNG_COLOR_TYPE_RGB; + info_ptr->bit_depth = 8; + info_ptr->num_trans = 0; ++ ++ if (png_ptr->palette == NULL) ++ png_error (png_ptr, "Palette is NULL in indexed image"); + } + else + { +diff --git a/pngset.c b/pngset.c +index 72d89fc..b1ce91d 100644 +--- a/pngset.c ++++ b/pngset.c +@@ -461,6 +461,16 @@ png_set_PLTE(png_structp png_ptr, png_infop info_ptr, + return; + } + } ++ if ((num_palette > 0 && palette == NULL) || ++ (num_palette == 0 ++ # ifdef PNG_MNG_FEATURES_SUPPORTED ++ && (png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE) == 0 ++ # endif ++ )) ++ { ++ png_error(png_ptr, "Invalid palette"); ++ return; ++ } + + /* It may not actually be necessary to set png_ptr->palette here; + * we do it for backward compatibility with the way the png_handle_tRNS diff --git a/SOURCES/libpng12-CVE-2015-7981.patch b/SOURCES/libpng12-CVE-2015-7981.patch new file mode 100644 index 0000000..ba599c6 --- /dev/null +++ b/SOURCES/libpng12-CVE-2015-7981.patch @@ -0,0 +1,59 @@ +diff --git a/png.c b/png.c +index 18d26db..3cf2b19 100644 +--- a/png.c ++++ b/png.c +@@ -675,6 +675,7 @@ png_convert_to_rfc1123(png_structp png_ptr, png_timep ptime) + + if (png_ptr == NULL) + return (NULL); ++ + if (png_ptr->time_buffer == NULL) + { + png_ptr->time_buffer = (png_charp)png_malloc(png_ptr, (png_uint_32)(29* +@@ -685,7 +686,7 @@ png_convert_to_rfc1123(png_structp png_ptr, png_timep ptime) + { + wchar_t time_buf[29]; + wsprintf(time_buf, TEXT("%d %S %d %02d:%02d:%02d +0000"), +- ptime->day % 32, short_months[(ptime->month - 1) % 12], ++ ptime->day % 32, short_months[(ptime->month - 1U) % 12], + ptime->year, ptime->hour % 24, ptime->minute % 60, + ptime->second % 61); + WideCharToMultiByte(CP_ACP, 0, time_buf, -1, png_ptr->time_buffer, +@@ -696,7 +697,7 @@ png_convert_to_rfc1123(png_structp png_ptr, png_timep ptime) + { + char near_time_buf[29]; + png_snprintf6(near_time_buf, 29, "%d %s %d %02d:%02d:%02d +0000", +- ptime->day % 32, short_months[(ptime->month - 1) % 12], ++ ptime->day % 32, short_months[(ptime->month - 1U) % 12], + ptime->year, ptime->hour % 24, ptime->minute % 60, + ptime->second % 61); + png_memcpy(png_ptr->time_buffer, near_time_buf, +@@ -704,7 +705,7 @@ png_convert_to_rfc1123(png_structp png_ptr, png_timep ptime) + } + #else + png_snprintf6(png_ptr->time_buffer, 29, "%d %s %d %02d:%02d:%02d +0000", +- ptime->day % 32, short_months[(ptime->month - 1) % 12], ++ ptime->day % 32, short_months[(ptime->month - 1U) % 12], + ptime->year, ptime->hour % 24, ptime->minute % 60, + ptime->second % 61); + #endif +diff --git a/pngset.c b/pngset.c +index b1ce91d..7a47b1e 100644 +--- a/pngset.c ++++ b/pngset.c +@@ -845,6 +845,15 @@ png_set_tIME(png_structp png_ptr, png_infop info_ptr, png_timep mod_time) + (png_ptr->mode & PNG_WROTE_tIME)) + return; + ++ if (mod_time->month == 0 || mod_time->month > 12 || ++ mod_time->day == 0 || mod_time->day > 31 || ++ mod_time->hour > 23 || mod_time->minute > 59 || ++ mod_time->second > 60) ++ { ++ png_warning(png_ptr, "Ignoring invalid time value"); ++ return; ++ } ++ + png_memcpy(&(info_ptr->mod_time), mod_time, png_sizeof(png_time)); + info_ptr->valid |= PNG_INFO_tIME; + } diff --git a/SOURCES/libpng12-CVE-2015-8126.patch b/SOURCES/libpng12-CVE-2015-8126.patch new file mode 100644 index 0000000..0e51f53 --- /dev/null +++ b/SOURCES/libpng12-CVE-2015-8126.patch @@ -0,0 +1,139 @@ +diff --git a/pngrutil.c b/pngrutil.c +index 1de7427..72a8b5e 100644 +--- a/pngrutil.c ++++ b/pngrutil.c +@@ -503,7 +503,7 @@ void /* PRIVATE */ + png_handle_PLTE(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) + { + png_color palette[PNG_MAX_PALETTE_LENGTH]; +- int num, i; ++ int max_palette_length, num, i; + #ifdef PNG_POINTER_INDEXING_SUPPORTED + png_colorp pal_ptr; + #endif +@@ -555,8 +555,21 @@ png_handle_PLTE(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) + } + } + ++ /* The cast is safe because 'length' is less than 3*PNG_MAX_PALETTE_LENGTH */ + num = (int)length / 3; + ++ /* If the palette has 256 or fewer entries but is too large for the bit depth, ++ * we don't issue an error, to preserve the behavior of previous libpng versions. ++ * We silently truncate the unused extra palette entries here. ++ */ ++ if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) ++ max_palette_length = (1 << png_ptr->bit_depth); ++ else ++ max_palette_length = PNG_MAX_PALETTE_LENGTH; ++ ++ if (num > max_palette_length) ++ num = max_palette_length; ++ + #ifdef PNG_POINTER_INDEXING_SUPPORTED + for (i = 0, pal_ptr = palette; i < num; i++, pal_ptr++) + { +@@ -589,7 +602,7 @@ png_handle_PLTE(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) + if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) + #endif + { +- png_crc_finish(png_ptr, 0); ++ png_crc_finish(png_ptr, (int) length - num * 3); + } + #ifndef PNG_READ_OPT_PLTE_SUPPORTED + else if (png_crc_error(png_ptr)) /* Only if we have a CRC error */ +@@ -1097,7 +1110,7 @@ png_handle_iCCP(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) + /* There should be at least one zero (the compression type byte) + * following the separator, and we should be on it + */ +- if ( profile >= png_ptr->chunkdata + slength - 1) ++ if ( slength < 1 || profile >= png_ptr->chunkdata + slength - 1) + { + png_free(png_ptr, png_ptr->chunkdata); + png_ptr->chunkdata = NULL; +@@ -1225,7 +1238,7 @@ png_handle_sPLT(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) + ++entry_start; + + /* A sample depth should follow the separator, and we should be on it */ +- if (entry_start > (png_bytep)png_ptr->chunkdata + slength - 2) ++ if (slength < 2 || entry_start > (png_bytep)png_ptr->chunkdata + slength - 2) + { + png_free(png_ptr, png_ptr->chunkdata); + png_ptr->chunkdata = NULL; +@@ -1699,7 +1712,7 @@ png_handle_pCAL(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) + + /* We need to have at least 12 bytes after the purpose string + in order to get the parameter information. */ +- if (endptr <= buf + 12) ++ if (slength < 12 || endptr <= buf + 12) + { + png_warning(png_ptr, "Invalid pCAL data"); + png_free(png_ptr, png_ptr->chunkdata); +@@ -2155,7 +2168,7 @@ png_handle_zTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) + /* Empty loop */ ; + + /* zTXt must have some text after the chunkdataword */ +- if (text >= png_ptr->chunkdata + slength - 2) ++ if (slength < 2 || text >= png_ptr->chunkdata + slength - 2) + { + png_warning(png_ptr, "Truncated zTXt chunk"); + png_free(png_ptr, png_ptr->chunkdata); +@@ -2281,7 +2294,7 @@ png_handle_iTXt(png_structp png_ptr, png_infop info_ptr, png_uint_32 length) + * keyword + */ + +- if (lang >= png_ptr->chunkdata + slength - 3) ++ if (slength < 3 || lang >= png_ptr->chunkdata + slength - 3) + { + png_warning(png_ptr, "Truncated iTXt chunk"); + png_free(png_ptr, png_ptr->chunkdata); +diff --git a/pngset.c b/pngset.c +index 7a47b1e..54ac931 100644 +--- a/pngset.c ++++ b/pngset.c +@@ -446,12 +446,17 @@ png_set_PLTE(png_structp png_ptr, png_infop info_ptr, + png_colorp palette, int num_palette) + { + ++ png_uint_32 max_palette_length; ++ + png_debug1(1, "in %s storage function", "PLTE"); + + if (png_ptr == NULL || info_ptr == NULL) + return; + +- if (num_palette < 0 || num_palette > PNG_MAX_PALETTE_LENGTH) ++ max_palette_length = (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) ? ++ (1 << info_ptr->bit_depth) : PNG_MAX_PALETTE_LENGTH; ++ ++ if (num_palette < 0 || num_palette > (int) max_palette_length) + { + if (info_ptr->color_type == PNG_COLOR_TYPE_PALETTE) + png_error(png_ptr, "Invalid palette length"); +diff --git a/pngwutil.c b/pngwutil.c +index c75f53e..80128d6 100644 +--- a/pngwutil.c ++++ b/pngwutil.c +@@ -575,17 +575,20 @@ png_write_PLTE(png_structp png_ptr, png_colorp palette, png_uint_32 num_pal) + #ifdef PNG_USE_LOCAL_ARRAYS + PNG_PLTE; + #endif +- png_uint_32 i; ++ png_uint_32 max_palette_length, i; + png_colorp pal_ptr; + png_byte buf[3]; + + png_debug(1, "in png_write_PLTE"); + ++ max_palette_length = (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) ? ++ (1 << png_ptr->bit_depth) : PNG_MAX_PALETTE_LENGTH; ++ + if (( + #ifdef PNG_MNG_FEATURES_SUPPORTED + !(png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE) && + #endif +- num_pal == 0) || num_pal > 256) ++ num_pal == 0) || num_pal > max_palette_length) + { + if (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) + { diff --git a/SOURCES/libpng12-multilib.patch b/SOURCES/libpng12-multilib.patch new file mode 100644 index 0000000..be079f7 --- /dev/null +++ b/SOURCES/libpng12-multilib.patch @@ -0,0 +1,35 @@ +Use pkg-config to report libpng12 version and installation directories. + + +diff -Naur libpng-1.2.49.orig/scripts/libpng-config.in libpng-1.2.49/scripts/libpng-config.in +--- libpng-1.2.49.orig/scripts/libpng-config.in 2012-03-29 00:46:55.000000000 -0400 ++++ libpng-1.2.49/scripts/libpng-config.in 2012-08-01 15:03:50.564507346 -0400 +@@ -11,11 +11,11 @@ + + # Modeled after libxml-config. + +-version="@PNGLIB_VERSION@" +-prefix="@prefix@" +-exec_prefix="@exec_prefix@" +-libdir="@libdir@" +-includedir="@includedir@/libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@" ++version=`pkg-config --modversion libpng12` ++prefix=`pkg-config --variable prefix libpng12` ++exec_prefix=`pkg-config --variable exec_prefix libpng12` ++libdir=`pkg-config --variable libdir libpng12` ++includedir=`pkg-config --variable includedir libpng12` + libs="-lpng@PNGLIB_MAJOR@@PNGLIB_MINOR@" + all_libs="-lpng@PNGLIB_MAJOR@@PNGLIB_MINOR@ @LIBS@" + I_opts="-I${includedir}" +diff -Naur libpng-1.2.49.orig/scripts/libpng.pc-configure.in libpng-1.2.49/scripts/libpng.pc-configure.in +--- libpng-1.2.49.orig/scripts/libpng.pc-configure.in 2012-03-29 00:46:55.000000000 -0400 ++++ libpng-1.2.49/scripts/libpng.pc-configure.in 2012-08-01 15:04:37.817786337 -0400 +@@ -3,7 +3,7 @@ + libdir=@libdir@ + includedir=@includedir@/libpng@PNGLIB_MAJOR@@PNGLIB_MINOR@ + +-Name: libpng ++Name: libpng12 + Description: Loads and saves PNG files + Version: @PNGLIB_VERSION@ + Libs: -L${libdir} -lpng@PNGLIB_MAJOR@@PNGLIB_MINOR@ diff --git a/SOURCES/libpng12-pngconf.patch b/SOURCES/libpng12-pngconf.patch new file mode 100644 index 0000000..dbaadcb --- /dev/null +++ b/SOURCES/libpng12-pngconf.patch @@ -0,0 +1,42 @@ +diff -Naur libpng-1.2.29.orig/configure.ac libpng-1.2.29/configure.ac +--- libpng-1.2.29.orig/configure.ac 2008-05-08 07:58:11.000000000 -0400 ++++ libpng-1.2.29/configure.ac 2008-05-31 20:21:12.000000000 -0400 +@@ -63,7 +63,8 @@ + AC_MSG_CHECKING( + [if assembler code in pnggccrd.c can be compiled without PNG_NO_MMX_CODE]) + AC_TRY_COMPILE( +- [#include "$srcdir/pnggccrd.c"], ++ [#define PNG_CONFIGURE_LIBPNG ++ #include "$srcdir/pnggccrd.c"], + [return 0;], + AC_MSG_RESULT(yes) + LIBPNG_NO_MMX="", +diff -Naur libpng-1.2.29.orig/pngconf.h libpng-1.2.29/pngconf.h +--- libpng-1.2.29.orig/pngconf.h 2008-05-08 07:58:03.000000000 -0400 ++++ libpng-1.2.29/pngconf.h 2008-05-31 20:21:12.000000000 -0400 +@@ -35,6 +35,25 @@ + #ifdef HAVE_CONFIG_H + #include "config.h" + #endif ++#else ++/* pngconf.h is part of the exported API. When a libpng-using application ++ includes us, PNG_CONFIGURE_LIBPNG is of course not defined as we do not have ++ libpng's config.h available in this case. This means that we do not have the ++ defines added to config.h and the commandline by libpng's ./configure . ++ ++ For all defines from config.h not having them set is not a problem, however ++ ./configure also adds -DPNG_NO_ASSEMBLER_CODE to the CFLAGS when compiling ++ on a platform on which the MMX and SSE asm code in libpng is not supported. ++ ++ We do need this define as this define is used to determine whether or not ++ to define PNG_ASSEMBLER_CODE_SUPPORTED and other assembler related defines ++ and prototypes. PNG_ASSEMBLER_CODE_SUPPORTED in turn is used by applications ++ (ImageMagick for example) to determine whether or not they can use the asm ++ functions. Thus we need to define PNG_NO_ASSEMBLER_CODE here on platforms ++ on which the MMX and SSE asm code in libpng is not supported: */ ++#ifndef __i386__ /* change this if MMX/SSE become supported on x86_64! */ ++#define PNG_NO_ASSEMBLER_CODE ++#endif + #endif + + /* diff --git a/SPECS/libpng12.spec b/SPECS/libpng12.spec new file mode 100644 index 0000000..5d58d95 --- /dev/null +++ b/SPECS/libpng12.spec @@ -0,0 +1,129 @@ +Summary: Old version of libpng, needed to run old binaries +Name: libpng12 +Version: 1.2.50 +Release: 10%{?dist} +License: zlib +Group: System Environment/Libraries +URL: http://www.libpng.org/pub/png/ + +# Obsolete old temporary packaging of libpng 1.2 +Obsoletes: libpng-compat <= 2:1.5.10 + +# Note: non-current tarballs get moved to the history/ subdirectory, +# so look there if you fail to retrieve the version you want +Source: ftp://ftp.simplesystems.org/pub/png/src/libpng-%{version}.tar.bz2 + +Patch0: libpng12-multilib.patch +Patch1: libpng12-pngconf.patch +Patch2: libpng12-CVE-2013-6954.patch +Patch3: libpng12-CVE-2015-7981.patch +Patch4: libpng12-CVE-2015-8126.patch + +BuildRequires: zlib-devel, pkgconfig + +%description +The libpng12 package provides libpng 1.2, an older version of the libpng +library for manipulating PNG (Portable Network Graphics) image format files. +This version should be used only if you are unable to use the current +version of libpng. + +%package devel +Summary: Development files for libpng 1.2 +Group: Development/Libraries +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: zlib-devel%{?_isa} pkgconfig%{?_isa} + +%description devel +The libpng12-devel package contains header files and documentation necessary +for developing programs using libpng12. + +%prep +%setup -q -n libpng-%{version} + +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 + +%build +%configure \ + --disable-static + +make %{?_smp_mflags} + +%install +make DESTDIR=$RPM_BUILD_ROOT install + +## unpackaged files +# We don't ship .la files. +rm -fv $RPM_BUILD_ROOT%{_libdir}/libpng*.la +# rename man page to avoid conflict with base libpng package +mv $RPM_BUILD_ROOT%{_mandir}/man5/png.5 $RPM_BUILD_ROOT%{_mandir}/man5/png12.5 +# omit that conflicts with base libpng-devel package +rm -fv $RPM_BUILD_ROOT%{_bindir}/libpng-config +rm -fv $RPM_BUILD_ROOT%{_includedir}/{png,pngconf}.h +rm -fv $RPM_BUILD_ROOT%{_libdir}/libpng.so +rm -fv $RPM_BUILD_ROOT%{_libdir}/pkgconfig/libpng.pc +# rename man pages to avoid conflict with base libpng-devel package +mv $RPM_BUILD_ROOT%{_mandir}/man3/libpng.3 $RPM_BUILD_ROOT%{_mandir}/man3/libpng12.3 +mv $RPM_BUILD_ROOT%{_mandir}/man3/libpngpf.3 $RPM_BUILD_ROOT%{_mandir}/man3/libpngpf12.3 + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + +%files +%doc LICENSE +%doc libpng-%{version}.txt README TODO CHANGES +%{_libdir}/libpng*.so.* +%{_mandir}/man5/* + +%files devel +%doc example.c +%{_bindir}/libpng12-config +%{_includedir}/libpng12/ +%{_libdir}/libpng12.so +%{_libdir}/pkgconfig/libpng12.pc +%{_mandir}/man3/* + +%changelog +* Thu Jun 30 2016 Nikola Forró - 1.2.50-10 +- Revert removal of libpng compat library +- Related: #1282628 + +* Wed Jun 29 2016 Nikola Forró - 1.2.50-9 +- Don't drop man pages, but rename them to avoid conflict +- Resolves: #1285680 + +* Thu Feb 11 2016 Petr Hracek - 1.2.50-8 +- libpng12-devel conflicts with libpng-devel +- Resolves: #1282628 + +* Mon Nov 23 2015 Petr Hracek - 1.2.50-7 +- Security fix for CVE-2015-7981 and CVE-2015-8126 +- Resolves: #1283577 + +* Wed Jan 29 2014 Petr Hracek - 1.2.50-6 +- Adding patch CVE-2013-6954 +- Resolves: #1056864 + +* Fri Jan 24 2014 Daniel Mach - 1.2.50-5 +- Mass rebuild 2014-01-24 + +* Fri Dec 27 2013 Daniel Mach - 1.2.50-4 +- Mass rebuild 2013-12-27 + +* Thu Feb 14 2013 Fedora Release Engineering - 1.2.50-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Aug 22 2012 Tom Lane 1.2.50-2 +- Remove unnecessary use of epoch +Related: #850628 + +* Fri Aug 3 2012 Tom Lane 1.2.50-1 +- Update to 1.2.50 (just on general principles) +- Add Obsoletes: libpng-compat + +* Wed Aug 1 2012 Tom Lane 1.2.49-1 +- Created from libpng