rpms/libjpeg/devel libjpeg-buf-oflo.patch, NONE, 1.1 libjpeg.spec, 1.20, 1.21

Tom Lane (tgl) fedora-extras-commits at redhat.com
Tue Jun 26 02:52:10 UTC 2007 

Author: tgl

Update of /cvs/pkgs/rpms/libjpeg/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10178

Modified Files:
	libjpeg.spec 
Added Files:
	libjpeg-buf-oflo.patch 
Log Message:
Catch up on libjpeg bugzilla backlog.

libjpeg-buf-oflo.patch:

--- NEW FILE libjpeg-buf-oflo.patch ---
Dike out a section of code that has no usefulness on Unix-like systems,
and will crash if fed a comment string exceeding 64K.  Per report from
Lubomir Kundrak, RH bug #226965


diff -Naur jpeg-6b.orig/wrjpgcom.c jpeg-6b/wrjpgcom.c
--- jpeg-6b.orig/wrjpgcom.c	1997-10-23 00:47:03.000000000 -0400
+++ jpeg-6b/wrjpgcom.c	2007-06-25 22:26:42.000000000 -0400
@@ -446,6 +446,8 @@
     } else if (keymatch(arg, "comment", 1)) {
       if (++argn >= argc) usage();
       comment_arg = argv[argn];
+#if 0
+#error "There is a buffer overflow in the code below"
       /* If the comment text starts with '"', then we are probably running
        * under MS-DOG and must parse out the quoted string ourselves.  Sigh.
        */
@@ -466,6 +468,7 @@
 	  strcat(comment_arg, argv[argn]);
 	}
       }
+#endif
       comment_length = (unsigned int) strlen(comment_arg);
     } else
       usage();


Index: libjpeg.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libjpeg/devel/libjpeg.spec,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- libjpeg.spec	27 Jul 2006 18:07:29 -0000	1.20
+++ libjpeg.spec	26 Jun 2007 02:51:34 -0000	1.21
@@ -1,23 +1,20 @@
-%define LIBVER 62.0.0
-Summary: A library for manipulating JPEG image format files.
+Summary: A library for manipulating JPEG image format files
 Name: libjpeg
 Version: 6b
-Release: 37
-License: distributable
+Release: 38%{?dist}
+License: BSD
 Group: System Environment/Libraries
+URL: http://www.ijg.org/
+
 Source0: ftp://ftp.uu.net/graphics/jpeg/jpegsrc.v6b.tar.bz2
 Patch0: libjpeg-6b-arm.patch
 Patch1: jpeg-c++.patch
 Patch2: libjpeg-shared.patch
 Patch3: libjpeg-rpath.patch
 Patch4: libjpeg-cflags.patch
-URL: http://www.ijg.org/
-Buildroot: %{_tmppath}/%{name}-root
+Patch5: libjpeg-buf-oflo.patch
 
-%package devel
-Summary: Development tools for programs which will use the libjpeg library.
-Group: Development/Libraries
-Requires: libjpeg = %{version}
+Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root
 
 %description
 The libjpeg package contains a library of functions for manipulating
@@ -29,8 +26,13 @@
 files.  Rdjpgcom displays any text comments included in a JPEG file.
 Wrjpgcom inserts text comments into a JPEG file.
 
+%package devel
+Summary: Development tools for programs which will use the libjpeg library
+Group: Development/Libraries
+Requires: libjpeg = %{version}-%{release}
+
 %description devel
-The libjpeg-devel package includes the header files and static libraries
+The libjpeg-devel package includes the header files and documentation
 necessary for developing programs which will manipulate JPEG files using
 the libjpeg library.
 
@@ -38,18 +40,32 @@
 you should install libjpeg-devel.  You'll also need to have the libjpeg
 package installed.
 
+%package static
+Summary: Static JPEG image format file library
+Group: Development/Libraries
+Requires: libjpeg-devel = %{version}-%{release}
+
+%description static
+The libjpeg-static package contains the statically linkable version of libjpeg.
+Linking to static libraries is discouraged for most applications, but it is
+necessary for some boot packages.
+
 %prep
 %setup -q -n jpeg-6b
+
 %patch0 -p1 -b .arm
 %patch1 -p1 -b .c++
 %patch2 -p1 -b .ppcshared
-%patch3 -p1 -b .cflags
+%patch3 -p1 -b .rpath
+%patch4 -p1 -b .cflags
+%patch5 -p1 -b .oflo
 
 %build
 %configure --enable-shared --enable-static
 
 make libdir=%{_libdir} %{?_smp_mflags}
-LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$PWD make test
+
+LD_LIBRARY_PATH=$PWD:$LD_LIBRARY_PATH make test
 
 %install
 rm -rf $RPM_BUILD_ROOT
@@ -59,21 +75,17 @@
 mkdir -p $RPM_BUILD_ROOT%{_mandir}/man1
 
 %makeinstall
+
 # Work around the broken makefiles...
 mv $RPM_BUILD_ROOT%{_mandir}/*.1 $RPM_BUILD_ROOT%{_mandir}/man1
 
-/sbin/ldconfig -n $RPM_BUILD_ROOT/%{_libdir}
-
+# We don't ship .la files.
 rm $RPM_BUILD_ROOT%{_libdir}/*.la
-rm $RPM_BUILD_ROOT%{_libdir}/*.a
 
 %post -p /sbin/ldconfig
 
 %postun -p /sbin/ldconfig
 
-%clean
-rm -rf $RPM_BUILD_ROOT
-
 %files
 %defattr(-,root,root)
 %doc usage.doc README
@@ -87,7 +99,26 @@
 %{_libdir}/*.so
 /usr/include/*.h
 
+%files static
+%defattr(-,root,root)
+%{_libdir}/*.a
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
 %changelog
+* Mon Jun 25 2007 Tom Lane <tgl at redhat.com> - 6b-38
+- Initial review of package by new (old?) maintainer; marginal specfile cleanup
+- Restore libjpeg.a to distribution, in a separate -static subpackage
+Resolves: #186060, #215537
+- Fix non-security-significant buffer overrun in wrjpgcom, per Lubomir Kundrak
+Resolves: #226965
+- Apply patch4 that was added by previous maintainer, but never applied
+Resolves: #244778
+Related: #238936
+- Fix inter-RPM dependencies to include release
+Resolves: #238780
+
 * Thu Jul 27 2006 Matthias Clasen <mclasen at redhat.com> - 6b-37
 - Use CFLAGS consistently
 
@@ -190,7 +221,7 @@
 * Wed May  5 2000 Bill Nottingham <notting at redhat.com>
 - configure tweaks for ia64; remove alpha patch (it's pointless)
 
-* Sat Feb  5 2000 Bernhard Rosenkränzer <bero at redhat.com>
+* Sat Feb  5 2000 Bernhard Rosenkraenzer <bero at redhat.com>
 - rebuild to get compressed man pages
 - fix description
 - some minor tweaks to the spec file

More information about the fedora-extras-commits mailing list