openSUSE Build Service

Ana Guerrero (anag+factory) accepted request 1170497 from

Michael Vetter (jubalh) 7 months ago (revision 33)

- Update to 4.2.4:
  * Added some missing checks to the jas_heic_decode function in the
    HEIC codec (#383).

Ana Guerrero (anag+factory) accepted request 1169268 from

Michael Vetter (jubalh) 7 months ago (revision 32)

  * Added a missing check in the JPC codec (#381) bsc#1223155 (CVE-2024-31744)

Ana Guerrero (anag+factory) accepted request 1163808 from

Michael Vetter (jubalh) 8 months ago (revision 31)

- Update to 4.2.3:
  * Added a missing check in the JPC codec (#381).

Ana Guerrero (anag+factory) accepted request 1157079 from

Michael Vetter (jubalh) 8 months ago (revision 30)

- Update to 4.2.2:
  * Fix minor build issue (#374).

Ana Guerrero (anag+factory) accepted request 1147689 from

Michael Vetter (jubalh) 9 months ago (revision 29)

- Update to 4.2.1:
  * Fix a build problem for the DJGPP/MS-DOS environment (#372).

Ana Guerrero (anag+factory) accepted request 1144460 from

Michael Vetter (jubalh) 9 months ago (revision 28)

- Update to 4.2.0:
  * Add the JAS_PACKAGING option to the CMake build in an attempt to allow
    easier control over rpath settings by packagers of JasPer.
  * Remove a number of obsolete scripts.
  * Make some cosmetic changes to the code for the JPC codec in order
    to improve readability (#371).
  * Fix a portability bug related to threads/atomics.
  * Replace some lingering uses of strtok in the JPC coder with jas_strtok,
    since the use of strtok is problematic in multithreading contexts.

Ana Guerrero (anag+factory) accepted request 1138803 from

Michael Vetter (jubalh) 10 months ago (revision 27)

  * Fix invalid memory write bug (#367) bsc#1218802 (CVE-2023-51257).

Ana Guerrero (anag+factory) accepted request 1138151 from

Michael Vetter (jubalh) 10 months ago (revision 26)

- Update to 4.1.2:
  * Fix invalid memory write bug (#367) (CVE-2023-51257).
  * Fix missing range check in the JPC encoder (#368).

Ana Guerrero (anag+factory) accepted request 1129748 from

Michael Vetter (jubalh) 12 months ago (revision 25)

- Update to 4.1.1:
  * Disallow in-source builds by default #364
  * Fix a potential integer overflow problem in the
    jas_get_total_mem_size function (for the Windows platform) #363

Ana Guerrero (anag+factory) accepted request 1123411 from

Michael Vetter (jubalh) about 1 year ago (revision 24)

- Update to 4.1.0:
  * Add support for building several JasPer application programs for
    WebAssembly target with WASI support.

- Update to 4.0.1:
  * Fix integer overflow bug in PNM decoder (#353).
  * Fix a few minor build issues.

Ana Guerrero (anag+factory) accepted request 1121278 from

Michael Vetter (jubalh) about 1 year ago (revision 23)

    (#269) (CVE-2021-3443) bsc#1184798
    for some invalid CDEF boxes. (#268) (CVE-2021-3467) bsc#1184757
    This fix is associated with CVE-2021-26926 bsc#1182105 and
    bsc#1182104 CVE-2021-26927.
    bsc#1179748
  * CVE-2021-27845 bsc#1188437
    https://github.com/mdadams/jasper/issues/194 (part 1)
  * Fix CVE-2016-9399 bsc#1010980, CVE-2017-13751
  * Fix CVE-2017-5503 bsc#1020456, CVE-2017-5504 bsc#1020458, CVE-2017-5505 bsc#1020460
  * Fix CVE-2018-9252 bsc#1088278
  * Fix CVE-2018-19139 bsc#1115637
  * Fix CVE-2018-19543 bsc#1117328, CVE-2017-9782 bsc#1045450
  * Fix CVE-2018-20570 bsc#1120807
  * Fix CVE-2018-20622 bsc#1120805
  * Fix CVE-2016-9398 bsc#1010979
  * Fix CVE-2017-14132 bsc#1057152
  * Fix CVE-2017-5499 bsc#1020451
  * Fix CVE-2018-18873 bsc#1114498
  * Fix assertion failure JPC_NOMINALGAIN (CVE-2016-9396) (#50) bsc#1010783

Dominique Leuenberger (dimstar_suse) accepted request 1033833 from

Michael Vetter (jubalh) about 2 years ago (revision 22)

- Update to 4.0.0:
  * Improve static linking (##336).
  * Fix path relocation in mingw environment (#335).
  * Improve logging and build scripts.
  * Improve JPEG-2000 conformance test results.
  * Enable PIC by default.
  * Fix memory leaks in function cmdopts_parse (#332) (CVE-2022-2963).
  * imgcmp:
    + Add quiet (-q) option.
    + Add debug-level option.
    + Fix memory leak.
    imginfo:
    + Add quiet (-q) option.
  * Fix bug in parsing PGX header.
  * Fix integer overflow bug (#345) (CVE-2022-40755).
- Remove jasper-CVE-2022-2963.patch

Dominique Leuenberger (dimstar_suse) accepted request 1004089 from

Michael Vetter (jubalh) about 2 years ago (revision 21)

- security update:
  * CVE-2022-2963 [bsc#1202642]
    + jasper-CVE-2022-2963.patch

Richard Brown (RBrownFactory) accepted request 989093 from

Michael Vetter (jubalh) over 2 years ago (revision 20)

- Update to 3.0.6:
  * Fix bug in manual deployment script.

Dominique Leuenberger (dimstar_suse) accepted request 984730 from

Michael Vetter (jubalh) over 2 years ago (revision 19)

- Update to 3.0.5:
  * Fix a minor build issue (#328).

Dominique Leuenberger (dimstar_suse) accepted request 980633 from

Michael Vetter (jubalh) over 2 years ago (revision 18)

- Update to 3.0.4:
  * Eliminate some bogus calls to abort.
  * Fix a typo in jas_safeui64_div (#323).
  * Add some additional logging messages.
  * Fix the source of a potential compiler warning (#321).

Dominique Leuenberger (dimstar_suse) accepted request 962246 from

Michael Vetter (jubalh) over 2 years ago (revision 17)

- Update to 3.0.3:
  * Fix some portability issues in a few scripts.

Dominique Leuenberger (dimstar_suse) accepted request 954679 from

Michael Vetter (jubalh) over 2 years ago (revision 16)

Dominique Leuenberger (dimstar_suse) accepted request 954338 from

Michael Vetter (jubalh) over 2 years ago (revision 15)

- Update to 3.0.2:
  * Fix a build issue that occurs when a cross-compiler is
    used (e.g., #319).

Dominique Leuenberger (dimstar_suse) accepted request 953963 from

Michael Vetter (jubalh) almost 3 years ago (revision 14)

- Update to 3.0.1:
  * Fix some build/portability issues (e.g., #317, #318).
- Drop jasper-cmake-warnings.patch: contained in upstream release

Places

Revisions of jasper

Places