Package Release Info

jhead-3.08-bp156.1.5

Update Info: Base Release
Available in Package Hub : 15 SP6

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

jhead

Change Logs

* Fri Jun 23 2023 pgajdos@suse.com 
- version update to 3.08
  * Fix various "issues" people have found with fuzz testing.
    These can only be produced when running jhead in some memory access testing setup
    such as ASAN and throwing carefully crafted garbage at it, causing jhead to read
    some bytes past memory it malloced.  no real life consequences.
- deleted patches
  - jhead-CVE-2021-34055.patch (upstreamed)
  - jhead-CVE-2022-41751-1.patch (upstreamed)
  - jhead-CVE-2022-41751-2.patch (upstreamed)
  - jhead-CVE-2022-41751-3.patch (upstreamed)
* Thu Feb 16 2023 Martin Liška <mliska@suse.cz> 
- Remove hunk that enables -fsanitize=address (bsc#1208386), note it's
  already removed in the upstream project:
  https://github.com/Matthias-Wandel/jhead/commit/34f61c3f1408e6b00f6f65dd3d7832f4f8e9318b
Version: 3.06.0.1-bp155.5.3.1
Version: 3.06.0.1-bp155.4.6
Version: 3.06.0.1-bp154.2.9.1
* Fri Feb 10 2023 pgajdos@suse.com 
- added patches
  fix [bsc#1207150]
  https://github.com/Matthias-Wandel/jhead/commit/2a237d866581b3774ebe63d6c312e76459bd0866
  + jhead-CVE-2022-41751-3.patch
Version: 3.06.0.1-bp154.2.6.1
Version: 3.06.0.1-bp154.2.3.1
Version: 3.06.0.1-bp154.1.20
* Fri Jan 22 2021 Wang Jun <jgwang@suse.com> 
- Update to version 3.04
  * Apply a whole bunch of patches from Debian.
  * Spell check and fuzz test stuff from Debian, nothing useful to
    human users.
  * Add option to set exif date from date from another file.
  * Bug fixes relating to fuzz testing.
  * Fix bug where thumbnail replacement DID NOT WORK.
  * Fix bug when no orientation tag is present
  * Fix bug of not clearing exif information when processing images
    with an without exif data in one invocation.
  * Remove some unnecessary warnings with some types of GPS data
  * Remove multiple copies of the same type of section when deleting
    section types
  * Modify the patch CVE-2018-17088.patch because source code changed
- Remove these patches because of including upstream code
  * CVE-2018-6612.patch, CVE-2016-3822.patch, CVE-2018-16554.patch
Version: 3.06.0.1-bp152.4.6.1
* Wed May 12 2021 pgajdos@suse.com 
- version update to 3.06.0.1
  * lot of fuzztest fixes
  * Apply a whole bunch of patches from Debian.
  * Spell check and fuzz test stuff from Debian, nothing useful to
    human users.
  * Add option to set exif date from date from another file.
  * Bug fixes relating to fuzz testing.
  * Fix bug where thumbnail replacement DID NOT WORK.
  * Fix bug when no orientation tag is present
  * Fix bug of not clearing exif information when processing images
    with an without exif data in one invocation.
  * Remove some unnecessary warnings with some types of GPS data
  * Remove multiple copies of the same type of section when deleting
    section types
- deleted patches
  - CVE-2016-3822.patch (upstreamed)
  - CVE-2018-16554.patch (upstreamed)
  - CVE-2018-17088.patch (upstreamed)
  - CVE-2018-6612.patch (upstreamed)
  - CVE-2021-3496.patch (upstreamed)
- fixes
  * [bsc#1144316], CVE-2019-1010301
  * [bsc#1144354], CVE-2019-1010302
  * [bsc#1160544], CVE-2020-6625
  * [bsc#1160547], CVE-2020-6624
Version: 3.00-bp153.3.6.1
* Tue Nov 08 2022 Jason Sikes <jsikes@suse.com> 
- Added jhead-CVE-2021-34055.patch
  * Fix out of bounds write in ClearOrientation() due to unchecked error
  * [bsc#1205167]
  * CVE-2021-34055
Version: 3.00-bp153.3.3.1
* Thu Oct 27 2022 David Anes <david.anes@suse.com> 
- security fix [bsc#1204409, CVE-2022-41751]
  * arbitrary OS commands by placing them in a JPEG filename
  * Added patch jhead-CVE-2022-41751-1.patch
  * Added patch jhead-CVE-2022-41751-2.patch
Version: 3.00-bp153.2.1
Version: 3.00-bp152.4.3.1
* Mon Apr 19 2021 pgajdos@suse.com 
- version update to 3.06.0.1
  * lot of fuzztest fixes, e. g. CVE-2021-3496 [bsc#1184756]
- deleted patches
  - CVE-2018-17088.patch (upstreamed)
Version: 3.00-bp152.3.13
Version: 3.00-bp151.4.1
Version: 3.00-bp151.3.15
Version: 3.00-bp150.3.7.1
* Wed Oct 24 2018 Marketa Calabkova <mcalabkova@suse.com> 
- Renamed CVE-2018-16554.patch to CVE-2018-17088.patch, because
  it is in fact fix of boo#1108672
- Buffer overflow fix (boo#1108480) CVE-2018-16554.patch
Version: 3.00-bp150.3.3.1
* Fri Sep 14 2018 sbrabec@suse.com 
-  Integer overflow fixes (boo#1108480, CVE-2016-3822,
  CVE-2018-16554, CVE-2016-3822.patch, CVE-2018-16554.patch.
* Fri Mar 16 2012 toganm@opensuse.org 
- Fixed file-contains-date-and-time rpmlint warning. Date is set as
  last date in the changes file.
Version: 3.00-bp150.2.3
* Mon Feb 05 2018 kbabioch@suse.com 
- Added CVE-2018-6612.patch: Fix of a heap-based buffer over-read
  (boo#1079349 CVE-2018-6612)
* Mon Apr 27 2015 mpluskal@suse.com 
- Update to version 3.00
  * Make max comment size 16000
  * Added "-zt" option to trim 32k of trailing zeroes from Nikon 1
    J2 and J3 images.
  * Add ability to reset invalid rotation tag (from Moultrie
    game cameras)
- Use url for source
- Cleanup spec file with spec-cleaner
* Sun Mar 10 2013 toganm@opensuse.org 
- Update to version 2.97
  * Add feature to show quality of jpeg, (by Andy Spiegel)
  * Fix crash on some corrupt files bug, clarify time adjustment
    syntax in help
* Mon Jul 02 2012 toganm@opensuse.org 
- Update to version 2.96
  * Fix printing file info when -ft option is used
  * Do not skip readonle files with -st option
* Tue Mar 20 2012 toganm@opensuse.org 
- Updated to version 2.95
  * Handle very large unsigned rational numbers in exif header
* Fri Mar 16 2012 toganm@opensuse.org 
- Fixed file-contains-date-and-time rpmlint warning. Date is set as
  last date in the changes file.
* Thu Mar 15 2012 toganm@opensuse.org 
- Updated to version 2.93: For details please read changes.txt
  * Fixed bug in jhead -cmd that caused metatdata to be deleted.
* Wed Aug 05 2009 sbrabec@suse.cz 
- Updated to version 2.87:
  * Added the ability to move files with the -n option.
  * Minor fixes.
* Mon Jan 05 2009 sbrabec@suse.cz 
- Fixed arbitrary command vulnerability in DoCommand (bnc#435979,
  CVE-2008-4641).
- Fixed dependencies.
* Thu Oct 16 2008 sbrabec@suse.cz 
- Updated to version 2.84:
  * Decode more exif tags for '-v' mode.
  * Fix a bunch of potential string overflows (bnc#435979,
    CVE-2008-4575)
  * Fix bug where IPTC sction was not deleted by -purejpg
  * Fix GPS altitude decode bug
* Mon Apr 07 2008 sbrabec@suse.cz 
- Updated to version 2.82:
  * Make jhead aware of XMP data and not delete it.
  * Improve IPTC handling a little.
  * Change how date is encoded with -mkexif section to make it more
    compatible.
* Fri Nov 16 2007 sbrabec@suse.cz 
- Updated to version 2.8:
  * Added IPTC handling
  * Added -q option
  * Fix handling of corrupted GPS directory.
  * Extract focus distance from canon makernote.
  * Extract subject range (pentax and fuji cameras)
* Mon Aug 06 2007 sbrabec@suse.cz 
- Updated to version 2.7:
  * Remove maximum jpeg sections limit
  * Added -ds option
  * On clearing rotation, clear the image and the optional
    thumbnail rotation tags.
  * Add -mkexif option to make a new exif header.
* Sat Dec 16 2006 prusnak@suse.cz 
- fixed comparison with string literal (strcmp.patch) [#226477]
* Fri Oct 20 2006 sbrabec@suse.cz 
- Updated to version 2.6:
  * Compilation and bug fixes
  * Fix shutter speed display in '-c' mode for very long shutter
    speeds
  * Fix a bug in autorot when rotating filenames with spaces in
    them.
  * Improved handling of corrupt exif linkages in exif header.
  * Added -a (rename associated files) options.
* Wed Jan 25 2006 mls@suse.de 
- converted neededforbuild to BuildRequires
* Tue Jan 10 2006 sbrabec@suse.cz 
- Updated to version 2.5.
* Fri Jul 29 2005 sbrabec@suse.cz 
- Updated to version 2.4.
* Tue Feb 08 2005 mcihar@suse.cz 
- update to 2.3
* Fri Jul 16 2004 mcihar@suse.cz 
- use fixed 2.2 tarball, so patch is not needed