libraw-0.18.9-bp153.2.25

- security update
- added patches
  fix CVE-2020-15503 [bsc#1173674], lack of thumbnail size range check can lead to buffer overflow
  + libraw-CVE-2020-15503.patch

- security update
  * CVE-2018-20337 [bsc#1120519]
    + libraw-CVE-2018-20337.patch
  * CVE-2018-20365 [bsc#1120500]
    CVE-2018-20364 [bsc#1120499]
    CVE-2018-20363 [bsc#1120498]
    + libraw-CVE-2018-20363,20364,20365.patch
  * CVE-2018-5817 [bsc#1120515]
    CVE-2018-5818 [bsc#1120516]
    CVE-2018-5819 [bsc#1120517]
    + libraw-CVE-2018-5817,5818,5819.patch
  * supplementary fix for https://github.com/LibRaw/LibRaw/issues/195
    + libraw-half-size-allocation-buffer-overflow.patch

- asan_build: build ASAN included
- debug_build: build more suitable for debugging

- security update
  * CVE-2018-5816 [bsc#1097975]
    + libraw-CVE-2018-5816.patch

- new upstream branch, version 0.19.x
  * fixes CVE-2018-10529 and CVE-2018-10528, hence removing
    . libraw-CVE-2018-10528.patch
    . libraw-CVE-2018-10529.patch
  * the rest of changes at
    https://www.libraw.org/download#stable

- security update
  * CVE-2018-10528 [bsc#1091345]
    + libraw-CVE-2018-10528.patch
  * CVE-2018-10529 [bsc#1091346]
    + libraw-CVE-2018-10529.patch

- Updated to version 0.18.9:
  * samsung_load_raw: possible buffer overrun
  * rollei_load_raw: possible buffer overrun
  * nikon_coolscan_load_raw: possible buffer overrun, possible NULL pointer
  * find_green: possible stack overrun
  * parse_exif: possible stack overrun

- Updated to version 0.18.8:
  * leaf_hdr_load_raw: check for image pointer for demosaiced raw
  * NOKIARAW parser: check image dimensions readed from file
  * quicktake_100_load_raw: check width/height limits
- Dropped libraw-glibc-2.27.patch: No longer needed

- fix build with glibc 2.27 [bsc#1079853]
  + libraw-glibc-2.27.patch

- updated to 0.18.7:
  * All legacy (RGB raw) image loaders checks for imgdata.image is
    not NULL
  * kodak_radc_load_raw: check image size before processing
  * legacy memory allocator:
    allocate max(widh, raw_width) * max(height, raw_height)
- partial cleanup with spec-cleaner
- other spec fixes:
  * switch to https site
  * remove executable bit from copyright
  * remove outdated comment about build parallelism

- updated to 0.18.6:
  * Fixed fuji_width handling if file is neither fuji nor DNG
  * Fixed xtrans interpolate for broken xtrans pattern
  * Fixed panasonic decoder

- updated to 0.18.5:
    Fix for possible buffer overrun in kodak_65000 decoder
    Fix for possible heap overrun in Canon makernotes parser
    Fix for CVE-2017-13735
    CVE-2017-14265: Additional check for X-Trans CFA pattern data
- remove upstreamed libraw-out-of-bounds-kodak.patch

- updated to 0.18.4:
  * Fix for possible heap overrun in Canon makernotes parser
  (CVE-2017-14348)
  * Fix for CVE-2017-13735
  * CVE-2017-14265: Additional check for X-Trans CFA pattern data
- add libraw-out-of-bounds-kodak.patch, upstream bug #101
- remove libraw-CVE-2017-6887,6886.patch and
    libraw-CVE-2017-6890,6899.patch:
  no need to patch dcraw.c, it is not used

- updated to 0.18.2:
    Fixed several errors (Secunia advisory SA75000)
    ACES colorspace output option included in dcraw_emu help page
    Avoided possible 32-bit overflows in Sony metadata parser
    Phase One flat field code called even for half-size output
    Camera Support: Sigma Quattro H
    Fixed bug in FujiExpoMidPointShift parser
    Fixed wrong black level in Sony A350
    Added standard integer types for VisualStudio 2008 and earlier
- added missing parts of the fix for CVE-2017-6887
  and CVE-2017-6886
    + libraw-CVE-2017-6887,6886.patch
- added missing fix for CVE-2017-6890 and CVE-2017-6899
  + libraw-CVE-2017-6890,6899.patch

- renaming libraw15 to libraw16 and amend spec file to avoid such
  inconsistency [bsc#1021327]

- update to 0.18.0:
  * License changed to LGPL-2.1/CDDL-1.0
  * Camera support (+87):
    + Apple: iPad Pro, iPhone SE, iPhone 6s, iPhone 6 plus,
    iPhone 7, iPhone 7 plus
    + BlackMagic Micro Cinema Camera, URSA, URSA Mini
    + Canon PowerShot G5 X, PowerShot G7 X Mark II,
    PowerShot G9 X, IXUS 160 (CHDK hack), EOS 5D Mark IV,
    EOS 80D, EOS 1300D, EOS M10, EOS M5, EOS-1D X Mark II
    + Casio EX-ZR4000/5000
    + DXO One,
    + FujiFilm X-Pro2, X70, X-E2S, X-T2
    + Gione E7
    + GITUP GIT2
    + Google Pixel,Pixel XL
    + Hasselblad X1D, True Zoom
    + HTC MyTouch 4G, One (A9), One (M9), 10
    + Huawei P9
    + Leica M (Typ 262), M-D (Typ 262), S (Typ 007),
    SL (Typ 601), X-U (Typ 113), TL
    + LG G3, G4
    + Meizy MX4
    + Nikon D5, D500, D3400
    + Olympus E-PL8, E-M10 Mark II, Pen F, SH-3, E-M1-II
    + Panasonic DMC-G8/80/81/85, DMC-GX80/85,
    DMC-TZ80/81/85/ZS60, DMC-TZ100/101/ZS100,DMC-LX9/10/15,
    FZ2000/FZ2500
    + Pentax K-1, K-3 II, K-70
    + PhaseOne IQ3 100MP
    + RaspberryPi Camera, Camera V2
    + Ricoh GR II
    + Samsung Galaxy S7, S7 Edge
    + Sigma sd Quattro
    + Sony A7S II, ILCA-68 (A68), ILCE-6300, DSC-RX1R II,
    DSC-RX10III, DSC-RX100V,ILCA-99M2 (A99-II), a6500,
    IMX214, IMX219, IMX230, IMX298-mipi 16mp,
    IMX219-mipi 8mp, Xperia L
    + PtGrey GRAS-50S5C
    + YUNEEC CGO4
    + Xiaomi MI3, RedMi Note3 Pro
  * Floating point DNG support
  * More metadata parsed
  * Existing API changes:
    imgdata.params fields (all very specific purpose):
    sony_arw2_options, sraw_ycc, and params.x3f_flags
    replaced with single bit-field raw_processing_options
    See  LIBRAW_PROCESSING_* bits in documentation.
  * Fixed bug in Sony SR2 files black level
  * DNG files with BlackLevel both in vendor makernotes and
    BlackLevel: BlackLevel tag always takes precedence
  * ChannelBlackLevel added to canon makernotes
  * unpack_thumb() data size/offset check against file size
- removed libraw-0.17.1-gcc6-compatibility.patch (fixed upstream)

- update to 0.17.2:
  * strncpy usage was not compatible with glibc bounds check

- Complete libraw-0.17.1-gcc6-compatibility.patch to fix build
  on ppc as well

- Fix build with GCC 6:
  * Add libraw-0.17.1-gcc6-compatibility.patch

- updated to 0.17.1:
  * fixed two errors found by fuzzer (CVE-2015-8367)
  * phase_one_correct always returns value; handle P1 return codes
  in postprocessing
- removed upstreamedretval.diff

- Update to new upstream release 0.17.0
  * Fixed dcraw.c ljpeg_start possibly buffer overrun
  * C API extension to support 3DLut Creator
  * More metadata parsing/extraction: XMP packet extracted (if
  exists), DNG Color information parsed, GPS data (partially)
  parsed, EXIF/Makernotes parsed for used optics (for both RAW
  files and DNG converted by Adobe convertor).
  * Exif/Makernotes parser callback (called for each processed tag)
  * Sony ARW2.3 decoder: params.sony_arw2_hack removed, decoded data
  are always in 0...17k range (note the difference with dcraw!);
  Additional processing options for Sony lossy compression techincal
  analysis.
  * Dcraw 9.26 imported (but some changes not approved because Libraw
  does it better) with some exceptions: no Pentax K3-II frame
  selection code; and no built-in JPEG decompressor.
  * Many improvements in data decoding/processing: Correct decoding
  of black level values from metadata for many formats, LibRaw does
  not rely on hardcoded black levels.
  * 224 camera models added to supported camera list. Some of them are
  new (released since LibRaw 0.16 come out), some was supported
  before, but missed from the list.
  * Fujifilm F700/S20Pro second frame support
- Add retval.diff to resolve new compiler warnings