libraw-0.20.2-150400.3.11.3

- security update
- added patches
  fix CVE-2020-22628 [bsc#1215308], stretch() function in libraw/src/postprocessing/aspect_ratio.cpp
  + libraw-CVE-2020-22628.patch

- security update
- added patches
  fix CVE-2023-1729 [bsc#1210720], a heap-buffer-overflow in raw2image_ex()
  + libraw-CVE-2023-1729.patch

- security update
- added patches
  fix CVE-2021-32142 [bsc#1208470], Buffer Overflow in the LibRaw_buffer_datastream:gets function
  + libraw-CVE-2021-32142.patch

- previous version updates fixed also:
  * CVE-2018-20337,CVE-2018-20363,CVE-2018-20364,CVE-2018-20365,
    CVE-2018-5815,CVE-2018-5816,CVE-2018-5817,CVE-2018-5818,
    CVE-2018-5819
  (bsc#1097975,bsc#1103206,bsc#1120498,bsc#1120499,bsc#1120500,
    bsc#1120515,bsc#1120516,bsc#1120517,bsc#1120519)

- Hardening: link as PIE (bsc#1184123).

- baselibs required by ImageMagick
- added sources
  + baselibs.conf

- update to 0.20.2:
  * corrected GPS EXIF output
  * Olympus XZ-1: do not provide linear_max
  * Pentax Optio 33WR: maker index was incorrect
  * dcraw_emu: corrected help line for -6 option.
  * raw-identify: corrected range check for color matrices print
  * use_camera_matrix option: fixed a bug introduced when making compiler more happy
  * multiple camera support improvements

- version update to 0.20.0
  * Camera Format support
    + Canon CR3
    + GoPro (via GPR SDK)
    + Panasonic 14-bit
    + Fujifilm compressed/16bit
    + Rapsberry Pi RAW+JPEG format (if USE_6BY9RPI defined)
  * Camera support (+59, 1131 total)
    + Canon: PowerShot G5 X Mark II, G7 X Mark III, SX70 HS,
    + EOS R, EOS RP, EOS 90D, EOS 250D,  EOS M6 Mark II, EOS M50, EOS M200
    + EOS 1DX Mark III (lossless files only)
    + DJI Mavic Air, Osmo Action
    + FujiFilm GFX 100, X-A7, X-Pro3, X100V,
    X-T4 (uncompressed/lossless compressed only), X-T200
    + GoPro Fusion, HERO5, HERO6, HERO7, HERO8
    + Hasselblad L1D-20c, X1D II 50C
    + Leica D-LUX7, Q-P, Q2, V-LUX5, C-Lux / CAM-DC25, SL2, M10 Monochrom
    + Nikon D780, Z50, P950
    + Olympus TG-6, E-M5 Mark III, E-PL10, E-M1 Mark III,
    + Panasonic DC-FZ1000 II, DC-G90, DC-S1, DC-S1R, DC-S1H, DC-TZ95
    + PhaseOne IQ4 150MP
    + Ricoh GR III
    + Sony A7R IV, A9 II, ILCE-6100, ILCE-6600, RX0 II, RX100 VII
    + Zenit M
  * minor/unsorted changes
    + Add support for zlib during configure
    + Fixed multiple problems found by OSS-Fuzz
    + Lots of changes in imgdata.makernotes
    + DNG whitelevel calculated via BitsPerSample if not set via tags
    + DNG: support for LinearDNG w/ BlackLevelRepeat.. pattern
    + better support for Nikon Coolscan 16-bit NEF files
    + Bayer images: ensure that even margins have the same COLOR()
    for both the active sensor area and the full sensor area.
    + fixed several bugs
- removed libraw-Add-Sony-ILCE-7M3.patch
- removed libraw-CVE-2020-15503.patch

- version update to 0.19.5
  * LibRaw 0.19.5
  * WB coefficients check was too strong, weakened
  * Fixed possible buffer underrun in modern Samsung loader
  * LibRaw 0.19.4
  * CRW/metadata loop prevention code is rolled back due to ABI
    incompatibility. To enable, use -DLIBRAW_METADATA_LOOP_PREVENTION=1
    compile flag for LibRaw and ALL APPS.
  * Fixed possible buffer underflow
  * LibRaw 0.19.3
  * Several fixes inspired by OSS-Fuzz
- deleted patches
  - libraw-half-size-allocation-buffer-overflow.patch (upstreamed)

- drop JPEG2000 support [bsc#1144252]

- Use FAT LTO objects in order to provide proper static library.

- supplementary fix for https://github.com/LibRaw/LibRaw/issues/195
  + libraw-half-size-allocation-buffer-overflow.patch

- asan_build: build ASAN included
- debug_build: build more suitable for debugging

- Updated to version 0.19.2
  * Fixed possible buffer overrun at Fuji makernotes parser
  * Fixed possible write to NULL pointer at raw2image/raw2image_ex calls.
- ./configure not present in sources

- Updated to version 0.19.1
  * Finally: got Sinar 4shot sample, works fine now
  * OpenMP critical sections for malloc/free; extra #ifdefs
    removed; bin/dcraw_dist could be built again using Makefile.devel
  * additional checks in parse_phase_one()
  * more checks on file offsets/tag len in parse_minolta
  * more checks in parse_ciff
  * Mempool check reworked
  * Old Leaf (16bit/3color/TIFF) support
  * Fix cameraWB->autoWB fallback
  * Polaroid x530 channel swap; get metadata pointer for Foveon files
  * Fixed Secunia Advisory SA86384
  - possible infinite loop in unpacked_load_raw()
  - possible infinite loop in parse_rollei()
  - possible infinite loop in parse_sinar_ia()
- removed libraw-CVE-2018-5813.patch (upstreamed)

- Add patch libraw-Add-Sony-ILCE-7M3.patch
  * See https://github.com/LibRaw/LibRaw/pull/145
  * The patch has been cut, the tarball from the download section
    doesn't match the git tag. dcraw/dcraw.c is totall different.
- Use %license tag

- security update
  * CVE-2018-5813 [bsc#1103200]
    + libraw-CVE-2018-5813.patch

- security update
  * CVE-2018-10528 [bsc#1091345]
    + libraw-CVE-2018-10528.patch
  * CVE-2018-10529 [bsc#1091346]
    + libraw-CVE-2018-10529.patch

- security update
- added patches
  fix CVE-2020-15503 [bsc#1173674], lack of thumbnail size range check can lead to buffer overflow
  + libraw-CVE-2020-15503.patch

- security update
  * CVE-2018-20337 [bsc#1120519]
    + libraw-CVE-2018-20337.patch
  * CVE-2018-20365 [bsc#1120500]
    CVE-2018-20364 [bsc#1120499]
    CVE-2018-20363 [bsc#1120498]
    + libraw-CVE-2018-20363,20364,20365.patch
  * CVE-2018-5817 [bsc#1120515]
    CVE-2018-5818 [bsc#1120516]
    CVE-2018-5819 [bsc#1120517]
    + libraw-CVE-2018-5817,5818,5819.patch
  * supplementary fix for https://github.com/LibRaw/LibRaw/issues/195
    + libraw-half-size-allocation-buffer-overflow.patch

- asan_build: build ASAN included
- debug_build: build more suitable for debugging

- security update
  * CVE-2018-5816 [bsc#1097975]
    + libraw-CVE-2018-5816.patch

- new upstream branch, version 0.19.x
  * fixes CVE-2018-10529 and CVE-2018-10528, hence removing
    . libraw-CVE-2018-10528.patch
    . libraw-CVE-2018-10529.patch
  * the rest of changes at
    https://www.libraw.org/download#stable

- security update
  * CVE-2018-10528 [bsc#1091345]
    + libraw-CVE-2018-10528.patch
  * CVE-2018-10529 [bsc#1091346]
    + libraw-CVE-2018-10529.patch

- Updated to version 0.18.9:
  * samsung_load_raw: possible buffer overrun
  * rollei_load_raw: possible buffer overrun
  * nikon_coolscan_load_raw: possible buffer overrun, possible NULL pointer
  * find_green: possible stack overrun
  * parse_exif: possible stack overrun

- Updated to version 0.18.8:
  * leaf_hdr_load_raw: check for image pointer for demosaiced raw
  * NOKIARAW parser: check image dimensions readed from file
  * quicktake_100_load_raw: check width/height limits
- Dropped libraw-glibc-2.27.patch: No longer needed

- fix build with glibc 2.27 [bsc#1079853]
  + libraw-glibc-2.27.patch

- updated to 0.18.7:
  * All legacy (RGB raw) image loaders checks for imgdata.image is
    not NULL
  * kodak_radc_load_raw: check image size before processing
  * legacy memory allocator:
    allocate max(widh, raw_width) * max(height, raw_height)
- partial cleanup with spec-cleaner
- other spec fixes:
  * switch to https site
  * remove executable bit from copyright
  * remove outdated comment about build parallelism

- updated to 0.18.6:
  * Fixed fuji_width handling if file is neither fuji nor DNG
  * Fixed xtrans interpolate for broken xtrans pattern
  * Fixed panasonic decoder

- updated to 0.18.5:
    Fix for possible buffer overrun in kodak_65000 decoder
    Fix for possible heap overrun in Canon makernotes parser
    Fix for CVE-2017-13735
    CVE-2017-14265: Additional check for X-Trans CFA pattern data
- remove upstreamed libraw-out-of-bounds-kodak.patch

- updated to 0.18.4:
  * Fix for possible heap overrun in Canon makernotes parser
  (CVE-2017-14348)
  * Fix for CVE-2017-13735
  * CVE-2017-14265: Additional check for X-Trans CFA pattern data
- add libraw-out-of-bounds-kodak.patch, upstream bug #101
- remove libraw-CVE-2017-6887,6886.patch and
    libraw-CVE-2017-6890,6899.patch:
  no need to patch dcraw.c, it is not used

- updated to 0.18.2:
    Fixed several errors (Secunia advisory SA75000)
    ACES colorspace output option included in dcraw_emu help page
    Avoided possible 32-bit overflows in Sony metadata parser
    Phase One flat field code called even for half-size output
    Camera Support: Sigma Quattro H
    Fixed bug in FujiExpoMidPointShift parser
    Fixed wrong black level in Sony A350
    Added standard integer types for VisualStudio 2008 and earlier
- added missing parts of the fix for CVE-2017-6887
  and CVE-2017-6886
    + libraw-CVE-2017-6887,6886.patch
- added missing fix for CVE-2017-6890 and CVE-2017-6899
  + libraw-CVE-2017-6890,6899.patch

- renaming libraw15 to libraw16 and amend spec file to avoid such
  inconsistency [bsc#1021327]

- update to 0.18.0:
  * License changed to LGPL-2.1/CDDL-1.0
  * Camera support (+87):
    + Apple: iPad Pro, iPhone SE, iPhone 6s, iPhone 6 plus,
    iPhone 7, iPhone 7 plus
    + BlackMagic Micro Cinema Camera, URSA, URSA Mini
    + Canon PowerShot G5 X, PowerShot G7 X Mark II,
    PowerShot G9 X, IXUS 160 (CHDK hack), EOS 5D Mark IV,
    EOS 80D, EOS 1300D, EOS M10, EOS M5, EOS-1D X Mark II
    + Casio EX-ZR4000/5000
    + DXO One,
    + FujiFilm X-Pro2, X70, X-E2S, X-T2
    + Gione E7
    + GITUP GIT2
    + Google Pixel,Pixel XL
    + Hasselblad X1D, True Zoom
    + HTC MyTouch 4G, One (A9), One (M9), 10
    + Huawei P9
    + Leica M (Typ 262), M-D (Typ 262), S (Typ 007),
    SL (Typ 601), X-U (Typ 113), TL
    + LG G3, G4
    + Meizy MX4
    + Nikon D5, D500, D3400
    + Olympus E-PL8, E-M10 Mark II, Pen F, SH-3, E-M1-II
    + Panasonic DMC-G8/80/81/85, DMC-GX80/85,
    DMC-TZ80/81/85/ZS60, DMC-TZ100/101/ZS100,DMC-LX9/10/15,
    FZ2000/FZ2500
    + Pentax K-1, K-3 II, K-70
    + PhaseOne IQ3 100MP
    + RaspberryPi Camera, Camera V2
    + Ricoh GR II
    + Samsung Galaxy S7, S7 Edge
    + Sigma sd Quattro
    + Sony A7S II, ILCA-68 (A68), ILCE-6300, DSC-RX1R II,
    DSC-RX10III, DSC-RX100V,ILCA-99M2 (A99-II), a6500,
    IMX214, IMX219, IMX230, IMX298-mipi 16mp,
    IMX219-mipi 8mp, Xperia L
    + PtGrey GRAS-50S5C
    + YUNEEC CGO4
    + Xiaomi MI3, RedMi Note3 Pro
  * Floating point DNG support
  * More metadata parsed
  * Existing API changes:
    imgdata.params fields (all very specific purpose):
    sony_arw2_options, sraw_ycc, and params.x3f_flags
    replaced with single bit-field raw_processing_options
    See  LIBRAW_PROCESSING_* bits in documentation.
  * Fixed bug in Sony SR2 files black level
  * DNG files with BlackLevel both in vendor makernotes and
    BlackLevel: BlackLevel tag always takes precedence
  * ChannelBlackLevel added to canon makernotes
  * unpack_thumb() data size/offset check against file size
- removed libraw-0.17.1-gcc6-compatibility.patch (fixed upstream)

- update to 0.17.2:
  * strncpy usage was not compatible with glibc bounds check

- Complete libraw-0.17.1-gcc6-compatibility.patch to fix build
  on ppc as well

- Fix build with GCC 6:
  * Add libraw-0.17.1-gcc6-compatibility.patch

- updated to 0.17.1:
  * fixed two errors found by fuzzer (CVE-2015-8367)
  * phase_one_correct always returns value; handle P1 return codes
  in postprocessing
- removed upstreamedretval.diff

- Update to new upstream release 0.17.0
  * Fixed dcraw.c ljpeg_start possibly buffer overrun
  * C API extension to support 3DLut Creator
  * More metadata parsing/extraction: XMP packet extracted (if
  exists), DNG Color information parsed, GPS data (partially)
  parsed, EXIF/Makernotes parsed for used optics (for both RAW
  files and DNG converted by Adobe convertor).
  * Exif/Makernotes parser callback (called for each processed tag)
  * Sony ARW2.3 decoder: params.sony_arw2_hack removed, decoded data
  are always in 0...17k range (note the difference with dcraw!);
  Additional processing options for Sony lossy compression techincal
  analysis.
  * Dcraw 9.26 imported (but some changes not approved because Libraw
  does it better) with some exceptions: no Pentax K3-II frame
  selection code; and no built-in JPEG decompressor.
  * Many improvements in data decoding/processing: Correct decoding
  of black level values from metadata for many formats, LibRaw does
  not rely on hardcoded black levels.
  * 224 camera models added to supported camera list. Some of them are
  new (released since LibRaw 0.16 come out), some was supported
  before, but missed from the list.
  * Fujifilm F700/S20Pro second frame support
- Add retval.diff to resolve new compiler warnings