Package Release Info

openjpeg-1.5.2-4.1

Update Info: Base Release
Available in Package Hub : 12 SP1-SP5

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

libopenjpeg1
openjpeg
openjpeg-devel

Change Logs

* Fri Aug 08 2014 asterios.dramis@gmail.com
- Update to version 1.5.2:
  Security:
  * Fixes: CVE-2013-4289 CVE-2013-4290
  * Fixes: CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 CVE-2013-6054
    CVE-2013-6053 CVE-2013-6887
  New Features:
  * Compile Java with source/target specific java version
  * Do not set SONAME for Java module, fix linking (missing math lib)
  * Support some BMP/RGB8 files
  * Fix compilation on ARM
  Misc:
  * Remove BSD-4 license from getopt copy, since upstream switched to BSD-3
  * Support compilation against system installed getopt
  * Fix Big Endian checking (autotools)
  * Huge amount of bug fixes. See CHANGES for details.
- Removed the following patches (fixed upstream):
  * openjpeg-1.5-r2029.patch
  * openjpeg-1.5-r2032.patch
  * openjpeg-1.5-r2033.patch
  * openjpeg-1.5.1-cve-2013-6045-1.patch
  * openjpeg-1.5.1-cve-2013-6045-2.patch
  * CVE-2013-6052.patch
  * CVE-2013-6053.patch
  * CVE-2013-1447.patch
  * CVE-2013-6887.patch
* Mon Nov 19 2012 sleep_walker@suse.cz
- do fdupes only for SUSE distributions
* Thu Dec 01 2011 asterios.dramis@gmail.com
- Removed the JavaOpenJPEG/ directory from the package source (fix for
  bnc#733009 - openjpg contains Sun proprietary code).
Version: 1.5.2-2.1
* Wed Sep 21 2016 hpj@suse.com
- Add openjpeg-bsc999817-cve2016-7445-null-deref.patch
  (bsc#999817, CVE-2016-7445).
* Mon Mar 02 2015 mpluskal@suse.com
- Use cmake macros for building
- Small spec file cleanups, use pkgconfig style dependencies
* Sat Aug 09 2014 asterios.dramis@gmail.com
- Update to version 1.5.2:
  Security:
  * Fixes: CVE-2013-4289 CVE-2013-4290
  * Fixes: CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 CVE-2013-6054
    CVE-2013-6053 CVE-2013-6887
  New Features:
  * Compile Java with source/target specific java version
  * Do not set SONAME for Java module, fix linking (missing math lib)
  * Support some BMP/RGB8 files
  * Fix compilation on ARM
  Misc:
  * Remove BSD-4 license from getopt copy, since upstream switched to BSD-3
  * Support compilation against system installed getopt
  * Fix Big Endian checking (autotools)
  * Huge amount of bug fixes. See CHANGES for details.
- Removed the following patches (fixed upstream):
  * openjpeg-1.5-r2029.patch
  * openjpeg-1.5-r2032.patch
  * openjpeg-1.5-r2033.patch
  * openjpeg-1.5.1-cve-2013-6045-1.patch
  * openjpeg-1.5.1-cve-2013-6045-2.patch
  * CVE-2013-6052.patch
  * CVE-2013-6053.patch
  * CVE-2013-1447.patch
  * CVE-2013-6887.patch
* Wed Feb 12 2014 asterios.dramis@gmail.com
- Added the following security patches (based also on Redhat/Fedora patches):
  * openjpeg-1.5-r2029.patch
    From upstream. Fix issue 155, jp2_read_boxhdr() can trigger random pointer
    memory access
  * openjpeg-1.5-r2032.patch
    From upstream. Fix issue 169, division by zero in j2k_read_siz
  * openjpeg-1.5-r2033.patch
    From upstream. Fix issue 166, missing range check in j2k_read_coc et al
  * CVE-2013-1447.patch
    Fix multiple denial of service flaws, CVE-2013-1447, bnc#853834
  * CVE-2013-6052.patch
    Fix heap OOB reads, information leaks, CVE-2013-6052, bnc#853644
  * CVE-2013-6053.patch
    Fix heap OOB reads, information leaks, CVE-2013-6053, bnc#853644
  * CVE-2013-6887.patch
    Fix multiple denial of service flaws, CVE-2013-6887, bnc#853644
- Removed part of openjpeg-1.5.1-cve-2013-6045-1.patch that is already
  upstream, included in openjpeg-1.5-r2033.patch (slightly modified).
* Fri Jan 10 2014 vpereira@novell.com
- Security:
  * Patches openjpeg-1.5.1-cve-2013-6045-1.patch and
    openjpeg-1.5.1-cve-2013-6045-2.patch fix heap overflow
    described in  CVE-2013-6045, bnc#853838.
* Tue Nov 20 2012 sleep_walker@suse.cz
- do fdupes only for SUSE distributions
* Mon Oct 15 2012 asterios.dramis@gmail.com
- Update to version 1.5.1:
  Security:
  * Fixes: CVE-2012-3535
  * Fixes: CVE-2012-3358
  New Features:
  * Use a new API scheme and solve the SOVERSIONing in OpenJPEG
  * Allow better integration with multi-arch system
  * Compile & Install Java bindings (CMake)
  * Install required addXMLinJP2 (JPIP)
  Misc:
  * Fix linker error by resolving all symbols (eg. missing -lm)
  * Fix some man page typos
  * Huge amount of bug fixes. See CHANGES for details.
- Removed the following patches (fixed upstream):
  * heap_buffer_overflow_fix.patch
  * heap_buffer_overflow_2_fix.patch
  * heap_corruption_fix.patch
  * openjpeg-1.5.0-cmake_Config.patch
  * openjpeg-1.5.0-cmake_libdir.patch
  * openjpeg-1.5.0-pkgconfig_includedir.patch
- Replaced openjpeg-1.5.0-cmake_header_symlink.patch with a fix inside the spec
  file.
- Removed symlink from %{_includedir}/openjpeg-1.5 to %{_includedir}/openjpeg
  (not needed).
- Added the following patches (taken from Fedora):
  * openjpeg-1.5.1-cmake_libdir.patch
    Fix libopenjpeg.pc symlink
  * openjpeg-1.5.1-soname.patch
    Revert soname bump compared to 1.5.0 release
* Mon Sep 17 2012 sleep_walker@suse.cz
- fix fedora build
* Tue Sep 11 2012 asterios.dramis@gmail.com
- Added a patch (heap_buffer_overflow_2_fix.patch) to fix heap-based buffer
  overflow when processing JPEG2000 images - (CVE-2012-3535), (bnc#777445).
* Tue Jul 17 2012 idonmez@suse.com
- Add baselibs.conf
* Wed Jul 11 2012 asterios.dramis@gmail.com
- Added a patch (heap_buffer_overflow_fix.patch) to fix heap-based buffer
  overflow when processing JPEG2000 images - (CVE-2012-3358), (bnc#770649).
* Thu Jun 28 2012 asterios.dramis@gmail.com
- Added a patch (heap_corruption_fix.patch) to fix heap corruption when
  processing certain Gray16 TIFF images - (CVE-2009-5030), (bnc#757260).
* Mon Feb 27 2012 asterios.dramis@gmail.com
- Update to version 1.5.0:
  New Features:
  * openjpip:
    + complete client-server architecture for remote browsing of jpeg 2000
    images.
    + see corresponding README for more details.
  API modifications:
  * 'bool' type has been replaced by 'opj_bool' type. 'stdbool.h' is no more
    required.
  Misc:
  * improved cmake and autotools build methods.
  * removed manual makefiles, VS project files and XCode project files.
  * added a 'thirdparty' directory to contain all dependencies.
    + These libraries will be build only if there are not found on the system.
    + Note that libopenjpeg itself does not have any dependency.
  * changed the directory hierarchy of the whole project. See README files for
    details.
  * tests : a complete test suite has been setup.
    + both JPEG 2000 conformance tests and non-regressions tests are
    configured.
    + results are submitted to the OpenJPEG dashboard
    (http://my.cdash.org/index.php?project=OPENJPEG)
    + images are located in 'http://openjpeg.googlecode.com/svn/data' folder.
    + configuration files and utilities are located in 'tests' folder.
  * OPJViewer re-activated (need wxWidgets)
  * Huge amount of bug fixes. See CHANGES for details.
- Removed the following patches (fixed upstream):
  * fix_no_undefined.patch
  * fix_soversion.patch
  * install_pkgconfig_file.patch
- Replaced openjpeg-1.4-OpenJPEGConfig.patch with
  openjpeg-1.5.0-cmake_Config.patch (taken from Fedora)
- Replaced openjpeg-1.4-cmake_symlink_fix.patch with
  openjpeg-1.5.0-cmake_header_symlink.patch (taken from Fedora)
- Added 2 patches (taken from Fedora):
  * openjpeg-1.5.0-cmake_libdir.patch -- Fix installation directories
  * openjpeg-1.5.0-pkgconfig_includedir.patch -- Fix includedir in pkgconfig
    file
- Spec file updates:
  * Added doxygen in BuildRequires: to enable compilation of devel docs.
  * Updated BuildRequires: to include also liblcms2-devel and zlib-devel.
  * Fixed rpmlint warning "file-contains-date-and-time"
- No need to remove the JavaOpenJPEG/ directory from the package source anymore
  (the Sun proprietary code was removed from the package).
* Tue Dec 06 2011 cfarrell@suse.com
- license update: BSD-2-Clause
  SPDX format
* Fri Dec 02 2011 asterios.dramis@gmail.com
- Removed the JavaOpenJPEG/ directory from the package source (fix for
  bnc#733009 - openjpg contains Sun proprietary code).
* Thu Oct 13 2011 asterios.dramis@gmail.com
- Initial release (version 1.4).
- Added 5 patches (taken from upstream and Fedora):
  * openjpeg-1.4-OpenJPEGConfig.patch -- Fix OpenJPEGConfig.cmake
  * openjpeg-1.4-cmake_symlink_fix.patch -- Fix cmake create_symlink usage for
    header file
  * fix_no_undefined.patch -- Fix libopenjpeg undefined references
  * fix_soversion.patch -- Fix so version to 1 instead of 1.4
  * install_pkgconfig_file.patch -- Fix cmake to install pkgconfig file(s)