rpms/DevIL/devel DevIL-1.7.5-CVE-2008-5262.patch, NONE, 1.1 DevIL-1.7.5-allegropicfix.patch, NONE, 1.1 DevIL-1.7.5-il_endian_h.patch, NONE, 1.1 .cvsignore, 1.3, 1.4 DevIL.spec, 1.9, 1.10 sources, 1.3, 1.4 DevIL-1.6.8-rc2-allegropicfix.patch, 1.1, NONE DevIL-1.6.8-rc2-gcc43headerfix.patch, 1.1, NONE DevIL-1.6.8-rc2-il_endian_h.patch, 1.1, NONE DevIL-1.6.8-rc2-il_io_c.patch, 1.1, NONE DevIL-1.6.8-rc2-il_wrap_h.patch, 1.1, NONE DevIL-1.6.8-rc2-ilu_region.patch, 1.1, NONE DevIL-1.6.8-rc2-ilut_h.patch, 1.1, NONE
Hans de Goede
jwrdegoede at fedoraproject.org
Wed Jan 14 10:53:38 UTC 2009
- Previous message (by thread): rpms/libnotifymm/devel libnotifymm.spec, 1.2, 1.3 libnotifymm-0.6.1-closesig.patch, 1.1, NONE
- Next message (by thread): rpms/libhugetlbfs/devel .cvsignore, 1.11, 1.12 import.log, 1.3, 1.4 libhugetlbfs.spec, 1.20, 1.21 sources, 1.11, 1.12
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jwrdegoede
Update of /cvs/extras/rpms/DevIL/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv22621
Modified Files:
.cvsignore DevIL.spec sources
Added Files:
DevIL-1.7.5-CVE-2008-5262.patch
DevIL-1.7.5-allegropicfix.patch DevIL-1.7.5-il_endian_h.patch
Removed Files:
DevIL-1.6.8-rc2-allegropicfix.patch
DevIL-1.6.8-rc2-gcc43headerfix.patch
DevIL-1.6.8-rc2-il_endian_h.patch
DevIL-1.6.8-rc2-il_io_c.patch DevIL-1.6.8-rc2-il_wrap_h.patch
DevIL-1.6.8-rc2-ilu_region.patch DevIL-1.6.8-rc2-ilut_h.patch
Log Message:
* Tue Jan 13 2009 Hans de Goede <hdegoede at redhat.com> 1.7.5-1
- Update to latest upstream: 1.7.5
- Add patch to fix CVE-2008-5262
DevIL-1.7.5-CVE-2008-5262.patch:
--- NEW FILE DevIL-1.7.5-CVE-2008-5262.patch ---
--- DevIL-1.6.8/src-IL/src/il_hdr.c 2008/12/15 05:27:55 1.17
+++ DevIL-1.6.8/src-IL/src/il_hdr.c 2009/01/09 22:11:02 1.18
@@ -85,7 +85,7 @@
if (iread(&a, 1, 1) != 1)
return IL_FALSE;
- while(!done) {
+ while (!done) {
if (iread(&b, 1, 1) != 1)
return IL_FALSE;
if (b == '\n' && a == '\n')
@@ -98,6 +98,10 @@
if (iread(&a, 1, 1) != 1)
return IL_FALSE;
while (a != '\n') {
+ if (count >= 80) { // Line shouldn't be this long at all.
+ ilSetError(IL_INVALID_FILE_HEADER);
+ return IL_FALSE;
+ }
buff[count] = a;
if (iread(&a, 1, 1) != 1)
return IL_FALSE;
@@ -113,8 +117,9 @@
//nothing that really changes the appearance of the loaded image...
//(The code as it is now assumes that y contains "-Y" and x contains
//"+X" after the following line)
- //Furthermore, this crashes if the read strings are longer than 2 chars o_O
- sscanf(buff, "%s %d %s %d", y, &Header->Height, x, &Header->Width);
+
+ // The 2 has to be in the %s format specifier to prevent buffer overruns.
+ sscanf(buff, "%2s %d %2s %d", y, &Header->Height, x, &Header->Width);
return IL_TRUE;
}
DevIL-1.7.5-allegropicfix.patch:
--- NEW FILE DevIL-1.7.5-allegropicfix.patch ---
diff -up devil-1.7.5/configure~ devil-1.7.5/configure
--- devil-1.7.5/configure~ 2009-01-13 20:36:43.000000000 +0100
+++ devil-1.7.5/configure 2009-01-13 20:36:43.000000000 +0100
@@ -21763,7 +21763,7 @@ echo $ECHO_N "checking for Allegro - ver
no_allegro=yes
else
allegro_CFLAGS=`$ALLEGRO_CONFIG $ALLEGRO_CONFIG_args --cflags`
- allegro_LIBS=`$ALLEGRO_CONFIG $ALLEGRO_CONFIG_args --libs`
+ allegro_LIBS=`$ALLEGRO_CONFIG $ALLEGRO_CONFIG_args --libs | sed 's/-lalleg_unsharable//'`
ALLEGRO_CONFIG_major_version=`$ALLEGRO_CONFIG $ALLEGRO_CONFIG_args --version | \
sed 's/\([0-9]*\).\([0-9]*\).\([0-9]*\)/\1/'`
ALLEGRO_CONFIG_minor_version=`$ALLEGRO_CONFIG $ALLEGRO_CONFIG_args --version | \
DevIL-1.7.5-il_endian_h.patch:
--- NEW FILE DevIL-1.7.5-il_endian_h.patch ---
--- DevIL-1.6.8/src-IL/include/il_endian.h.orig 2006-12-21 03:40:57.000000000 +0000
+++ DevIL-1.6.8/src-IL/include/il_endian.h 2006-12-21 03:33:34.000000000 +0000
@@ -15,6 +15,10 @@
#include "il_internal.h"
+#ifdef GCC_X86_ASM
+#include <byteswap.h>
+#endif
+
#ifdef WORDS_BIGENDIAN //this is defined by ./configure
#ifndef __BIG_ENDIAN__
#define __BIG_ENDIAN__
@@ -101,9 +105,7 @@
}
#else
#ifdef GCC_X86_ASM
- asm("ror $8,%0"
- :
- : "r" (*s) );
+ *s = __bswap_16(*s);
#else
*s = ((*s)>>8) | ((*s)<<8);
#endif //GCC_X86_ASM
@@ -124,8 +126,7 @@
}
#else
#ifdef GCC_X86_ASM
- asm("bswap %0;"
- : "=r" (*i) );
+ *i = __bswap_32(*i);
#else
*i = ((*i)>>24) | (((*i)>>8) & 0xff00) | (((*i)<<8) & 0xff0000) | ((*i)<<24);
#endif //GCC_X86_ASM
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/DevIL/devel/.cvsignore,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- .cvsignore 7 Sep 2006 22:01:24 -0000 1.3
+++ .cvsignore 14 Jan 2009 10:53:07 -0000 1.4
@@ -1 +1 @@
-DevIL-1.6.8-rc2.tar.bz2
+DevIL-1.7.5.tar.gz
Index: DevIL.spec
===================================================================
RCS file: /cvs/extras/rpms/DevIL/devel/DevIL.spec,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- DevIL.spec 19 Feb 2008 16:34:16 -0000 1.9
+++ DevIL.spec 14 Jan 2009 10:53:07 -0000 1.10
@@ -1,28 +1,25 @@
Name: DevIL
-Version: 1.6.8
-Release: 0.15.rc2%{?dist}
+Version: 1.7.5
+Release: 1%{?dist}
Summary: A cross-platform image library
Group: System Environment/Libraries
License: LGPLv2
URL: http://openil.sourceforge.net/
-Source0: http://downloads.sourceforge.net/openil/%{name}-%{version}-rc2.tar.bz2
-Patch0: %{name}-1.6.8-rc2-allegropicfix.patch
-Patch1: %{name}-1.6.8-rc2-ilut_h.patch
-Patch2: %{name}-1.6.8-rc2-il_wrap_h.patch
-Patch3: %{name}-1.6.8-rc2-ilu_region.patch
-Patch4: %{name}-1.6.8-rc2-il_endian_h.patch
-Patch5: %{name}-1.6.8-rc2-il_io_c.patch
-Patch6: %{name}-1.6.8-rc2-gcc43headerfix.patch
+Source0: http://downloads.sourceforge.net/openil/%{name}-%{version}.tar.gz
+Patch0: DevIL-1.7.5-allegropicfix.patch
+Patch1: DevIL-1.7.5-il_endian_h.patch
+Patch2: DevIL-1.7.5-CVE-2008-5262.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: allegro-devel
BuildRequires: lcms-devel
BuildRequires: libGLU-devel
BuildRequires: libICE-devel
+BuildRequires: libXext-devel
BuildRequires: libjpeg-devel
BuildRequires: libmng-devel
BuildRequires: libpng-devel
BuildRequires: libtiff-devel
-BuildRequires: libtool
+BuildRequires: jasper-devel
BuildRequires: SDL-devel => 1.2.5
%description
@@ -38,6 +35,8 @@
Summary: Development files for DevIL
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
+Requires(post): info
+Requires(preun): info
%description devel
Development files for DevIL
@@ -65,44 +64,27 @@
%prep
-%setup -q
+%setup -q -n devil-%{version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-
-# Convert to UTF8
-iconv -f iso8859-1 CREDITS -t utf8 > CREDITS.conv \
- && /bin/mv -f CREDITS.conv CREDITS
+iconv -f iso8859-1 CREDITS -t utf8 > CREDITS.conv
+touch -r CREDITS CREDITS.conv
+mv CREDITS.conv CREDITS
%build
-%configure
-make %{?_smp_mflags} LIBTOOL=%{_bindir}/libtool
+%configure --enable-ILU --enable-ILUT --disable-static --disable-allegrotest
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|LD_RUN_PATH|DIE_RPATH_DIE|g' libtool
+make %{?_smp_mflags}
%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot}
-
-#Some cleanups
-rm -f %{buildroot}%{_libdir}/*.la
-rm -f %{buildroot}%{_libdir}/*.a
-
-#Replace autoconf generated config.h to avoid potential define collisions
-cat >%{buildroot}%{_includedir}/IL/config.h <<EOF
-/* Support Allegro API */
-#define ILUT_USE_ALLEGRO
-
-/* Support OpenGL API */
-#define ILUT_USE_OPENGL
-
-/* Support SDL API */
-#define ILUT_USE_SDL
-EOF
+rm %{buildroot}%{_libdir}/*.la
+rm %{buildroot}%{_infodir}/dir
%clean
@@ -112,6 +94,12 @@
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
+%post devel
+/sbin/install-info %{_infodir}/DevIL_manual.info %{_infodir}/dir 2> /dev/null || :
+%preun devel
+if [ $1 = 0 ] ; then
+ /sbin/install-info --delete %{_infodir}/DevIL_manual.info %{_infodir}/dir 2> /dev/null || :
+fi
%post ILUT -p /sbin/ldconfig
%postun ILUT -p /sbin/ldconfig
@@ -129,24 +117,29 @@
%{_libdir}/libIL.so
%{_libdir}/libILU.so
%dir %{_includedir}/IL
-%{_includedir}/IL/devil_internal_exports.h
+%{_includedir}/IL/devil_cpp_wrapper.hpp
%{_includedir}/IL/il.h
%{_includedir}/IL/ilu.h
%{_includedir}/IL/ilu_region.h
+%{_infodir}/DevIL_manual.info.gz
%files ILUT
+%defattr(-,root,root,-)
%{_libdir}/libILUT.so.*
%files ILUT-devel
+%defattr(-,root,root,-)
%{_libdir}/libILUT.so
-%{_includedir}/IL/config.h
%{_includedir}/IL/ilut.h
-%{_includedir}/IL/il_wrap.h
%changelog
+* Tue Jan 13 2009 Hans de Goede <hdegoede at redhat.com> 1.7.5-1
+- Update to latest upstream: 1.7.5
+- Add patch to fix CVE-2008-5262
+
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng at fedoraproject.org> - 1.6.8-0.15.rc2
- Autorebuild for GCC 4.3
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/DevIL/devel/sources,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- sources 7 Sep 2006 22:01:24 -0000 1.3
+++ sources 14 Jan 2009 10:53:07 -0000 1.4
@@ -1 +1 @@
-444f1290a4688c4530b9d07a521da212 DevIL-1.6.8-rc2.tar.bz2
+2a74578507a21d75d7fcc5afd41444d0 DevIL-1.7.5.tar.gz
--- DevIL-1.6.8-rc2-allegropicfix.patch DELETED ---
--- DevIL-1.6.8-rc2-gcc43headerfix.patch DELETED ---
--- DevIL-1.6.8-rc2-il_endian_h.patch DELETED ---
--- DevIL-1.6.8-rc2-il_io_c.patch DELETED ---
--- DevIL-1.6.8-rc2-il_wrap_h.patch DELETED ---
--- DevIL-1.6.8-rc2-ilu_region.patch DELETED ---
--- DevIL-1.6.8-rc2-ilut_h.patch DELETED ---
- Previous message (by thread): rpms/libnotifymm/devel libnotifymm.spec, 1.2, 1.3 libnotifymm-0.6.1-closesig.patch, 1.1, NONE
- Next message (by thread): rpms/libhugetlbfs/devel .cvsignore, 1.11, 1.12 import.log, 1.3, 1.4 libhugetlbfs.spec, 1.20, 1.21 sources, 1.11, 1.12
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list