rpms/gimp/F-10 gimp-2.6.7-bmp-hardening.patch, NONE, 1.1 gimp-2.6.7-jpeg-units.patch, NONE, 1.1 gimp-2.6.7-psd-hardening.patch, NONE, 1.1 gimp.spec, 1.184, 1.185 gimp-2.6.2-jpeg-units.patch, 1.1, NONE
Nils Philippsen
nphilipp at fedoraproject.org
Tue Nov 17 11:31:20 UTC 2009
Author: nphilipp
Update of /cvs/pkgs/rpms/gimp/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv2842
Modified Files:
gimp.spec
Added Files:
gimp-2.6.7-bmp-hardening.patch gimp-2.6.7-jpeg-units.patch
gimp-2.6.7-psd-hardening.patch
Removed Files:
gimp-2.6.2-jpeg-units.patch
Log Message:
avoid overflow in the BMP image file plugin (#537356)
avoid overflow in the PSD image file plugin (#537370)
update jpeg-units patch
gimp-2.6.7-bmp-hardening.patch:
bmp-read.c | 36 ++++++++++++++++++++++++++++++++++--
1 file changed, 34 insertions(+), 2 deletions(-)
--- NEW FILE gimp-2.6.7-bmp-hardening.patch ---
commit 57aedabfa3bc555e4d68ad916c757354d518b421
Author: Nils Philippsen <nils at redhat.com>
Date: Tue Nov 17 11:52:25 2009 +0100
patch: bmp-hardening
Squashed commit of the following:
commit d7ee36732bc37f4412c82f98473288fde2f6f151
Author: Nils Philippsen <nils at redhat.com>
Date: Mon Nov 16 18:16:38 2009 +0100
Ensure valid bit depths when reading BMP files.
(cherry picked from commit 16e6a37687bb4b9748c5a5d166d90f5d5bd2e9f3)
(cherry picked from commit 153ae579f7e7508d7a5b95bd569e91890f6b666e)
Signed-off-by: Nils Philippsen <nils at redhat.com>
commit b76b8400dfffd99826fe73dee81d76029b808689
Author: Nils Philippsen <nils at redhat.com>
Date: Mon Nov 16 17:16:09 2009 +0100
Use more defensive coding in plausibility check.
Use an equivalent division instead of multiplying values and checking if
they are more than G_MAXINT32, because divisions cannot overflow.
(cherry picked from commit f63ba36dd9cc01ca6da83fa05ddd12419ad8953e)
(cherry picked from commit 6e8ff603a2ee6a0940373723d1f075930dfd3ce0)
Signed-off-by: Nils Philippsen <nils at redhat.com>
commit c8bd5c99decca02158f9c0218b33fa057bfdf5ce
Author: Nils Philippsen <nils at redhat.com>
Date: Mon Nov 16 17:15:32 2009 +0100
Make plausibility check easier to understand.
Explicitly check that Bitmap_Head.biHeight is not G_MININT32
instead of relying on ABS(G_MININT32) being negative.
(cherry picked from commit 43d57c666346320436a0b668de5525387952784e)
(cherry picked from commit 0214e1ff271a5310731de81d00450a92d9bf0fcd)
Signed-off-by: Nils Philippsen <nils at redhat.com>
commit eec97e14def220b1de45dcece0a63eb9925f701f
Author: Simon Budig <simon at gimp.org>
Date: Tue Nov 10 00:08:59 2009 +0100
Harden the BMP plugin against integer overflows.
Issues discovered by Stefan Cornelius, Secunia Research, advisory SA37232
and CVE identifier CVE-2009-1570. Fixes bug #600484.
(cherry picked from commit df2b0aca2e7cdb95ebfd3454c65aaba0a83e9bbe)
Signed-off-by: Nils Philippsen <nils at redhat.com>
diff --git a/plug-ins/file-bmp/bmp-read.c b/plug-ins/file-bmp/bmp-read.c
index a1ebe47..7ac4cc4 100644
--- a/plug-ins/file-bmp/bmp-read.c
+++ b/plug-ins/file-bmp/bmp-read.c
@@ -400,9 +400,26 @@ ReadBMP (const gchar *name,
}
}
- /* Valid bitpdepthis 1, 4, 8, 16, 24, 32 */
+ /* Valid bit depth is 1, 4, 8, 16, 24, 32 */
/* 16 is awful, we should probably shoot whoever invented it */
+ switch (Bitmap_Head.biBitCnt)
+ {
+ case 1:
+ case 2:
+ case 4:
+ case 8:
+ case 16:
+ case 24:
+ case 32:
+ break;
+ default:
+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+ _("'%s' is not a valid BMP file"),
+ gimp_filename_to_utf8 (filename));
+ return -1;
+ }
+
/* There should be some colors used! */
ColormapSize =
@@ -424,7 +441,10 @@ ReadBMP (const gchar *name,
return -1;
}
- if (Bitmap_Head.biWidth < 0)
+ /* biHeight may be negative, but G_MININT32 is dangerous because:
+ G_MININT32 == -(G_MININT32) */
+ if (Bitmap_Head.biWidth < 0 ||
+ Bitmap_Head.biHeight == G_MININT32)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("'%s' is not a valid BMP file"),
@@ -448,6 +468,18 @@ ReadBMP (const gchar *name,
return -1;
}
+ /* protect against integer overflows caused by malicious BMPs */
+ /* use divisions in comparisons to avoid type overflows */
+
+ if (((guint64) Bitmap_Head.biWidth) > G_MAXINT32 / Bitmap_Head.biBitCnt ||
+ ((guint64) Bitmap_Head.biWidth) > (G_MAXINT32 / ABS (Bitmap_Head.biHeight)) / 4)
+ {
+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+ _("'%s' is not a valid BMP file"),
+ gimp_filename_to_utf8 (filename));
+ return -1;
+ }
+
/* Windows and OS/2 declare filler so that rows are a multiple of
* word length (32 bits == 4 bytes)
*/
gimp-2.6.7-jpeg-units.patch:
jpeg-save.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
--- NEW FILE gimp-2.6.7-jpeg-units.patch ---
commit f6f34fd0cd6d523cc472351bcdc9b9ae180aac41
Author: Sven Neumann <sven at gimp.org>
Date: Mon Nov 3 16:39:20 2008 +0000
patch: jpeg-units
Bug 559081 – JPEG Save dialog preview should adjust size units
2008-11-03 Sven Neumann <sven at gimp.org>
Bug 559081 – JPEG Save dialog preview should adjust size units
* plug-ins/file-jpeg/jpeg-save.c: use
g_format_size_for_display()
to display the JPEG file size.
svn path=/trunk/; revision=27532
Signed-off-by: Nils Philippsen <nils at redhat.com>
diff --git a/plug-ins/file-jpeg/jpeg-save.c b/plug-ins/file-jpeg/jpeg-save.c
index 2d0d249..35cda17 100644
--- a/plug-ins/file-jpeg/jpeg-save.c
+++ b/plug-ins/file-jpeg/jpeg-save.c
@@ -192,14 +192,14 @@ background_jpeg_save (PreviewPersistent *pp)
/* display the preview stuff */
if (!pp->abort_me)
{
- struct stat buf;
- gchar temp[128];
+ struct stat buf;
+ gchar *text;
g_stat (pp->file_name, &buf);
- g_snprintf (temp, sizeof (temp),
- _("File size: %02.01f kB"),
- (gdouble) (buf.st_size) / 1024.0);
- gtk_label_set_text (GTK_LABEL (preview_size), temp);
+ text = g_strdup_printf (_("File size: %s"),
+ g_format_size_for_display (buf.st_size));
+ gtk_label_set_text (GTK_LABEL (preview_size), text);
+ g_free (text);
/* and load the preview */
load_image (pp->file_name, GIMP_RUN_NONINTERACTIVE, TRUE, NULL);
gimp-2.6.7-psd-hardening.patch:
psd-load.c | 97 +++++++++++++++++++++++++++++++++++++++++++++++++------------
psd.h | 24 +++++++--------
2 files changed, 90 insertions(+), 31 deletions(-)
--- NEW FILE gimp-2.6.7-psd-hardening.patch ---
commit f53faac253bbf2f8326a4898c805fb3596694665
Author: Nils Philippsen <nils at redhat.com>
Date: Tue Nov 17 11:56:08 2009 +0100
patch: psd-hardening
Squashed commit of the following:
commit de05a3ec3d0a452fb48d4705cec8d4bb505364d2
Author: Simon Budig <simon at gimp.org>
Date: Tue Nov 17 00:41:39 2009 +0100
Harden the PSD plugin against integer overflows.
Issues discovered by Stefan Cornelius, Secunia Research, advisory SA37232
and CVE identifier CVE-2009-3909. Fixes bug #600741.
(cherry picked from commit 9cc8d78ff33b7a36852b74e64b427489cad44d0e)
(cherry picked from commit 88eccea84aa375197cc04a2a0e2e29debb56bfa5)
Signed-off-by: Nils Philippsen <nils at redhat.com>
commit 35ec53d2a1363380a0c6c3f64280e99d7d07f90a
Author: Simon Budig <simon at gimp.org>
Date: Tue Nov 17 01:12:19 2009 +0100
Fix the PSD structs to use signed ints for bounding box coordinates.
(cherry picked from commit 0e440cb6d4d6ee029667363d244aff61b154c33c)
(cherry picked from commit 687ec47914ec08d6e460918cb641c196d80140a3)
Signed-off-by: Nils Philippsen <nils at redhat.com>
diff --git a/plug-ins/file-psd/psd-load.c b/plug-ins/file-psd/psd-load.c
index d0a8455..1b4e944 100644
--- a/plug-ins/file-psd/psd-load.c
+++ b/plug-ins/file-psd/psd-load.c
@@ -304,6 +304,15 @@ read_header_block (PSDimage *img_a,
return -1;
}
+ /* img_a->rows is sanitized above, so a division by zero is avoided here */
+ if (img_a->columns > G_MAXINT32 / img_a->rows)
+ {
+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+ _("Unsupported or invalid image size: %dx%d"),
+ img_a->columns, img_a->rows);
+ return -1;
+ }
+
if (img_a->color_mode != PSD_BITMAP
&& img_a->color_mode != PSD_GRAYSCALE
&& img_a->color_mode != PSD_INDEXED
@@ -533,10 +542,10 @@ read_layer_block (PSDimage *img_a,
psd_set_error (feof (f), errno, error);
return NULL;
}
- lyr_a[lidx]->top = GUINT32_FROM_BE (lyr_a[lidx]->top);
- lyr_a[lidx]->left = GUINT32_FROM_BE (lyr_a[lidx]->left);
- lyr_a[lidx]->bottom = GUINT32_FROM_BE (lyr_a[lidx]->bottom);
- lyr_a[lidx]->right = GUINT32_FROM_BE (lyr_a[lidx]->right);
+ lyr_a[lidx]->top = GINT32_FROM_BE (lyr_a[lidx]->top);
+ lyr_a[lidx]->left = GINT32_FROM_BE (lyr_a[lidx]->left);
+ lyr_a[lidx]->bottom = GINT32_FROM_BE (lyr_a[lidx]->bottom);
+ lyr_a[lidx]->right = GINT32_FROM_BE (lyr_a[lidx]->right);
lyr_a[lidx]->num_channels = GUINT16_FROM_BE (lyr_a[lidx]->num_channels);
if (lyr_a[lidx]->num_channels > MAX_CHANNELS)
@@ -546,14 +555,16 @@ read_layer_block (PSDimage *img_a,
lyr_a[lidx]->num_channels);
return NULL;
}
- if (lyr_a[lidx]->bottom - lyr_a[lidx]->top > GIMP_MAX_IMAGE_SIZE)
+ if (lyr_a[lidx]->bottom < lyr_a[lidx]->top ||
+ lyr_a[lidx]->bottom - lyr_a[lidx]->top > GIMP_MAX_IMAGE_SIZE)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Unsupported or invalid layer height: %d"),
lyr_a[lidx]->bottom - lyr_a[lidx]->top);
return NULL;
}
- if (lyr_a[lidx]->right - lyr_a[lidx]->left > GIMP_MAX_IMAGE_SIZE)
+ if (lyr_a[lidx]->right < lyr_a[lidx]->left ||
+ lyr_a[lidx]->right - lyr_a[lidx]->left > GIMP_MAX_IMAGE_SIZE)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Unsupported or invalid layer width: %d"),
@@ -561,6 +572,16 @@ read_layer_block (PSDimage *img_a,
return NULL;
}
+ if ((lyr_a[lidx]->right - lyr_a[lidx]->left) >
+ G_MAXINT32 / MAX (lyr_a[lidx]->bottom - lyr_a[lidx]->top, 1))
+ {
+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+ _("Unsupported or invalid layer size: %dx%d"),
+ lyr_a[lidx]->right - lyr_a[lidx]->left,
+ lyr_a[lidx]->bottom - lyr_a[lidx]->top);
+ return NULL;
+ }
+
IFDBG(2) g_debug ("Layer %d, Coords %d %d %d %d, channels %d, ",
lidx, lyr_a[lidx]->left, lyr_a[lidx]->top,
lyr_a[lidx]->right, lyr_a[lidx]->bottom,
@@ -670,13 +691,13 @@ read_layer_block (PSDimage *img_a,
return NULL;
}
lyr_a[lidx]->layer_mask.top =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask.top);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask.top);
lyr_a[lidx]->layer_mask.left =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask.left);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask.left);
lyr_a[lidx]->layer_mask.bottom =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask.bottom);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask.bottom);
lyr_a[lidx]->layer_mask.right =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask.right);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask.right);
lyr_a[lidx]->layer_mask.mask_flags.relative_pos =
lyr_a[lidx]->layer_mask.flags & 1 ? TRUE : FALSE;
lyr_a[lidx]->layer_mask.mask_flags.disabled =
@@ -702,21 +723,21 @@ read_layer_block (PSDimage *img_a,
return NULL;
}
lyr_a[lidx]->layer_mask_extra.top =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask_extra.top);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask_extra.top);
lyr_a[lidx]->layer_mask_extra.left =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask_extra.left);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask_extra.left);
lyr_a[lidx]->layer_mask_extra.bottom =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask_extra.bottom);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask_extra.bottom);
lyr_a[lidx]->layer_mask_extra.right =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask_extra.right);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask_extra.right);
lyr_a[lidx]->layer_mask.top =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask.top);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask.top);
lyr_a[lidx]->layer_mask.left =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask.left);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask.left);
lyr_a[lidx]->layer_mask.bottom =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask.bottom);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask.bottom);
lyr_a[lidx]->layer_mask.right =
- GUINT32_FROM_BE (lyr_a[lidx]->layer_mask.right);
+ GINT32_FROM_BE (lyr_a[lidx]->layer_mask.right);
lyr_a[lidx]->layer_mask.mask_flags.relative_pos =
lyr_a[lidx]->layer_mask.flags & 1 ? TRUE : FALSE;
lyr_a[lidx]->layer_mask.mask_flags.disabled =
@@ -734,6 +755,34 @@ read_layer_block (PSDimage *img_a,
}
}
+ /* sanity checks */
+ if (lyr_a[lidx]->layer_mask.bottom < lyr_a[lidx]->layer_mask.top ||
+ lyr_a[lidx]->layer_mask.bottom - lyr_a[lidx]->layer_mask.top > GIMP_MAX_IMAGE_SIZE)
+ {
+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+ _("Unsupported or invalid layer mask height: %d"),
+ lyr_a[lidx]->layer_mask.bottom - lyr_a[lidx]->layer_mask.top);
+ return NULL;
+ }
+ if (lyr_a[lidx]->layer_mask.right < lyr_a[lidx]->layer_mask.left ||
+ lyr_a[lidx]->layer_mask.right - lyr_a[lidx]->layer_mask.left > GIMP_MAX_IMAGE_SIZE)
+ {
+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+ _("Unsupported or invalid layer mask width: %d"),
+ lyr_a[lidx]->layer_mask.right - lyr_a[lidx]->layer_mask.left);
+ return NULL;
+ }
+
+ if ((lyr_a[lidx]->layer_mask.right - lyr_a[lidx]->layer_mask.left) >
+ G_MAXINT32 / MAX (lyr_a[lidx]->layer_mask.bottom - lyr_a[lidx]->layer_mask.top, 1))
+ {
+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+ _("Unsupported or invalid layer mask size: %dx%d"),
+ lyr_a[lidx]->layer_mask.right - lyr_a[lidx]->layer_mask.left,
+ lyr_a[lidx]->layer_mask.bottom - lyr_a[lidx]->layer_mask.top);
+ return NULL;
+ }
+
IFDBG(2) g_debug ("Layer mask coords %d %d %d %d, Rel pos %d",
lyr_a[lidx]->layer_mask.left,
lyr_a[lidx]->layer_mask.top,
@@ -1135,7 +1184,7 @@ add_layers (const gint32 image_id,
psd_set_error (feof (f), errno, error);
return -1;
}
- rle_pack_len[rowi] = GUINT16_FROM_BE (rle_pack_len[rowi]);
+ rle_pack_len[rowi] = GUINT16_FROM_BE (rle_pack_len[rowi]);
}
IFDBG(3) g_debug ("RLE decode - data");
@@ -1761,6 +1810,16 @@ read_channel_data (PSDchannel *channel,
IFDBG(3) g_debug ("raw data size %d x %d = %d", readline_len,
channel->rows, readline_len * channel->rows);
+
+ /* sanity check, int overflow check (avoid divisions by zero) */
+ if ((channel->rows == 0) || (channel->columns == 0) ||
+ (channel->rows > G_MAXINT32 / channel->columns / MAX (bps >> 3, 1)))
+ {
+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+ _("Unsupported or invalid channel size"));
+ return -1;
+ }
+
raw_data = g_malloc (readline_len * channel->rows);
switch (compression)
{
diff --git a/plug-ins/file-psd/psd.h b/plug-ins/file-psd/psd.h
index 6292747..b0c28ff 100644
--- a/plug-ins/file-psd/psd.h
+++ b/plug-ins/file-psd/psd.h
@@ -447,10 +447,10 @@ typedef struct
/* PSD Layer mask data (length 20) */
typedef struct
{
- guint32 top; /* Layer top */
- guint32 left; /* Layer left */
- guint32 bottom; /* Layer bottom */
- guint32 right; /* Layer right */
+ gint32 top; /* Layer top */
+ gint32 left; /* Layer left */
+ gint32 bottom; /* Layer bottom */
+ gint32 right; /* Layer right */
guchar def_color; /* Default background colour */
guchar flags; /* Layer flags */
guchar extra_def_color; /* Real default background colour */
@@ -461,20 +461,20 @@ typedef struct
/* PSD Layer mask data (length 36) */
typedef struct
{
- guint32 top; /* Layer top */
- guint32 left; /* Layer left */
- guint32 bottom; /* Layer bottom */
- guint32 right; /* Layer right */
+ gint32 top; /* Layer top */
+ gint32 left; /* Layer left */
+ gint32 bottom; /* Layer bottom */
+ gint32 right; /* Layer right */
} LayerMaskExtra;
/* PSD Layer data structure */
typedef struct
{
gboolean drop; /* Do not add layer to GIMP image */
- guint32 top; /* Layer top */
- guint32 left; /* Layer left */
- guint32 bottom; /* Layer bottom */
- guint32 right; /* Layer right */
+ gint32 top; /* Layer top */
+ gint32 left; /* Layer left */
+ gint32 bottom; /* Layer bottom */
+ gint32 right; /* Layer right */
guint16 num_channels; /* Number of channels */
ChannelLengthInfo *chn_info; /* Channel length info */
gchar mode_key[4]; /* Blend mode key */
Index: gimp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/gimp/F-10/gimp.spec,v
retrieving revision 1.184
retrieving revision 1.185
diff -u -p -r1.184 -r1.185
--- gimp.spec 18 Aug 2009 12:42:49 -0000 1.184
+++ gimp.spec 17 Nov 2009 11:31:20 -0000 1.185
@@ -31,7 +31,7 @@ Summary: GNU Image Manipulation P
Name: gimp
Epoch: 2
Version: 2.6.7
-Release: 2%{?dist}
+Release: 3%{?dist}
%define binver 2.6
%define gimp_lang_ver 20
%define interfacever 2.0
@@ -122,12 +122,18 @@ Source0: ftp://ftp.gimp.org/pub/g
Source1: gimp-plugin-mgr.in
# distro specific: use xdg-open instead of firefox as web browser
Patch0: gimp-2.6.2-xdg-open.patch
-# http://bugzilla.gnome.org/show_bug.cgi?id=559081
+# https://bugzilla.gnome.org/show_bug.cgi?id=559081
# "JPEG Save dialog preview should adjust size units"
-Patch1: gimp-2.6.2-jpeg-units.patch
-# http://bugzilla.gnome.org/show_bug.cgi?id=556896
+Patch1: gimp-2.6.7-jpeg-units.patch
+# https://bugzilla.gnome.org/show_bug.cgi?id=556896
# "Dialogs don't get minimized with single image window"
Patch2: gimp-2.6.6-minimize-dialogs.patch
+# https://bugzilla.gnome.org/show_bug.cgi?id=600484
+# "Gimp BMP Integer Overflow Vulnerability"
+Patch3: gimp-2.6.7-bmp-hardening.patch
+# https://bugzilla.gnome.org/show_bug.cgi?id=600741
+# '"read_channel_data()" Integer Overflow Vulnerability'
+Patch4: gimp-2.6.7-psd-hardening.patch
%description
GIMP (GNU Image Manipulation Program) is a powerful image composition and
@@ -209,6 +215,8 @@ EOF
%patch0 -p1 -b .xdg-open
%patch1 -p1 -b .jpeg-units
%patch2 -p1 -b .minimize-dialogs
+%patch3 -p1 -b .bmp-hardening
+%patch4 -p1 -b .psd-hardening
%build
# if [ ! -f configure ]; then
@@ -499,6 +507,11 @@ fi
%{_libdir}/gimp/%{interfacever}/plug-ins/help-browser
%changelog
+* Tue Nov 17 2009 Nils Philippsen <nils at redhat.com> - 2:2.6.7-3
+- avoid overflow in the BMP image file plugin (#537356)
+- avoid overflow in the PSD image file plugin (#537370)
+- update jpeg-units patch
+
* Tue Aug 18 2009 Nils Philippsen <nils at redhat.com> - 2:2.6.7-2
- BR: webkitgtk-devel/WebKit-gtk-devel >= 1.1.0
--- gimp-2.6.2-jpeg-units.patch DELETED ---
More information about the fedora-extras-commits
mailing list