%define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0} Name: jasper1 Summary: implementation of the JPEG-2000 standard, Part 1 Version: 1.900.1 Release: 12%{?_dist_release} Group: Applications/Graphics License: Modified BSD (see LICENSE) URL: http://www.ece.uvic.ca/~mdadams/jasper/ Source: jasper-%{version}.zip Patch1: jasper-1.701.0-GL.patch # autoconf/automake bits of patch1 Patch2: jasper-1.701.0-GL-ac.patch # CVE-2007-2721 (bug #240397) # borrowed from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041;msg=88 Patch3: patch-libjasper-stepsizes-overflow.diff # borrowed from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469786 Patch4: jpc_dec.c.patch # OpenBSD hardening patches addressing couple of possible integer overflows # during the memory allocations # https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3520 Patch5: jasper-1.900.1-CVE-2008-3520.patch # https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3522 Patch6: jasper-1.900.1-CVE-2008-3522.patch # add pkg-config support Patch7: jasper-pkgconfig.patch Patch8: jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch Patch9: jasper-CVE-2014-9029.patch Patch10: jasper-CVE-2014-8137.patch Patch11: jasper-CVE-2014-8138.patch # Issues found by static analysis of code Patch110: jasper-1.900.1-Coverity-BAD_SIZEOF.patch Patch111: jasper-1.900.1-Coverity-CHECKED_RETURN.patch Patch112: jasper-1.900.1-Coverity-FORWARD_NULL.patch Patch113: jasper-1.900.1-Coverity-NULL_RETURNS.patch Patch114: jasper-1.900.1-Coverity-RESOURCE_LEAK.patch Patch115: jasper-1.900.1-Coverity-UNREACHABLE.patch Patch116: jasper-1.900.1-Coverity-UNUSED_VALUE.patch # from debian Patch1000: 09-CVE-2016-1577.patch Patch1001: 10-CVE-2016-2089.patch Patch1002: 11-CVE-2016-2116.patch BuildRoot: %{_tmppath}/jasper-%{version}-root BuildRequires: autoconf automake libtool BuildRequires: freeglut-devel BuildRequires: libGLU-devel BuildRequires: libjpeg-devel BuildRequires: pkgconfig Requires: jasper-libs = %{version}-%{release} Vendor: Project Vine Distribution: Vine Linux %description JasPer is a collection of software (i.e., a library and application programs) for the coding and manipulation of images. This software can handle image data in a variety of formats. One such format supported by JasPer is the JPEG-2000 format defined in ISO/IEC 15444-1. %package libs Summary: Runtime libraries for jasper Group: System Environment/Libraries %description libs This package contains runtime libraries for JasPer. # compat32 %package -n compat32-jasper1-libs Summary: Runtime libraries for jasper Group: System Environment/Libraries %description -n compat32-jasper1-libs This package contains runtime libraries for JasPer. %prep %setup -q -n jasper-%{version} %patch1 -p1 -b .GL %patch2 -p1 -b .GL-ac %patch3 -p1 -b .CVE-2007-2721 %patch4 -p1 -b .jpc_dec_assertion %patch5 -p1 -b .CVE-2008-3520 %patch6 -p1 -b .CVE-2008-3522 %patch7 -p1 -b .pkgconfig %patch8 -p1 -b .CVE-2011-4516-4517 %patch9 -p1 -b .CVE-2014-9029 %patch10 -p1 -b .CVE-2014-8137-variant2 %patch11 -p1 -b .CVE-2014-8138 %patch110 -p1 -b .BAD_SIZEOF %patch111 -p1 -b .CHECKED_RETURN %patch112 -p1 -b .FORWARD_NULL %patch113 -p1 -b .NULL_RETURNS %patch114 -p1 -b .RESOURCE_LEAK %patch115 -p1 -b .UNREACHABLE %patch116 -p1 -b .UNUSED_VALUE %patch1000 -p1 -b .CVE-2016-1577 %patch1001 -p1 -b .CVE-2016-2089 %patch1002 -p1 -b .CVE-2016-2116 autoreconf --verbose --force --install %build CFLAGS="%{optflags} -fno-strict-overflow" \ %configure --enable-shared --disable-static make %{?_smp_mflags} %install [ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT make install DESTDIR=$RPM_BUILD_ROOT # remove .la rm -f $RPM_BUILD_ROOT/%{_libdir}/*.la %clean [ -n "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != / ] && rm -rf $RPM_BUILD_ROOT %post libs -p /sbin/ldconfig %postun libs -p /sbin/ldconfig %post -n compat32-jasper1-libs -p /sbin/ldconfig %postun -n compat32-jasper1-libs -p /sbin/ldconfig %files libs %defattr(-,root,root) %{_libdir}/libjasper*.so.* # compat32 %if %{build_compat32} %files -n compat32-jasper1-libs %defattr(-,root,root) %{_libdir}/libjasper*.so.* %endif %changelog * Mon Mar 20 2017 Tomohiro "Tomo-p" KATO 1.900.1-12 - created a new package for compatibility only. * Tue Jul 19 2016 Tomohiro "Tomo-p" KATO 1.900.1-11 - added Patch1000-1002 to fix CVE-2016-{1577,2089,2116}. * Wed Dec 24 2014 Tomohiro "Tomo-p" KATO 1.900.1-10 - imported all patches from RawHide. * Tue Jul 15 2014 Yoji TOYODA 1.900.1-9 - rebuild with libpng-1.6.12 * Thu Apr 14 2011 Ryoichi INAGAKI 1.900.1-8 - rebuilt with current VineSeed * Sat May 02 2009 NAKAMURA Kenta 1.900.1-7 - added compat32 subpackage for x86_64 arch support. * Sat Sep 06 2008 Daisuke SUZUKI 1.900.1-6 - splited out runtime library to sub package - enable opengl again, add BuildRequires: freeglut-devel * Wed Jun 25 2008 AKIYAMA Kazuhito 1.900.1-5 - remove .la - add --disable-static to configure option * Sun Jun 24 2007 Ryoichi INAGAKI 1.900.1-0vl4 - added Patch0 from VinePlus/4.0 * Thu Jun 21 2007 Satoshi IWAMOTO 1.900.1-0vl2.1 - add patch100 for fix CVE-2007-2721 - add Vendor/Distributin Tag * Fri May 25 2007 AKIYAMA Kazuhito 1.900.1-0vl3 - remove BuildPrereq: freeglut-devel and Requires freeglut - add --disable-opengl to configure option * Fri Mar 16 2007 MATSUBAYASHI Kohji 1.900.1-0vl2 - add BuildPreReq: unzip (used in the %%pre section) * Thu Mar 15 2007 Ryoichi INAGAKI 1.900.1-0vl1 - new upstream release * Tue Jan 16 2007 Ryoichi INAGAKI 1.900.0-0vl1 - new upstream release - changed Group to System Environment/Libraries - added --mandir=%{_mandir} - added %post and %postun section * Thu Sep 07 2006 NAKAMURA Kenta 1.701.0-0vl3 - added --libdir=%{_libdir} configure option * Tue Sep 5 2006 AKIYAMA Kazuhito 1.701.0-0vl2 - build with freeglut - change BuildPrereq and Requires * Tue Dec 14 2004 Satoshi MACHINO 1.701.0-0vl1 - new upstream version (jasper-1.701.0) * Sat Nov 15 2003 AKIYAMA Kazuhito 1.700.5-0vl2 - rebuild for VineSeedPlus * Sat Nov 15 2003 AKIYAMA Kazuhito 1.700.5-0vl1 - source upgrade - change spec to build for VineLinux * Fri Oct 25 2002 Alexander D. Karaivanov - spec file created