[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfire-development
Subject: Re: [PATCH] openjpeg: Update to version 2.4.0
From: Peter_Müller <peter.mueller () ipfire ! org>
Date: 2022-04-29 18:54:56
Message-ID: 0cd446fc-29d3-5db8-0957-0c00a5cea4da () ipfire ! org
[Download RAW message or body]
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
> - Update from version 2.3.1 to 2.4.0
> - Update of rootfile
> - Changelog
> 2.4.0
> **Closed issues:**
> - OPENJPEG\_INSTALL\_DOC\_DIR does not control a destination directory where HTML \
> docs would be installed. \
> [\#1309](https://github.com/uclouvain/openjpeg/issues/1309)
> - Heap-buffer-overflow in lib/openjp2/pi.c:312 \
> [\#1302](https://github.com/uclouvain/openjpeg/issues/1302)
> - Heap-buffer-overflow in lib/openjp2/t2.c:973 \
> [\#1299](https://github.com/uclouvain/openjpeg/issues/1299)
> - Heap-buffer-overflow in lib/openjp2/pi.c:623 \
> [\#1293](https://github.com/uclouvain/openjpeg/issues/1293)
> - Global-buffer-overflow in lib/openjp2/dwt.c:1980 \
> [\#1286](https://github.com/uclouvain/openjpeg/issues/1286)
> - Heap-buffer-overflow in lib/openjp2/tcd.c:2417 \
> [\#1284](https://github.com/uclouvain/openjpeg/issues/1284)
> - Heap-buffer-overflow in lib/openjp2/mqc.c:499 \
> [\#1283](https://github.com/uclouvain/openjpeg/issues/1283)
> - Openjpeg could not encode 32bit RGB float image \
> [\#1281](https://github.com/uclouvain/openjpeg/issues/1281)
> - Openjpeg could not encode 32bit RGB float image \
> [\#1280](https://github.com/uclouvain/openjpeg/issues/1280)
> - ISO/IEC 15444-1:2019 \(E\) compared with 'cio.h' \
> [\#1277](https://github.com/uclouvain/openjpeg/issues/1277)
> - Test-suite failure due to hash mismatch \
> [\#1264](https://github.com/uclouvain/openjpeg/issues/1264)
> - Heap use-after-free [\#1261](https://github.com/uclouvain/openjpeg/issues/1261)
> - Memory leak when failing to allocate object... \
> [\#1259](https://github.com/uclouvain/openjpeg/issues/1259)
> - Memory leak of Tier 1 handle when OpenJPEG fails to set it as TLS... \
> [\#1257](https://github.com/uclouvain/openjpeg/issues/1257)
> - Any plan to build release for CVE-2020-8112/CVE-2020-6851 \
> [\#1247](https://github.com/uclouvain/openjpeg/issues/1247)
> - failing to convert 16-bit file: opj\_t2\_encode\_packet\(\): only 5251 bytes \
> remaining in output buffer. 5621 needed. \
> [\#1243](https://github.com/uclouvain/openjpeg/issues/1243)
> - CMake+VS2017 Compile OK, thirdparty Compile OK, but thirdparty not install \
> [\#1239](https://github.com/uclouvain/openjpeg/issues/1239)
> - New release to solve CVE-2019-6988 ? \
> [\#1238](https://github.com/uclouvain/openjpeg/issues/1238)
> - Many tests fail to pass after the update of libtiff to version 4.1.0 \
> [\#1233](https://github.com/uclouvain/openjpeg/issues/1233)
> - Another heap buffer overflow in libopenjp2 \
> [\#1231](https://github.com/uclouvain/openjpeg/issues/1231)
> - Heap buffer overflow in libopenjp2 \
> [\#1228](https://github.com/uclouvain/openjpeg/issues/1228)
> - Endianness of binary volume \(JP3D\) \
> [\#1224](https://github.com/uclouvain/openjpeg/issues/1224)
> - New release to resolve CVE-2019-12973 \
> [\#1222](https://github.com/uclouvain/openjpeg/issues/1222)
> - how to set the block size,like 128,256 ? \
> [\#1216](https://github.com/uclouvain/openjpeg/issues/1216)
> - compress YUV files to motion jpeg2000 standard \
> [\#1213](https://github.com/uclouvain/openjpeg/issues/1213)
> - Repair/update Java wrapper, and include in release \
> [\#1208](https://github.com/uclouvain/openjpeg/issues/1208)
> - abc [\#1206](https://github.com/uclouvain/openjpeg/issues/1206)
> - Slow decoding [\#1202](https://github.com/uclouvain/openjpeg/issues/1202)
> - Installation question \
> [\#1201](https://github.com/uclouvain/openjpeg/issues/1201)
> - Typo in test\_decode\_area - \*ptilew is assigned instead of \*ptileh \
> [\#1195](https://github.com/uclouvain/openjpeg/issues/1195)
> - Creating a J2K file with one POC is broken \
> [\#1191](https://github.com/uclouvain/openjpeg/issues/1191)
> - Make fails on Arch Linux \
> [\#1174](https://github.com/uclouvain/openjpeg/issues/1174)
> - Heap buffer overflow in opj\_t1\_clbl\_decode\_processor\(\) triggered with \
> Ghostscript \
> [\#1158](https://github.com/uclouvain/openjpeg/issues/1158)
> - opj\_stream\_get\_number\_byte\_left: Assertion `p\_stream-\>m\_byte\_offset \
> \>= 0' failed. \
> [\#1151](https://github.com/uclouvain/openjpeg/issues/1151)
> - The fuzzer ignores too many inputs \
> [\#1079](https://github.com/uclouvain/openjpeg/issues/1079)
> - out of bounds read [\#1068](https://github.com/uclouvain/openjpeg/issues/1068)
> **Merged pull requests:**
> - Change defined WIN32 [\#1310](https://github.com/uclouvain/openjpeg/pull/1310) \
> ([Jamaika1](https://github.com/Jamaika1))
> - docs: fix simple typo, producted -\> produced \
> [\#1308](https://github.com/uclouvain/openjpeg/pull/1308) \
> ([timgates42](https://github.com/timgates42))
> - Set ${OPENJPEG\_INSTALL\_DOC\_DIR} to DESTINATION of HTMLs \
> [\#1307](https://github.com/uclouvain/openjpeg/pull/1307) \
> ([lemniscati](https://github.com/lemniscati))
> - Use INC\_DIR for OPENJPEG\_INCLUDE\_DIRS \(fixes uclouvain\#1174\) \
> [\#1306](https://github.com/uclouvain/openjpeg/pull/1306) \
> ([matthew-sharp](https://github.com/matthew-sharp))
> - pi.c: avoid out of bounds access with POC \(fixes \#1302\) \
> [\#1304](https://github.com/uclouvain/openjpeg/pull/1304) \
> ([rouault](https://github.com/rouault))
> - Encoder: grow again buffer size \
> [\#1303](https://github.com/uclouvain/openjpeg/pull/1303) \
> ([zodf0055980](https://github.com/zodf0055980))
> - opj\_j2k\_write\_sod\(\): avoid potential heap buffer overflow \(fixes \#1299\) \
> \(probably master only\) [\#1301](https://github.com/uclouvain/openjpeg/pull/1301) \
> ([rouault](https://github.com/rouault))
> - pi.c: avoid out of bounds access with POC \(refs \
> https://github.com/uclouvain/openjpeg/issues/1293\#issuecomment-737122836\) \
> [\#1300](https://github.com/uclouvain/openjpeg/pull/1300) \
> ([rouault](https://github.com/rouault))
> - opj\_t2\_encode\_packet\(\): avoid out of bound access of \#1297, but likely \
> not the proper fix [\#1298](https://github.com/uclouvain/openjpeg/pull/1298) \
> ([rouault](https://github.com/rouault))
> - opj\_t2\_encode\_packet\(\): avoid out of bound access of \#1294, but likely \
> not the proper fix [\#1296](https://github.com/uclouvain/openjpeg/pull/1296) \
> ([rouault](https://github.com/rouault))
> - opj\_j2k\_setup\_encoder\(\): validate POC compno0 and compno1 \(fixes \#1293\) \
> [\#1295](https://github.com/uclouvain/openjpeg/pull/1295) \
> ([rouault](https://github.com/rouault))
> - Encoder: avoid global buffer overflow on irreversible conversion when… \
> [\#1292](https://github.com/uclouvain/openjpeg/pull/1292) \
> ([rouault](https://github.com/rouault))
> - Decoding: deal with some SPOT6 images that have tiles with a single tile-part \
> with TPsot == 0 and TNsot == 0, and with missing EOC \
> [\#1291](https://github.com/uclouvain/openjpeg/pull/1291) \
> ([rouault](https://github.com/rouault))
> - Free p\_tcd\_marker\_info to avoid memory leak \
> [\#1288](https://github.com/uclouvain/openjpeg/pull/1288) \
> ([zodf0055980](https://github.com/zodf0055980))
> - Encoder: grow again buffer size \
> [\#1287](https://github.com/uclouvain/openjpeg/pull/1287) \
> ([zodf0055980](https://github.com/zodf0055980))
> - Encoder: avoid uint32 overflow when allocating memory for codestream buffer \
> \(fixes \#1243\) [\#1276](https://github.com/uclouvain/openjpeg/pull/1276) \
> ([rouault](https://github.com/rouault))
> - Java compatibility from 1.5 to 1.6 \
> [\#1263](https://github.com/uclouvain/openjpeg/pull/1263) \
> ([jiapei100](https://github.com/jiapei100))
> - opj\_decompress: fix double-free on input directory with mix of valid and \
> invalid images [\#1262](https://github.com/uclouvain/openjpeg/pull/1262) \
> ([rouault](https://github.com/rouault))
> - openjp2: Plug image leak when failing to allocate codestream index. \
> [\#1260](https://github.com/uclouvain/openjpeg/pull/1260) \
> ([sebras](https://github.com/sebras))
> - openjp2: Plug memory leak when setting data as TLS fails. \
> [\#1258](https://github.com/uclouvain/openjpeg/pull/1258) \
> ([sebras](https://github.com/sebras))
> - openjp2: Error out if failing to create Tier 1 handle. \
> [\#1256](https://github.com/uclouvain/openjpeg/pull/1256) \
> ([sebras](https://github.com/sebras))
> - Testing for invalid values of width, height, numcomps \
> [\#1254](https://github.com/uclouvain/openjpeg/pull/1254) \
> ([szukw000](https://github.com/szukw000))
> - Single-threaded performance improvements in forward DWT for 5-3 and 9-7 \(and \
> other improvements\) [\#1253](https://github.com/uclouvain/openjpeg/pull/1253) \
> ([rouault](https://github.com/rouault))
> - Add support for multithreading in encoder \
> [\#1248](https://github.com/uclouvain/openjpeg/pull/1248) \
> ([rouault](https://github.com/rouault))
> - Add support for generation of PLT markers in encoder \
> [\#1246](https://github.com/uclouvain/openjpeg/pull/1246) \
> ([rouault](https://github.com/rouault))
> - Fix warnings about signed/unsigned casts in pi.c \
> [\#1244](https://github.com/uclouvain/openjpeg/pull/1244) \
> ([rouault](https://github.com/rouault))
> - opj\_decompress: add sanity checks to avoid segfault in case of decoding error \
> [\#1240](https://github.com/uclouvain/openjpeg/pull/1240) \
> ([rouault](https://github.com/rouault))
> - ignore wrong icc [\#1236](https://github.com/uclouvain/openjpeg/pull/1236) \
> ([szukw000](https://github.com/szukw000))
> - Implement writing of IMF profiles \
> [\#1235](https://github.com/uclouvain/openjpeg/pull/1235) \
> ([rouault](https://github.com/rouault))
> - tests: add alternate checksums for libtiff 4.1 \
> [\#1234](https://github.com/uclouvain/openjpeg/pull/1234) \
> ([rouault](https://github.com/rouault))
> - opj\_tcd\_init\_tile\(\): avoid integer overflow \
> [\#1232](https://github.com/uclouvain/openjpeg/pull/1232) \
> ([rouault](https://github.com/rouault))
> - tests/fuzzers: link fuzz binaries using $LIB\_FUZZING\_ENGINE. \
> [\#1230](https://github.com/uclouvain/openjpeg/pull/1230) \
> ([Dor1s](https://github.com/Dor1s))
> - opj\_j2k\_update\_image\_dimensions\(\): reject images whose coordinates are \
> beyond INT\_MAX \(fixes \#1228\) \
> [\#1229](https://github.com/uclouvain/openjpeg/pull/1229) \
> ([rouault](https://github.com/rouault))
> - Fix resource leaks [\#1226](https://github.com/uclouvain/openjpeg/pull/1226) \
> ([dodys](https://github.com/dodys))
> - abi-check.sh: fix false postive ABI error, and display output error log \
> [\#1218](https://github.com/uclouvain/openjpeg/pull/1218) \
> ([rouault](https://github.com/rouault))
> - pi.c: avoid integer overflow, resulting in later invalid access to memory in \
> opj\_t2\_decode\_packets\(\) \
> [\#1217](https://github.com/uclouvain/openjpeg/pull/1217) \
> ([rouault](https://github.com/rouault))
> - Add check to validate SGcod/SPcoc/SPcod parameter values. \
> [\#1211](https://github.com/uclouvain/openjpeg/pull/1211) \
> ([sebras](https://github.com/sebras))
> - Fix buffer overflow reading an image file less than four characters \
> [\#1196](https://github.com/uclouvain/openjpeg/pull/1196) \
> ([robert-ancell](https://github.com/robert-ancell))
> - compression: emit POC marker when only one single POC is requested \(f… \
> [\#1192](https://github.com/uclouvain/openjpeg/pull/1192) \
> ([rouault](https://github.com/rouault))
> - Fix several potential vulnerabilities \
> [\#1185](https://github.com/uclouvain/openjpeg/pull/1185) \
> ([Young-X](https://github.com/Young-X))
> - openjp2/j2k: Report error if all wanted components are not decoded. \
> [\#1164](https://github.com/uclouvain/openjpeg/pull/1164) \
> ([sebras](https://github.com/sebras))
> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
> ---
> config/rootfiles/common/openjpeg | 18 +++++++++---------
> lfs/openjpeg | 4 ++--
> 2 files changed, 11 insertions(+), 11 deletions(-)
>
> diff --git a/config/rootfiles/common/openjpeg b/config/rootfiles/common/openjpeg
> index bafa62afc..3540d2297 100644
> --- a/config/rootfiles/common/openjpeg
> +++ b/config/rootfiles/common/openjpeg
> @@ -1,15 +1,15 @@
> usr/bin/opj_compress
> usr/bin/opj_decompress
> usr/bin/opj_dump
> -#usr/include/openjpeg-2.3
> -#usr/include/openjpeg-2.3/openjpeg.h
> -#usr/include/openjpeg-2.3/opj_config.h
> -#usr/include/openjpeg-2.3/opj_stdint.h
> +#usr/include/openjpeg-2.4
> +#usr/include/openjpeg-2.4/openjpeg.h
> +#usr/include/openjpeg-2.4/opj_config.h
> +#usr/include/openjpeg-2.4/opj_stdint.h
> #usr/lib/libopenjp2.so
> -usr/lib/libopenjp2.so.2.3.1
> +usr/lib/libopenjp2.so.2.4.0
> usr/lib/libopenjp2.so.7
> -#usr/lib/openjpeg-2.3
> -#usr/lib/openjpeg-2.3/OpenJPEGConfig.cmake
> -#usr/lib/openjpeg-2.3/OpenJPEGTargets-release.cmake
> -#usr/lib/openjpeg-2.3/OpenJPEGTargets.cmake
> +#usr/lib/openjpeg-2.4
> +#usr/lib/openjpeg-2.4/OpenJPEGConfig.cmake
> +#usr/lib/openjpeg-2.4/OpenJPEGTargets-release.cmake
> +#usr/lib/openjpeg-2.4/OpenJPEGTargets.cmake
> #usr/lib/pkgconfig/libopenjp2.pc
> diff --git a/lfs/openjpeg b/lfs/openjpeg
> index 0b8dec349..54fa69339 100644
> --- a/lfs/openjpeg
> +++ b/lfs/openjpeg
> @@ -24,7 +24,7 @@
>
> include Config
>
> -VER = 2.3.1
> +VER = 2.4.0
>
> THISAPP = openjpeg-$(VER)
> DL_FILE = $(THISAPP).tar.gz
> @@ -40,7 +40,7 @@ objects = $(DL_FILE)
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>
> -$(DL_FILE)_BLAKE2 = \
> ecc7e573592a5302dcdbade791f6aa6e48f6791c7412fdd44976f3619c8fc0cca7d904fa42013f33ab17dd0f569a76d3c49a73eccaf0a749d34f305362367af9
> +$(DL_FILE)_BLAKE2 = \
> ab8907638ac041ce7dcbcbcd9624ea5e4b7542c9ec38a850e363c071c27c4bc8b16e207700b12e67d8d32bdd9b0838735bede27084090ce95105d32c539b09cf
>
> install : $(TARGET)
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic