summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--2cd30c2b06ce332dede81cccad8b334cde997281.patch80
-rw-r--r--4241ae6fbbf1de9658764a80944dc8108f2b4154.patch35
-rw-r--r--afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch43
-rw-r--r--baf0c1ad4572daa89caa3b12985bdd93530f0dd7.patch25
-rw-r--r--e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch22
-rw-r--r--openjpeg2.spec424
-rw-r--r--openjpeg2_remove-thirdparty.patch11
7 files changed, 640 insertions, 0 deletions
diff --git a/2cd30c2b06ce332dede81cccad8b334cde997281.patch b/2cd30c2b06ce332dede81cccad8b334cde997281.patch
new file mode 100644
index 0000000..dd9183d
--- /dev/null
+++ b/2cd30c2b06ce332dede81cccad8b334cde997281.patch
@@ -0,0 +1,80 @@
+From 2cd30c2b06ce332dede81cccad8b334cde997281 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Thu, 17 Aug 2017 11:47:40 +0200
+Subject: [PATCH] tgatoimage(): avoid excessive memory allocation attempt, and
+ fixes unaligned load (#995)
+
+---
+ src/bin/jp2/convert.c | 39 +++++++++++++++++++++++++++------------
+ 1 file changed, 27 insertions(+), 12 deletions(-)
+
+diff --git a/src/bin/jp2/convert.c b/src/bin/jp2/convert.c
+index a4eb81f6a..73dfc8d5f 100644
+--- a/src/bin/jp2/convert.c
++++ b/src/bin/jp2/convert.c
+@@ -580,13 +580,10 @@ struct tga_header {
+ };
+ #endif /* INFORMATION_ONLY */
+
+-static unsigned short get_ushort(const unsigned char *data)
++/* Returns a ushort from a little-endian serialized value */
++static unsigned short get_tga_ushort(const unsigned char *data)
+ {
+- unsigned short val = *(const unsigned short *)data;
+-#ifdef OPJ_BIG_ENDIAN
+- val = ((val & 0xffU) << 8) | (val >> 8);
+-#endif
+- return val;
++ return data[0] | (data[1] << 8);
+ }
+
+ #define TGA_HEADER_SIZE 18
+@@ -613,17 +610,17 @@ static int tga_readheader(FILE *fp, unsigned int *bits_per_pixel,
+ id_len = tga[0];
+ /*cmap_type = tga[1];*/
+ image_type = tga[2];
+- /*cmap_index = get_ushort(&tga[3]);*/
+- cmap_len = get_ushort(&tga[5]);
++ /*cmap_index = get_tga_ushort(&tga[3]);*/
++ cmap_len = get_tga_ushort(&tga[5]);
+ cmap_entry_size = tga[7];
+
+
+ #if 0
+- x_origin = get_ushort(&tga[8]);
+- y_origin = get_ushort(&tga[10]);
++ x_origin = get_tga_ushort(&tga[8]);
++ y_origin = get_tga_ushort(&tga[10]);
+ #endif
+- image_w = get_ushort(&tga[12]);
+- image_h = get_ushort(&tga[14]);
++ image_w = get_tga_ushort(&tga[12]);
++ image_h = get_tga_ushort(&tga[14]);
+ pixel_depth = tga[16];
+ image_desc = tga[17];
+
+@@ -817,6 +814,24 @@ opj_image_t* tgatoimage(const char *filename, opj_cparameters_t *parameters)
+ color_space = OPJ_CLRSPC_SRGB;
+ }
+
++ /* If the declared file size is > 10 MB, check that the file is big */
++ /* enough to avoid excessive memory allocations */
++ if (image_height != 0 && image_width > 10000000 / image_height / numcomps) {
++ char ch;
++ OPJ_UINT64 expected_file_size =
++ (OPJ_UINT64)image_width * image_height * numcomps;
++ long curpos = ftell(f);
++ if (expected_file_size > (OPJ_UINT64)INT_MAX) {
++ expected_file_size = (OPJ_UINT64)INT_MAX;
++ }
++ fseek(f, (long)expected_file_size - 1, SEEK_SET);
++ if (fread(&ch, 1, 1, f) != 1) {
++ fclose(f);
++ return NULL;
++ }
++ fseek(f, curpos, SEEK_SET);
++ }
++
+ subsampling_dx = parameters->subsampling_dx;
+ subsampling_dy = parameters->subsampling_dy;
+
diff --git a/4241ae6fbbf1de9658764a80944dc8108f2b4154.patch b/4241ae6fbbf1de9658764a80944dc8108f2b4154.patch
new file mode 100644
index 0000000..d165090
--- /dev/null
+++ b/4241ae6fbbf1de9658764a80944dc8108f2b4154.patch
@@ -0,0 +1,35 @@
+From 4241ae6fbbf1de9658764a80944dc8108f2b4154 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Tue, 15 Aug 2017 11:55:58 +0200
+Subject: [PATCH] Fix assertion in debug mode / heap-based buffer overflow in
+ opj_write_bytes_LE for Cinema profiles with numresolutions = 1 (#985)
+
+---
+ src/lib/openjp2/j2k.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
+index a2521ebbc..54b490a8c 100644
+--- a/src/lib/openjp2/j2k.c
++++ b/src/lib/openjp2/j2k.c
+@@ -6573,10 +6573,16 @@ static void opj_j2k_set_cinema_parameters(opj_cparameters_t *parameters,
+
+ /* Precincts */
+ parameters->csty |= 0x01;
+- parameters->res_spec = parameters->numresolution - 1;
+- for (i = 0; i < parameters->res_spec; i++) {
+- parameters->prcw_init[i] = 256;
+- parameters->prch_init[i] = 256;
++ if (parameters->numresolution == 1) {
++ parameters->res_spec = 1;
++ parameters->prcw_init[0] = 128;
++ parameters->prch_init[0] = 128;
++ } else {
++ parameters->res_spec = parameters->numresolution - 1;
++ for (i = 0; i < parameters->res_spec; i++) {
++ parameters->prcw_init[i] = 256;
++ parameters->prch_init[i] = 256;
++ }
+ }
+
+ /* The progression order shall be CPRL */
diff --git a/afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch b/afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch
new file mode 100644
index 0000000..c8a1fd6
--- /dev/null
+++ b/afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch
@@ -0,0 +1,43 @@
+From afb308b9ccbe129608c9205cf3bb39bbefad90b9 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Mon, 14 Aug 2017 17:20:37 +0200
+Subject: [PATCH] Encoder: grow buffer size in
+ opj_tcd_code_block_enc_allocate_data() to avoid write heap buffer overflow in
+ opj_mqc_flush (#982)
+
+---
+ src/lib/openjp2/tcd.c | 7 +++++--
+ tests/nonregression/test_suite.ctest.in | 2 ++
+ 2 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
+index 301c7213e..53cdcf64d 100644
+--- a/src/lib/openjp2/tcd.c
++++ b/src/lib/openjp2/tcd.c
+@@ -1187,8 +1187,11 @@ static OPJ_BOOL opj_tcd_code_block_enc_allocate_data(opj_tcd_cblk_enc_t *
+ {
+ OPJ_UINT32 l_data_size;
+
+- /* The +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
+- l_data_size = 1 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
++ /* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
++ /* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
++ /* TODO: is there a theoretical upper-bound for the compressed code */
++ /* block size ? */
++ l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
+ (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
+
+ if (l_data_size > p_code_block->data_size) {
+diff --git a/tests/nonregression/test_suite.ctest.in b/tests/nonregression/test_suite.ctest.in
+index aaf40d7d0..ffd964c2a 100644
+--- a/tests/nonregression/test_suite.ctest.in
++++ b/tests/nonregression/test_suite.ctest.in
+@@ -169,6 +169,8 @@ opj_compress -i @INPUT_NR_PATH@/Bretagne2.ppm -o @TEMP_PATH@/Bretagne2_empty_ban
+ # Same rate as Bretagne2_4.j2k
+ opj_compress -i @INPUT_NR_PATH@/Bretagne2.ppm -o @TEMP_PATH@/Bretagne2_empty_band_r800.j2k -t 2591,1943 -n 2 -r 800
+
++opj_compress -i @INPUT_NR_PATH@/issue982.bmp -o @TEMP_PATH@/issue982.j2k -n 1
++
+ # DECODER TEST SUITE
+ opj_decompress -i @INPUT_NR_PATH@/Bretagne2.j2k -o @TEMP_PATH@/Bretagne2.j2k.pgx
+ opj_decompress -i @INPUT_NR_PATH@/_00042.j2k -o @TEMP_PATH@/_00042.j2k.pgx
diff --git a/baf0c1ad4572daa89caa3b12985bdd93530f0dd7.patch b/baf0c1ad4572daa89caa3b12985bdd93530f0dd7.patch
new file mode 100644
index 0000000..724cf60
--- /dev/null
+++ b/baf0c1ad4572daa89caa3b12985bdd93530f0dd7.patch
@@ -0,0 +1,25 @@
+From baf0c1ad4572daa89caa3b12985bdd93530f0dd7 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Mon, 14 Aug 2017 17:26:58 +0200
+Subject: [PATCH] bmp_read_info_header(): reject bmp files with biBitCount == 0
+ (#983)
+
+---
+ src/bin/jp2/convertbmp.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
+index b49e7a080..2715fdf24 100644
+--- a/src/bin/jp2/convertbmp.c
++++ b/src/bin/jp2/convertbmp.c
+@@ -392,6 +392,10 @@ static OPJ_BOOL bmp_read_info_header(FILE* IN, OPJ_BITMAPINFOHEADER* header)
+
+ header->biBitCount = (OPJ_UINT16)getc(IN);
+ header->biBitCount |= (OPJ_UINT16)((OPJ_UINT32)getc(IN) << 8);
++ if (header->biBitCount == 0) {
++ fprintf(stderr, "Error, invalid biBitCount %d\n", 0);
++ return OPJ_FALSE;
++ }
+
+ if (header->biSize >= 40U) {
+ header->biCompression = (OPJ_UINT32)getc(IN);
diff --git a/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch b/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch
new file mode 100644
index 0000000..ebfe1ad
--- /dev/null
+++ b/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch
@@ -0,0 +1,22 @@
+From e5285319229a5d77bf316bb0d3a6cbd3cb8666d9 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Fri, 18 Aug 2017 13:39:20 +0200
+Subject: [PATCH] pgxtoimage(): fix write stack buffer overflow (#997)
+
+---
+ src/bin/jp2/convert.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/bin/jp2/convert.c b/src/bin/jp2/convert.c
+index 5459f7d44..e606c9be7 100644
+--- a/src/bin/jp2/convert.c
++++ b/src/bin/jp2/convert.c
+@@ -1185,7 +1185,7 @@ opj_image_t* pgxtoimage(const char *filename, opj_cparameters_t *parameters)
+ }
+
+ fseek(f, 0, SEEK_SET);
+- if (fscanf(f, "PG%[ \t]%c%c%[ \t+-]%d%[ \t]%d%[ \t]%d", temp, &endian1,
++ if (fscanf(f, "PG%31[ \t]%c%c%31[ \t+-]%d%31[ \t]%d%31[ \t]%d", temp, &endian1,
+ &endian2, signtmp, &prec, temp, &w, temp, &h) != 9) {
+ fclose(f);
+ fprintf(stderr,
diff --git a/openjpeg2.spec b/openjpeg2.spec
new file mode 100644
index 0000000..653ae87
--- /dev/null
+++ b/openjpeg2.spec
@@ -0,0 +1,424 @@
+# Conformance tests disabled by default since it requires 1 GB of test data
+#global runcheck 1
+
+#global optional_components 1
+
+Name: openjpeg2
+Version: 2.2.0
+Release: 3%{?dist}
+Summary: C-Library for JPEG 2000
+
+# windirent.h is MIT, the rest is BSD
+License: BSD and MIT
+URL: https://github.com/uclouvain/openjpeg
+Source0: https://github.com/uclouvain/openjpeg/archive/v%{version}/openjpeg-%{version}.tar.gz
+%if 0%{?runcheck}
+# git clone git@github.com:uclouvain/openjpeg-data.git
+Source1: data.tar.xz
+%endif
+
+# Remove bundled libraries
+Patch0: openjpeg2_remove-thirdparty.patch
+# Backport fix for CVE-2017-12982
+Patch1: baf0c1ad4572daa89caa3b12985bdd93530f0dd7.patch
+# Backport fix for CVE-2017-14041
+Patch2: e5285319229a5d77bf316bb0d3a6cbd3cb8666d9.patch
+# Backport fix for CVE-2017-14040
+Patch3: 2cd30c2b06ce332dede81cccad8b334cde997281.patch
+# Backport fix for Heap-based buffer overflow in opj_write_bytes_LE in cio.c
+Patch4: 4241ae6fbbf1de9658764a80944dc8108f2b4154.patch
+# Backport fix for Heap-based buffer overflow in opj_mqc_flush in mqc.c
+Patch5: afb308b9ccbe129608c9205cf3bb39bbefad90b9.patch
+
+BuildRequires: cmake
+BuildRequires: zlib-devel
+BuildRequires: libpng-devel
+BuildRequires: libtiff-devel
+BuildRequires: lcms2-devel
+BuildRequires: doxygen
+
+%if 0%{?optional_components}
+BuildRequires: java-devel
+BuildRequires: xerces-j2
+%endif
+
+%description
+The OpenJPEG library is an open-source JPEG 2000 library developed in order to
+promote the use of JPEG 2000.
+
+This package contains
+* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1
+ compliance).
+* JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple
+ component transforms for multispectral and hyperspectral imagery)
+
+
+%package devel
+Summary: Development files for OpenJPEG 2
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description devel
+The %{name}-devel package contains libraries and header files for developing
+applications that use OpenJPEG 2.
+
+
+%package devel-docs
+Summary: Developer documentation for OpenJPEG 2
+BuildArch: noarch
+
+%description devel-docs
+The %{name}-devel-docs package contains documentation files for developing
+applications that use OpenJPEG 2.
+
+
+%package tools
+Summary: OpenJPEG 2 command line tools
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description tools
+Command line tools for JPEG 2000 file manipulation, using OpenJPEG2:
+ * opj2_compress
+ * opj2_decompress
+ * opj2_dump
+
+%if 0%{?optional_components}
+##### MJ2 #####
+
+%package mj2
+Summary: OpenJPEG2 MJ2 module
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description mj2
+The OpenJPEG library is an open-source JPEG 2000 library developed in order to
+promote the use of JPEG 2000.
+
+This package contains the MJ2 module (JPEG 2000 standard Part 3)
+
+
+%package mj2-devel
+Summary: Development files for OpenJPEG2 MJ2 module
+Requires: %{name}-devel%{?_isa} = %{version}-%{release}
+Requires: %{name}-mj2%{?_isa} = %{version}-%{release}
+
+%description mj2-devel
+Development files for OpenJPEG2 MJ2 module
+
+
+%package mj2-tools
+Summary: OpenJPEG2 MJ2 module command line tools
+Requires: %{name}-mj2%{?_isa} = %{version}-%{release}
+
+%description mj2-tools
+OpenJPEG2 MJ2 module command line tools
+
+##### JPWL #####
+
+%package jpwl
+Summary: OpenJPEG2 JPWL module
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description jpwl
+The OpenJPEG library is an open-source JPEG 2000 library developed in order to
+promote the use of JPEG 2000.
+
+This package contains the JPWL (JPEG 2000 standard Part 11 - Jpeg 2000 Wireless)
+
+
+%package jpwl-devel
+Summary: Development files for OpenJPEG2 JPWL module
+Requires: %{name}-devel%{?_isa} = %{version}-%{release}
+Requires: %{name}-jpwl%{?_isa} = %{version}-%{release}
+
+%description jpwl-devel
+Development files for OpenJPEG2 JPWL module
+
+
+%package jpwl-tools
+Summary: OpenJPEG2 JPWL module command line tools
+Requires: %{name}-jpwl%{?_isa} = %{version}-%{release}
+
+%description jpwl-tools
+OpenJPEG2 JPWL module command line tools
+
+##### JPIP #####
+
+%package jpip
+Summary: OpenJPEG2 JPIP module
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description jpip
+The OpenJPEG library is an open-source JPEG 2000 library developed in order to
+promote the use of JPEG 2000.
+
+This package contains the JPWL (JPEG 2000 standard Part 9 - Jpeg 2000 Interactive Protocol)
+
+
+%package jpip-devel
+Summary: Development files for OpenJPEG2 JPIP module
+Requires: %{name}-devel%{?_isa} = %{version}-%{release}
+Requires: %{name}-jpwl%{?_isa} = %{version}-%{release}
+
+%description jpip-devel
+Development files for OpenJPEG2 JPIP module
+
+
+%package jpip-tools
+Summary: OpenJPEG2 JPIP module command line tools
+Requires: %{name}-jpip%{?_isa} = %{version}-%{release}
+Requires: jpackage-utils
+Requires: java
+
+%description jpip-tools
+OpenJPEG2 JPIP module command line tools
+
+##### JP3D #####
+
+%package jp3d
+Summary: OpenJPEG2 JP3D module
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description jp3d
+The OpenJPEG library is an open-source JPEG 2000 library developed in order to
+promote the use of JPEG 2000.
+
+This package contains the JP3D (JPEG 2000 standard Part 10 - Jpeg 2000 3D)
+
+
+%package jp3d-devel
+Summary: Development files for OpenJPEG2 JP3D module
+Requires: %{name}-devel%{?_isa} = %{version}-%{release}
+Requires: %{name}-jp3d%{?_isa} = %{version}-%{release}
+
+%description jp3d-devel
+Development files for OpenJPEG2 JP3D module
+
+
+%package jp3d-tools
+Summary: OpenJPEG2 JP3D module command line tools
+Requires: %{name}-jp3d%{?_isa} = %{version}-%{release}
+
+%description jp3d-tools
+OpenJPEG2 JP3D module command line tools
+%endif
+
+
+%prep
+%autosetup -p1 -n openjpeg-%{version} %{?runcheck:-a 1}
+
+# Remove all third party libraries just to be sure
+rm -rf thirdparty
+
+
+%build
+mkdir %{_target_platform}
+pushd %{_target_platform}
+# TODO: Consider
+# -DBUILD_JPIP_SERVER=ON -DBUILD_JAVA=ON
+%cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DOPENJPEG_INSTALL_LIB_DIR=%{_lib} \
+ %{?optional_components:-DBUILD_MJ2=ON -DBUILD_JPWL=ON -DBUILD_JPIP=ON -DBUILD_JP3D=ON} \
+ -DBUILD_DOC=ON \
+ %{?runcheck:-DBUILD_TESTING:BOOL=ON -DOPJ_DATA_ROOT=$PWD/../data} \
+ ..
+popd
+
+%make_build VERBOSE=1 -C %{_target_platform}
+
+
+%install
+%make_install -C %{_target_platform}
+
+# Remove static library
+rm -f %{buildroot}%{_libdir}/libopenjp2.a
+
+# Rename to avoid conflicts with openjpeg-1.x
+for file in %{buildroot}%{_bindir}/opj_*; do
+ mv $file ${file/opj_/opj2_}
+done
+mv %{buildroot}%{_mandir}/man1/opj_compress.1 %{buildroot}%{_mandir}/man1/opj2_compress.1
+mv %{buildroot}%{_mandir}/man1/opj_decompress.1 %{buildroot}%{_mandir}/man1/opj2_decompress.1
+mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.1
+
+# Docs are installed through %%doc
+rm -rf %{buildroot}%{_datadir}/doc/
+
+%if 0%{?optional_components}
+# Move the jar to the correct place
+mkdir -p %{buildroot}%{_javadir}
+mv %{buildroot}%{_datadir}/opj_jpip_viewer.jar %{buildroot}%{_javadir}/opj2_jpip_viewer.jar
+cat > %{buildroot}%{_bindir}/opj2_jpip_viewer <<EOF
+java -jar %{_javadir}/opj2_jpip_viewer.jar "$@"
+EOF
+chmod +x %{buildroot}%{_bindir}/opj2_jpip_viewer
+%endif
+
+
+%post -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+
+%check
+%if 0%{?runcheck}
+make test -C %{_target_platform}
+%endif
+
+
+%files
+%{!?_licensedir:%global license %doc}
+%license LICENSE
+%doc AUTHORS.md NEWS.md README.md THANKS.md
+%{_libdir}/libopenjp2.so.*
+%{_mandir}/man3/libopenjp2.3*
+
+%files devel
+%dir %{_includedir}/openjpeg-2.2/
+%{_includedir}/openjpeg-2.2/openjpeg.h
+%{_includedir}/openjpeg-2.2/opj_config.h
+%{_includedir}/openjpeg-2.2/opj_stdint.h
+%{_libdir}/libopenjp2.so
+%{_libdir}/openjpeg-2.2/
+%{_libdir}/pkgconfig/libopenjp2.pc
+
+%files devel-docs
+%doc %{_target_platform}/doc/html
+
+%files tools
+%{_bindir}/opj2_compress
+%{_bindir}/opj2_decompress
+%{_bindir}/opj2_dump
+%{_mandir}/man1/opj2_compress.1*
+%{_mandir}/man1/opj2_decompress.1*
+%{_mandir}/man1/opj2_dump.1*
+
+%if 0%{?optional_components}
+%files mj2
+%{_libdir}/libopenmj2.so.*
+
+%files mj2-devel
+%{_libdir}/libopenmj2.so
+
+%files mj2-tools
+%{_bindir}/opj2_mj2*
+
+%files jpwl
+%{_libdir}/libopenjpwl.so.*
+
+%files jpwl-devel
+%{_libdir}/libopenjpwl.so
+%{_libdir}/pkgconfig/libopenjpwl.pc
+
+%files jpwl-tools
+%{_bindir}/opj2_jpwl*
+
+%files jpip
+%{_libdir}/libopenjpip.so.*
+
+%files jpip-devel
+%{_libdir}/libopenjpip.so
+%{_libdir}/pkgconfig/libopenjpip.pc
+
+%files jpip-tools
+%{_bindir}/opj2_jpip*
+%{_bindir}/opj2_dec_server
+%{_javadir}/opj2_jpip_viewer.jar
+
+%files jp3d
+%{_libdir}/libopenjp3d.so.*
+
+%files jp3d-devel
+%{_includedir}/openjpeg-2.0/openjp3d.h
+%{_libdir}/libopenjp3d.so
+%{_libdir}/pkgconfig/libopenjp3d.pc
+
+%files jp3d-tools
+%{_bindir}/opj2_jp3d*
+%endif
+
+
+%changelog
+* Thu Aug 31 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-3
+- Backport more security fixes, including for CVE-2017-14041 and CVE-2017-14040
+
+* Thu Aug 31 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-2
+- Backport patch for CVE-2017-12982
+
+* Thu Aug 10 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-1
+- Update to 2.2.0
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Sat Dec 17 2016 Sandro Mani <manisandro@gmail.com> - 2.1.2-3
+- Add patch for CVE-2016-9580 (#1405128) and CVE-2016-9581 (#1405135)
+
+* Thu Dec 08 2016 Sandro Mani <manisandro@gmail.com> - 2.1.2-2
+- Add patch for CVE-2016-9572 (#1402714) and CVE-2016-9573 (#1402711)
+
+* Wed Sep 28 2016 Sandro Mani <manisandro@gmail.com> - 2.1.2-1
+- Update to 2.1.2
+- Fixes: CVE-2016-7445
+
+* Fri Sep 09 2016 Sandro Mani <manisandro@gmail.com> - 2.1.1-3
+- Backport: Add sanity check for tile coordinates (#1374337)
+
+* Fri Sep 09 2016 Sandro Mani <manisandro@gmail.com> - 2.1.1-2
+- Backport fixes for CVE-2016-7163
+
+* Wed Jul 06 2016 Sandro Mani <manisandro@gmail.com> - 2.1.1-1
+- Update to 2.1.1
+- Fixes: CVE-2016-3183, CVE-2016-3181, CVE-2016-3182, CVE-2016-4796, CVE-2016-4797, CVE-2015-8871
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Thu Oct 01 2015 Sandro Mani <manisandro@gmail.com> - 2.1.0-7
+- Backport fix for possible double-free (#1267983)
+
+* Tue Sep 15 2015 Sandro Mani <manisandro@gmail.com> - 2.1.0-6
+- Backport fix for use after free vulnerability (#1263359)
+
+* Thu Jun 25 2015 Sandro Mani <manisandro@gmail.com> - 2.1.0-5
+- Add openjpeg2_bigendian.patch (#1232739)
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Tue May 27 2014 Sandro Mani <manisandro@gmail.com> - 2.1.0-1
+- Update to 2.1.0
+
+* Wed Apr 16 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-5
+- Switch to official 2.0 release and backport pkg-config patch
+
+* Thu Apr 10 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-4.svn20140403
+- Replace define with global
+- Fix #define optional_components 1S typo
+- Fix %%(pwd) -> $PWD for test data
+- Added some BR for optional components
+- Include opj2_jpip_viewer.jar in %%files
+
+* Wed Apr 09 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-3.svn20140403
+- Fix source url
+- Fix mixed tabs and spaces
+- Fix description too long
+
+* Wed Apr 09 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-2.svn20140403
+- Remove thirdparty libraries folder in prep
+- Own %%{_libdir}/openjpeg-2.0/
+- Fix Requires
+- Add missing ldconfig
+- Add possibility to run conformance tests if desired
+
+* Thu Apr 03 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-1.svn20140403
+- Initial package
diff --git a/openjpeg2_remove-thirdparty.patch b/openjpeg2_remove-thirdparty.patch
new file mode 100644
index 0000000..6987fc2
--- /dev/null
+++ b/openjpeg2_remove-thirdparty.patch
@@ -0,0 +1,11 @@
+diff -rupN openjpeg-2.1.1/CMakeLists.txt openjpeg-2.1.1-new/CMakeLists.txt
+--- openjpeg-2.1.1/CMakeLists.txt 2016-07-05 16:54:17.000000000 +0200
++++ openjpeg-2.1.1-new/CMakeLists.txt 2016-07-06 09:38:26.083029127 +0200
+@@ -270,7 +270,6 @@ if(BUILD_CODEC OR BUILD_MJ2)
+ # OFF: It will only build 3rd party libs if they are not found on the system
+ # ON: 3rd party libs will ALWAYS be build, and used
+ option(BUILD_THIRDPARTY "Build the thirdparty executables if it is needed" OFF)
+- add_subdirectory(thirdparty)
+ add_subdirectory(src/bin)
+ endif ()
+ add_subdirectory(wrapping)