summaryrefslogtreecommitdiffstats
path: root/openjpeg2-static.spec
diff options
context:
space:
mode:
Diffstat (limited to 'openjpeg2-static.spec')
-rw-r--r--openjpeg2-static.spec18
1 files changed, 17 insertions, 1 deletions
diff --git a/openjpeg2-static.spec b/openjpeg2-static.spec
index ea1c2a0..2ee7543 100644
--- a/openjpeg2-static.spec
+++ b/openjpeg2-static.spec
@@ -11,7 +11,7 @@
Name: openjpeg2-static
Version: 2.3.1
-Release: 6%{?dist}
+Release: 9%{?dist}
Summary: C-Library for JPEG 2000
# windirent.h is MIT, the rest is BSD
@@ -31,6 +31,15 @@ Patch1: openjpeg2_CVE-2020-6851.patch
# Backport patch for CVE 2020-8112
# https://github.com/uclouvain/openjpeg/pull/1232/commits/05f9b91e60debda0e83977e5e63b2e66486f7074
Patch2: openjpeg2_CVE-2020-8112.patch
+# Backport patch for CVE-2020-27814
+# https://github.com/uclouvain/openjpeg/commit/eaa098b59b346cb88e4d10d505061f669d7134fc
+Patch3: openjpeg2_CVE-2020-27814.patch
+# Backport patch for CVE-2020-27824
+# https://github.com/uclouvain/openjpeg/pull/1292/commits/6daf5f3e1ec6eff03b7982889874a3de6617db8d
+Patch4: openjpeg2_CVE-2020-27824.patch
+# Backport patch for CVE-2020-27823
+# https://github.com/uclouvain/openjpeg/commit/b2072402b7e14d22bba6fb8cde2a1e9996e9a919
+Patch5: openjpeg2_CVE-2020-27823.patch
BuildRequires: cmake
@@ -215,6 +224,9 @@ OpenJPEG2 JP3D module command line tools
%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
# Remove all third party libraries just to be sure
find thirdparty/ -mindepth 1 -maxdepth 1 -type d -exec rm -rf {} \;
@@ -346,6 +358,10 @@ make test -C %{_target_platform}
%changelog
+* Thu Feb 13 2020 Remi Collet <remi@remirepo.net> - 2.3.1-9
+- sync with Fedora
+- Backport patches for CVE-2020-27824 and CVE-2020-27823
+
* Thu Feb 13 2020 Remi Collet <remi@remirepo.net> - 2.3.1-6
- sync with Fedora
- Backport patch for CVE 2020-8112