From 5744a984a6abbd8f91defd34cef5a741c02df567 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Thu, 13 Feb 2020 17:21:57 +0100
Subject: sync with Fedora Backport patch for CVE 2020-8112

---
 openjpeg2-static.spec | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'openjpeg2-static.spec')

diff --git a/openjpeg2-static.spec b/openjpeg2-static.spec
index 35f14e9..ea1c2a0 100644
--- a/openjpeg2-static.spec
+++ b/openjpeg2-static.spec
@@ -11,7 +11,7 @@
 
 Name:           openjpeg2-static
 Version:        2.3.1
-Release:        4%{?dist}
+Release:        6%{?dist}
 Summary:        C-Library for JPEG 2000
 
 # windirent.h is MIT, the rest is BSD
@@ -28,6 +28,9 @@ Patch0:         openjpeg2_opj2.patch
 # Backport patch for CVE 2020-6851
 # https://github.com/uclouvain/openjpeg/issues/1228
 Patch1:         openjpeg2_CVE-2020-6851.patch
+# Backport patch for CVE 2020-8112
+# https://github.com/uclouvain/openjpeg/pull/1232/commits/05f9b91e60debda0e83977e5e63b2e66486f7074
+Patch2:         openjpeg2_CVE-2020-8112.patch
 
 
 BuildRequires:  cmake
@@ -211,6 +214,7 @@ OpenJPEG2 JP3D module command line tools
 %setup -qn openjpeg-%{version}
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 # Remove all third party libraries just to be sure
 find thirdparty/ -mindepth 1 -maxdepth 1 -type d -exec rm -rf {} \;
@@ -342,6 +346,10 @@ make test -C %{_target_platform}
 
 
 %changelog
+* Thu Feb 13 2020 Remi Collet <remi@remirepo.net> - 2.3.1-6
+- sync with Fedora
+- Backport patch for CVE 2020-8112
+
 * Mon Jan 20 2020 Remi Collet <remi@remirepo.net> - 2.3.1-4
 - sync with Fedora
 - Backport patch for CVE 2020-6851
-- 
cgit