Date: Monday, November 21, 2016 @ 16:02:03 Author: anthraxx Revision: 281760
archrelease: copy trunk to staging-i686, staging-x86_64 Added: jasper/repos/staging-i686/PKGBUILD (from rev 281759, jasper/trunk/PKGBUILD) jasper/repos/staging-i686/jasper-1.900.1-fix-filename-buffer-overflow.patch (from rev 281759, jasper/trunk/jasper-1.900.1-fix-filename-buffer-overflow.patch) jasper/repos/staging-x86_64/PKGBUILD (from rev 281759, jasper/trunk/PKGBUILD) jasper/repos/staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch (from rev 281759, jasper/trunk/jasper-1.900.1-fix-filename-buffer-overflow.patch) Deleted: jasper/repos/staging-i686/PKGBUILD jasper/repos/staging-i686/jasper-1.900.1-fix-filename-buffer-overflow.patch jasper/repos/staging-x86_64/PKGBUILD jasper/repos/staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch ------------------------------------------------------------------+ /PKGBUILD | 88 ++++++++++ /jasper-1.900.1-fix-filename-buffer-overflow.patch | 74 ++++++++ staging-i686/PKGBUILD | 39 ---- staging-i686/jasper-1.900.1-fix-filename-buffer-overflow.patch | 37 ---- staging-x86_64/PKGBUILD | 39 ---- staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch | 37 ---- 6 files changed, 162 insertions(+), 152 deletions(-) Deleted: staging-i686/PKGBUILD =================================================================== --- staging-i686/PKGBUILD 2016-11-21 16:01:54 UTC (rev 281759) +++ staging-i686/PKGBUILD 2016-11-21 16:02:03 UTC (rev 281760) @@ -1,39 +0,0 @@ -# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> -# Maintainer: Eric Bélanger <e...@archlinux.org> - -pkgname=jasper -pkgver=1.900.30 -pkgrel=1 -pkgdesc='Software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard' -url='http://www.ece.uvic.ca/~mdadams/jasper/' -arch=('i686' 'x86_64') -license=('custom:JasPer2.0') -depends=('libjpeg') -makedepends=('freeglut' 'libxmu' 'glu') -optdepends=('freeglut: jiv support' - 'glu: jiv support') -options=('staticlibs') -source=(${pkgname}-${pkgver}.tar.gz::https://github.com/mdadams/jasper/archive/version-${pkgver}.tar.gz - jasper-1.900.1-fix-filename-buffer-overflow.patch) -sha512sums=('887cb6f4167bd8aedb067851e064a550b1d3c5247204d8cba4d87e47f2fc42b8f7d64ab62be74838b452a821f9e467665f44dadedc84b268510159ad1de68311' - 'b8d798bf75523c5db263783e42c653dd0cb03deee90be32eddf878bb6893cca02abadd94de6a8c737a5b7fe76f7fb245979f010765e6a95fc520b215e3a2a7f0') - -prepare() { - cd ${pkgname}-version-${pkgver} - patch -p1 < "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch" - autoreconf -fvi -} - -build() { - cd ${pkgname}-version-${pkgver} - ./configure --prefix=/usr --mandir=/usr/share/man --enable-shared - make -} - -package() { - cd ${pkgname}-version-${pkgver} - make DESTDIR="${pkgdir}" install - install -Dm 644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" -} - -# vim: ts=2 sw=2 et: Copied: jasper/repos/staging-i686/PKGBUILD (from rev 281759, jasper/trunk/PKGBUILD) =================================================================== --- staging-i686/PKGBUILD (rev 0) +++ staging-i686/PKGBUILD 2016-11-21 16:02:03 UTC (rev 281760) @@ -0,0 +1,44 @@ +# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> +# Maintainer: Eric Bélanger <e...@archlinux.org> + +pkgname=jasper +pkgver=1.900.31 +pkgrel=1 +pkgdesc='Software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard' +url='http://www.ece.uvic.ca/~mdadams/jasper/' +arch=('i686' 'x86_64') +license=('custom:JasPer2.0') +depends=('libjpeg') +makedepends=('freeglut' 'libxmu' 'glu') +optdepends=('freeglut: jiv support' + 'glu: jiv support') +options=('staticlibs') +source=(${pkgname}-${pkgver}.tar.gz::https://github.com/mdadams/jasper/archive/version-${pkgver}.tar.gz + jasper-1.900.1-fix-filename-buffer-overflow.patch) +sha512sums=('e0f37106b59e4226a65e562e78e577e889dd8cbad7a04c63ca3e6ea2d0b1fe72e325abc0a701e2557aeb64b2dc999fa52426341264cb82e3e44338fb0cdc0f65' + 'b8d798bf75523c5db263783e42c653dd0cb03deee90be32eddf878bb6893cca02abadd94de6a8c737a5b7fe76f7fb245979f010765e6a95fc520b215e3a2a7f0') + +prepare() { + cd ${pkgname}-version-${pkgver} + patch -p1 < "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch" + autoreconf -fvi +} + +build() { + cd ${pkgname}-version-${pkgver} + ./configure --prefix=/usr --mandir=/usr/share/man --enable-shared + make +} + +check() { + cd ${pkgname}-version-${pkgver} + make -j1 check +} + +package() { + cd ${pkgname}-version-${pkgver} + make DESTDIR="${pkgdir}" install + install -Dm 644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} + +# vim: ts=2 sw=2 et: Deleted: staging-i686/jasper-1.900.1-fix-filename-buffer-overflow.patch =================================================================== --- staging-i686/jasper-1.900.1-fix-filename-buffer-overflow.patch 2016-11-21 16:01:54 UTC (rev 281759) +++ staging-i686/jasper-1.900.1-fix-filename-buffer-overflow.patch 2016-11-21 16:02:03 UTC (rev 281760) @@ -1,37 +0,0 @@ -Description: Filename buffer overflow fix - This patch fixes a security hole by a bad buffer size handling. -Author: Roland Stigge <sti...@antcom.de> -Bug-Debian: http://bugs.debian.org/645118 - ---- a/src/libjasper/include/jasper/jas_stream.h -+++ b/src/libjasper/include/jasper/jas_stream.h -@@ -77,6 +77,7 @@ - #include <jasper/jas_config.h> - - #include <stdio.h> -+#include <limits.h> - #if defined(JAS_HAVE_FCNTL_H) - #include <fcntl.h> - #endif -@@ -99,6 +100,12 @@ extern "C" { - #define O_BINARY 0 - #endif - -+#ifdef PATH_MAX -+#define JAS_PATH_MAX PATH_MAX -+#else -+#define JAS_PATH_MAX 4096 -+#endif -+ - /* - * Stream open flags. - */ -@@ -251,7 +258,7 @@ typedef struct { - typedef struct { - int fd; - int flags; -- char pathname[L_tmpnam + 1]; -+ char pathname[JAS_PATH_MAX + 1]; - } jas_stream_fileobj_t; - - #define JAS_STREAM_FILEOBJ_DELONCLOSE 0x01 Copied: jasper/repos/staging-i686/jasper-1.900.1-fix-filename-buffer-overflow.patch (from rev 281759, jasper/trunk/jasper-1.900.1-fix-filename-buffer-overflow.patch) =================================================================== --- staging-i686/jasper-1.900.1-fix-filename-buffer-overflow.patch (rev 0) +++ staging-i686/jasper-1.900.1-fix-filename-buffer-overflow.patch 2016-11-21 16:02:03 UTC (rev 281760) @@ -0,0 +1,37 @@ +Description: Filename buffer overflow fix + This patch fixes a security hole by a bad buffer size handling. +Author: Roland Stigge <sti...@antcom.de> +Bug-Debian: http://bugs.debian.org/645118 + +--- a/src/libjasper/include/jasper/jas_stream.h ++++ b/src/libjasper/include/jasper/jas_stream.h +@@ -77,6 +77,7 @@ + #include <jasper/jas_config.h> + + #include <stdio.h> ++#include <limits.h> + #if defined(JAS_HAVE_FCNTL_H) + #include <fcntl.h> + #endif +@@ -99,6 +100,12 @@ extern "C" { + #define O_BINARY 0 + #endif + ++#ifdef PATH_MAX ++#define JAS_PATH_MAX PATH_MAX ++#else ++#define JAS_PATH_MAX 4096 ++#endif ++ + /* + * Stream open flags. + */ +@@ -251,7 +258,7 @@ typedef struct { + typedef struct { + int fd; + int flags; +- char pathname[L_tmpnam + 1]; ++ char pathname[JAS_PATH_MAX + 1]; + } jas_stream_fileobj_t; + + #define JAS_STREAM_FILEOBJ_DELONCLOSE 0x01 Deleted: staging-x86_64/PKGBUILD =================================================================== --- staging-x86_64/PKGBUILD 2016-11-21 16:01:54 UTC (rev 281759) +++ staging-x86_64/PKGBUILD 2016-11-21 16:02:03 UTC (rev 281760) @@ -1,39 +0,0 @@ -# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> -# Maintainer: Eric Bélanger <e...@archlinux.org> - -pkgname=jasper -pkgver=1.900.30 -pkgrel=1 -pkgdesc='Software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard' -url='http://www.ece.uvic.ca/~mdadams/jasper/' -arch=('i686' 'x86_64') -license=('custom:JasPer2.0') -depends=('libjpeg') -makedepends=('freeglut' 'libxmu' 'glu') -optdepends=('freeglut: jiv support' - 'glu: jiv support') -options=('staticlibs') -source=(${pkgname}-${pkgver}.tar.gz::https://github.com/mdadams/jasper/archive/version-${pkgver}.tar.gz - jasper-1.900.1-fix-filename-buffer-overflow.patch) -sha512sums=('887cb6f4167bd8aedb067851e064a550b1d3c5247204d8cba4d87e47f2fc42b8f7d64ab62be74838b452a821f9e467665f44dadedc84b268510159ad1de68311' - 'b8d798bf75523c5db263783e42c653dd0cb03deee90be32eddf878bb6893cca02abadd94de6a8c737a5b7fe76f7fb245979f010765e6a95fc520b215e3a2a7f0') - -prepare() { - cd ${pkgname}-version-${pkgver} - patch -p1 < "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch" - autoreconf -fvi -} - -build() { - cd ${pkgname}-version-${pkgver} - ./configure --prefix=/usr --mandir=/usr/share/man --enable-shared - make -} - -package() { - cd ${pkgname}-version-${pkgver} - make DESTDIR="${pkgdir}" install - install -Dm 644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" -} - -# vim: ts=2 sw=2 et: Copied: jasper/repos/staging-x86_64/PKGBUILD (from rev 281759, jasper/trunk/PKGBUILD) =================================================================== --- staging-x86_64/PKGBUILD (rev 0) +++ staging-x86_64/PKGBUILD 2016-11-21 16:02:03 UTC (rev 281760) @@ -0,0 +1,44 @@ +# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org> +# Maintainer: Eric Bélanger <e...@archlinux.org> + +pkgname=jasper +pkgver=1.900.31 +pkgrel=1 +pkgdesc='Software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard' +url='http://www.ece.uvic.ca/~mdadams/jasper/' +arch=('i686' 'x86_64') +license=('custom:JasPer2.0') +depends=('libjpeg') +makedepends=('freeglut' 'libxmu' 'glu') +optdepends=('freeglut: jiv support' + 'glu: jiv support') +options=('staticlibs') +source=(${pkgname}-${pkgver}.tar.gz::https://github.com/mdadams/jasper/archive/version-${pkgver}.tar.gz + jasper-1.900.1-fix-filename-buffer-overflow.patch) +sha512sums=('e0f37106b59e4226a65e562e78e577e889dd8cbad7a04c63ca3e6ea2d0b1fe72e325abc0a701e2557aeb64b2dc999fa52426341264cb82e3e44338fb0cdc0f65' + 'b8d798bf75523c5db263783e42c653dd0cb03deee90be32eddf878bb6893cca02abadd94de6a8c737a5b7fe76f7fb245979f010765e6a95fc520b215e3a2a7f0') + +prepare() { + cd ${pkgname}-version-${pkgver} + patch -p1 < "${srcdir}/jasper-1.900.1-fix-filename-buffer-overflow.patch" + autoreconf -fvi +} + +build() { + cd ${pkgname}-version-${pkgver} + ./configure --prefix=/usr --mandir=/usr/share/man --enable-shared + make +} + +check() { + cd ${pkgname}-version-${pkgver} + make -j1 check +} + +package() { + cd ${pkgname}-version-${pkgver} + make DESTDIR="${pkgdir}" install + install -Dm 644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} + +# vim: ts=2 sw=2 et: Deleted: staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch =================================================================== --- staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch 2016-11-21 16:01:54 UTC (rev 281759) +++ staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch 2016-11-21 16:02:03 UTC (rev 281760) @@ -1,37 +0,0 @@ -Description: Filename buffer overflow fix - This patch fixes a security hole by a bad buffer size handling. -Author: Roland Stigge <sti...@antcom.de> -Bug-Debian: http://bugs.debian.org/645118 - ---- a/src/libjasper/include/jasper/jas_stream.h -+++ b/src/libjasper/include/jasper/jas_stream.h -@@ -77,6 +77,7 @@ - #include <jasper/jas_config.h> - - #include <stdio.h> -+#include <limits.h> - #if defined(JAS_HAVE_FCNTL_H) - #include <fcntl.h> - #endif -@@ -99,6 +100,12 @@ extern "C" { - #define O_BINARY 0 - #endif - -+#ifdef PATH_MAX -+#define JAS_PATH_MAX PATH_MAX -+#else -+#define JAS_PATH_MAX 4096 -+#endif -+ - /* - * Stream open flags. - */ -@@ -251,7 +258,7 @@ typedef struct { - typedef struct { - int fd; - int flags; -- char pathname[L_tmpnam + 1]; -+ char pathname[JAS_PATH_MAX + 1]; - } jas_stream_fileobj_t; - - #define JAS_STREAM_FILEOBJ_DELONCLOSE 0x01 Copied: jasper/repos/staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch (from rev 281759, jasper/trunk/jasper-1.900.1-fix-filename-buffer-overflow.patch) =================================================================== --- staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch (rev 0) +++ staging-x86_64/jasper-1.900.1-fix-filename-buffer-overflow.patch 2016-11-21 16:02:03 UTC (rev 281760) @@ -0,0 +1,37 @@ +Description: Filename buffer overflow fix + This patch fixes a security hole by a bad buffer size handling. +Author: Roland Stigge <sti...@antcom.de> +Bug-Debian: http://bugs.debian.org/645118 + +--- a/src/libjasper/include/jasper/jas_stream.h ++++ b/src/libjasper/include/jasper/jas_stream.h +@@ -77,6 +77,7 @@ + #include <jasper/jas_config.h> + + #include <stdio.h> ++#include <limits.h> + #if defined(JAS_HAVE_FCNTL_H) + #include <fcntl.h> + #endif +@@ -99,6 +100,12 @@ extern "C" { + #define O_BINARY 0 + #endif + ++#ifdef PATH_MAX ++#define JAS_PATH_MAX PATH_MAX ++#else ++#define JAS_PATH_MAX 4096 ++#endif ++ + /* + * Stream open flags. + */ +@@ -251,7 +258,7 @@ typedef struct { + typedef struct { + int fd; + int flags; +- char pathname[L_tmpnam + 1]; ++ char pathname[JAS_PATH_MAX + 1]; + } jas_stream_fileobj_t; + + #define JAS_STREAM_FILEOBJ_DELONCLOSE 0x01