Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openjph for openSUSE:Factory checked in at 2025-11-01 23:34:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openjph (Old) and /work/SRC/openSUSE:Factory/.openjph.new.1980 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openjph" Sat Nov 1 23:34:30 2025 rev:13 rq:1314670 version:0.24.5 Changes: -------- --- /work/SRC/openSUSE:Factory/openjph/openjph.changes 2025-10-30 17:10:09.735506961 +0100 +++ /work/SRC/openSUSE:Factory/.openjph.new.1980/openjph.changes 2025-11-01 23:34:34.446366322 +0100 @@ -1,0 +2,6 @@ +Fri Oct 31 08:48:02 UTC 2025 - Michael Vetter <[email protected]> + +- Update to 0.24.5: + * Address openexr oss-fuzz 5747129672073216 #225 + +------------------------------------------------------------------- Old: ---- 0.24.4.tar.gz New: ---- 0.24.5.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openjph.spec ++++++ --- /var/tmp/diff_new_pack.a9O0VT/_old 2025-11-01 23:34:35.102393752 +0100 +++ /var/tmp/diff_new_pack.a9O0VT/_new 2025-11-01 23:34:35.106393919 +0100 @@ -17,7 +17,7 @@ Name: openjph -Version: 0.24.4 +Version: 0.24.5 Release: 0 Summary: An implementation of JPEG2000 Part-15 License: BSD-2-Clause ++++++ 0.24.4.tar.gz -> 0.24.5.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OpenJPH-0.24.4/src/core/codestream/ojph_params.cpp new/OpenJPH-0.24.5/src/core/codestream/ojph_params.cpp --- old/OpenJPH-0.24.4/src/core/codestream/ojph_params.cpp 2025-10-29 20:49:07.000000000 +0100 +++ new/OpenJPH-0.24.5/src/core/codestream/ojph_params.cpp 2025-10-31 08:57:53.000000000 +0100 @@ -975,6 +975,18 @@ OJPH_ERROR(0x00050079, "error reading COD segment"); if (file->read(&SPcod.wavelet_trans, 1) != 1) OJPH_ERROR(0x0005007A, "error reading COD segment"); + + if (((SPcod.num_decomp & 0x80) == 0 && SPcod.num_decomp > 32) + || SPcod.block_width > 8 + || SPcod.block_height > 8 + || SPcod.block_width + SPcod.block_height > 8 + || (SPcod.block_style & 0x40) != 0x40 + || (SPcod.block_style & 0xB7) != 0x00) + OJPH_ERROR(0x0005007D, "wrong settings in a COD-SPcod parameter"); + if ((SPcod.block_style & 0x40) != 0x40 + || (SPcod.block_style & 0xB7) != 0x00) + OJPH_ERROR(0x0005007E, "unsupported settings in a COD-SPcod parameter"); + if (Scod & 1) for (int i = 0; i <= SPcod.num_decomp; ++i) if (file->read(&SPcod.precinct_size[i], 1) != 1) @@ -1021,6 +1033,18 @@ OJPH_ERROR(0x00050128, "error reading COC segment"); if (file->read(&SPcod.wavelet_trans, 1) != 1) OJPH_ERROR(0x00050129, "error reading COC segment"); + + if (((SPcod.num_decomp & 0x80) == 0 && SPcod.num_decomp > 32) + || SPcod.block_width > 8 + || SPcod.block_height > 8 + || SPcod.block_width + SPcod.block_height > 8 + || (SPcod.block_style & 0x40) != 0x40 + || (SPcod.block_style & 0xB7) != 0x00) + OJPH_ERROR(0x0005012C, "wrong settings in a COC-SPcoc parameter"); + if ((SPcod.block_style & 0x40) != 0x40 + || (SPcod.block_style & 0xB7) != 0x00) + OJPH_ERROR(0x0005012D, "unsupported settings in a COC-SPcoc parameter"); + if (Scod & 1) for (int i = 0; i <= get_num_decompositions(); ++i) if (file->read(&SPcod.precinct_size[i], 1) != 1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OpenJPH-0.24.4/src/core/common/ojph_version.h new/OpenJPH-0.24.5/src/core/common/ojph_version.h --- old/OpenJPH-0.24.4/src/core/common/ojph_version.h 2025-10-29 20:49:07.000000000 +0100 +++ new/OpenJPH-0.24.5/src/core/common/ojph_version.h 2025-10-31 08:57:53.000000000 +0100 @@ -35,4 +35,4 @@ #define OPENJPH_VERSION_MAJOR 0 #define OPENJPH_VERSION_MINOR 24 -#define OPENJPH_VERSION_PATCH 4 +#define OPENJPH_VERSION_PATCH 5
