./graphics/openjpeg, JPEG 2000 library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2012Q2, Version: 1.5.0nb1, Package name: openjpeg-1.5.0nb1, Maintainer: pkgsrc-users

The OpenJPEG library is an open-source JPEG 2000 codec written in C. It
has been developed in order to promote the use of JPEG 2000 and is
licensed under a BSD license.


Required to build:
[devel/libtool-base]

Master sites:

SHA1: dce705ae45f137e4698a8cf39d1fbf22bc434fa8
RMD160: ffa85dbb0a3ba1545bc6974f4950f466789c04ef
Filesize: 2067.941 KB

Version history: (Expand)

CVS history: (Expand)


   2012-07-13 11:03:26 by Matthias Scheler | Files touched by this commit (4) | Package updated
Log message:
Pullup ticket #3859 - requested by wiz
graphics/openjpeg: security update

Revisions pulled up:
- graphics/openjpeg/DESCR                                       1.2
- graphics/openjpeg/Makefile                                    1.3
- graphics/openjpeg/distinfo                                    1.3
- graphics/openjpeg/patches/patch-libopenjpeg_j2k.c             1.1

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Wed Jul 11 09:07:21 UTC 2012

   Modified Files:
   	pkgsrc/graphics/openjpeg: DESCR Makefile distinfo
   Added Files:
   	pkgsrc/graphics/openjpeg/patches: patch-libopenjpeg_j2k.c

   Log message:
   CVE-2012-3358:
   A heap-based buffer overflow was found in the way OpenJPEG, an
   open-source JPEG 2000 codec written in C language, performed parsing of
   JPEG2000 having certain number of tiles and tilesizes. A remote
   attacker could provide a specially crafted JPEG 2000 file, which when
   opened in an application linked against openjpeg would lead to that
   application crash, or, potentially arbitrary code execution with the
   privileges of the user running the application.

   http://code.google.com/p/openjpeg/source/detail?r=1727

   Bump PKGREVISION.

   pkglint cleanups while here.