pkgsrc.se | The NetBSD package collection

./graphics/openjpeg, JPEG 2000 library

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2020Q1, Version: 2.3.1nb2, Package name: openjpeg-2.3.1nb2, Maintainer: pkgsrc-users

The OpenJPEG library is an open-source JPEG 2000 codec written in C. It
has been developed in order to promote the use of JPEG 2000 and is
licensed under a BSD license.

Required to run:
[graphics/tiff] [graphics/lcms2]

Master sites:

https://github.com/uclouvain/ (Download)

SHA1: 38321fa9730252039ad0b7f247a160a8164f5871
RMD160: 31b75aa70f5d26dd1b7e374a9e4b6be1842fefe7
Filesize: 2162.501 KB

Version history: (Expand)

(2020-04-20) Package added to pkgsrc.se, version openjpeg-2.3.1nb2 (created)

CVS history: (Expand)

2020-05-13 15:49:09 by Benny Siegert | Files touched by this commit (4)

Log message:
Pullup ticket #6193 - requested by nia
graphics/openjpeg: security fix

Revisions pulled up:
- graphics/openjpeg/Makefile                                    1.21
- graphics/openjpeg/distinfo                                    1.18
- graphics/openjpeg/patches/patch-src_lib_openjp2_j2k.c         1.1
- graphics/openjpeg/patches/patch-src_lib_openjp2_tcd.c         1.1

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue May 12 10:44:46 UTC 2020

   Modified Files:
   	pkgsrc/graphics/openjpeg: Makefile distinfo
   Added Files:
   	pkgsrc/graphics/openjpeg/patches: patch-src_lib_openjp2_j2k.c
   	    patch-src_lib_openjp2_tcd.c

   Log message:
   openjpeg: Cherrypick fixes for the following CVEs from upstream:

   https://nvd.nist.gov/vuln/detail/CVE-2020-6851 - out-of-bounds-write
   https://nvd.nist.gov/vuln/detail/CVE-2020-8112 - heap-overflow

   Please make releases for your software. :/

   Bump PKGREVISION