Subject: CVS commit: [pkgsrc-2016Q3] pkgsrc/graphics/openjpeg
From: S.P.Zeidler
Date: 2016-10-16 16:44:11
Message id: 20161016144411.46C4EFBD2@cvs.NetBSD.org

Log Message:
Pullup ticket #5133 - requested by bsiegert
graphics/openjpeg: security update

Revisions pulled up:
- graphics/openjpeg/Makefile                                    1.14
- graphics/openjpeg/distinfo                                    1.11
- graphics/openjpeg/patches/patch-src_lib_openjp2_CMakeLists.txt 1.2

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Tue Oct  4 19:27:10 UTC 2016

   Modified Files:
           pkgsrc/graphics/openjpeg: Makefile distinfo
           pkgsrc/graphics/openjpeg/patches: patch-src_lib_openjp2_CMakeLists.txt

   Log Message:
   v2.1.2 (2016-09-28)

   Closed issues:

   null ptr dereference in convert.c:1331
   Out-of-Bounds Read in function bmp24toimage of convertbmp.c
   Disable automatic compilation of t1_generate_luts in CMakeLists.txt
   CVE-2016-7163 Integer overflow in opj_pi_create_decode
   Security Advisory for OpenJPEG
   Add dashboard with static lib
   hidden visibility for the static library / building with -DOPJ_STATIC against \ 
shared lib
   Optimization when building library from source
   unsigned int16 on Solaris 11.2/sparc
   appveyor
   Please make a new release
   FFMpeg will not link to 2.1.1 release built as shared library
   API change since v2: opj_event_mgr_t not available
   openjpeg.h needs dependencies
   "master" does not build on ubuntu
   Package 'openjp2', required by 'libopenjpip', not found

   Merged pull requests:

   Fix PNM file reading
   Fix some issues reported by Coverity Scan
   Fix potential out-of-bounds read (coverity)
   Remove TODO for overflow check
   Add overflow checks for opj_aligned_malloc
   Flags in T1 shall be unsigned
   Fix some warnings
   Fix issue 833.
   Add overflow checks for opj_aligned_malloc
   Add test for issue 820
   Add test for issue 826
   Fix coverity 113065 (CWE-484)
   Add sanity check for tile coordinates
   Add test for P-R-818
   Update to libpng 1.6.25
   fix incrementing of "l_tcp->m_nb_mcc_records" in opj_j2k_read_mcc
   Add overflow check in opj_tcd_init_tile
   Fix leak & invalid behavior of opj_jp2_read_ihdr
   Add overflow check in opj_j2k_update_image_data
   Change 'restrict' define to 'OPJ_RESTRICT'
   Switch to clang 3.8
   Fix an integer overflow issue
   Update to lcms 2.8
   Update to libpng 1.6.24
   Reenable clang-3.9 build on travis
   Bit fields type
   Add compilation test for standalone inclusion of openjpeg.h
   jpwl: Remove non-portable data type u_int16_t
   Fix dependency for pkg-config
   Add .gitignore

   To generate a diff of this commit:
   cvs rdiff -u -r1.13 -r1.14 pkgsrc/graphics/openjpeg/Makefile
   cvs rdiff -u -r1.10 -r1.11 pkgsrc/graphics/openjpeg/distinfo
   cvs rdiff -u -r1.1 -r1.2 \
       pkgsrc/graphics/openjpeg/patches/patch-src_lib_openjp2_CMakeLists.txt

Files:
RevisionActionfile
1.13.2.1modifypkgsrc/graphics/openjpeg/Makefile
1.10.2.1modifypkgsrc/graphics/openjpeg/distinfo
1.1.20.1modifypkgsrc/graphics/openjpeg/patches/patch-src_lib_openjp2_CMakeLists.txt