[packages/jasper] - updated to 1.900.29 (note: new soname), fixes: CVE-2008-3522 CVE-2011-4516 CVE-2011-4517 CVE

Sun Jan 22 18:38:57 CET 2017

commit 395bf30dab3ac60ad0170439abe0404d06f15dd6
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Sun Jan 22 18:40:20 2017 +0100

    - updated to 1.900.29 (note: new soname), fixes:
       CVE-2008-3522 CVE-2011-4516 CVE-2011-4517
       CVE-2014-8137 CVE-2014-8138 CVE-2014-8157 CVE-2014-8158 CVE-2014-9029
       CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116
    - introduced .pc file, dropped .la file
    - added pc patch (adds Libs.private to .pc file)

 jasper-pc.patch |  8 ++++++++
 jasper.spec     | 23 +++++++++++++----------
 2 files changed, 21 insertions(+), 10 deletions(-)
---

diff --git a/jasper.spec b/jasper.spec
index 05fe346..d0b868b 100644
--- a/jasper.spec
+++ b/jasper.spec
@@ -5,20 +5,21 @@
 Summary:	JasPer - collection of software for coding and manipulation of images
 Summary(pl.UTF-8):	JasPer - zestaw oprogramowania do obróbki obrazków
 Name:		jasper
-Version:	1.900.1
-Release:	4
+Version:	1.900.29
+Release:	1
 Epoch:		0
 License:	BSD-like
 Group:		Libraries
-Source0:	http://www.ece.uvic.ca/~mdadams/jasper/software/%{name}-%{version}.zip
-# Source0-md5:	a342b2b4495b3e1394e161eb5d85d754
-URL:		http://www.ece.uvic.ca/~mdadams/jasper/
+#Source0Download: http://www.ece.uvic.ca/~frodo/jasper/#download
+Source0:	http://www.ece.uvic.ca/~frodo/jasper/software/%{name}-%{version}.tar.gz
+# Source0-md5:	4619ec9860c10e557b3f192f5e76f596
+Patch0:		%{name}-pc.patch
+URL:		http://www.ece.uvic.ca/~frodo/jasper/
 %{?with_opengl:BuildRequires:	OpenGL-glut-devel}
 BuildRequires:	autoconf >= 2.59-9
 BuildRequires:	automake
 BuildRequires:	libjpeg-devel
 BuildRequires:	libtool
-BuildRequires:	sed >= 4.0
 BuildRequires:	unzip
 Requires:	%{name}-libs = %{epoch}:%{version}-%{release}
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
@@ -100,7 +101,7 @@ kolorów powinna jednak wystarczyć.
 
 %prep
 %setup -q
-%{__sed} 's/ -lXmu -lXi -lXext -lXt / /' -i configure.ac
+%patch0 -p1
 
 %build
 %{__libtoolize}
@@ -120,8 +121,10 @@ rm -rf $RPM_BUILD_ROOT
 %{__make} install \
 	DESTDIR=$RPM_BUILD_ROOT
 
+# obsoleted by pkg-config
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/libjasper.la
 # nothing interesting
-rm -f $RPM_BUILD_ROOT%{_bindir}/tmrdemo
+%{__rm} $RPM_BUILD_ROOT%{_bindir}/tmrdemo
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -140,13 +143,13 @@ rm -rf $RPM_BUILD_ROOT
 %files libs
 %defattr(644,root,root,755)
 %attr(755,root,root) %{_libdir}/libjasper.so.*.*.*
-%attr(755,root,root) %ghost %{_libdir}/libjasper.so.1
+%attr(755,root,root) %ghost %{_libdir}/libjasper.so.4
 
 %files devel
 %defattr(644,root,root,755)
 %attr(755,root,root) %{_libdir}/libjasper.so
-%{_libdir}/libjasper.la
 %{_includedir}/jasper
+%{_pkgconfigdir}/jasper.pc
 
 %files static
 %defattr(644,root,root,755)
diff --git a/jasper-pc.patch b/jasper-pc.patch
new file mode 100644
index 0000000..4561624
--- /dev/null
+++ b/jasper-pc.patch
@@ -0,0 +1,8 @@
+--- jasper-1.900.29/pkgconfig/jasper.pc.in.orig	2016-11-16 16:03:40.000000000 +0100
++++ jasper-1.900.29/pkgconfig/jasper.pc.in	2017-01-22 11:59:28.134104956 +0100
+@@ -8,4 +8,5 @@
+ Version: @VERSION@
+ 
+ Libs: -L${libdir} -ljasper
++Libs.private: -ljpeg -lm
+ Cflags: -I${includedir}/jasper
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/jasper.git/commitdiff/395bf30dab3ac60ad0170439abe0404d06f15dd6

