Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libjpeg8-8.1.2-lp152.8.3.1 RPM for x86_64

From OpenSuSE Leap 15.2 updates for x86_64

Name: libjpeg8 Distribution: openSUSE Leap 15.2
Version: 8.1.2 Vendor: openSUSE
Release: lp152.8.3.1 Build date: Wed Sep 9 23:02:26 2020
Group: System/Libraries Build host: lamb28
Size: 428096 Source RPM: libjpeg-turbo-1.5.3-lp152.8.3.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://sourceforge.net/projects/libjpeg-turbo
Summary: The MMX/SSE accelerated JPEG compression/decompression library
This library contains MMX/SSE accelerated functions for manipulating
JPEG images.

Provides

Requires

License

BSD-3-Clause

Changelog

* Mon Jun 08 2020 pgajdos@suse.com
  - security update
  - added patches
    fix CVE-2020-13790 [bsc#1172491], heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file
    + libjpeg-turbo-CVE-2020-13790.patch
* Wed Nov 13 2019 pgajdos@suse.com
  - security update [bsc#1156402]
  - modified patches
    % libjpeg-turbo-CVE-2019-2201.patch (use upstream one)
* Tue Nov 12 2019 pgajdos@suse.com
  - security update
  - added patches
    CVE-2019-2201 [bsc#1156402]
    + libjpeg-turbo-CVE-2019-2201.patch
* Wed Mar 13 2019 pgajdos@suse.com
  - security update
  - added patches
    CVE-2018-14498 [bsc#1128712]
    + libjpeg-turbo-CVE-2018-14498.patch
* Mon Dec 03 2018 Petr Gajdos <pgajdos@suse.com>
  - asan_build: build ASAN included
  - debug_build: build more suitable for debugging
  - disable silent rules
* Tue Jun 19 2018 pgajdos@suse.com
  - security update:
    * CVE-2018-1152 [bsc#1098155]
      + libjpeg-turbo-CVE-2018-1152.patch
* Tue Jun 12 2018 pgajdos@suse.com
  - security update:
    * CVE-2018-11813 [bsc#1096209]
      + libjpeg-turbo-CVE-2018-11813.patch
    * remove redundant libjpeg-turbo-CVE-2017-15232.patch
      [bsc#1062937#c17]
* Mon Dec 18 2017 pgajdos@suse.com
  - - update to version 1.5.3
    1. Fixed a NullPointerException in the TurboJPEG Java wrapper that occurred
    when using the YUVImage constructor that creates an instance backed by separate
    image planes and allocates memory for the image planes.
    2. Fixed an issue whereby the Java version of TJUnitTest would fail when
    testing BufferedImage encoding/decoding on big endian systems.
    3. Fixed a segfault in djpeg that would occur if an output format other than
    PPM/PGM was selected along with the `-crop` option.  The `-crop` option now
    works with the GIF and Targa formats as well (unfortunately, it cannot be made
    to work with the BMP and RLE formats due to the fact that those output engines
    write scanlines in bottom-up order.)  djpeg will now exit gracefully if an
    output format other than PPM/PGM, GIF, or Targa is selected along with the
    `-crop` option.
    4. Fixed an issue whereby `jpeg_skip_scanlines()` would segfault if color
    quantization was enabled.
    5. TJBench (both C and Java versions) will now display usage information if any
    command-line argument is unrecognized.  This prevents the program from silently
    ignoring typos.
    6. Fixed an access violation in tjbench.exe (Windows) that occurred when the
    program was used to decompress an existing JPEG image.
    7. Fixed an ArrayIndexOutOfBoundsException in the TJExample Java program that
    occurred when attempting to decompress a JPEG image that had been compressed
    with 4:1:1 chrominance subsampling.
    8. Fixed an issue whereby, when using `jpeg_skip_scanlines()` to skip to the
    end of a single-scan (non-progressive) image, subsequent calls to
    `jpeg_consume_input()` would return `JPEG_SUSPENDED` rather than
    `JPEG_REACHED_EOI`.
    9. `jpeg_crop_scanlines()` now works correctly when decompressing grayscale
    JPEG images that were compressed with a sampling factor other than 1 (for
    instance, with `cjpeg -grayscale -sample 2x2`).
* Thu Oct 12 2017 pgajdos@suse.com
  - security update:
    * CVE-2017-15232 [bsc#1062937]
      + libjpeg-turbo-CVE-2017-15232.patch
* Thu Oct 12 2017 pgajdos@suse.com
  - Update to version 1.5.2
    + Fixed several memory leaks in the TurboJPEG API library that
      could occur if the library was built with certain compilers
      and optimization levels.
    + The libjpeg-turbo memory manager will now honor the
      max_memory_to_use structure member in jpeg_memory_mgr,
      which can be set to the maximum amount of memory (in bytes)
      that libjpeg-turbo should use during decompression or
      multi-pass (including progressive) compression. This limit
      can also be set using the JPEGMEM environment variable or
      using the -maxmemory switch in cjpeg/djpeg/jpegtran.
    + TJBench will now run each benchmark for 1 second prior to
      starting the timer, in order to improve the consistency of
      the results. Furthermore, the -warmup option is now used to
      specify the amount of warmup time rather than the number of
      warmup iterations.
    + Fixed an error (short jump is out of range) that occurred
      when assembling the 32-bit x86 SIMD extensions with NASM
      versions prior to 2.04.
    + Fixed a regression introduced by 1.5 beta1[11] that prevented
      the Java version of TJBench from outputting any reference images
      (the -nowrite switch was accidentally enabled by default.)
      libjpeg-turbo should now build and run with full AltiVec SIMD
      acceleration on PowerPC-based AmigaOS 4 and OpenBSD systems.
* Wed Jan 18 2017 bwiedemann@suse.com
  - set build date to enable reproducible builds
* Wed Sep 21 2016 idonmez@suse.com
  - Update to version 1.5.1 fate#324061
    + Fix for PowerPC platforms lacking AltiVec instructions
    + Fix ABI problem with clang/llvm on aarch64.
    + Fancy upsampling is now supported when decompressing JPEG
      images that use 4:4:0 (h1v2) chroma subsampling.
    + If merged upsampling isn't SIMD-accelerated but YCbCr-to-RGB
      conversion is, then libjpeg-turbo will now disable merged
      upsampling when decompressing YCbCr JPEG images into RGB
      or extended RGB output images. This significantly speeds up
      the decompression of 4:2:0 and 4:2:2 JPEGs on ARM platforms
      if fancy upsampling is not used
      (for example, if the -nosmooth option to djpeg is specified.)
    + The TurboJPEG API will now decompress 4:2:2 and 4:4:0 JPEG
      images with 2x2 luminance sampling factors and 2x1 or 1x2
      chrominance sampling factors.
    + Fixed an unsigned integer overflow in the libjpeg memory manager.
    + Fixed additional negative left shifts and other issues reported
      by the GCC and Clang undefined behavior sanitizers when
      attempting to decompress specially-crafted malformed JPEG
      images. None of these issues posed a security threat, but
      removing the warnings makes it easier to detect actual
      security issues, should they arise in the future.
    + Fixed an out-of-bounds array reference, introduced by
      1.4.902 and detected by the Clang undefined behavior sanitizer,
      that could be triggered by a specially-crafted malformed
      JPEG image with more than four components. Because the
      out-of-bounds reference was still within the same structure,
      it was not known to pose a security threat, but removing
      the warning makes it easier to detect actual security issues,
      should they arise in the future.
* Wed Jun 08 2016 idonmez@suse.com
  - Update to version 1.5.0
    + Fixed an issue whereby a malformed motion-JPEG frame could
      cause the "fast path" of libjpeg-turbo's Huffman decoder to
      read from uninitialized memory.
    + Added libjpeg-turbo version and build information to the global
      string table of the libjpeg and TurboJPEG API libraries.
    + Fixed a couple of issues in the PPM reader that would cause
      buffer overruns in cjpeg if one of the values in a binary
      PPM/PGM input file exceeded the maximum value defined in the
      file's header. libjpeg-turbo 1.4.2 already included a similar
      fix for ASCII PPM/PGM files. Note that these issues were not
      security bugs, since they were confined to the cjpeg program
      and did not affect any of the libjpeg-turbo libraries.
    + Fixed an issue whereby attempting to decompress a JPEG file with
      a corrupt header using the tjDecompressToYUV2() function would
      cause the function to abort without returning an error and,
      under certain circumstances, corrupt the stack. This only
      occurred if tjDecompressToYUV2() was called prior to calling
      tjDecompressHeader3(), or if the return value from
      tjDecompressHeader3() was ignored (both cases represent
      incorrect usage of the TurboJPEG API.)
    + The jpeg_stdio_src(), jpeg_mem_src(), jpeg_stdio_dest(),
      and jpeg_mem_dest() functions in the libjpeg API will now
      throw an error if a source/destination manager has already
      been assigned to the compress or decompress object by a
      different function or by the calling program.
* Thu Oct 08 2015 idonmez@suse.com
  - Update to version 1.4.2
    + Crash fixes
    + clang compatibility fixes
    + See the included ChangeLog.txt for the details
  - Drop libjpeg-turbo-1.4.0-int32.patch, not needed anymore.
  - Drop libjpeg-turbo-remove-test.patch, fixed upstream.
* Thu Mar 05 2015 jengelh@inai.de
  - Remove useless same-name provides. Use download URLs not
    dependent on directory structure.
* Mon Mar 02 2015 normand@linux.vnet.ibm.com
  -  Remove float tests with new libjpeg-turbo-remove-test.patch
    same as Fedora bug 1161585 related to upstream issue
    https://sourceforge.net/p/libjpeg-turbo/bugs/83/
* Sat Jan 10 2015 p.drouand@gmail.com
  - Update to version 1.4.0
    + Fixed a build issue on OS X PowerPC platforms (md5cmp failed to build
      because OS X does not provide the le32toh() and htole32() functions.)
    + The non-SIMD RGB565 color conversion code did not work correctly on big
      endian machines.  This has been fixed.
    + Fixed an issue in tjPlaneSizeYUV() whereby it would erroneously return 1
      instead of -1 if componentID was > 0 and subsamp was TJSAMP_GRAY.
    + Fixed an issue in tjBufSizeYUV2() wherby it would erroneously return 0
      instead of -1 if width was < 1.
    + The Huffman encoder now uses clz and bsr instructions for bit counting on
      ARM64 platforms (see 1.4 beta1 [5].)
    + The close() method in the TJCompressor and TJDecompressor Java classes is
      now idempotent.  Previously, that method would call the native tjDestroy()
      function even if the TurboJPEG instance had already been destroyed.  This
      caused an exception to be thrown during finalization, if the close() method had
      already been called.  The exception was caught, but it was still an expensive
      operation.
    + The TurboJPEG API previously generated an error ("Could not determine
      subsampling type for JPEG image") when attempting to decompress grayscale JPEG
      images that were compressed with a sampling factor other than 1 (for instance,
      with 'cjpeg -grayscale -sample 2x2').  Subsampling technically has no meaning
      with grayscale JPEGs, and thus the horizontal and vertical sampling factors
      for such images are ignored by the decompressor.  However, the TurboJPEG API
      was being too rigid and was expecting the sampling factors to be equal to 1
      before it treated the image as a grayscale JPEG.
    + cjpeg, djpeg, and jpegtran now accept an argument of -version, which will
      print the library version and exit.
    + Referring to 1.4 beta1 [15], another extremely rare circumstance was
      discovered under which the Huffman encoder's local buffer can be overrun
      when a buffered destination manager is being used and an
      extremely-high-frequency block (basically junk image data) is being encoded.
      Even though the Huffman local buffer was increased from 128 bytes to 136 bytes
      to address the previous issue, the new issue caused even the larger buffer to
      be overrun.  Further analysis reveals that, in the absolute worst case (such as
      setting alternating AC coefficients to 32767 and -32768 in the JPEG scanning
      order), the Huffman encoder can produce encoded blocks that approach double the
      size of the unencoded blocks.  Thus, the Huffman local buffer was increased to
      256 bytes, which should prevent any such issue from re-occurring in the future.
    + The new tjPlaneSizeYUV(), tjPlaneWidth(), and tjPlaneHeight() functions
      were not actually usable on any platform except OS X and Windows, because
      those functions were not included in the libturbojpeg mapfile.  This has been
      fixed.
    + Restored the JPP(), JMETHOD(), and FAR macros in the libjpeg-turbo header
      files.  The JPP() and JMETHOD() macros were originally implemented in libjpeg
      as a way of supporting non-ANSI compilers that lacked support for prototype
      parameters.  libjpeg-turbo has never supported such compilers, but some
      software packages still use the macros to define their own prototypes.
      Similarly, libjpeg-turbo has never supported MS-DOS and other platforms that
      have far symbols, but some software packages still use the FAR macro.  A pretty
      good argument can be made that this is a bad practice on the part of the
      software in question, but since this affects more than one package, it's just
      easier to fix it here.
    + Fixed issues that were preventing the ARM 64-bit SIMD code from compiling
      for iOS, and included an ARMv8 architecture in all of the binaries installed by
      the "official" libjpeg-turbo SDK for OS X.
  - Adapt patches to upstream changes
    libjpeg-ocloexec.patch >  libjpeg-1.4.0-ocloexec.patch
    libjpeg-turbo-1.3.0-int32.patch >  libjpeg-turbo-1.4.0-int32.patch
  - Remove libjpeg-turbo-CVE-2014-9092.patch; fixed on upstream release
  - Bump tminor to 1
* Thu Nov 27 2014 pgajdos@suse.com
  - security update CVE-2014-9092 [bnc#906761]
    * added libjpeg-turbo-CVE-2014-9092.patch
* Wed Oct 15 2014 olaf@aepfle.de
  - Obsolete jpeg version 6b, 8.0.1 and 8.0.2 to avoid conflicts
    during zypper dup

Files

/usr/lib64/libjpeg.so.8
/usr/lib64/libjpeg.so.8.1.2


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 9 11:57:46 2024