rpms
/
exiv2
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
..
compare: rpms:cs10
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9

No commits in common. 'c9' and 'cs10' have entirely different histories.
c9 ... cs10

4 changed files with 127 additions and 108 deletions
Show Stats

2
.exiv2.metadata
Unescape View File

@ -1 +1 @@
775f9c5ddeb92b682da8b7737f9811009595dc6a SOURCES/exiv2-0.27.5-Source.tar.gz 376bd1d77e472251d0aeb2f7031163d932df438f SOURCES/exiv2-0.28.3.tar.gz

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/exiv2-0.27.5-Source.tar.gz SOURCES/exiv2-0.28.3.tar.gz

4
SOURCES/exiv2-no-rpath.patch
Unescape View File

@ -1,8 +1,8 @@
diff --git a/cmake/mainSetup.cmake b/cmake/mainSetup.cmake diff --git a/cmake/mainSetup.cmake b/cmake/mainSetup.cmake
index fcaa21f..f69fc46 100644 index 1ea9deb..36253d1 100644
--- a/cmake/mainSetup.cmake --- a/cmake/mainSetup.cmake
+++ b/cmake/mainSetup.cmake +++ b/cmake/mainSetup.cmake
@@ -23,8 +23,6 @@ if (UNIX) @@ -26,8 +26,6 @@ if (UNIX)
if (APPLE) if (APPLE)
set(CMAKE_MACOSX_RPATH ON) set(CMAKE_MACOSX_RPATH ON)
set(CMAKE_INSTALL_RPATH "@loader_path") set(CMAKE_INSTALL_RPATH "@loader_path")

227
SPECS/exiv2.spec
Unescape View File

@ -1,37 +1,41 @@
Name: exiv2
%undefine __cmake_in_source_build Version: 0.28.3
Release: 3%{?dist}
Summary: Exif and Iptc metadata manipulation library Summary: Exif and Iptc metadata manipulation library
Name: exiv2
Version: 0.27.5 # GPL-2.0-or-later: main library
%global internal_ver %{version} # BSD-3-Clause: xmpsdk/
Release: 2%{?dist} # LicenseRef-Fedora-Public-Domain:
# - app/getopt.cpp
License: GPLv2+ # - src/properties.cpp
URL: http://www.exiv2.org/ # - src/tzfile.h
# - xmpsdk/include/MD5.h
# - xmpsdk/src/MD5.cpp
License: GPL-2.0-or-later AND BSD-3-Clause AND LicenseRef-Fedora-Public-Domain
URL: http://www.exiv2.org/
VCS: https://github.com/Exiv2/exiv2/
%if 0%{?beta:1} %if 0%{?beta:1}
Source0: https://github.com/Exiv2/%{name}/archive/v%{version}-%{beta}.tar.gz Source: %{vcs}/archive/v%{version}-%{beta}/%{name}-%{version}-%{beta}.tar.gz
%else %else
Source0: http://exiv2.org/builds/%{name}-%{version}-Source.tar.gz Source: %{vcs}/archive/v%{version}/%{name}-%{version}.tar.gz
%endif %endif
## upstream patches Patch0: exiv2-no-rpath.patch
## security fixes
## upstreamable patches BuildRequires: cmake
Patch0: exiv2-no-rpath.patch BuildRequires: gcc-c++
BuildRequires: gettext
BuildRequires: cmake BuildRequires: pkgconfig
BuildRequires: expat-devel BuildRequires: pkgconfig(expat)
BuildRequires: gcc-c++ BuildRequires: pkgconfig(INIReader)
BuildRequires: gettext BuildRequires: pkgconfig(libbrotlidec)
BuildRequires: pkgconfig BuildRequires: pkgconfig(zlib)
BuildRequires: zlib-devel
# docs # docs
BuildRequires: doxygen graphviz libxslt BuildRequires: doxygen
BuildRequires: graphviz
BuildRequires: libxslt
Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
%description %description
A command line utility to access image metadata, allowing one to: A command line utility to access image metadata, allowing one to:
@ -45,152 +49,167 @@ A command line utility to access image metadata, allowing one to:
* extract, insert and delete Exif metadata (including thumbnails), * extract, insert and delete Exif metadata (including thumbnails),
Iptc metadata and Jpeg comments Iptc metadata and Jpeg comments
%package devel
Summary: Header files, libraries and development documentation for %{name} %package devel
Requires: %{name}-libs%{?_isa} = %{version}-%{release} Summary: Header files, libraries and development documentation for %{name}
%description devel Requires: %{name}-libs%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
%description devel
%{summary}. %{summary}.
%package libs
Summary: Exif and Iptc metadata manipulation library %package libs
Summary: Exif and Iptc metadata manipulation library
# not strictly required, but convenient and expected # not strictly required, but convenient and expected
%if 0%{?rhel} && 0%{?rhel} <= 7 %if 0%{?rhel} && 0%{?rhel} <= 7
Requires: %{name} = %{version}-%{release} Requires: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
%else %else
Recommends: %{name} = %{version}-%{release} Recommends: %{name}%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
%endif %endif
%description libs
%description libs
A C++ library to access image metadata, supporting full read and write access A C++ library to access image metadata, supporting full read and write access
to the Exif and Iptc metadata, Exif MakerNote support, extract and delete to the Exif and Iptc metadata, Exif MakerNote support, extract and delete
methods for Exif thumbnails, classes to access Ifd and so on. methods for Exif thumbnails, classes to access Ifd and so on.
%package doc
Summary: Api documentation for %{name} %package doc
BuildArch: noarch Summary: API documentation for %{name}
%description doc # MIT:
# - clipboard.js
# - cookie.js
# - dynsections.js
# - jquery.js
# - menu.js
# - menudata.js
# - resize.js
# GPL-2.0-only:
# - css and icons from Doxygen
License: MIT AND GPL-2.0-only
BuildArch: noarch
%description doc
%{summary}. %{summary}.
API documentation for %{name}.
%prep %prep
%autosetup -n %{name}-%{version}-%{?beta}%{!?beta:Source} -p1 %autosetup -n %{name}-%{version}%{?beta:-%{beta}} -p1
%build %build
%cmake \ %cmake \
-DCMAKE_INSTALL_DOCDIR="%{_pkgdocdir}" \ -DCMAKE_INSTALL_DOCDIR="%{_pkgdocdir}" \
-DEXIV2_BUILD_DOC:BOOL=ON \ -DEXIV2_BUILD_DOC:BOOL=ON \
-DEXIV2_ENABLE_NLS:BOOL=ON \ -DEXIV2_BUILD_SAMPLES:BOOL=OFF \
-DEXIV2_BUILD_SAMPLES:BOOL=OFF -DEXIV2_ENABLE_NLS:BOOL=ON
%cmake_build %cmake_build
%cmake_build --target doc %cmake_build --target doc
%install %install
%cmake_install %cmake_install
%find_lang exiv2 --with-man %find_lang exiv2 --with-man
%check %check
export PKG_CONFIG_PATH="%{buildroot}%{_libdir}/pkgconfig${PKG_CONFIG_PATH:+:}${PKG_CONFIG_PATH}" export PKG_CONFIG_PATH="%{buildroot}%{_libdir}/pkgconfig${PKG_CONFIG_PATH:+:}${PKG_CONFIG_PATH}"
test "$(pkg-config --modversion exiv2)" = "%{internal_ver}" test "$(pkg-config --modversion exiv2)" = "%{version}"
test "$(pkg-config --variable=libdir exiv2)" = "%{_libdir}" test "$(pkg-config --variable=libdir exiv2)" = "%{_libdir}"
test -x %{buildroot}%{_libdir}/libexiv2.so test -x %{buildroot}%{_libdir}/libexiv2.so
%files -f exiv2.lang %files -f exiv2.lang
%license COPYING %license COPYING doc/COPYING-XMPSDK
%doc doc/ChangeLog %doc doc/ChangeLog exiv2.md SECURITY.md
# README is mostly installation instructions
#doc README.md
%{_bindir}/exiv2 %{_bindir}/exiv2
%{_mandir}/man1/exiv2*.1* %{_mandir}/man1/exiv2*.1*
%ldconfig_scriptlets libs
%files libs %files libs
%{_libdir}/libexiv2.so.27* %{_libdir}/libexiv2.so.28*
%{_libdir}/libexiv2.so.%{internal_ver} %{_libdir}/libexiv2.so.%{version}
%files devel %files devel
%{_includedir}/exiv2/ %{_includedir}/exiv2/
%{_libdir}/cmake/exiv2/
%{_libdir}/libexiv2.so %{_libdir}/libexiv2.so
%{_libdir}/pkgconfig/exiv2.pc %{_libdir}/pkgconfig/exiv2.pc
%{_libdir}/cmake/exiv2/
# todo: -static subpkg? -- rex
%{_libdir}/libexiv2-xmp.a
%files doc %files doc
%{_pkgdocdir}/ %{_pkgdocdir}/
%exclude %{_pkgdocdir}/ChangeLog
%changelog %changelog
* Mon Nov 15 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.5-2 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 0.28.3-3
- Remove RPATH - Bump release for October 2024 mass rebuild:
Resolves: bz#2018421 Resolves: RHEL-64018
* Fri Nov 12 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.5-1 * Tue Aug 06 2024 Jan Grulich <jgrulich@redhat.com> - 0.28.3-2
- Exiv2 0.27.5 - Backport RHEL9 patch for RPATH
Resolves: bz#2018421 Resolves: RHEL-45267
Fix stack exhaustion issue in the printIFDStructure function leading to DoS * Tue Aug 06 2024 Jan Grulich <jgrulich@redhat.com> - 0.28.3-1
Resolves: bz#2003670 - 0.28.3
Resolves: RHEL-45267
* Tue Aug 24 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-7 * Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 0.27.6-8
- Properly install POC files - Bump release for June 2024 mass rebuild
Resolves: bz#1993247
Resolves: bz#1993284
* Tue Aug 24 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-6 * Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.27.6-7
- Include missing tests for CVEs - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
Resolves: bz#1993247
Resolves: bz#1993284
* Wed Aug 18 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-5 * Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 0.27.6-6
- Fix test for CVE-2021-29470 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
Resolves: bz#1993284
* Wed Aug 18 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-4 * Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.27.6-5
- Fix out-of-bounds read in Exiv2::Jp2Image::printStructure - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
Resolves: bz#1993247
- Fix out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header * Tue Jan 31 2023 Jan Grulich <jgrulich@redhat.com> - 0.27.6-1
Resolves: bz#1993284 - 0.27.6
- migrated to SPDX license
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.27.4-3 * Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.27.5-4
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
Related: rhbz#1991688
* Thu Aug 05 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-2 * Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.27.5-3
- Do not duplicate changelog file - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
Resolves: bz#1989848
* Wed Aug 04 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.4-1 * Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.27.5-2
- 0.27.4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
Resolves: bz#1989848
* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.3-9 * Wed Oct 27 2021 Rex Dieter <rdieter@fedoraproject.org> - 0.27.5-1
- Bump version for rebuild (binutils) - 0.27.5 (final)
Resolves: bz#1964183
Resolves: bz#1964189
* Tue May 25 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.3-8 * Mon Oct 04 2021 Rex Dieter <rdieter@fedoraproject.org> - 0.27.5-0.3.RC3
- CVE-2021-29623 exiv2: a read of uninitialized memory may lead to information leak - 0.27-5-RC3
Resolves: bz#1964183
- CVE-2021-32617 exiv2: DoS due to quadratic complexity in ProcessUTF8Portion * Fri Sep 10 2021 Rex Dieter <rdieter@fedoraproject.org> - 0.27.5-0.2.RC2
Resolves: bz#1964189 - 0.27.5-RC2 (#2003208)
* Mon May 03 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.3-7 * Wed Aug 11 2021 Rex Dieter <rdieter@fedoraproject.org> - 0.27.5-0.1.RC1
- 0.27.5-RC1 (#1992344)
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.27.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Jun 18 2021 Rex Dieter <rdieter@fedoraproject.org> - 0.27.4-1
- 0.27.4 (#1941230)
* Tue May 25 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.3-6
- CVE-2021-29623 exiv2: a read of uninitialized memory may lead to information leak
CVE-2021-32617 exiv2: DoS due to quadratic complexity in ProcessUTF8Portion
* Thu Apr 29 2021 Jan Grulich <jgrulich@redhat.com> - 0.27.3-6
- CVE-2021-3482: Fix heap-based buffer overflow in Jp2Image::readMetadata() - CVE-2021-3482: Fix heap-based buffer overflow in Jp2Image::readMetadata()
CVE-2021-29458 exiv2: out-of-bounds read in Exiv2::Internal::CrwMap::encode CVE-2021-29458 exiv2: out-of-bounds read in Exiv2::Internal::CrwMap::encode
CVE-2021-29457 exiv2: heap-based buffer overflow in Exiv2::Jp2Image::doWriteMetadata CVE-2021-29457 exiv2: heap-based buffer overflow in Exiv2::Jp2Image::doWriteMetadata
CVE-2021-29470 exiv2: out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header CVE-2021-29470 exiv2: out-of-bounds read in Exiv2::Jp2Image::encodeJp2Header
CVE-2021-29473 exiv2: out-of-bounds read in Exiv2::Jp2Image::doWriteMetadata CVE-2021-29473 exiv2: out-of-bounds read in Exiv2::Jp2Image::doWriteMetadata
Resolves: bz#1956174
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 0.27.3-6
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.27.3-5 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.27.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

Write Preview
Loading…
Cancel
Save