From 38a0e64d2abc8296ec6351702894862f2abe0bdc Mon Sep 17 00:00:00 2001
From: MSVSphere Packaging Team <packager@msvsphere-os.ru>
Date: Fri, 27 Dec 2024 01:17:21 +0300
Subject: [PATCH] import mupdf-1.21.1-6.el9

---
 ...re-variable-fz_var-to-avoid-stale-va.patch | 42 +++++++++++++++++++
 SPECS/mupdf.spec                              | 10 ++++-
 2 files changed, 50 insertions(+), 2 deletions(-)
 create mode 100644 SOURCES/0001-Bug-707996-Declare-variable-fz_var-to-avoid-stale-va.patch

diff --git a/SOURCES/0001-Bug-707996-Declare-variable-fz_var-to-avoid-stale-va.patch b/SOURCES/0001-Bug-707996-Declare-variable-fz_var-to-avoid-stale-va.patch
new file mode 100644
index 0000000..226d682
--- /dev/null
+++ b/SOURCES/0001-Bug-707996-Declare-variable-fz_var-to-avoid-stale-va.patch
@@ -0,0 +1,42 @@
+From 43f2c1076467570fbd999116eb42266ec2b6cc78 Mon Sep 17 00:00:00 2001
+Message-ID: <43f2c1076467570fbd999116eb42266ec2b6cc78.1735230633.git.mjg@fedoraproject.org>
+From: Sebastian Rasmussen <sebras@gmail.com>
+Date: Mon, 2 Sep 2024 22:06:32 +0200
+Subject: [PATCH] Bug 707996: Declare variable fz_var to avoid stale values.
+
+A fuzzed file provoked an ASAN warning when building release mode.
+
+For good measure, also declare a variable in an unrelated function
+in the same tool fz_var.
+
+(cherry picked from commit b5c898a30f068b5342e8263a2cd5b9f0be291aac)
+---
+ source/tools/pdfextract.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/source/tools/pdfextract.c b/source/tools/pdfextract.c
+index 0b42e9189..dc1f2c23f 100644
+--- a/source/tools/pdfextract.c
++++ b/source/tools/pdfextract.c
+@@ -119,6 +119,7 @@ static void saveimage(pdf_obj *ref)
+ 	int type;
+ 
+ 	fz_var(image);
++	fz_var(mask);
+ 	fz_var(pix);
+ 
+ 	fz_try(ctx)
+@@ -252,7 +253,9 @@ static void savefont(pdf_obj *dict)
+ 
+ static void extractobject(int num)
+ {
+-	pdf_obj *ref;
++	pdf_obj *ref = NULL;
++
++	fz_var(ref);
+ 
+ 	if (!doc)
+ 		fz_throw(ctx, FZ_ERROR_GENERIC, "no file specified");
+-- 
+2.48.0.rc0.310.g2fcc1078a8
+
diff --git a/SPECS/mupdf.spec b/SPECS/mupdf.spec
index de807a5..0e33704 100644
--- a/SPECS/mupdf.spec
+++ b/SPECS/mupdf.spec
@@ -1,8 +1,8 @@
 ## START: Set by rpmautospec
-## (rpmautospec version 0.3.5)
+## (rpmautospec version 0.7.3)
 ## RPMAUTOSPEC: autorelease, autochangelog
 %define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
-    release_number = 5;
+    release_number = 6;
     base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
     print(release_number + base_release_number - 1);
 }%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
@@ -25,6 +25,7 @@ Source0:        http://mupdf.com/downloads/archive/%{name}-%{upversion}-source.t
 Source1:        %{name}.desktop
 Source2:        %{name}-gl.desktop
 Patch:          mupdf-1.21.1-fix-png_write_band.patch
+Patch:          0001-Bug-707996-Declare-variable-fz_var-to-avoid-stale-va.patch
 BuildRequires:  gcc gcc-c++ make binutils desktop-file-utils coreutils pkgconfig
 BuildRequires:  openjpeg2-devel desktop-file-utils
 BuildRequires:  libjpeg-devel freetype-devel libXext-devel curl-devel
@@ -127,6 +128,10 @@ cd %{buildroot}/%{_bindir} && ln -s %{name}-x11 %{name}
 %{_libdir}/lib%{name}*.a
 
 %changelog
+## START: Generated by rpmautospec
+* Thu Dec 26 2024 Michael J Gruber <mjg@fedoraproject.org> - 1.21.1-6
+- fix CVE-2024-46657 (rhbz#2331625)
+
 * Mon Jan 15 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 1.21.1-5
 - Rebuilt for MSVSphere 9.3
 
@@ -466,3 +471,4 @@ cd %{buildroot}/%{_bindir} && ln -s %{name}-x11 %{name}
 * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
 
+## END: Generated by rpmautospec