6 changed files with 90 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/optipng-0.7.7.tar.gz
+/*.tar.*
--- a/.optipng.metadata
+++ b/.optipng.metadata
@ -1 +0,0 @@
 68aa89fbde642b104aeefa9efbc4dfbb936fa630  SOURCES/optipng-0.7.7.tar.gz
--- a/0001-Prevent-integer-overflow-bug-65-CVE-2017-1000229.patch
+++ b/0001-Prevent-integer-overflow-bug-65-CVE-2017-1000229.patch
@ -0,0 +1,25 @@
 From 77ac8e9fd9b2c1aeec3951e2bb50f7cc2c1e92d2 Mon Sep 17 00:00:00 2001
 From: Sebastian Pipping <sebastian@pipping.org>
 Date: Sun, 19 Nov 2017 16:04:26 +0100
 Subject: [PATCH] Prevent integer overflow (bug #65, CVE-2017-1000229)
 ---
 src/minitiff/tiffread.c | 2 ++
 1 file changed, 2 insertions(+)
 diff --git a/src/minitiff/tiffread.c b/src/minitiff/tiffread.c
 index b4910ec..5f9b376 100644
 --- a/src/minitiff/tiffread.c
 +++ b/src/minitiff/tiffread.c
@@ -350,6 +350,8 @@ minitiff_read_info(struct minitiff_info *tiff_ptr, FILE *fp)
         count = tiff_ptr->strip_offsets_count;
         if (count == 0 || count > tiff_ptr->height)
             goto err_invalid;
 +        if (count > (size_t)-1 / sizeof(long))
 +            goto err_memory;
         tiff_ptr->strip_offsets = (long *)malloc(count * sizeof(long));
         if (tiff_ptr->strip_offsets == NULL)
             goto err_memory;
 -- 
 2.14.2
--- a/optipng-076-sfbug-69.patch
+++ b/optipng-076-sfbug-69.patch
@ -0,0 +1,45 @@
 From e05fb81a20541833a2d62ce08552b18c0920b9a1 Mon Sep 17 00:00:00 2001
 From: Cosmin Truta <ctruta@gmail.com>
 Date: Sat, 25 Nov 2017 23:17:46 -0500
 Subject: [PATCH] gifread: Detect indirect circular dependencies in LZW tables
 ---
 src/gifread/gifread.c | 4 +++-
 src/gifread/gifread.h | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)
 diff --git a/src/gifread/gifread.c b/src/gifread/gifread.c
 index 0123456789abcdef..0123456789abcdef 100644
 --- a/src/gifread/gifread.c
 +++ b/src/gifread/gifread.c
@@ -5,7 +5,7 @@
  * @author Cosmin Truta
  *
  * @section Copyright
 - * Copyright (C) 2003-2015 Cosmin Truta.
 + * Copyright (C) 2003-2017 Cosmin Truta.
  * This software was derived from "giftopnm.c" by David Koblas,
  * and is distributed under the same copyright and warranty terms.
  *
@@ -499,6 +499,8 @@ static int LZWReadByte(int init_flag, int input_code_size, FILE *stream)
             *sp++ = table[1][code];
             if (code == table[0][code])
                 GIFError("GIF/LZW error: circular table entry");
 +            if ((size_t)(sp - stack) >= sizeof(stack) / sizeof(stack[0]))
 +                GIFError("GIF/LZW error: circular table");
             code = table[0][code];
         }
 diff --git a/src/gifread/gifread.h b/src/gifread/gifread.h
 index 0123456789abcdef..0123456789abcdef 100644
 --- a/src/gifread/gifread.h
 +++ b/src/gifread/gifread.h
@@ -5,7 +5,7 @@
  * @author Cosmin Truta
  *
  * @section Copyright
 - * Copyright (C) 2003-2015 Cosmin Truta.
 + * Copyright (C) 2003-2017 Cosmin Truta.
  * This software was derived from "giftopnm.c" by David Koblas,
  * and is distributed under the same copyright and warranty terms.
  *
--- a/SPECS/optipng.spec
+++ b/SPECS/optipng.spec
@ -1,6 +1,6 @@
 Name:           optipng
-Version:        0.7.7
+Version:        0.7.8
-Release:        8%{?dist}
+Release:        1%{?dist}
 Summary:        PNG optimizer and converter
 License:        zlib
@ -8,8 +8,8 @@ URL:            http://optipng.sourceforge.net/
 Source0:        http://downloads.sourceforge.net/optipng/%{name}-%{version}.tar.gz
 BuildRequires: make
-BuildRequires:  gcc
+BuildRequires: gcc
-BuildRequires:  zlib-devel libpng-devel
+BuildRequires: zlib-devel libpng-devel
 %description
 OptiPNG is a PNG optimizer that recompresses image files to a smaller size,
@ -55,8 +55,20 @@ chmod -c 755 $RPM_BUILD_ROOT%{_bindir}/optipng
 %changelog
-* Wed Sep 20 2023 Arkady L. Shane <tigro@msvsphere-os.ru> - 0.7.7-8
+* Sun Nov  5 2023 Peter Hanecak <hany@hany.sk> - 0.7.8-1
- Rebuilt for MSVSphere 9.2
+- Update to 0.7.8
 * Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.7-12
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
 * Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.7-11
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
 * Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.7-10
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
 * Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.7-9
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
 * Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.7.7-8
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
--- a/1
+++ b/1
@ -0,0 +1 @@
 SHA512 (optipng-0.7.8.tar.gz) = def47bb2898d9409773df55a99fec84af2a26b58192127ac4624b2ff504762bc4735b5b945e788174eac695cc81be1b062088b42683b9c889dc42f94431210c3
		`@ -1 +0,0 @@`
			`68aa89fbde642b104aeefa9efbc4dfbb936fa630 SOURCES/optipng-0.7.7.tar.gz`
		`@ -0,0 +1 @@`
							`SHA512 (optipng-0.7.8.tar.gz) = def47bb2898d9409773df55a99fec84af2a26b58192127ac4624b2ff504762bc4735b5b945e788174eac695cc81be1b062088b42683b9c889dc42f94431210c3`