File libjpeg-turbo.changes of Package libjpeg-turbo

Overview Repositories Revisions Requests Users Attributes Meta

File libjpeg-turbo.changes of Package libjpeg-turbo

-------------------------------------------------------------------
Thu Jun  3 08:40:46 UTC 2021 - pgajdos@suse.com

- security update
- added patches
  fix CVE-2020-17541 [bsc#1186764], stack-based buffer overflow in the "transform" component
  + libjpeg-turbo-CVE-2020-17541.patch

-------------------------------------------------------------------
Mon Jun  8 11:49:53 UTC 2020 - pgajdos@suse.com

- security update
- added patches
  fix CVE-2020-13790 [bsc#1172491], heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file
  + libjpeg-turbo-CVE-2020-13790.patch

-------------------------------------------------------------------
Wed Nov 13 07:55:36 UTC 2019 - pgajdos@suse.com

- security update [bsc#1156402]
- modified patches
  % libjpeg-turbo-CVE-2019-2201.patch (use upstream one)

-------------------------------------------------------------------
Tue Nov 12 09:33:44 UTC 2019 - pgajdos@suse.com

- security update
- added patches
  CVE-2019-2201 [bsc#1156402]
  + libjpeg-turbo-CVE-2019-2201.patch

-------------------------------------------------------------------
Wed Mar 13 13:02:11 UTC 2019 - pgajdos@suse.com

- security update
- added patches
  CVE-2018-14498 [bsc#1128712]
  + libjpeg-turbo-CVE-2018-14498.patch

-------------------------------------------------------------------
Mon Dec  3 10:25:36 UTC 2018 - Petr Gajdos <pgajdos@suse.com>

- asan_build: build ASAN included
- debug_build: build more suitable for debugging
- disable silent rules

-------------------------------------------------------------------
Tue Jun 19 13:44:00 UTC 2018 - pgajdos@suse.com

- security update:
  * CVE-2018-1152 [bsc#1098155]
    + libjpeg-turbo-CVE-2018-1152.patch

-------------------------------------------------------------------
Tue Jun 12 13:34:11 UTC 2018 - pgajdos@suse.com

- security update:
  * CVE-2018-11813 [bsc#1096209]
    + libjpeg-turbo-CVE-2018-11813.patch
  * remove redundant libjpeg-turbo-CVE-2017-15232.patch
    [bsc#1062937#c17]

-------------------------------------------------------------------
Mon Dec 18 13:29:30 UTC 2017 - pgajdos@suse.com

- - update to version 1.5.3
  1. Fixed a NullPointerException in the TurboJPEG Java wrapper that occurred
  when using the YUVImage constructor that creates an instance backed by separate
  image planes and allocates memory for the image planes.
  2. Fixed an issue whereby the Java version of TJUnitTest would fail when
  testing BufferedImage encoding/decoding on big endian systems.
  3. Fixed a segfault in djpeg that would occur if an output format other than
  PPM/PGM was selected along with the `-crop` option.  The `-crop` option now
  works with the GIF and Targa formats as well (unfortunately, it cannot be made
  to work with the BMP and RLE formats due to the fact that those output engines
  write scanlines in bottom-up order.)  djpeg will now exit gracefully if an
  output format other than PPM/PGM, GIF, or Targa is selected along with the
  `-crop` option.
  4. Fixed an issue whereby `jpeg_skip_scanlines()` would segfault if color
  quantization was enabled.
  5. TJBench (both C and Java versions) will now display usage information if any
  command-line argument is unrecognized.  This prevents the program from silently
  ignoring typos.
  6. Fixed an access violation in tjbench.exe (Windows) that occurred when the
  program was used to decompress an existing JPEG image.
  7. Fixed an ArrayIndexOutOfBoundsException in the TJExample Java program that
  occurred when attempting to decompress a JPEG image that had been compressed
  with 4:1:1 chrominance subsampling.
  8. Fixed an issue whereby, when using `jpeg_skip_scanlines()` to skip to the
  end of a single-scan (non-progressive) image, subsequent calls to
  `jpeg_consume_input()` would return `JPEG_SUSPENDED` rather than
  `JPEG_REACHED_EOI`.
  9. `jpeg_crop_scanlines()` now works correctly when decompressing grayscale
  JPEG images that were compressed with a sampling factor other than 1 (for
  instance, with `cjpeg -grayscale -sample 2x2`).

-------------------------------------------------------------------
Thu Oct 12 10:59:03 UTC 2017 - pgajdos@suse.com

- security update:
  * CVE-2017-15232 [bsc#1062937]
    + libjpeg-turbo-CVE-2017-15232.patch

-------------------------------------------------------------------
Thu Oct 12 10:22:05 UTC 2017 - pgajdos@suse.com

- Update to version 1.5.2
  + Fixed several memory leaks in the TurboJPEG API library that
    could occur if the library was built with certain compilers
    and optimization levels.
  + The libjpeg-turbo memory manager will now honor the
    max_memory_to_use structure member in jpeg_memory_mgr, 
    which can be set to the maximum amount of memory (in bytes)
    that libjpeg-turbo should use during decompression or 
    multi-pass (including progressive) compression. This limit 
    can also be set using the JPEGMEM environment variable or 
    using the -maxmemory switch in cjpeg/djpeg/jpegtran.
  + TJBench will now run each benchmark for 1 second prior to 
    starting the timer, in order to improve the consistency of
    the results. Furthermore, the -warmup option is now used to
    specify the amount of warmup time rather than the number of
    warmup iterations.
  + Fixed an error (short jump is out of range) that occurred 
    when assembling the 32-bit x86 SIMD extensions with NASM
    versions prior to 2.04.
  + Fixed a regression introduced by 1.5 beta1[11] that prevented
    the Java version of TJBench from outputting any reference images
    (the -nowrite switch was accidentally enabled by default.)
    libjpeg-turbo should now build and run with full AltiVec SIMD
    acceleration on PowerPC-based AmigaOS 4 and OpenBSD systems.

-------------------------------------------------------------------
Wed Jan 18 10:07:00 UTC 2017 - bwiedemann@suse.com

- set build date to enable reproducible builds

-------------------------------------------------------------------
Wed Sep 21 10:50:36 UTC 2016 - idonmez@suse.com

- Update to version 1.5.1 fate#324061
  + Fix for PowerPC platforms lacking AltiVec instructions
  + Fix ABI problem with clang/llvm on aarch64.
  + Fancy upsampling is now supported when decompressing JPEG
    images that use 4:4:0 (h1v2) chroma subsampling.
  + If merged upsampling isn't SIMD-accelerated but YCbCr-to-RGB
    conversion is, then libjpeg-turbo will now disable merged
    upsampling when decompressing YCbCr JPEG images into RGB
    or extended RGB output images. This significantly speeds up
    the decompression of 4:2:0 and 4:2:2 JPEGs on ARM platforms
    if fancy upsampling is not used 
    (for example, if the -nosmooth option to djpeg is specified.)
  + The TurboJPEG API will now decompress 4:2:2 and 4:4:0 JPEG
    images with 2x2 luminance sampling factors and 2x1 or 1x2
    chrominance sampling factors.
  + Fixed an unsigned integer overflow in the libjpeg memory manager.
  + Fixed additional negative left shifts and other issues reported
    by the GCC and Clang undefined behavior sanitizers when
    attempting to decompress specially-crafted malformed JPEG
    images. None of these issues posed a security threat, but
    removing the warnings makes it easier to detect actual
    security issues, should they arise in the future.
  + Fixed an out-of-bounds array reference, introduced by
    1.4.902 and detected by the Clang undefined behavior sanitizer,
    that could be triggered by a specially-crafted malformed
    JPEG image with more than four components. Because the
    out-of-bounds reference was still within the same structure,
    it was not known to pose a security threat, but removing
    the warning makes it easier to detect actual security issues,
    should they arise in the future.

-------------------------------------------------------------------
Wed Jun  8 07:53:26 UTC 2016 - idonmez@suse.com

- Update to version 1.5.0
  + Fixed an issue whereby a malformed motion-JPEG frame could
    cause the "fast path" of libjpeg-turbo's Huffman decoder to
    read from uninitialized memory.
  + Added libjpeg-turbo version and build information to the global
    string table of the libjpeg and TurboJPEG API libraries.
  + Fixed a couple of issues in the PPM reader that would cause
    buffer overruns in cjpeg if one of the values in a binary
    PPM/PGM input file exceeded the maximum value defined in the
    file's header. libjpeg-turbo 1.4.2 already included a similar
    fix for ASCII PPM/PGM files. Note that these issues were not
    security bugs, since they were confined to the cjpeg program
    and did not affect any of the libjpeg-turbo libraries.
  + Fixed an issue whereby attempting to decompress a JPEG file with
    a corrupt header using the tjDecompressToYUV2() function would
    cause the function to abort without returning an error and,
    under certain circumstances, corrupt the stack. This only
    occurred if tjDecompressToYUV2() was called prior to calling
    tjDecompressHeader3(), or if the return value from
    tjDecompressHeader3() was ignored (both cases represent
    incorrect usage of the TurboJPEG API.)
  + The jpeg_stdio_src(), jpeg_mem_src(), jpeg_stdio_dest(),
    and jpeg_mem_dest() functions in the libjpeg API will now
    throw an error if a source/destination manager has already
    been assigned to the compress or decompress object by a
    different function or by the calling program.

-------------------------------------------------------------------
Thu Oct  8 07:53:53 UTC 2015 - idonmez@suse.com

- Update to version 1.4.2
  + Crash fixes
  + clang compatibility fixes
  + See the included ChangeLog.txt for the details
- Drop libjpeg-turbo-1.4.0-int32.patch, not needed anymore.
- Drop libjpeg-turbo-remove-test.patch, fixed upstream.

-------------------------------------------------------------------
Thu Mar  5 11:43:27 UTC 2015 - jengelh@inai.de

- Remove useless same-name provides. Use download URLs not
  dependent on directory structure.

-------------------------------------------------------------------
Mon Mar  2 16:22:23 UTC 2015 - normand@linux.vnet.ibm.com

-  Remove float tests with new libjpeg-turbo-remove-test.patch
   same as Fedora bug 1161585 related to upstream issue
   https://sourceforge.net/p/libjpeg-turbo/bugs/83/

-------------------------------------------------------------------
Sat Jan 10 00:39:57 UTC 2015 - p.drouand@gmail.com

- Update to version 1.4.0
  + Fixed a build issue on OS X PowerPC platforms (md5cmp failed to build
    because OS X does not provide the le32toh() and htole32() functions.)
  + The non-SIMD RGB565 color conversion code did not work correctly on big
    endian machines.  This has been fixed.
  + Fixed an issue in tjPlaneSizeYUV() whereby it would erroneously return 1
    instead of -1 if componentID was > 0 and subsamp was TJSAMP_GRAY.
  + Fixed an issue in tjBufSizeYUV2() wherby it would erroneously return 0
    instead of -1 if width was < 1.
  + The Huffman encoder now uses clz and bsr instructions for bit counting on
    ARM64 platforms (see 1.4 beta1 [5].)
  + The close() method in the TJCompressor and TJDecompressor Java classes is
    now idempotent.  Previously, that method would call the native tjDestroy()
    function even if the TurboJPEG instance had already been destroyed.  This
    caused an exception to be thrown during finalization, if the close() method had
    already been called.  The exception was caught, but it was still an expensive
    operation.
  + The TurboJPEG API previously generated an error ("Could not determine
    subsampling type for JPEG image") when attempting to decompress grayscale JPEG
    images that were compressed with a sampling factor other than 1 (for instance,
    with 'cjpeg -grayscale -sample 2x2').  Subsampling technically has no meaning
    with grayscale JPEGs, and thus the horizontal and vertical sampling factors
    for such images are ignored by the decompressor.  However, the TurboJPEG API
    was being too rigid and was expecting the sampling factors to be equal to 1
    before it treated the image as a grayscale JPEG.
  + cjpeg, djpeg, and jpegtran now accept an argument of -version, which will
    print the library version and exit.
  + Referring to 1.4 beta1 [15], another extremely rare circumstance was
    discovered under which the Huffman encoder's local buffer can be overrun
    when a buffered destination manager is being used and an
    extremely-high-frequency block (basically junk image data) is being encoded.
    Even though the Huffman local buffer was increased from 128 bytes to 136 bytes
    to address the previous issue, the new issue caused even the larger buffer to
    be overrun.  Further analysis reveals that, in the absolute worst case (such as
    setting alternating AC coefficients to 32767 and -32768 in the JPEG scanning
    order), the Huffman encoder can produce encoded blocks that approach double the
    size of the unencoded blocks.  Thus, the Huffman local buffer was increased to
    256 bytes, which should prevent any such issue from re-occurring in the future.
  + The new tjPlaneSizeYUV(), tjPlaneWidth(), and tjPlaneHeight() functions
    were not actually usable on any platform except OS X and Windows, because
    those functions were not included in the libturbojpeg mapfile.  This has been
    fixed.
  + Restored the JPP(), JMETHOD(), and FAR macros in the libjpeg-turbo header
    files.  The JPP() and JMETHOD() macros were originally implemented in libjpeg
    as a way of supporting non-ANSI compilers that lacked support for prototype
    parameters.  libjpeg-turbo has never supported such compilers, but some
    software packages still use the macros to define their own prototypes.
    Similarly, libjpeg-turbo has never supported MS-DOS and other platforms that
    have far symbols, but some software packages still use the FAR macro.  A pretty
    good argument can be made that this is a bad practice on the part of the
    software in question, but since this affects more than one package, it's just
    easier to fix it here.
  + Fixed issues that were preventing the ARM 64-bit SIMD code from compiling
    for iOS, and included an ARMv8 architecture in all of the binaries installed by
    the "official" libjpeg-turbo SDK for OS X.
- Adapt patches to upstream changes
  libjpeg-ocloexec.patch >  libjpeg-1.4.0-ocloexec.patch 
  libjpeg-turbo-1.3.0-int32.patch >  libjpeg-turbo-1.4.0-int32.patch 
- Remove libjpeg-turbo-CVE-2014-9092.patch; fixed on upstream release
- Bump tminor to 1

-------------------------------------------------------------------
Thu Nov 27 09:50:00 UTC 2014 - pgajdos@suse.com

- security update CVE-2014-9092 [bnc#906761]
  * added libjpeg-turbo-CVE-2014-9092.patch

-------------------------------------------------------------------
Wed Oct 15 11:39:09 UTC 2014 - olaf@aepfle.de

- Obsolete jpeg version 6b, 8.0.1 and 8.0.2 to avoid conflicts
  during zypper dup

-------------------------------------------------------------------
Mon Mar 31 09:29:11 UTC 2014 - pgajdos@suse.com

- update to 1.3.1:
  *  Fixed a bug whereby attempting to encode a progressive JPEG 
     with arithmetic entropy coding (by passing arguments of 
     -progressive -arithmetic to cjpeg or jpegtran, for instance) 
     would result in an error, "Requested feature was omitted at 
     compile time".
  * Fixed a couple of issues whereby malformed JPEG images would 
    cause libjpeg-turbo to use uninitialized memory during 
    decompression.
  *  Fixed an error ("Buffer passed to JPEG library is too small")
     that occurred when calling the TurboJPEG YUV encoding function 
     with a very small (< 5x5) source image, and added a unit test 
     to check for this error.
  * etc. see ChangeLog.txt

-------------------------------------------------------------------
Thu Feb 20 21:16:13 UTC 2014 - tchvatal@suse.com

- Provide right name for turbo library 32bit generating.

-------------------------------------------------------------------
Fri Feb  7 13:55:46 UTC 2014 - tchvatal@suse.com

- Require libturbojpeg in the devel package.
  Otherwise we just have dangling symlink there.

-------------------------------------------------------------------
Tue Sep 10 12:42:45 UTC 2013 - pgajdos@suse.com

- update do 1.3.0:
  * Fixed a Huffman encoder bug that prevented I/O suspension from 
    working properly.
  *  Added support for additional scaling factors (3/8, 5/8, 3/4, 
     7/8, 9/8, 5/4, 11/8, 3/2, 13/8, 7/4, 15/8, and 2) when 
     decompressing.  Note that the IDCT will not be SIMD-accelerated 
     when using any of these new scaling factors.
  * The tjDecompressToYUV() function now supports the TJFLAG_FASTDCT
    flag.
  * cjpeg can now be used to generate JPEG files with the RGB 
    colorspace (feature ported from jpeg-8d.)
  * etc. see ChangeLog.txt

-------------------------------------------------------------------
Mon May 27 18:21:55 UTC 2013 - crrodriguez@opensuse.org

- Build with full RELRO as this library is exposed to 
  possible malicious images.

-------------------------------------------------------------------
Fri May 17 07:28:47 UTC 2013 - pgajdos@suse.com

- libjpeg62-turbo package created [bnc#807183]

-------------------------------------------------------------------
Mon Aug 13 17:05:35 UTC 2012 - dmueller@suse.com

- selfconflicts are not possible, remove it

-------------------------------------------------------------------
Mon Jul 23 11:33:56 UTC 2012 - pgajdos@suse.com

- Update to version 1.2.1:
    * fixed heap overflow [bnc#771791]

-------------------------------------------------------------------
Thu Mar 22 13:25:09 UTC 2012 - idonmez@suse.com

- Update to version 1.2.0 
    * Fixed out-of-bounds read in SSE2 SIMD code
    * Added a compile-time macro (LIBJPEG_TURBO_VERSION) that can 
      be used to check the version of libjpeg-turbo against which 
      an application was compiled.
    * Added new RGBA/BGRA/ABGR/ARGB colorspace extension constants
    * libjpeg-turbo will now correctly decompress erroneous 
      CMYK/YCCK JPEGs whose K component is assigned a component ID 
      of 1 instead of 4.  
    * Added SIMD routines for RGB-to-grayscale color conversion
    * Improved the performance of the C color conversion routines
    * Added a function to the TurboJPEG API that performs lossless 
      transforms.
    * Added support for 4:4:0 (transposed 4:2:2) subsampling

-------------------------------------------------------------------
Sat Nov 19 20:38:03 UTC 2011 - coolo@suse.com

- add libtool as buildrequire to avoid implicit dependency

-------------------------------------------------------------------
Sat Nov 12 22:54:58 UTC 2011 - crrodriguez@opensuse.org

- Open all file descriptors with O_CLOEXEC, extended description
  in the patch file.

-------------------------------------------------------------------
Thu May 19 14:44:56 CEST 2011 - pgajdos@suse.cz

- updated to 1.1.1:
  * Fixed a 1-pixel error in row 0, column 21 of the luminance 
    plane generated by tjEncodeYUV().
  * libjpeg-turbo's accelerated Huffman decoder previously 
    ignored unexpected markers found in the middle of the 
    JPEG data stream during decompression. It will now 
    hand off decoding of a particular block to the unaccelerated 
    Huffman decoder if an unexpected marker is found, so that 
    the unaccelerated Huffman decoder can generate an appropriate 
    warning.
  * Fixed a bug in jpeg_read_coefficients() whereby it would 
    not initialize cinfo->image_width and cinfo->image_height 
    if libjpeg v7 or v8 emulation was enabled. This specifically 
    caused the jpegoptim program to fail if it was linked against 
    a version of libjpeg-turbo that was built with libjpeg v7 or 
    v8 emulation.
  * Eliminated excessive I/O overhead that occurred when reading 
    BMP files in cjpeg.
  *

-------------------------------------------------------------------
Thu Mar  3 13:53:18 CET 2011 - pgajdos@suse.cz

- updated to 1.1.0:
  * Added further protections against invalid Huffman codes.
  * Added an extended version of tjDecompressHeader().
  * Added arithmetic encoding and decoding support.
  * TurboJPEG/OSS can now compress from/decompress to 
    grayscale bitmaps.
  * Added emulation of the libjpeg v7 and v8 APIs and ABIs.
  * Added two new TurboJPEG API functions, tjEncodeYUV() and
    tjDecompressToYUV().
  * The TurboJPEG dynamic library now uses versioned symbols.
  * Fixed visual artifacts in grayscale JPEG compression 
    caused by a typo in the RGB-to-chrominance lookup tables.
- see ChangeLog.txt for details.
- removed upstreamed jpegtran.patch and rh639672.patch

-------------------------------------------------------------------
Tue Dec 14 14:32:56 CET 2010 - pgajdos@suse.cz

- spec file cleanup

-------------------------------------------------------------------
Fri Dec 10 13:02:58 UTC 2010 - pgajdos@novell.com

- this jpeg version will be the default to the prejudice of jpeg8
  from now on

-------------------------------------------------------------------
Sun Nov  7 12:53:26 UTC 2010 - prusnak@opensuse.org

- created package based on Fedora one (v 1.0.1)

 
-------------------------------------------------------------------
Thu Jun  3 08:40:46 UTC 2021 - pgajdos@suse.com
​
- security update
- added patches
  fix CVE-2020-17541 [bsc#1186764], stack-based buffer overflow in the "transform" component
  + libjpeg-turbo-CVE-2020-17541.patch
​
-------------------------------------------------------------------
Mon Jun  8 11:49:53 UTC 2020 - pgajdos@suse.com
​
- security update
- added patches
  fix CVE-2020-13790 [bsc#1172491], heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file
  + libjpeg-turbo-CVE-2020-13790.patch
​
-------------------------------------------------------------------
Wed Nov 13 07:55:36 UTC 2019 - pgajdos@suse.com
​
- security update [bsc#1156402]
- modified patches
  % libjpeg-turbo-CVE-2019-2201.patch (use upstream one)
​
-------------------------------------------------------------------
Tue Nov 12 09:33:44 UTC 2019 - pgajdos@suse.com
​
- security update
- added patches
  CVE-2019-2201 [bsc#1156402]
  + libjpeg-turbo-CVE-2019-2201.patch
​
-------------------------------------------------------------------
Wed Mar 13 13:02:11 UTC 2019 - pgajdos@suse.com
​
- security update
- added patches
  CVE-2018-14498 [bsc#1128712]
  + libjpeg-turbo-CVE-2018-14498.patch
​
-------------------------------------------------------------------
Mon Dec  3 10:25:36 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
​
- asan_build: build ASAN included
- debug_build: build more suitable for debugging
- disable silent rules
​
-------------------------------------------------------------------
Tue Jun 19 13:44:00 UTC 2018 - pgajdos@suse.com
​
- security update:
  * CVE-2018-1152 [bsc#1098155]
    + libjpeg-turbo-CVE-2018-1152.patch
​
-------------------------------------------------------------------
Tue Jun 12 13:34:11 UTC 2018 - pgajdos@suse.com
​
- security update:
  * CVE-2018-11813 [bsc#1096209]
    + libjpeg-turbo-CVE-2018-11813.patch
  * remove redundant libjpeg-turbo-CVE-2017-15232.patch
    [bsc#1062937#c17]
​
-------------------------------------------------------------------
Mon Dec 18 13:29:30 UTC 2017 - pgajdos@suse.com
​
- - update to version 1.5.3
  1. Fixed a NullPointerException in the TurboJPEG Java wrapper that occurred
  when using the YUVImage constructor that creates an instance backed by separate
  image planes and allocates memory for the image planes.
  2. Fixed an issue whereby the Java version of TJUnitTest would fail when
  testing BufferedImage encoding/decoding on big endian systems.
  3. Fixed a segfault in djpeg that would occur if an output format other than
  PPM/PGM was selected along with the `-crop` option.  The `-crop` option now
  works with the GIF and Targa formats as well (unfortunately, it cannot be made
  to work with the BMP and RLE formats due to the fact that those output engines
  write scanlines in bottom-up order.)  djpeg will now exit gracefully if an
  output format other than PPM/PGM, GIF, or Targa is selected along with the
  `-crop` option.
  4. Fixed an issue whereby `jpeg_skip_scanlines()` would segfault if color
  quantization was enabled.
  5. TJBench (both C and Java versions) will now display usage information if any
  command-line argument is unrecognized.  This prevents the program from silently
  ignoring typos.
  6. Fixed an access violation in tjbench.exe (Windows) that occurred when the
  program was used to decompress an existing JPEG image.
  7. Fixed an ArrayIndexOutOfBoundsException in the TJExample Java program that
  occurred when attempting to decompress a JPEG image that had been compressed
  with 4:1:1 chrominance subsampling.
  8. Fixed an issue whereby, when using `jpeg_skip_scanlines()` to skip to the
  end of a single-scan (non-progressive) image, subsequent calls to
  `jpeg_consume_input()` would return `JPEG_SUSPENDED` rather than
  `JPEG_REACHED_EOI`.
  9. `jpeg_crop_scanlines()` now works correctly when decompressing grayscale
  JPEG images that were compressed with a sampling factor other than 1 (for
  instance, with `cjpeg -grayscale -sample 2x2`).
​
-------------------------------------------------------------------
Thu Oct 12 10:59:03 UTC 2017 - pgajdos@suse.com
​
- security update:
  * CVE-2017-15232 [bsc#1062937]
    + libjpeg-turbo-CVE-2017-15232.patch
​
-------------------------------------------------------------------
Thu Oct 12 10:22:05 UTC 2017 - pgajdos@suse.com
​
- Update to version 1.5.2
  + Fixed several memory leaks in the TurboJPEG API library that
    could occur if the library was built with certain compilers
    and optimization levels.
  + The libjpeg-turbo memory manager will now honor the
    max_memory_to_use structure member in jpeg_memory_mgr, 
    which can be set to the maximum amount of memory (in bytes)
    that libjpeg-turbo should use during decompression or 
    multi-pass (including progressive) compression. This limit 
    can also be set using the JPEGMEM environment variable or 
    using the -maxmemory switch in cjpeg/djpeg/jpegtran.
  + TJBench will now run each benchmark for 1 second prior to 
    starting the timer, in order to improve the consistency of
    the results. Furthermore, the -warmup option is now used to
    specify the amount of warmup time rather than the number of
    warmup iterations.
  + Fixed an error (short jump is out of range) that occurred 
    when assembling the 32-bit x86 SIMD extensions with NASM
    versions prior to 2.04.
  + Fixed a regression introduced by 1.5 beta1[11] that prevented
    the Java version of TJBench from outputting any reference images
    (the -nowrite switch was accidentally enabled by default.)
    libjpeg-turbo should now build and run with full AltiVec SIMD
    acceleration on PowerPC-based AmigaOS 4 and OpenBSD systems.
​
-------------------------------------------------------------------
Wed Jan 18 10:07:00 UTC 2017 - bwiedemann@suse.com
​
- set build date to enable reproducible builds
​
-------------------------------------------------------------------
Wed Sep 21 10:50:36 UTC 2016 - idonmez@suse.com
​
- Update to version 1.5.1 fate#324061
  + Fix for PowerPC platforms lacking AltiVec instructions
  + Fix ABI problem with clang/llvm on aarch64.
  + Fancy upsampling is now supported when decompressing JPEG
    images that use 4:4:0 (h1v2) chroma subsampling.
  + If merged upsampling isn't SIMD-accelerated but YCbCr-to-RGB
    conversion is, then libjpeg-turbo will now disable merged
    upsampling when decompressing YCbCr JPEG images into RGB
    or extended RGB output images. This significantly speeds up
    the decompression of 4:2:0 and 4:2:2 JPEGs on ARM platforms
    if fancy upsampling is not used 
    (for example, if the -nosmooth option to djpeg is specified.)
  + The TurboJPEG API will now decompress 4:2:2 and 4:4:0 JPEG
    images with 2x2 luminance sampling factors and 2x1 or 1x2
    chrominance sampling factors.
  + Fixed an unsigned integer overflow in the libjpeg memory manager.
  + Fixed additional negative left shifts and other issues reported
    by the GCC and Clang undefined behavior sanitizers when
    attempting to decompress specially-crafted malformed JPEG
    images. None of these issues posed a security threat, but
    removing the warnings makes it easier to detect actual
    security issues, should they arise in the future.
  + Fixed an out-of-bounds array reference, introduced by
    1.4.902 and detected by the Clang undefined behavior sanitizer,
    that could be triggered by a specially-crafted malformed
    JPEG image with more than four components. Because the
    out-of-bounds reference was still within the same structure,
    it was not known to pose a security threat, but removing
    the warning makes it easier to detect actual security issues,
    should they arise in the future.
​
-------------------------------------------------------------------
Wed Jun  8 07:53:26 UTC 2016 - idonmez@suse.com
​
- Update to version 1.5.0
  + Fixed an issue whereby a malformed motion-JPEG frame could
    cause the "fast path" of libjpeg-turbo's Huffman decoder to
    read from uninitialized memory.
  + Added libjpeg-turbo version and build information to the global
    string table of the libjpeg and TurboJPEG API libraries.
  + Fixed a couple of issues in the PPM reader that would cause
    buffer overruns in cjpeg if one of the values in a binary
    PPM/PGM input file exceeded the maximum value defined in the
    file's header. libjpeg-turbo 1.4.2 already included a similar
    fix for ASCII PPM/PGM files. Note that these issues were not
    security bugs, since they were confined to the cjpeg program
    and did not affect any of the libjpeg-turbo libraries.
  + Fixed an issue whereby attempting to decompress a JPEG file with
    a corrupt header using the tjDecompressToYUV2() function would
    cause the function to abort without returning an error and,
    under certain circumstances, corrupt the stack. This only
    occurred if tjDecompressToYUV2() was called prior to calling
    tjDecompressHeader3(), or if the return value from
    tjDecompressHeader3() was ignored (both cases represent
    incorrect usage of the TurboJPEG API.)
  + The jpeg_stdio_src(), jpeg_mem_src(), jpeg_stdio_dest(),
    and jpeg_mem_dest() functions in the libjpeg API will now
    throw an error if a source/destination manager has already
    been assigned to the compress or decompress object by a
    different function or by the calling program. 
​
-------------------------------------------------------------------
Thu Oct  8 07:53:53 UTC 2015 - idonmez@suse.com
​
- Update to version 1.4.2
  + Crash fixes
  + clang compatibility fixes
  + See the included ChangeLog.txt for the details
- Drop libjpeg-turbo-1.4.0-int32.patch, not needed anymore.
- Drop libjpeg-turbo-remove-test.patch, fixed upstream.
​
-------------------------------------------------------------------
Thu Mar  5 11:43:27 UTC 2015 - jengelh@inai.de
​
- Remove useless same-name provides. Use download URLs not
  dependent on directory structure.
​
-------------------------------------------------------------------
Mon Mar  2 16:22:23 UTC 2015 - normand@linux.vnet.ibm.com
​
-  Remove float tests with new libjpeg-turbo-remove-test.patch
   same as Fedora bug 1161585 related to upstream issue
   https://sourceforge.net/p/libjpeg-turbo/bugs/83/
​
-------------------------------------------------------------------
Sat Jan 10 00:39:57 UTC 2015 - p.drouand@gmail.com
​
- Update to version 1.4.0
  + Fixed a build issue on OS X PowerPC platforms (md5cmp failed to build
    because OS X does not provide the le32toh() and htole32() functions.)
  + The non-SIMD RGB565 color conversion code did not work correctly on big
    endian machines.  This has been fixed.
  + Fixed an issue in tjPlaneSizeYUV() whereby it would erroneously return 1
    instead of -1 if componentID was > 0 and subsamp was TJSAMP_GRAY.
  + Fixed an issue in tjBufSizeYUV2() wherby it would erroneously return 0
    instead of -1 if width was < 1.
  + The Huffman encoder now uses clz and bsr instructions for bit counting on
    ARM64 platforms (see 1.4 beta1 [5].)
  + The close() method in the TJCompressor and TJDecompressor Java classes is
    now idempotent.  Previously, that method would call the native tjDestroy()
    function even if the TurboJPEG instance had already been destroyed.  This
    caused an exception to be thrown during finalization, if the close() method had
    already been called.  The exception was caught, but it was still an expensive
    operation.
  + The TurboJPEG API previously generated an error ("Could not determine
    subsampling type for JPEG image") when attempting to decompress grayscale JPEG
    images that were compressed with a sampling factor other than 1 (for instance,
    with 'cjpeg -grayscale -sample 2x2').  Subsampling technically has no meaning
    with grayscale JPEGs, and thus the horizontal and vertical sampling factors
    for such images are ignored by the decompressor.  However, the TurboJPEG API
    was being too rigid and was expecting the sampling factors to be equal to 1
    before it treated the image as a grayscale JPEG.
  + cjpeg, djpeg, and jpegtran now accept an argument of -version, which will
    print the library version and exit.
  + Referring to 1.4 beta1 [15], another extremely rare circumstance was
    discovered under which the Huffman encoder's local buffer can be overrun
    when a buffered destination manager is being used and an
    extremely-high-frequency block (basically junk image data) is being encoded.
    Even though the Huffman local buffer was increased from 128 bytes to 136 bytes
    to address the previous issue, the new issue caused even the larger buffer to
    be overrun.  Further analysis reveals that, in the absolute worst case (such as
    setting alternating AC coefficients to 32767 and -32768 in the JPEG scanning
    order), the Huffman encoder can produce encoded blocks that approach double the
    size of the unencoded blocks.  Thus, the Huffman local buffer was increased to
    256 bytes, which should prevent any such issue from re-occurring in the future.
  + The new tjPlaneSizeYUV(), tjPlaneWidth(), and tjPlaneHeight() functions
    were not actually usable on any platform except OS X and Windows, because
    those functions were not included in the libturbojpeg mapfile.  This has been
    fixed.
  + Restored the JPP(), JMETHOD(), and FAR macros in the libjpeg-turbo header
    files.  The JPP() and JMETHOD() macros were originally implemented in libjpeg
    as a way of supporting non-ANSI compilers that lacked support for prototype
    parameters.  libjpeg-turbo has never supported such compilers, but some
    software packages still use the macros to define their own prototypes.
    Similarly, libjpeg-turbo has never supported MS-DOS and other platforms that
    have far symbols, but some software packages still use the FAR macro.  A pretty
    good argument can be made that this is a bad practice on the part of the
    software in question, but since this affects more than one package, it's just
    easier to fix it here.
  + Fixed issues that were preventing the ARM 64-bit SIMD code from compiling
    for iOS, and included an ARMv8 architecture in all of the binaries installed by
    the "official" libjpeg-turbo SDK for OS X.
- Adapt patches to upstream changes
  libjpeg-ocloexec.patch >  libjpeg-1.4.0-ocloexec.patch 
  libjpeg-turbo-1.3.0-int32.patch >  libjpeg-turbo-1.4.0-int32.patch 
- Remove libjpeg-turbo-CVE-2014-9092.patch; fixed on upstream release
- Bump tminor to 1
​
-------------------------------------------------------------------
Thu Nov 27 09:50:00 UTC 2014 - pgajdos@suse.com
​
- security update CVE-2014-9092 [bnc#906761]
  * added libjpeg-turbo-CVE-2014-9092.patch
​
-------------------------------------------------------------------
Wed Oct 15 11:39:09 UTC 2014 - olaf@aepfle.de
​
- Obsolete jpeg version 6b, 8.0.1 and 8.0.2 to avoid conflicts
  during zypper dup
​
-------------------------------------------------------------------
Mon Mar 31 09:29:11 UTC 2014 - pgajdos@suse.com
​
- update to 1.3.1:
  *  Fixed a bug whereby attempting to encode a progressive JPEG 
     with arithmetic entropy coding (by passing arguments of 
     -progressive -arithmetic to cjpeg or jpegtran, for instance) 
     would result in an error, "Requested feature was omitted at 
     compile time".
  * Fixed a couple of issues whereby malformed JPEG images would 
    cause libjpeg-turbo to use uninitialized memory during 
    decompression.
  *  Fixed an error ("Buffer passed to JPEG library is too small")
     that occurred when calling the TurboJPEG YUV encoding function 
     with a very small (< 5x5) source image, and added a unit test 
     to check for this error.
  * etc. see ChangeLog.txt
​
-------------------------------------------------------------------
Thu Feb 20 21:16:13 UTC 2014 - tchvatal@suse.com
​
- Provide right name for turbo library 32bit generating.
​
-------------------------------------------------------------------
Fri Feb  7 13:55:46 UTC 2014 - tchvatal@suse.com
​
- Require libturbojpeg in the devel package.
  Otherwise we just have dangling symlink there.
​
-------------------------------------------------------------------
Tue Sep 10 12:42:45 UTC 2013 - pgajdos@suse.com
​
- update do 1.3.0:
  * Fixed a Huffman encoder bug that prevented I/O suspension from 
    working properly.
  *  Added support for additional scaling factors (3/8, 5/8, 3/4, 
     7/8, 9/8, 5/4, 11/8, 3/2, 13/8, 7/4, 15/8, and 2) when 
     decompressing.  Note that the IDCT will not be SIMD-accelerated 
     when using any of these new scaling factors.
  * The tjDecompressToYUV() function now supports the TJFLAG_FASTDCT
    flag.
  * cjpeg can now be used to generate JPEG files with the RGB 
    colorspace (feature ported from jpeg-8d.)
  * etc. see ChangeLog.txt
​
-------------------------------------------------------------------
Mon May 27 18:21:55 UTC 2013 - crrodriguez@opensuse.org
​
- Build with full RELRO as this library is exposed to 
  possible malicious images.
​
-------------------------------------------------------------------
Fri May 17 07:28:47 UTC 2013 - pgajdos@suse.com
​
- libjpeg62-turbo package created [bnc#807183]
​
-------------------------------------------------------------------
Mon Aug 13 17:05:35 UTC 2012 - dmueller@suse.com
​
- selfconflicts are not possible, remove it
​
-------------------------------------------------------------------
Mon Jul 23 11:33:56 UTC 2012 - pgajdos@suse.com
​
- Update to version 1.2.1:
    * fixed heap overflow [bnc#771791]
​
-------------------------------------------------------------------
Thu Mar 22 13:25:09 UTC 2012 - idonmez@suse.com
​
- Update to version 1.2.0 
    * Fixed out-of-bounds read in SSE2 SIMD code
    * Added a compile-time macro (LIBJPEG_TURBO_VERSION) that can 
      be used to check the version of libjpeg-turbo against which 
      an application was compiled.
    * Added new RGBA/BGRA/ABGR/ARGB colorspace extension constants
    * libjpeg-turbo will now correctly decompress erroneous 
      CMYK/YCCK JPEGs whose K component is assigned a component ID 
      of 1 instead of 4.  
    * Added SIMD routines for RGB-to-grayscale color conversion
    * Improved the performance of the C color conversion routines
    * Added a function to the TurboJPEG API that performs lossless 
      transforms.
    * Added support for 4:4:0 (transposed 4:2:2) subsampling
​
-------------------------------------------------------------------
Sat Nov 19 20:38:03 UTC 2011 - coolo@suse.com
​
- add libtool as buildrequire to avoid implicit dependency
​
-------------------------------------------------------------------
Sat Nov 12 22:54:58 UTC 2011 - crrodriguez@opensuse.org
​
- Open all file descriptors with O_CLOEXEC, extended description
  in the patch file.
​
-------------------------------------------------------------------
Thu May 19 14:44:56 CEST 2011 - pgajdos@suse.cz
​
- updated to 1.1.1:
  * Fixed a 1-pixel error in row 0, column 21 of the luminance 
    plane generated by tjEncodeYUV().
  * libjpeg-turbo's accelerated Huffman decoder previously 
    ignored unexpected markers found in the middle of the 
    JPEG data stream during decompression. It will now 
    hand off decoding of a particular block to the unaccelerated 
    Huffman decoder if an unexpected marker is found, so that 
    the unaccelerated Huffman decoder can generate an appropriate 
    warning.
  * Fixed a bug in jpeg_read_coefficients() whereby it would 
    not initialize cinfo->image_width and cinfo->image_height 
    if libjpeg v7 or v8 emulation was enabled. This specifically 
    caused the jpegoptim program to fail if it was linked against 
    a version of libjpeg-turbo that was built with libjpeg v7 or 
    v8 emulation.
  * Eliminated excessive I/O overhead that occurred when reading 
    BMP files in cjpeg.
  * 
​
-------------------------------------------------------------------
Thu Mar  3 13:53:18 CET 2011 - pgajdos@suse.cz
​
- updated to 1.1.0:
  * Added further protections against invalid Huffman codes.
  * Added an extended version of tjDecompressHeader().
  * Added arithmetic encoding and decoding support.
  * TurboJPEG/OSS can now compress from/decompress to 
    grayscale bitmaps.
  * Added emulation of the libjpeg v7 and v8 APIs and ABIs.
  * Added two new TurboJPEG API functions, tjEncodeYUV() and
    tjDecompressToYUV().
  * The TurboJPEG dynamic library now uses versioned symbols.
  * Fixed visual artifacts in grayscale JPEG compression 
    caused by a typo in the RGB-to-chrominance lookup tables.
- see ChangeLog.txt for details.
- removed upstreamed jpegtran.patch and rh639672.patch
​
-------------------------------------------------------------------
Tue Dec 14 14:32:56 CET 2010 - pgajdos@suse.cz
​
- spec file cleanup
​
-------------------------------------------------------------------
Fri Dec 10 13:02:58 UTC 2010 - pgajdos@novell.com
​
- this jpeg version will be the default to the prejudice of jpeg8
  from now on
​
-------------------------------------------------------------------
Sun Nov  7 12:53:26 UTC 2010 - prusnak@opensuse.org
​
- created package based on Fedora one (v 1.0.1)
​
​

Places

File libjpeg-turbo.changes of Package libjpeg-turbo

Places