From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] libjpeg: Update to version 3.0.4 Date: Tue, 19 Nov 2024 22:10:58 +0100 Message-ID: <20241119211106.2194373-10-adolf.belka@ipfire.org> In-Reply-To: <20241119211106.2194373-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2605098517356846350==" List-Id: --===============2605098517356846350== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable - Update from version 3.0.3 to 3.0.4 - Update of rootfile not required - Changelog 3.0.4 1. Fixed an issue whereby the CPU usage of the default marker processor in t= he decompressor grew exponentially with the number of markers. This caused an unreasonable slow-down in `jpeg_read_header()` if an application called `jpeg_save_markers()` to save markers of a particular type and then attempted to decompress a JPEG image containing an excessive number of markers of that type. 2. Hardened the default marker processor in the decompressor to guard against an issue (exposed by 3.0 beta2[6]) whereby attempting to decompress a specially-crafted malformed JPEG image (specifically an image with a complete 12-bit-per-sample Start Of Frame segment followed by an incomplete 8-bit-per-sample Start Of Frame segment) using buffered-image mode and input prefetching caused a segfault if the `fill_input_buffer()` method in the calling application's custom source manager incorrectly returned `FALSE` in response to a prematurely-terminated JPEG data stream. 3. Fixed an issue in cjpeg whereby, when generating a 12-bit-per-sample or 16-bit-per-sample lossless JPEG image, specifying a point transform value greater than 7 resulted in an error ("Invalid progressive/lossless parameter= s") unless the `-precision` option was specified before the `-lossless` option. 4. Fixed a regression introduced by 3.0.3[3] that made it impossible for calling applications to generate 12-bit-per-sample arithmetic-coded lossy JP= EG images using the TurboJPEG API. 5. Fixed an error ("Destination buffer is not large enough") that occurred w= hen attempting to generate a full-color lossless JPEG image using the TurboJPEG Java API's `byte[] TJCompressor.compress()` method if the value of `TJ.PARAM_SUBSAMP` was not `TJ.SAMP_444`. 6. Fixed a segfault in djpeg that occurred if a negative width was specified with the `-crop` option. Since the cropping region width was read into an unsigned 32-bit integer, a negative width was interpreted as a very large value. With certain negative width and positive left boundary values, the bounds checks in djpeg and `jpeg_crop_scanline()` overflowed and did not det= ect the out-of-bounds width, which caused a buffer overrun in the upsampling or color conversion routine. Both bounds checks now use 64-bit integers to gua= rd against overflow, and djpeg now checks for negative numbers when it parses t= he crop specification from the command line. 7. Fixed an issue whereby the TurboJPEG lossless transformation function and methods checked the specified cropping region against the source image dimensions and level of chrominance subsampling rather than the destination image dimensions and level of chrominance subsampling, which caused some cropping regions to be unduly rejected when performing 90-degree rotation, 270-degree rotation, transposition, transverse transposition, or grayscale conversion. 8. Fixed an issue whereby the TurboJPEG lossless transformation function and methods did not honor `TJXOPT_COPYNONE`/`TJTransform.OPT_COPYNONE` unless it was specified for all lossless transforms. Signed-off-by: Adolf Belka --- lfs/libjpeg | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/libjpeg b/lfs/libjpeg index 311ce4bc9..b835bff29 100644 --- a/lfs/libjpeg +++ b/lfs/libjpeg @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 3.0.3 +VER =3D 3.0.4 =20 THISAPP =3D libjpeg-turbo-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_BLAKE2 =3D 9d141dadd0dce970bf857b51352c57a8e15180438abd7d6d66f9df= d24e23889add8c6c89120b84026e40ab61611516b0567984bd1db37e9c45b41917cf32e9a6 +$(DL_FILE)_BLAKE2 =3D cf951582ce7cdf0dce39075bb1cc58f6a61fa0bdaca4874a4f06a0= 3d2cd11775bc626c8d391d4fc76574d302a781ba47e5c90e2aa2d6a21a8b8d06712437e241 =20 install : $(TARGET) =20 --=20 2.47.0 --===============2605098517356846350==--