NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
371f6744e5
kumquat-buildroot/package/openjpeg/openjpeg.mk

38 lines
1.2 KiB
Makefile
Raw Normal View History

package/openjpeg: New package openjpeg 1.5.2 This package is needed by Poppler. [Thomas: - fix download location, which was incorrect. - add dependency on host-pkgconf, since the configure.ac script uses PKG_CHECK_MODULES and we're doing an autoreconf. - add optional dependencies on libpng, tiff and lcms2, so that they are explicit instead of automatically detected.] Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-22 22:12:49 +01:00
################################################################################
#
# openjpeg
#
################################################################################
package/openjpeg: bump to version 2.3.1 Signed-off-by: Francois Perrad <francois.perrad@gadz.org> Reviewed-by: Adrian Perez de Castro <aperez@igalia.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-05-15 18:44:45 +02:00
OPENJPEG_VERSION = 2.3.1
OPENJPEG_SITE = $(call github,uclouvain,openjpeg,v$(OPENJPEG_VERSION))
boot, package: use SPDX short identifier for BSD-2c We want to use SPDX identifier for license string as much as possible. SPDX short identifier for BSD-2c is BSD-2-Clause. This change is done using following command. find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/BSD-2c/BSD-2-Clause/g' Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-30 15:43:39 +02:00
OPENJPEG_LICENSE = BSD-2-Clause
package/openjpeg: New package openjpeg 1.5.2 This package is needed by Poppler. [Thomas: - fix download location, which was incorrect. - add dependency on host-pkgconf, since the configure.ac script uses PKG_CHECK_MODULES and we're doing an autoreconf. - add optional dependencies on libpng, tiff and lcms2, so that they are explicit instead of automatically detected.] Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-22 22:12:49 +01:00
OPENJPEG_LICENSE_FILES = LICENSE
OPENJPEG_INSTALL_STAGING = YES
package/openjpeg: fix CVE-2019-12973 In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. This issue is similar to CVE-2018-6616. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-29 21:24:40 +01:00
# 0004-convertbmp-detect-invalid-file-dimensions-early.patch
# 0005-bmp_read_rle4_data-avoid-potential-infinite-loop.patch
OPENJPEG_IGNORE_CVES += CVE-2019-12973
package/openjpeg: fix CVE-2020-6851 OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-29 21:24:41 +01:00
# 0006-opj_j2k_update_image_dimensions-reject-images-whose-coordinates.patch
OPENJPEG_IGNORE_CVES += CVE-2020-6851
package/openjpeg: fix CVE-2020-8112 opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-29 21:24:42 +01:00
# 0007-opj_tcd_init_tile-avoid-integer-overflow.patch
OPENJPEG_IGNORE_CVES += CVE-2020-8112
package/openjpeg: add CVE-2020-15389 entry Commit b006cc373f96ec86c027779e113c8f70bc40d1c3 forgot to add the OPENJPEG_IGNORE_CVES entry Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-27 23:20:44 +02:00
# 0008-opj_decompress-fix-double-free-on-input-directory-with-mix-of-valid.patch
OPENJPEG_IGNORE_CVES += CVE-2020-15389
package/openjpeg: bump to version 2.1 This patch: * bumps openjpeg to version 2.1 * changes download location to github * converts the package to use cmake Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-25 23:44:31 +02:00
OPENJPEG_DEPENDENCIES += $(if $(BR2_PACKAGE_ZLIB),zlib)
OPENJPEG_DEPENDENCIES += $(if $(BR2_PACKAGE_LIBPNG),libpng)
OPENJPEG_DEPENDENCIES += $(if $(BR2_PACKAGE_TIFF),tiff)
OPENJPEG_DEPENDENCIES += $(if $(BR2_PACKAGE_LCMS2),lcms2)
package/openjpeg: New package openjpeg 1.5.2 This package is needed by Poppler. [Thomas: - fix download location, which was incorrect. - add dependency on host-pkgconf, since the configure.ac script uses PKG_CHECK_MODULES and we're doing an autoreconf. - add optional dependencies on libpng, tiff and lcms2, so that they are explicit instead of automatically detected.] Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-22 22:12:49 +01:00
package/openjpeg: fix build with threads disabled Fixes http://autobuild.buildroot.net/results/f16/f16a558c30199a92e93a31e0ba391b99a9bd689f/ Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-11-11 17:41:53 +01:00
ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
OPENJPEG_CONF_OPTS += -DOPJ_USE_THREAD=ON
else
OPENJPEG_CONF_OPTS += -DOPJ_USE_THREAD=OFF
endif
package/openjpeg: bump to version 2.1 This patch: * bumps openjpeg to version 2.1 * changes download location to github * converts the package to use cmake Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-04-25 23:44:31 +02:00
$(eval $(cmake-package))
Reference in New Issue Copy Permalink