2.0.28
* Fix potential null pointer dereference in the JP2/JPC decoder.
* Fix ignoring of JAS_STREAM_FILEOBJ_NOCLOSE at stream close time.
* Fix integral type sizing problem in JP2 codec.
2.0.27
Check for an image containing no samples in the PGX decoder.
Check for dimensions of zero in the JPC and JPEG decoders.
Fix an arguably incorrect type for an integer literal in the PGX decoder.
Check for an invalid component reference in the JP2 decoder.
Check on integer size in JP2 decoder.
2.0.24:
Add JAS_VERSION_MAJOR, JAS_VERSION_MINOR, JAS_VERSION_PATCH for easier access to the JasPer version.
Fixes stack overflow bug on Windows, where variable-length arrays are not available
2.0.20
* fixed several ISO/IEC 15444-4 conformance bugs
* fixed new variant of CVE-2016-9398
* disabled the MIF codec by default for security reasons (but it is still
included in the library);
in a future release, the MIF codec may also be excluded from the
library by default
* added documentation for the I/O streams library API
version-2.0.19
Unfortunately 2.0.17 was released on a branch. Later the branch was
removed and the 2.0.17 tag was placed on another commit and branch.
This resulted in various distros who pulled the tarball at different
times two have different jasper versions for 2.0.17.
https://repology.org/project/jasper/versions shows that some even have a
2.0.18.
To reduce all this confusion I will release 2.0.19 now.
With a clean changelog referencing what @MaxKellermann and @jubalh (me)
did on our fork at jasper-maint.
If we want to revert things later or improve the changelog this can be
easily done on master ontop of this.
But I feel we need this release to reduce the confusion and put the
project on a clear track again.
Changes:
- In the JPC codec, the requirement that the number of tile parts be at
least one has been removed (since the JPEG-2000 standard allows
a special value of zero to mean the number of tile parts is unspecified).
- add option to disable programs
- Include jasper/jas_debug.h when using jas_eprintf
Fixes building with -Werror=implicit-function-declaration.
- Applied patches to resolve some missing export problems.
See: https://github.com/mdadams/jasper/issues/122
- Moved inttypes.h and stdbool.h includes to jas_types.h and fixed
the build for Visual Studio 2012 and lower.
- Correct or add comments for jas_safe_* functions
Mostly fixing bad copy-n-paste issues, or functions added without any
comment.
- Added a check in the JP2 encoder to ensure that the image to be coded
has at least one component. Also, made some small changes to a
private build script.
- Fixed bugs due to uninitialized data in the JP2 decoder.
Also, added some comments marking I/O stream interfaces that probably
need to be changed (in the long term) to fix integer overflow
problems.
- Added some additional checking to prevent a potential integer overflow
due to conversion in the JPC decoder.
- Added numerous more-detailed error messages for the JPC and JP2
codecs.
- Added a partial verbose capability for the run_test_1 script.
- Moved a test case from the bad category to the good category, as the
test case had been miscategorized.
- Add some regression test cases.
- Fixed some potential double-free problems in the JPC codec.
Bumped the version number.
Added some additional checking to prevent a potential integer overflow
due to conversion in the JPC decoder.
Added numerous more-detailed error messages for the JPC and JP2
codecs.
Added a partial verbose capability for the run_test_1 script.
Moved a test case from the bad category to the good category, as the
test case had been miscategorized.
Added another regression test case.
Fixed some potential double-free problems in the JPC codec.
Fixed a problem in the JP2 encoder that caused a null pointer dereference when no ICC profile data is available (e.g., in the case of an unknown color space).
This integrates most of the patches we had applied in pkgsrc.
The changes are in ChangeLog, and are not well summarized anywhere
I can find, sorry...
OK from adam@
Add comments to the patches.
Add fix for oCERT-2014-012, pulled from RedHat.
Add fix from Debian bug 469786.
Add LICENSE setting, I think modified-bsd is fitting.
Bump PKGREVISION.
alternative from mk/jpeg.buildlink3.mk
This allows selection of an alternative jpeg library (namely the x86 MMX,
SSE, SSE2 accelerated libjpeg-turbo) via JPEG_DEFAULT=libjpeg-turbo, and
follows the current standard model for alternatives (fam, motif, fuse etc).
The mechanical edits were applied via the following script:
#!/bin/sh
for d in */*; do
[ -d "$d" ] || continue
for i in "$d/"Makefile* "$d/"*.mk; do
case "$i" in *.orig|*"*"*) continue;; esac
out="$d/x"
sed -e 's;graphics/jpeg/buildlink3\.mk;mk/jpeg.buildlink3.mk;g' \
-e 's;BUILDLINK_PREFIX\.jpeg;JPEGBASE;g' \
< "$i" > "$out"
if cmp -s "$i" "$out"; then
rm -f "$out"
else
echo "Edited $i"
mv -f "$i" "$i.orig" && mv "$out" "$i"
fi
done
done
Fixes build of some depending package such as netpbm (with its horrible,
horrible hardcoded _XOPEN_SOURCES definitions all over the place) on Solaris.
Will be submitted upstream.
1) The wavelet transform code has been rewritten in order to be more
cache efficient (via loop tiling). As a few individuals have noted,
the old code could often result in an excessive number of cache misses.
2) Some man pages have been added to the distribution as provided
by Roland Stigge.
3) Some simple timer routines have been added to facilitate performance
measurements.
4) Numerous bugs have been fixed (e.g., memory leaks, JP2 box processing
problem, etc.).
5) Some name space pollution issues have been resolved.
6) A few compiler warnings have been fixed.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
* A preliminary attempt at a color management subsystem has been added to JasPer
* Previously, the configure process did not generate a configuration header file
* Temporary files created with the jas_stream_tmpfile function were not
correctly removed upon file close under Microsoft Windows
* An option has been added to the JPEG encoder to allow a quality factor to be
specified
* A new make target has been added for RPM building
* The code now compiles with many fewer warnings on most platforms
* The JasPer software license has been made slightly less restrictive
* The configure-based build process has been updated to use newer versions of
the GNU configure tools
