• Files Changed
• Browse Source

- update to 0.28.2 (bsc#1219870, CVE-2024-24826, bsc#1219871,
  CVE-2024-25112):
  * CVE-2024-24826: out-of-bounds read in
    QuickTimeVideo::NikonTagsDecoder.
  * CVE-2024-25112: denial of service due to unbounded
    recursion in QuickTimeVideo::multipleEntriesDecoder.

• Files Changed
• Browse Source

- update to 0.28.1 (bsc#1216923, CVE-2023-44398):
  * Release Notes:
    https://github.com/Exiv2/exiv2/issues/2813
- drop exiv2-metadata-null-checks.patch (upstream)

• Files Changed
• Browse Source

  * Add Nikon3.WhiteBalanceBias2
  * Add Nikon LensData v0802
  * Add more DNG 1.6 tags
                    bsc#1189338, CVE-2021-34334,
                    bsc#1189337, CVE-2021-32815,
                    bsc#1189340, CVE-2021-34335,
                    bsc#1189341, CVE-2021-37615,
  * Minor bugs and fixes
  - Other improvements
- Update to 0.27.2 (bsc#1188645, CVE-2020-19716, bsc#1214582, CVE-2020-18831)
  * obsoletes 0001-PSD-Use-Safe-add-for-preventing-overflows-in-PSD-fil.patch
  * exivsimple has array index errors when stripping quotes form
  * TIFF parser,Binary array elements should be decoded using the
  * Add option -K Key (--key Key) to specify one or more keys to
  * "exiv2 -eX" followed by "exiv2 -iX" produces invalid XMP
   * fix-overflow-in-info-tags-r3264.patch
   * fix-video-timescale-handling.patch
   * parallel-build-dep.patch
  This release introduces support for Postscript (EPS) images.
  XMP metadata can be read and written from/to EPS images and
  previews are accessible.
  Further it includes a new build environment for MSVC 64 bit
- fix build with gcc 4.3 (upstream backport)
  * Fix "Since v0.14 the version check macro doesn't work in a precompiler

• Files Changed
• Browse Source

• Files Changed
• Browse Source

- add a x86-64-v3 build, remove 32bit build (not used)

- drop old C++ standard hack (patched line dropped in 0.28)
- use g++-11 for Leap 15 builds (fix for failed std::filesystem
  check)

- update to 0.28.0:
  - long list of improvements and security fixes, see
   https://github.com/Exiv2/exiv2/issues/2406#issuecomment-1529139799
- drop always-use-signed-char-for-conversion.patch (code no longer exists)
- drop CVE-2022-3953.patch (merged upstream)
- drop xml-static subpackage, cannot be built from shared builds anymore
  and appears to be unused

• Files Changed
• Browse Source

• Files Changed
• Browse Source

Automatic submission by obs-autosubmit

• Files Changed
• Browse Source

- update to 0.27.6:
  * Add Nikon3.WhiteBalanceBias2	
  * Add Nikon LensData v0802	
  * Add some F mount lenses
  * Initial support for OM System MakerNote
  * Add Sony ARW compression to dict
  * Exif start can be at any byte in payload, not word aligned
  * Fix exception type when writing BMFF file
  * Add more MIME type mappings for TIFF-based raws
  * Fix naming of canon EF 35-80mm
  * Replace assert with enforce
  * PNG: always strip the existing iCCP chunk
  * Account for header bytes for Exif and XMP boxes
  * Fix Integer overflow in Photoshop::setIptcIrb
  * Fix Integer-overflow in sumToLong
  * Fix out of bounds read in isValidBoxFileType()
  * Fix in Jp2 metadata writing & improvements in reading
  * Strip XMP raw packet before decoding
  * Add tiff tags
  * Add more DNG 1.6 tags	
  * Fix bug in iterating over the elements of dateStrings
  * Use memmove in TiffEncoder::updateDirEntry
  * Treat Exif.Sony1.PreviewImage as undefined tag

• Files Changed
• Browse Source

• Files Changed
• Browse Source

Automatic submission by obs-autosubmit

• Files Changed
• Browse Source

Automatic submission by obs-autosubmit

• Files Changed
• Browse Source

- switch to pkgconfig(zlib) so that alternative providers can be
  used

• Files Changed
• Browse Source

Automatic submission by obs-autosubmit

• Files Changed
• Browse Source

- spec-cleaner run
- add CVE-2022-3953.patch (CVE-2022-3953, bsc#1205391)

                    bsc#1189335, CVE-2021-37623,
                    bsc#1189337, CVE-2021-32815, 
                    bsc#1189340, CVE-2021-34335):

• Files Changed
• Browse Source

                    bsc#1186192, CVE-2021-32617,
                    bsc#1185913, CVE-2021-29463):

• Files Changed
• Browse Source

                    bsc#1189333, CVE-2021-37621,
                    bsc#1189334, CVE-2021-37622,
                    bsc#1189338, CVE-2021-34334, 
                    bsc#1189335, CVE-2021-37623):

• Files Changed
• Browse Source

- update to official RC2 tarball release:
  which obsoletes the following patches in previous dists as backports
  that have always been upstream:
  * obsoletes 0001-PSD-Use-Safe-add-for-preventing-overflows-in-PSD-fil.patch 
  * obsoletes 0002-PSD-enforce-Length-of-image-resource-section-file-si.patch (CVE-2018-19108, bsc#1115364)
  * obsoletes 0001-Fix-561.-Use-proper-counter-for-the-idx-variable.patch (CVE-2018-19607, bsc#1117513)
  * obsoletes 0001-Avoid-null-pointer-exception-due-to-NULL-return-valu.patch (bsc#1142684, CVE-2019-13114)
  * obsoletes 0001-IptcData-printStructure-Remove-buffer-overrun.patch (bsc#1088424, CVE-2018-9305)
  * obsoletes 0001-Fix-SEGV-in-DataValue-Copy.patch (bsc#1109299, CVE-2018-17282)
  * Fixes CVE-2017-9239 (bsc#1040973): null pointer dereference in doWriteImage
  * Fixes CVE-2018-17229 (bsc#1109175): (Heap buffer overflow in Exiv2::d2Data)
  * Fixes CVE-2018-17230 (bsc#1109176): (heap-based buffer overflow in Exiv2::ul2Data)
  * Fixes CVE-2017-1000126 (Stack out of bounds read in webp parser) (bsc#1068873)

• Files Changed
• Browse Source

- add tracker for SLE (jsc#PED-1393)

- update to 0.27.5 (bsc#1189332, CVE-2021-37620,
                    bsc#1189333, CVE-2021-37621):
- Update to 0.27.4 (bsc#1186053, CVE-2021-29623,
                    bsc#1185447, CVE-2021-29470,
                    bsc#1185002, CVE-2021-29457,
                    bsc#1188733, CVE-2021-31291,
                    bsc#1186192, CVE-2021-32617):
- Update to 0.27.2 (bsc#1188645, CVE-2020-19716)
- update to 0.27.1 (CVE-2019-13108, bsc#1142675)

• Files Changed
• Browse Source

- Update to 0.27.4 (bsc#1186053, CVE-2021-29623):

• Files Changed
• Browse Source