Overview
Request 1146098 accepted
- Update to version 3.0.2
* Fixed a signed integer overflow in the tj3CompressFromYUV8(),
tj3DecodeYUV8(), tj3DecompressToYUV8(), and tj3EncodeYUV8()
functions, detected by the Clang and GCC undefined behavior
sanitizers, that could be triggered by setting the align
parameter to an unreasonably large value. This issue did not
pose a security threat, but removing the warning made it
easier to detect actual security issues, should they arise in
the future.
* Introduced a new parameter (TJPARAM_MAXMEMORY in the
TurboJPEG C API and TJ.PARAM_MAXMEMORY in the TurboJPEG Java
API) and a corresponding TJBench option (-maxmemory) for
specifying the maximum amount of memory (in megabytes) that
will be allocated for intermediate buffers, which are used
with progressive JPEG compression and decompression, optimized
baseline entropy coding, lossless JPEG compression, and
lossless transformation. The new parameter and option serve
the same purpose as the max_memory_to_use field in the
jpeg_memory_mgr struct in the libjpeg API, the JPEGMEM
environment variable, and the cjpeg/djpeg/jpegtran -maxmemory
option.
* Introduced a new parameter (TJPARAM_MAXPIXELS in the TurboJPEG
C API and TJ.PARAM_MAXPIXELS in the TurboJPEG Java API) and a
corresponding TJBench option (-maxpixels) for specifying the
maximum number of pixels that the decompression, lossless
transformation, and packed-pixel image loading
functions/methods will process.
* Fixed an error ("Unsupported color conversion request") that
occurred when attempting to decompress a 3-component lossless
JPEG image without an Adobe APP14 marker. The decompressor (forwarded request 1144368 from mnhauke)
Request History
pgajdos created request
- Update to version 3.0.2
* Fixed a signed integer overflow in the tj3CompressFromYUV8(),
tj3DecodeYUV8(), tj3DecompressToYUV8(), and tj3EncodeYUV8()
functions, detected by the Clang and GCC undefined behavior
sanitizers, that could be triggered by setting the align
parameter to an unreasonably large value. This issue did not
pose a security threat, but removing the warning made it
easier to detect actual security issues, should they arise in
the future.
* Introduced a new parameter (TJPARAM_MAXMEMORY in the
TurboJPEG C API and TJ.PARAM_MAXMEMORY in the TurboJPEG Java
API) and a corresponding TJBench option (-maxmemory) for
specifying the maximum amount of memory (in megabytes) that
will be allocated for intermediate buffers, which are used
with progressive JPEG compression and decompression, optimized
baseline entropy coding, lossless JPEG compression, and
lossless transformation. The new parameter and option serve
the same purpose as the max_memory_to_use field in the
jpeg_memory_mgr struct in the libjpeg API, the JPEGMEM
environment variable, and the cjpeg/djpeg/jpegtran -maxmemory
option.
* Introduced a new parameter (TJPARAM_MAXPIXELS in the TurboJPEG
C API and TJ.PARAM_MAXPIXELS in the TurboJPEG Java API) and a
corresponding TJBench option (-maxpixels) for specifying the
maximum number of pixels that the decompression, lossless
transformation, and packed-pixel image loading
functions/methods will process.
* Fixed an error ("Unsupported color conversion request") that
occurred when attempting to decompress a 3-component lossless
JPEG image without an Adobe APP14 marker. The decompressor (forwarded request 1144368 from mnhauke)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
anag+factory set openSUSE:Factory:Staging:E as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:E"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:E"
mstrigl accepted review
Accepted review for by_group opensuse-review-team request 1146098 from user anag+factory
licensedigger accepted review
The legal review is accepted preliminary. The package may require actions later on.
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:E got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:E got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:E got accepted.