libexif/libexif.spec

Name:           libexif
Summary:        Library for extracting extra information from image files
Version:        0.6.21
Release:        26
License:        LGPLv2+
URL:            https://libexif.github.io/
Source0:        https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2

Patch0:         41bd04234b104312f54d25822f68738ba8d7133d.patch
Patch6000:      libexif-0.6.21_CVE-2017-7544.patch
Patch6001:      CVE-2018-20030.patch
Patch6003:      libexif-bugfix-division-0.patch
Patch6004:	libexif-bugfix-integer-overflow.patch
Patch6005: 	libexif-bugfix-unsigned-int.patch
Patch6006:	libexif-bugfix-overflow.patch
Patch6007:      libexif-bugfix-large-loop-in-exif_loader_get_data.patch
Patch6008:      backport-CVE-2020-13113.patch
Patch6009:      backport-CVE-2020-13114.patch
Patch9001:	libexif-bugfix-integer-overflow-pentax.patch
Patch6010:      backport-CVE-2020-13112.patch
Patch6011:      backport-CVE-2019-9278.patch
Patch6012:      backport-CVE-2020-0181_CVE-2020-0198.patch
Patch6013:      backport-CVE-2020-0093.patch
Patch6014:	backport-fuzz-stack-overflow.patch
Patch6015:	backport-fuzz-timeout-and-out-of-memory.patch
Patch6016:	backport-CVE-2020-0452.patch

BuildRequires:  autoconf automake doxygen gettext-devel libtool pkgconfig git

%description
Most digital cameras produce EXIF files, which are JPEG files with
extra tags that contain information about the image. The EXIF library
allows you to parse an EXIF file and read the data from those tags.

%package        devel
Summary:        Files needed for libexif application development
Requires:       %{name}%{?_isa} = %{version}-%{release} pkgconfig

%description devel
The libexif-devel package contains the libraries and header files
for writing programs that use libexif.

%package_help

%prep
%autosetup -n %{name}-%{version} -p1 -S git
%build
autoreconf -fiv
%configure
%make_build

%install
%make_install
%delete_la
cp -R doc/doxygen-output/libexif-api.html .
iconv -f latin1 -t utf-8 < COPYING > COPYING.utf8; cp COPYING.utf8 COPYING
iconv -f latin1 -t utf-8 < README > README.utf8; cp README.utf8 README
%find_lang libexif-12

%check
make check

%ldconfig_scriptlets

%files -f libexif-12.lang
%defattr(-,root,root)
%doc README
%license COPYING
%{_libdir}/libexif.so.*

%files devel
%defattr(-,root,root)
%{_includedir}/libexif
%{_libdir}/*.so
%{_libdir}/*.a
%{_libdir}/pkgconfig/*.pc
%exclude %{_datadir}/doc/libexif

%files help
%defattr(-,root,root)
%doc libexif-api.html NEWS

%changelog
* Mon Jan 15 2024 zhouwenpei <zhouwenpei1@h-partners.com> - 0.6.21-26
- fix CVE-2020-0452

* Tue Oct 18 2022 wangkerong <wangkerong@h-partners.com> - 0.6.21-25
- fix fuzz test error

* Mon Oct 17 2022 wangkerong <wangkerong@h-partners.com> - 0.6.21-24
- fix CVE-2019-9278,CVE-2020-0181,CVE-2020-0198,CVE-2020-0093

* Tue Sep 28 2021 wangkerong <wangkerong@huawei.com> - 0.6.21-23
- Type:CVE
- Id:CVE-2020-13112
- SUG:NA
- DESC:fix CVE-2020-13112

* Mon Jul 26 2021 yangcheng <yangcheng87@huawei.com> - 0.6.21-22
- Type:CVE
- Id:CVE-2020-13113,CVE-2020-13114
- SUG:NA
- DESC:fix CVE-2020-13113 CVE-2020-13114

* Sat Aug 8 2020 yanan <yanan@huawei.com> - 0.6.21-21
- Type:bugfix
- Id:NA
- SUG:NA
- DESC:handle large loop in func exif_loader_get_data

* Tue Mar 10 2020 songnannan <songnannan2@huawei.com> - 0.6.21-20
- bugfix in oss-fuzz

* Sat Oct 19 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.6.21-19
- Type:bugfix
- Id:NA
- SUG:NA
- DESC:change the directory of the license file

* Thu Sep 12 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.6.21-18
- Package init
Package init 2019-09-30 10:56:00 -04:00			`Name: libexif`
			`Summary: Library for extracting extra information from image files`
			`Version: 0.6.21`
fix CVE-2020-0452 (cherry picked from commit afef81fb7a1bfe1d0588c283e123979cac2743ad) 2024-01-15 06:28:49 +00:00			`Release: 26`
Package init 2019-09-30 10:56:00 -04:00			`License: LGPLv2+`
			`URL: https://libexif.github.io/`
			`Source0: https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.bz2`

bugfix in oss-fuzz 2020-03-10 15:28:59 +08:00			`Patch0: 41bd04234b104312f54d25822f68738ba8d7133d.patch`
Package init 2019-09-30 10:56:00 -04:00			`Patch6000: libexif-0.6.21_CVE-2017-7544.patch`
			`Patch6001: CVE-2018-20030.patch`
bugfix in oss-fuzz 2020-03-10 15:28:59 +08:00			`Patch6003: libexif-bugfix-division-0.patch`
			`Patch6004: libexif-bugfix-integer-overflow.patch`
			`Patch6005: libexif-bugfix-unsigned-int.patch`
			`Patch6006: libexif-bugfix-overflow.patch`
fix large loop in func exif_loader_get_data 2020-08-08 12:35:18 +08:00			`Patch6007: libexif-bugfix-large-loop-in-exif_loader_get_data.patch`
fix CVE-2020-13113 CVE-2020-13114 (cherry picked from commit 4e26abe683eea3b2e542994833a7437135a2afbb) 2021-07-26 17:27:22 +08:00			`Patch6008: backport-CVE-2020-13113.patch`
			`Patch6009: backport-CVE-2020-13114.patch`
bugfix in oss-fuzz 2020-03-10 15:28:59 +08:00			`Patch9001: libexif-bugfix-integer-overflow-pentax.patch`
fix CVE-2020-13112 2021-09-28 15:35:14 +08:00			`Patch6010: backport-CVE-2020-13112.patch`
fix CVE-2019-9278,CVE-2020-0181,CVE-2020-0198,CVE-2020-0093 (cherry picked from commit 0fbe1cecddc9df2127450ef1b00dac874167ced5) 2022-10-17 03:30:49 +00:00			`Patch6011: backport-CVE-2019-9278.patch`
			`Patch6012: backport-CVE-2020-0181_CVE-2020-0198.patch`
			`Patch6013: backport-CVE-2020-0093.patch`
fix fuzz test error (cherry picked from commit 8908b88d3f15e985c4cf3795f12b0b78b13cf197) 2022-10-18 09:11:58 +00:00			`Patch6014: backport-fuzz-stack-overflow.patch`
			`Patch6015: backport-fuzz-timeout-and-out-of-memory.patch`
fix CVE-2020-0452 (cherry picked from commit afef81fb7a1bfe1d0588c283e123979cac2743ad) 2024-01-15 06:28:49 +00:00			`Patch6016: backport-CVE-2020-0452.patch`
Package init 2019-09-30 10:56:00 -04:00
			`BuildRequires: autoconf automake doxygen gettext-devel libtool pkgconfig git`

			`%description`
			`Most digital cameras produce EXIF files, which are JPEG files with`
			`extra tags that contain information about the image. The EXIF library`
			`allows you to parse an EXIF file and read the data from those tags.`

			`%package devel`
			`Summary: Files needed for libexif application development`
			`Requires: %{name}%{?_isa} = %{version}-%{release} pkgconfig`

			`%description devel`
			`The libexif-devel package contains the libraries and header files`
			`for writing programs that use libexif.`

			`%package_help`

			`%prep`
			`%autosetup -n %{name}-%{version} -p1 -S git`
			`%build`
			`autoreconf -fiv`
			`%configure`
			`%make_build`

			`%install`
			`%make_install`
			`%delete_la`
			`cp -R doc/doxygen-output/libexif-api.html .`
			`iconv -f latin1 -t utf-8 < COPYING > COPYING.utf8; cp COPYING.utf8 COPYING`
			`iconv -f latin1 -t utf-8 < README > README.utf8; cp README.utf8 README`
			`%find_lang libexif-12`

			`%check`
			`make check`

			`%ldconfig_scriptlets`

			`%files -f libexif-12.lang`
			`%defattr(-,root,root)`
update code 2019-11-06 19:38:15 +08:00			`%doc README`
			`%license COPYING`
Package init 2019-09-30 10:56:00 -04:00			`%{_libdir}/libexif.so.*`

			`%files devel`
			`%defattr(-,root,root)`
			`%{_includedir}/libexif`
			`%{_libdir}/*.so`
			`%{_libdir}/*.a`
			`%{_libdir}/pkgconfig/*.pc`
			`%exclude %{_datadir}/doc/libexif`

			`%files help`
			`%defattr(-,root,root)`
			`%doc libexif-api.html NEWS`

			`%changelog`
fix CVE-2020-0452 (cherry picked from commit afef81fb7a1bfe1d0588c283e123979cac2743ad) 2024-01-15 06:28:49 +00:00			`* Mon Jan 15 2024 zhouwenpei <zhouwenpei1@h-partners.com> - 0.6.21-26`
			`- fix CVE-2020-0452`

fix fuzz test error (cherry picked from commit 8908b88d3f15e985c4cf3795f12b0b78b13cf197) 2022-10-18 09:11:58 +00:00			`* Tue Oct 18 2022 wangkerong <wangkerong@h-partners.com> - 0.6.21-25`
			`- fix fuzz test error`

fix CVE-2019-9278,CVE-2020-0181,CVE-2020-0198,CVE-2020-0093 (cherry picked from commit 0fbe1cecddc9df2127450ef1b00dac874167ced5) 2022-10-17 03:30:49 +00:00			`* Mon Oct 17 2022 wangkerong <wangkerong@h-partners.com> - 0.6.21-24`
			`- fix CVE-2019-9278,CVE-2020-0181,CVE-2020-0198,CVE-2020-0093`

fix CVE-2020-13112 2021-09-28 15:35:14 +08:00			`* Tue Sep 28 2021 wangkerong <wangkerong@huawei.com> - 0.6.21-23`
			`- Type:CVE`
			`- Id:CVE-2020-13112`
			`- SUG:NA`
			`- DESC:fix CVE-2020-13112`

fix CVE-2020-13113 CVE-2020-13114 (cherry picked from commit 4e26abe683eea3b2e542994833a7437135a2afbb) 2021-07-26 17:27:22 +08:00			`* Mon Jul 26 2021 yangcheng <yangcheng87@huawei.com> - 0.6.21-22`
fix CVE-2020-13113 (cherry picked from commit 051d4a27fd2d8d1f0b401836d8ba7cb7ef128197) 2021-07-26 17:17:06 +08:00			`- Type:CVE`
fix CVE-2020-13113 CVE-2020-13114 (cherry picked from commit 4e26abe683eea3b2e542994833a7437135a2afbb) 2021-07-26 17:27:22 +08:00			`- Id:CVE-2020-13113,CVE-2020-13114`
fix CVE-2020-13113 (cherry picked from commit 051d4a27fd2d8d1f0b401836d8ba7cb7ef128197) 2021-07-26 17:17:06 +08:00			`- SUG:NA`
fix CVE-2020-13113 CVE-2020-13114 (cherry picked from commit 4e26abe683eea3b2e542994833a7437135a2afbb) 2021-07-26 17:27:22 +08:00			`- DESC:fix CVE-2020-13113 CVE-2020-13114`
fix CVE-2020-13113 (cherry picked from commit 051d4a27fd2d8d1f0b401836d8ba7cb7ef128197) 2021-07-26 17:17:06 +08:00
fix data in spec 2020-08-08 12:38:54 +08:00			`* Sat Aug 8 2020 yanan <yanan@huawei.com> - 0.6.21-21`
fix large loop in func exif_loader_get_data 2020-08-08 12:35:18 +08:00			`- Type:bugfix`
			`- Id:NA`
			`- SUG:NA`
			`- DESC:handle large loop in func exif_loader_get_data`

bugfix in oss-fuzz 2020-03-10 15:28:59 +08:00			`* Tue Mar 10 2020 songnannan <songnannan2@huawei.com> - 0.6.21-20`
			`- bugfix in oss-fuzz`

update code 2019-11-06 19:38:15 +08:00			`* Sat Oct 19 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.6.21-19`
			`- Type:bugfix`
			`- Id:NA`
			`- SUG:NA`
			`- DESC:change the directory of the license file`

Package init 2019-09-30 10:56:00 -04:00			`* Thu Sep 12 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.6.21-18`
			`- Package init`