jasper: 1.900.1 -> 2.0.16

jasper/.footprint

@@ -3,13 +3,13 @@ drwxr-xr-x	root/root	usr/bin/
 -rwxr-xr-x	root/root	usr/bin/imgcmp
 -rwxr-xr-x	root/root	usr/bin/imginfo
 -rwxr-xr-x	root/root	usr/bin/jasper
--rwxr-xr-x	root/root	usr/bin/tmrdemo
+-rwxr-xr-x	root/root	usr/bin/jiv
 drwxr-xr-x	root/root	usr/include/
 drwxr-xr-x	root/root	usr/include/jasper/
 -rw-r--r--	root/root	usr/include/jasper/jas_cm.h
 -rw-r--r--	root/root	usr/include/jasper/jas_config.h
--rw-r--r--	root/root	usr/include/jasper/jas_config2.h
 -rw-r--r--	root/root	usr/include/jasper/jas_debug.h
+-rw-r--r--	root/root	usr/include/jasper/jas_dll.h
 -rw-r--r--	root/root	usr/include/jasper/jas_fix.h
 -rw-r--r--	root/root	usr/include/jasper/jas_getopt.h
 -rw-r--r--	root/root	usr/include/jasper/jas_icc.h
@@ -27,13 +27,15 @@ drwxr-xr-x	root/root	usr/include/jasper/
 -rw-r--r--	root/root	usr/include/jasper/jasper.h
 drwxr-xr-x	root/root	usr/lib/
 -rw-r--r--	root/root	usr/lib/libjasper.a
--rwxr-xr-x	root/root	usr/lib/libjasper.la
-lrwxrwxrwx	root/root	usr/lib/libjasper.so -> libjasper.so.1.0.0
-lrwxrwxrwx	root/root	usr/lib/libjasper.so.1 -> libjasper.so.1.0.0
--rwxr-xr-x	root/root	usr/lib/libjasper.so.1.0.0
-drwxr-xr-x	root/root	usr/man/
-drwxr-xr-x	root/root	usr/man/man1/
--rw-r--r--	root/root	usr/man/man1/imgcmp.1.gz
--rw-r--r--	root/root	usr/man/man1/imginfo.1.gz
--rw-r--r--	root/root	usr/man/man1/jasper.1.gz
--rw-r--r--	root/root	usr/man/man1/jiv.1.gz
+lrwxrwxrwx	root/root	usr/lib/libjasper.so -> libjasper.so.4
+lrwxrwxrwx	root/root	usr/lib/libjasper.so.4 -> libjasper.so.4.0.0
+-rwxr-xr-x	root/root	usr/lib/libjasper.so.4.0.0
+drwxr-xr-x	root/root	usr/lib/pkgconfig/
+-rw-r--r--	root/root	usr/lib/pkgconfig/jasper.pc
+drwxr-xr-x	root/root	usr/share/
+drwxr-xr-x	root/root	usr/share/man/
+drwxr-xr-x	root/root	usr/share/man/man1/
+-rw-r--r--	root/root	usr/share/man/man1/imgcmp.1.gz
+-rw-r--r--	root/root	usr/share/man/man1/imginfo.1.gz
+-rw-r--r--	root/root	usr/share/man/man1/jasper.1.gz
+-rw-r--r--	root/root	usr/share/man/man1/jiv.1.gz

jasper/.signature

@@ -1,5 +1,6 @@
 untrusted comment: verify with /etc/ports/contrib.pub
-RWSagIOpLGJF39GjN8M/hPgNdHs1V2EQytYRDYRZ9I3eeAQMwJSJjWIzHqPoYYcTtx3Etr8fUd2mn3pMyqmndLI6RExfWCM39wY=
-SHA256 (Pkgfile) = 2e5f8323460e4d531d3f059973d1554051690d19cb7a95a8ec857f9351f64fe3
-SHA256 (.footprint) = 0b54f0282fa947e34505a141df18cc9c729d3b915217384c50092eeeff909e90
-SHA256 (jasper-1.900.1.zip) = 6b905a9c2aca2e275544212666eefc4eb44d95d0a57e4305457b407fe63f9494
+RWSagIOpLGJF3y9uUqYnaSQpLOLWkd+M/G+xIYiY4AKOyiC6M9c1fShs/Cn6Jii6S3/2CK18j8lUlCSJdj0LvGWnPqrYaei+pww=
+SHA256 (Pkgfile) = 53685c3b0e1f1a1ee1cd980bf3cd6bb4a852918a4eba8034e77f819f3fd421f0
+SHA256 (.footprint) = 88d6acc67b2adc5dc929fedcedb0d1998490baf0039de26bfb48f8dca5895d64
+SHA256 (jasper-2.0.16.tar.gz) = f1d8b90f231184d99968f361884e2054a1714fdbbd9944ba1ae4ebdcc9bbfdb1
+SHA256 (jasper-1.900.1-fix-filename-buffer-overflow.patch) = f51377e9b3e4faaa6b17b2d5fcf6f6d94fe2916a65dc9c78b5a99b891f5726dc

jasper/Pkgfile

@@ -1,21 +1,46 @@
 # Description: Codec JPEG-2000 Part-1 standard.
 # URL: http://www.ece.uvic.ca/~frodo/jasper/
 # Maintainer: Danny Rawlins, crux at romster dot me
-# Packager: Danny Rawlins, ronster dot romster at gmail dot com
-# Depends on: freeglut libjpeg-turbo
+# Depends on: freeglut libjpeg-turbo xorg-libxmu
 
 name=jasper
-version=1.900.1
+version=2.0.16
 release=1
-source=(http://www.ece.uvic.ca/~frodo/jasper/software/$name-$version.zip)
+source=(https://github.com/mdadams/jasper/archive/version-$version/$name-$version.tar.gz
+	jasper-1.900.1-fix-filename-buffer-overflow.patch)
 
 build() {
-	cd $name-$version
+	cd $name-version-$version
 
-	./configure \
-		--prefix=/usr \
-		--enable-shared
+	patch -p1 -i $SRC/jasper-1.900.1-fix-filename-buffer-overflow.patch
+	sed -r 's|(CMAKE_SKIP_BUILD_RPATH) FALSE|\1 TRUE|g' -i CMakeLists.txt
 
+	mkdir -p build-{shared,static}
+
+	local config="
+-DCMAKE_INSTALL_PREFIX=/usr
+-DCMAKE_INSTALL_LIBDIR=lib
+-DCMAKE_BUILD_TYPE=Release
+-DJAS_ENABLE_OPENGL=ON
+-DJAS_ENABLE_LIBJPEG=ON
+-DJAS_ENABLE_AUTOMATIC_DEPENDENCIES=OFF
+-DCMAKE_SKIP_RPATH=ON
+-DOpenGL_GL_PREFERENCE=GLVND"
+
+	#build static lib
+	(cd build-static
+	cmake .. $config -DJAS_ENABLE_SHARED=OFF
 	make
-	make DESTDIR=$PKG install
+	)
+
+	#build shared lib
+	(cd build-shared
+	cmake .. $config -DJAS_ENABLE_SHARED=ON
+	make
+	)
+
+	make -C build-static DESTDIR=$PKG install
+	make -C build-shared DESTDIR=$PKG install
+
+	rm -r $PKG/usr/share/doc
 }

jasper/jasper-1.900.1-fix-filename-buffer-overflow.patch

@@ -0,0 +1,37 @@
+Description: Filename buffer overflow fix
+ This patch fixes a security hole by a bad buffer size handling.
+Author: Roland Stigge <stigge@antcom.de>
+Bug-Debian: http://bugs.debian.org/645118
+
+--- a/src/libjasper/include/jasper/jas_stream.h
++++ b/src/libjasper/include/jasper/jas_stream.h
+@@ -77,6 +77,7 @@
+ #include <jasper/jas_config.h>
+ 
+ #include <stdio.h>
++#include <limits.h>
+ #if defined(JAS_HAVE_FCNTL_H)
+ #include <fcntl.h>
+ #endif
+@@ -99,6 +100,12 @@ extern "C" {
+ #define O_BINARY	0
+ #endif
+ 
++#ifdef PATH_MAX
++#define JAS_PATH_MAX PATH_MAX
++#else
++#define JAS_PATH_MAX 4096
++#endif
++
+ /*
+  * Stream open flags.
+  */
+@@ -251,7 +258,7 @@ typedef struct {
+ typedef struct {
+ 	int fd;
+ 	int flags;
+-	char pathname[L_tmpnam + 1];
++	char pathname[JAS_PATH_MAX + 1];
+ } jas_stream_fileobj_t;
+ 
+ #define	JAS_STREAM_FILEOBJ_DELONCLOSE	0x01