From 7bcaa3894b2c660b9ce0230874b401729779d068 Mon Sep 17 00:00:00 2001
From: openeuler-ci-bot <80474298@qq.com>
Date: Tue, 29 Dec 2020 05:58:52 +0800
Subject: [PATCH 1/2] [patch tracking] 20201229055849763338 -
 https://github.com/uclouvain/openjpeg/commit/37ac30ceff6640bbab502388c5e0fa0bff23f505

---
 ...30ceff6640bbab502388c5e0fa0bff23f505.patch | 151 ++++++++++++++++++
 1 file changed, 151 insertions(+)
 create mode 100644 37ac30ceff6640bbab502388c5e0fa0bff23f505.patch

diff --git a/37ac30ceff6640bbab502388c5e0fa0bff23f505.patch b/37ac30ceff6640bbab502388c5e0fa0bff23f505.patch
new file mode 100644
index 0000000..c214427
--- /dev/null
+++ b/37ac30ceff6640bbab502388c5e0fa0bff23f505.patch
@@ -0,0 +1,151 @@
+diff --git a/CHANGELOG.md b/CHANGELOG.md
+index e45b32465..4187b0673 100644
+--- a/CHANGELOG.md
++++ b/CHANGELOG.md
+@@ -1,5 +1,92 @@
+ # Changelog
+ 
++## [v2.4.0](https://github.com/uclouvain/openjpeg/releases/v2.4.0) (2020-12-28)
++
++[Full Changelog](https://github.com/uclouvain/openjpeg/compare/v2.3.1...v2.4.0)
++
++**Closed issues:**
++
++- OPENJPEG\_INSTALL\_DOC\_DIR does not control a destination directory where HTML docs would be installed. [\#1309](https://github.com/uclouvain/openjpeg/issues/1309)
++- Heap-buffer-overflow in lib/openjp2/pi.c:312 [\#1302](https://github.com/uclouvain/openjpeg/issues/1302)
++- Heap-buffer-overflow in lib/openjp2/t2.c:973 [\#1299](https://github.com/uclouvain/openjpeg/issues/1299)
++- Heap-buffer-overflow in lib/openjp2/pi.c:623 [\#1293](https://github.com/uclouvain/openjpeg/issues/1293)
++- Global-buffer-overflow in lib/openjp2/dwt.c:1980 [\#1286](https://github.com/uclouvain/openjpeg/issues/1286)
++- Heap-buffer-overflow in lib/openjp2/tcd.c:2417 [\#1284](https://github.com/uclouvain/openjpeg/issues/1284)
++- Heap-buffer-overflow in lib/openjp2/mqc.c:499 [\#1283](https://github.com/uclouvain/openjpeg/issues/1283)
++- Openjpeg could not encode 32bit RGB float image [\#1281](https://github.com/uclouvain/openjpeg/issues/1281)
++- Openjpeg could not encode 32bit RGB float image [\#1280](https://github.com/uclouvain/openjpeg/issues/1280)
++- ISO/IEC 15444-1:2019 \(E\) compared with 'cio.h' [\#1277](https://github.com/uclouvain/openjpeg/issues/1277)
++- Test-suite failure due to hash mismatch [\#1264](https://github.com/uclouvain/openjpeg/issues/1264)
++- Heap use-after-free [\#1261](https://github.com/uclouvain/openjpeg/issues/1261)
++- Memory leak when failing to allocate object... [\#1259](https://github.com/uclouvain/openjpeg/issues/1259)
++- Memory leak of Tier 1 handle when OpenJPEG fails to set it as TLS... [\#1257](https://github.com/uclouvain/openjpeg/issues/1257)
++- Any plan to build release for CVE-2020-8112/CVE-2020-6851 [\#1247](https://github.com/uclouvain/openjpeg/issues/1247)
++- failing to convert 16-bit file: opj\_t2\_encode\_packet\(\): only 5251 bytes remaining in output buffer. 5621 needed. [\#1243](https://github.com/uclouvain/openjpeg/issues/1243)
++- CMake+VS2017 Compile OK, thirdparty Compile OK, but thirdparty not install [\#1239](https://github.com/uclouvain/openjpeg/issues/1239)
++- New release to solve CVE-2019-6988 ? [\#1238](https://github.com/uclouvain/openjpeg/issues/1238)
++- Many tests fail to pass after the update of libtiff to version 4.1.0 [\#1233](https://github.com/uclouvain/openjpeg/issues/1233)
++- Another heap buffer overflow in libopenjp2 [\#1231](https://github.com/uclouvain/openjpeg/issues/1231)
++- Heap buffer overflow in libopenjp2 [\#1228](https://github.com/uclouvain/openjpeg/issues/1228)
++- Endianness of binary volume \(JP3D\) [\#1224](https://github.com/uclouvain/openjpeg/issues/1224)
++- New release to resolve CVE-2019-12973 [\#1222](https://github.com/uclouvain/openjpeg/issues/1222)
++- how to set the block size,like 128,256 ? [\#1216](https://github.com/uclouvain/openjpeg/issues/1216)
++- compress YUV files to motion jpeg2000 standard [\#1213](https://github.com/uclouvain/openjpeg/issues/1213)
++- Repair/update Java wrapper, and include in release [\#1208](https://github.com/uclouvain/openjpeg/issues/1208)
++- abc [\#1206](https://github.com/uclouvain/openjpeg/issues/1206)
++- Slow decoding [\#1202](https://github.com/uclouvain/openjpeg/issues/1202)
++- Installation question [\#1201](https://github.com/uclouvain/openjpeg/issues/1201)
++- Typo in test\_decode\_area - \*ptilew is assigned instead of \*ptileh [\#1195](https://github.com/uclouvain/openjpeg/issues/1195)
++- Creating a J2K file with one POC is broken [\#1191](https://github.com/uclouvain/openjpeg/issues/1191)
++- Make fails on Arch Linux [\#1174](https://github.com/uclouvain/openjpeg/issues/1174)
++- Heap buffer overflow in opj\_t1\_clbl\_decode\_processor\(\) triggered with Ghostscript [\#1158](https://github.com/uclouvain/openjpeg/issues/1158)
++- opj\_stream\_get\_number\_byte\_left: Assertion `p\_stream-\>m\_byte\_offset \>= 0' failed. [\#1151](https://github.com/uclouvain/openjpeg/issues/1151)
++- The fuzzer ignores too many inputs [\#1079](https://github.com/uclouvain/openjpeg/issues/1079)
++- out of bounds read [\#1068](https://github.com/uclouvain/openjpeg/issues/1068)
++
++**Merged pull requests:**
++
++- Change defined WIN32 [\#1310](https://github.com/uclouvain/openjpeg/pull/1310) ([Jamaika1](https://github.com/Jamaika1))
++- docs: fix simple typo, producted -\> produced [\#1308](https://github.com/uclouvain/openjpeg/pull/1308) ([timgates42](https://github.com/timgates42))
++- Set ${OPENJPEG\_INSTALL\_DOC\_DIR} to DESTINATION of HTMLs [\#1307](https://github.com/uclouvain/openjpeg/pull/1307) ([lemniscati](https://github.com/lemniscati))
++- Use INC\_DIR for OPENJPEG\_INCLUDE\_DIRS \(fixes uclouvain\#1174\) [\#1306](https://github.com/uclouvain/openjpeg/pull/1306) ([matthew-sharp](https://github.com/matthew-sharp))
++- pi.c: avoid out of bounds access with POC \(fixes \#1302\) [\#1304](https://github.com/uclouvain/openjpeg/pull/1304) ([rouault](https://github.com/rouault))
++- Encoder: grow again buffer size [\#1303](https://github.com/uclouvain/openjpeg/pull/1303) ([zodf0055980](https://github.com/zodf0055980))
++- opj\_j2k\_write\_sod\(\): avoid potential heap buffer overflow \(fixes \#1299\) \(probably master only\) [\#1301](https://github.com/uclouvain/openjpeg/pull/1301) ([rouault](https://github.com/rouault))
++- pi.c: avoid out of bounds access with POC \(refs https://github.com/uclouvain/openjpeg/issues/1293\#issuecomment-737122836\) [\#1300](https://github.com/uclouvain/openjpeg/pull/1300) ([rouault](https://github.com/rouault))
++- opj\_t2\_encode\_packet\(\): avoid out of bound access of \#1297, but likely not the proper fix [\#1298](https://github.com/uclouvain/openjpeg/pull/1298) ([rouault](https://github.com/rouault))
++- opj\_t2\_encode\_packet\(\): avoid out of bound access of \#1294, but likely not the proper fix [\#1296](https://github.com/uclouvain/openjpeg/pull/1296) ([rouault](https://github.com/rouault))
++- opj\_j2k\_setup\_encoder\(\): validate POC compno0 and compno1 \(fixes \#1293\) [\#1295](https://github.com/uclouvain/openjpeg/pull/1295) ([rouault](https://github.com/rouault))
++- Encoder: avoid global buffer overflow on irreversible conversion when… [\#1292](https://github.com/uclouvain/openjpeg/pull/1292) ([rouault](https://github.com/rouault))
++- Decoding: deal with some SPOT6 images that have tiles with a single tile-part with TPsot == 0 and TNsot == 0, and with missing EOC [\#1291](https://github.com/uclouvain/openjpeg/pull/1291) ([rouault](https://github.com/rouault))
++- Free p\_tcd\_marker\_info to avoid memory leak [\#1288](https://github.com/uclouvain/openjpeg/pull/1288) ([zodf0055980](https://github.com/zodf0055980))
++- Encoder: grow again buffer size [\#1287](https://github.com/uclouvain/openjpeg/pull/1287) ([zodf0055980](https://github.com/zodf0055980))
++- Encoder: avoid uint32 overflow when allocating memory for codestream buffer \(fixes \#1243\) [\#1276](https://github.com/uclouvain/openjpeg/pull/1276) ([rouault](https://github.com/rouault))
++- Java compatibility from 1.5 to 1.6 [\#1263](https://github.com/uclouvain/openjpeg/pull/1263) ([jiapei100](https://github.com/jiapei100))
++- opj\_decompress: fix double-free on input directory with mix of valid and invalid images [\#1262](https://github.com/uclouvain/openjpeg/pull/1262) ([rouault](https://github.com/rouault))
++- openjp2: Plug image leak when failing to allocate codestream index. [\#1260](https://github.com/uclouvain/openjpeg/pull/1260) ([sebras](https://github.com/sebras))
++- openjp2: Plug memory leak when setting data as TLS fails. [\#1258](https://github.com/uclouvain/openjpeg/pull/1258) ([sebras](https://github.com/sebras))
++- openjp2: Error out if failing to create Tier 1 handle. [\#1256](https://github.com/uclouvain/openjpeg/pull/1256) ([sebras](https://github.com/sebras))
++- Testing for invalid values of width, height, numcomps [\#1254](https://github.com/uclouvain/openjpeg/pull/1254) ([szukw000](https://github.com/szukw000))
++- Single-threaded performance improvements in forward DWT for 5-3 and 9-7 \(and other improvements\) [\#1253](https://github.com/uclouvain/openjpeg/pull/1253) ([rouault](https://github.com/rouault))
++- Add support for multithreading in encoder [\#1248](https://github.com/uclouvain/openjpeg/pull/1248) ([rouault](https://github.com/rouault))
++- Add support for generation of PLT markers in encoder [\#1246](https://github.com/uclouvain/openjpeg/pull/1246) ([rouault](https://github.com/rouault))
++- Fix warnings about signed/unsigned casts in pi.c [\#1244](https://github.com/uclouvain/openjpeg/pull/1244) ([rouault](https://github.com/rouault))
++- opj\_decompress: add sanity checks to avoid segfault in case of decoding error [\#1240](https://github.com/uclouvain/openjpeg/pull/1240) ([rouault](https://github.com/rouault))
++- ignore wrong icc [\#1236](https://github.com/uclouvain/openjpeg/pull/1236) ([szukw000](https://github.com/szukw000))
++- Implement writing of IMF profiles [\#1235](https://github.com/uclouvain/openjpeg/pull/1235) ([rouault](https://github.com/rouault))
++- tests: add alternate checksums for libtiff 4.1 [\#1234](https://github.com/uclouvain/openjpeg/pull/1234) ([rouault](https://github.com/rouault))
++- opj\_tcd\_init\_tile\(\): avoid integer overflow [\#1232](https://github.com/uclouvain/openjpeg/pull/1232) ([rouault](https://github.com/rouault))
++- tests/fuzzers: link fuzz binaries using $LIB\_FUZZING\_ENGINE. [\#1230](https://github.com/uclouvain/openjpeg/pull/1230) ([Dor1s](https://github.com/Dor1s))
++- opj\_j2k\_update\_image\_dimensions\(\): reject images whose coordinates are beyond INT\_MAX \(fixes \#1228\) [\#1229](https://github.com/uclouvain/openjpeg/pull/1229) ([rouault](https://github.com/rouault))
++- Fix resource leaks [\#1226](https://github.com/uclouvain/openjpeg/pull/1226) ([dodys](https://github.com/dodys))
++- abi-check.sh: fix false postive ABI error, and display output error log [\#1218](https://github.com/uclouvain/openjpeg/pull/1218) ([rouault](https://github.com/rouault))
++- pi.c: avoid integer overflow, resulting in later invalid access to memory in opj\_t2\_decode\_packets\(\) [\#1217](https://github.com/uclouvain/openjpeg/pull/1217) ([rouault](https://github.com/rouault))
++- Add check to validate SGcod/SPcoc/SPcod parameter values. [\#1211](https://github.com/uclouvain/openjpeg/pull/1211) ([sebras](https://github.com/sebras))
++- Fix buffer overflow reading an image file less than four characters [\#1196](https://github.com/uclouvain/openjpeg/pull/1196) ([robert-ancell](https://github.com/robert-ancell))
++- compression: emit POC marker when only one single POC is requested \(f… [\#1192](https://github.com/uclouvain/openjpeg/pull/1192) ([rouault](https://github.com/rouault))
++- Fix several potential vulnerabilities  [\#1185](https://github.com/uclouvain/openjpeg/pull/1185) ([Young-X](https://github.com/Young-X))
++- openjp2/j2k: Report error if all wanted components are not decoded. [\#1164](https://github.com/uclouvain/openjpeg/pull/1164) ([sebras](https://github.com/sebras))
++
+ ## [v2.3.1](https://github.com/uclouvain/openjpeg/releases/v2.3.1) (2019-04-02)
+ [Full Changelog](https://github.com/uclouvain/openjpeg/compare/v2.3.0...v2.3.1)
+ 
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 050264a78..5a4107837 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -32,8 +32,8 @@ include_regular_expression("^.*$")
+ #-----------------------------------------------------------------------------
+ # OPENJPEG version number, useful for packaging and doxygen doc:
+ set(OPENJPEG_VERSION_MAJOR 2)
+-set(OPENJPEG_VERSION_MINOR 3)
+-set(OPENJPEG_VERSION_BUILD 1)
++set(OPENJPEG_VERSION_MINOR 4)
++set(OPENJPEG_VERSION_BUILD 0)
+ set(OPENJPEG_VERSION
+   "${OPENJPEG_VERSION_MAJOR}.${OPENJPEG_VERSION_MINOR}.${OPENJPEG_VERSION_BUILD}")
+ set(PACKAGE_VERSION
+@@ -57,6 +57,7 @@ set(PACKAGE_VERSION
+ #   2.2.0 |  7
+ #   2.3.0 |  7
+ #   2.3.1 |  7
++#   2.4.0 |  7
+ # above is the recommendation by the OPJ team. If you really need to override this default,
+ # you can specify your own OPENJPEG_SOVERSION at cmake configuration time:
+ # cmake -DOPENJPEG_SOVERSION:STRING=42 /path/to/openjpeg
+diff --git a/NEWS.md b/NEWS.md
+index 794a796eb..6ac913351 100644
+--- a/NEWS.md
++++ b/NEWS.md
+@@ -2,6 +2,16 @@
+ 
+ More details in the [CHANGELOG](https://github.com/uclouvain/openjpeg/blob/master/CHANGELOG.md)
+ 
++## OpenJPEG 2.4.0 (December 2021)
++
++No API/ABI break compared to v2.3.1, but additional symbols for subset of components decoding (hence the MINOR version bump).
++
++* Encoder: add support for multithreading [\#1248](https://github.com/uclouvain/openjpeg/pull/1248)
++* Encoder: add support for generation of PLT markers [\#1246](https://github.com/uclouvain/openjpeg/pull/1246)
++* Encoder: single-threaded performance improvements in forward DWT for 5-3 and 9-7 (and other improvements) [\#1253](https://github.com/uclouvain/openjpeg/pull/1253)
++* Encoder: support IMF profiles [\#1235](https://github.com/uclouvain/openjpeg/pull/1235)
++* Many bug fixes (including security fixes)
++
+ ## OpenJPEG 2.3.1 (April 2019)
+ 
+ No API/ABI break compared to v2.3.0
+diff --git a/appveyor.yml b/appveyor.yml
+index d6561f6a9..a4b5fdefb 100644
+--- a/appveyor.yml
++++ b/appveyor.yml
+@@ -1,4 +1,4 @@
+-version: 2.3.1.{build}
++version: 2.4.0.{build}
+ branches:
+   except:
+   - coverity_scan
-- 
Gitee


From 956dcbd336d5440cfb1f3a7667fd9d24acb52bb2 Mon Sep 17 00:00:00 2001
From: openeuler-ci-bot <80474298@qq.com>
Date: Tue, 29 Dec 2020 05:58:53 +0800
Subject: [PATCH 2/2] [patch tracking] 20201229055849763338 - update spec file

---
 openjpeg2.spec | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/openjpeg2.spec b/openjpeg2.spec
index e4f0659..da74b80 100644
--- a/openjpeg2.spec
+++ b/openjpeg2.spec
@@ -1,6 +1,6 @@
 Name:           openjpeg2
 Version:        2.3.1
-Release:        3
+Release:        4
 Summary:        C-Library for JPEG 2000
 License:        BSD and MIT
 URL:            https://github.com/uclouvain/openjpeg
@@ -12,6 +12,7 @@ Patch1:         openjpeg2_opj2.patch
 Patch6000:	CVE-2016-10505.patch
 Patch6001:	CVE-2016-7445.patch
 Patch6002:      CVE-2020-15389.patch
+Patch6003: 37ac30ceff6640bbab502388c5e0fa0bff23f505.patch
 
 BuildRequires:  cmake gcc-c++ make zlib-devel libpng-devel libtiff-devel lcms2-devel doxygen
 
@@ -87,6 +88,9 @@ mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.
 %{_mandir}/man3/*.3*
 
 %changelog
+* 20201229055849763338 patch-tracking 2.3.1-4
+- append patch file of upstream repository from <37ac30ceff6640bbab502388c5e0fa0bff23f505> to <37ac30ceff6640bbab502388c5e0fa0bff23f505>
+
 * Sat Jul 25 2020 zhangnaru <zhangnaru@huawei.com> -2.3.1-3
 - fix CVE-2020-15389 
 
@@ -94,4 +98,4 @@ mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.
 - fix CVE-2016-10505 and CVE-2016-7445
 
 * Thu Sep 19 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.3.1-1
-- Package init
+- Package init
\ No newline at end of file
-- 
Gitee