--- exiv2-0.15.orig/debian/libexiv2-doc.docs +++ exiv2-0.15/debian/libexiv2-doc.docs @@ -0,0 +1,3 @@ +doc/html +doc/include +doc/index.html --- exiv2-0.15.orig/debian/docs +++ exiv2-0.15/debian/docs @@ -0,0 +1 @@ +README --- exiv2-0.15.orig/debian/rules +++ exiv2-0.15/debian/rules @@ -0,0 +1,34 @@ +#!/usr/bin/make -f + +FILENAME = $(DEB_SOURCE_PACKAGE)_$(DEB_UPSTREAM_VERSION).orig.tar.gz +UPFILENAME = $(DEB_SOURCE_PACKAGE)-$(DEB_UPSTREAM_VERSION).tar.gz +URL = http://www.exiv2.org/$(UPFILENAME) + +include /usr/share/cdbs/1/rules/debhelper.mk +include /usr/share/cdbs/1/class/autotools.mk +include /usr/share/cdbs/1/rules/simple-patchsys.mk + +build/libexiv2-doc:: + $(MAKE) doc + +install/exiv2:: + /usr/bin/chrpath -d $(CURDIR)/debian/tmp/usr/bin/exiv2 + +DEB_INSTALL_CHANGELOGS_ALL := doc/ChangeLog +DEB_COMPRESS_EXCLUDE := .xls .js .idx .xml .php +DEB_INSTALL_DOCS_ALL := -Xcmd.txt -XMakefile -Xtemplates -XChangeLog +DEB_CONFIGURE_EXTRA_FLAGS := --disable-rpath + +get-orig-source: + @@dh_testdir + @@[ -d ../tarballs/. ]||mkdir -p ../tarballs + @@echo Downloading $(UPFILENAME) from $(URL) ... + @@wget -N -nv -T10 -t3 -O ../tarballs/$(FILENAME) $(URL) + +print-version: + @@echo DEB_SOURCE_PACKAGE: $(DEB_SOURCE_PACKAGE) + @@echo DEB_VERSION: $(DEB_VERSION) + @@echo DEB_NO_EPOCH_VERSION: $(DEB_NOEPOCH_VERSION) + @@echo DEB_UPSTREAM_VERSION: $(DEB_UPSTREAM_VERSION) + @@echo FILENAME: $(FILENAME) + @@echo URL: $(URL) --- exiv2-0.15.orig/debian/control +++ exiv2-0.15/debian/control @@ -0,0 +1,66 @@ +Source: exiv2 +Section: graphics +Priority: optional +Maintainer: Ubuntu Core developers +XSBC-Original-Maintainer: Debian KDE Extras Team +Uploaders: KELEMEN Peter , Mark Purcell +Build-Depends: debhelper (>= 4.0.0), g++ (>= 4.0.0), autotools-dev, chrpath, dpkg-dev (>= 1.13.19), zlib1g-dev, cdbs, doxygen, graphviz, python, xsltproc +Standards-Version: 3.7.2 + +Package: exiv2 +Section: graphics +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: EXIF/IPTC metadata manipulation tool + Exiv2 can: + . + * print the Exif metadata of JPEG, TIFF and several RAW image formats as + summary info, interpreted values, or the plain data for each tag + * print the IPTC metadata of JPEG images + * print, set and delete the JPEG comment of JPEG images + * set, add and delete Exif and IPTC metadata of JPEG images + * adjust the Exif timestamp (that's how it all started...) + * rename Exif image files according to the Exif timestamp + * extract, insert and delete Exif metadata, IPTC metadata and JPEG comments + * extract, insert and delete the thumbnail image embedded in the Exif metadata + * fix the Exif ISO setting of picture taken with Nikon cameras + . + Homepage: http://www.exiv2.org/ + +Package: libexiv2-0 +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Conflicts: libexiv2c2a, libexiv2-0.12 +Replaces: libexiv2c2a, libexiv2-0.12 +Recommends: exiv2 +Description: EXIF/IPTC metadata manipulation library + Exiv2 library supports: + * full read and write access to the EXIF and IPTC metadata of an image + through Exiv2 keys and standard C++ iterators + * a smart IPTC implementation that does not affect data that programs like + Photoshop store in the same image segment + * EXIF MakerNote support: + o MakerNote tags can be accessed just like any other EXIF metadata + o a sophisticated write algorithm avoids corrupting the MakerNote: + * extract and delete methods for EXIF thumbnails (both, JPEG and TIFF + thumbnails) + * set methods for EXIF thumbnails (JPEG only, TIFF thumbnails can be set from + individual tags) + * complete API documentation (by Doxygen) + * generic lower-level classes to access IFD (Image File Directory) data + structures + +Package: libexiv2-dev +Section: libdevel +Architecture: any +Depends: libexiv2-0 (= ${binary:Version}), pkg-config +Suggests: libexiv2-doc +Description: EXIF/IPTC metadata manipulation library - development files + Exiv2 C++ header files. + +Package: libexiv2-doc +Section: doc +Architecture: all +Description: EXIF/IPTC metadata manipulation library - HTML documentation + Exiv2 HTML documentation. --- exiv2-0.15.orig/debian/libexiv2-dev.install +++ exiv2-0.15/debian/libexiv2-dev.install @@ -0,0 +1,6 @@ +debian/tmp/usr/include/* +debian/tmp/usr/lib/pkgconfig/* +debian/tmp/usr/lib/*.la +debian/tmp/usr/share/locale/* +debian/tmp/usr/lib/lib*.a +debian/tmp/usr/lib/lib*.so --- exiv2-0.15.orig/debian/exiv2.manpages +++ exiv2-0.15/debian/exiv2.manpages @@ -0,0 +1 @@ +debian/tmp/usr/share/man/man1/exiv2.1 --- exiv2-0.15.orig/debian/changelog +++ exiv2-0.15/debian/changelog @@ -0,0 +1,240 @@ +exiv2 (0.15-1ubuntu2.1) gutsy-security; urgency=low + + * SECURITY UPDATE: crash with invalid EXIF lense information. + - Add security-01_nikon_floating_crash.diff: fix from upstream. + - CVE-2008-2696 + * SECURITY UPDATE: crash with invalid EXIF headers. + - Add security-02_exif_crashes.diff: fix from upstream. + - CVE-2007-6353 + + -- Kees Cook Tue, 14 Oct 2008 16:26:59 -0700 + +exiv2 (0.15-1ubuntu2) gutsy; urgency=low + + * Added conflicts and replaces of libexiv2c2a, libexiv2-0.12 on libexiv2-0 + so that digikam does not get held back on upgrades. + * Fixes upgrade path for dapper --> gutsy and feisty --> gutsy + + -- Sarah Hobbs Thu, 04 Oct 2007 18:56:24 +1000 + +exiv2 (0.15-1ubuntu1) gutsy; urgency=low + + * Fix build failures with g++-4.3. + * Set Ubuntu maintainer address. + + -- Matthias Klose Mon, 10 Sep 2007 11:50:39 +0200 + +exiv2 (0.15-1) unstable; urgency=low + + * New upstream release + - maintenance release, support for Minolta G500 RAW files + + -- Mark Purcell Sun, 22 Jul 2007 12:20:57 +0100 + +exiv2 (0.14-2) unstable; urgency=medium + + * DebConf7 release :-) + * Urgency medium as this fixes a number of crashes in digikam et al + * Pull in upstream fixes for jpeg/tiff MSC makernote crashes + (rev 1106/1124) + + -- Mark Purcell Tue, 19 Jun 2007 12:55:55 +0100 + +exiv2 (0.14-1) unstable; urgency=low + + * new upstream release (Closes: #414372) + + [ Achim Bohnet ] + * 0.14 changed API: rename libexiv2-0.12 to libexiv2-0 accordingly. + * libexiv2-dev: exiv2 has no exiv2-config script anymore. + * debian/control: + + Etch does not have a libexiv2 package. So remove Replaces/Conflict. + + libexiv2-dev: No need to depend on ${shlibs:Depends}, ${misc:Depends} + * debian/exiv2.1 removed: included upstream. + * debian/libexiv2-0: install message catalogs + + [ Mark Purcell ] + * FTBFS with GCC 4.3: missing #includes (Closes: #417176) + * Build-Depends: doxygen, graphviz, python, xsltproc + * Reinstate libexiv2-doc, better to build with doxygen than other tarball + * Add build/libexiv2-doc:: to debian/rules + * Rework debian/libexiv2-dev.install + * Rework debian/libexiv2-doc.docs + * Rework debian/libexiv2-0.install + + -- Mark Purcell Wed, 09 May 2007 22:28:37 +0100 + +exiv2 (0.12-1) unstable; urgency=low + + * Maintainer: Debian KDE Extras Team + * Switch to cdbs + * Add debian/watch + * Ack NMU fix: + - library package needs to be renamed (libstdc++ allocator change) + (Closes: #339163) + + -- Mark Purcell Wed, 14 Mar 2007 08:12:49 +0000 + +exiv2 (0.10-1.4) unstable; urgency=high + + * Non-Maintainer upload. Again :-( + * High-urgency upload for RC bugfix + * Apply Steve Langasek patch to overcome crashes on invalid input + - Image with corrupted metadata crashes Exiv2 (Closes: #401660) + * Move usr/lib/*.la libtool linkage information file to -dev package + - file conflict with libexiv2-0.10 (Closes: #405805) + * Move usr/lib/*.so development linkage file to -dev package + * Include upstream exiv2.pc in -dev package + - exiv2.pc is missing (Closes: #396060) + * Add libexiv2-dev Depends: pkg-config + + -- Mark Purcell Sun, 21 Jan 2007 21:06:27 +0000 + +exiv2 (0.12-0.2) experimental; urgency=low + + * Non-maintainer upload. (NMU) + * Add Build-Depends: zlib1g-dev, thanks Kurt + - FTBFS: checking zlib in /usr... failed (Closes: #405916) + + -- Mark Purcell Sun, 7 Jan 2007 12:22:39 +0000 + +exiv2 (0.12-0.1) experimental; urgency=medium + + * Non-mantainer upload. (NMU) + * Urgency medium as this fixes RC bugs + * New upstream bugfix release + - Image with corrupted metadata crashes Exiv2 (Closes: #401660) + - new upstream release 0.12 (Closes: #389711) + * Include upstream exiv2.pc in debian package + - exiv2.pc is missing (Closes: #396060) + * Bump soname + - file conflict with libexiv2 (Closes: #386934) + + -- Mark Purcell Sat, 23 Dec 2006 18:42:30 +1100 + +exiv2 (0.10-1.3) unstable; urgency=low + + * NMU. + * debian/rules dh_makeshlibs -V (Closes: #386899) + + -- Mark Purcell Thu, 21 Sep 2006 06:37:22 +0100 + +exiv2 (0.10-1.2) unstable; urgency=low + + * Non-maintainer upload. + * Fix overly strict shlibs line. Closes: #386899 + * Also adding conflict,replaces from libexiv2-0.10 to libexiv2. + + -- Andreas Barth Mon, 11 Sep 2006 20:04:40 +0200 + +exiv2 (0.10-1.1) unstable; urgency=medium + + [ David Schmitt ] + * Non-maintainer upload. + * Medium-urgency upload for RC bugfix. + * Change package name from libexiv2 to libexiv2-0.10 to encode the full + SONAME as well as for the C++ mt allocator ABI change, and conflict/replace + libexiv2 accordingly. Closes: #339163, #382867. + * Remove unnecessary libexiv2.{postinst,postrm} scripts, as they don't do + anything that debhelper doesn't already do for us. + * replace shlibs.local by dh_makeshlibs -V + * make package bin-NMU-able by using ${binary:Version} and B-D on dpkg-dev + (>= 1.13.19) + + [ Andreas Barth ] + * Uploading NMU. + + -- Andreas Barth Sun, 10 Sep 2006 09:09:55 +0200 + +exiv2 (0.10-1) unstable; urgency=low + + * New Upstream Release. (Fixes: #370151) + + -- KELEMEN Peter Tue, 14 Jun 2006 00:02:57 +0200 + +exiv2 (0.9.1-1) unstable; urgency=low + + * New Upstream Release. + * debian/control: -dev Suggests: -doc. + + -- KELEMEN Peter Sat, 4 Feb 2006 07:45:00 +0100 + +exiv2 (0.9-1) unstable; urgency=low + + * New Upstream Release. + * debian/rules: Ship with upstream documentation by default. + * debian/control: relax build dependencies. + + -- KELEMEN Peter Fri, 27 Jan 2006 20:41:35 +0100 + +exiv2 (0.7-10) unstable; urgency=low + + * C++ allocator change. (Closes: #339163) + + -- KELEMEN Peter Fri, 18 Nov 2005 00:08:45 +0100 + +exiv2 (0.7-9) unstable; urgency=low + + * Added missing Build-Depends: sharutils (Closes: #328376) + * Standards-Version: 3.6.2 (no changes) + + -- KELEMEN Peter Thu, 15 Sep 2005 14:54:32 +0200 + +exiv2 (0.7-8) unstable; urgency=low + + * Upload to unstable. + + -- KELEMEN Peter Wed, 14 Sep 2005 15:11:33 +0200 + +exiv2 (0.7-7) experimental; urgency=low + + * Upload to Debian archive. + + -- KELEMEN Peter Mon, 18 Jul 2005 00:18:51 +0200 + +exiv2 (0.7-6) experimental; urgency=low + + * g++-4.0 rebuild. + + -- KELEMEN Peter Mon, 11 Jul 2005 03:36:38 +0200 + +exiv2 (0.7-5) experimental; urgency=low + + * fix multiple copyrights + * strengthen lib deps + + -- KELEMEN Peter Sun, 19 Jun 2005 16:24:51 +0200 + +exiv2 (0.7-4) experimental; urgency=low + + * doc fixes + + -- KELEMEN Peter Sun, 19 Jun 2005 14:43:46 +0200 + +exiv2 (0.7-3) experimental; urgency=low + + * Make the package non-native. + * Build with g++-4.0. + + -- KELEMEN Peter Sat, 18 Jun 2005 19:34:44 +0200 + +exiv2 (0.7-2) experimental; urgency=low + + * static libray to -dev + * clean up -doc + * cmd.txt as example in exiv2 + + -- KELEMEN Peter Thu, 16 Jun 2005 20:48:55 +0200 + +exiv2 (0.7-1) experimental; urgency=low + + * New upstream release. + + -- KELEMEN Peter Thu, 16 Jun 2005 10:46:37 +0200 + +exiv2 (0.6.2-1) experimental; urgency=low + + * Initial release. (Closes: #312490) + + -- KELEMEN Peter Wed, 8 Jun 2005 14:39:56 +0200 + --- exiv2-0.15.orig/debian/copyright +++ exiv2-0.15/debian/copyright @@ -0,0 +1,32 @@ +This package was debianized by KELEMEN Peter on +Wed, 8 Jun 2005 14:39:56 +0200. + +It was downloaded from http://home.arcor.de/ahuggel/exiv2/download.html . + +Upstream Author: Andreas HUGGEL + +Copyright: + Copyright (C) 2004, 2005, 2006 Andreas Huggel + +License: + + Exiv2 is free software; you can redistribute it and/or modify it under + the terms of the GNU General Public License as published by the Free + Software Foundation; either version 2 of the License, or (at your + option) any later version. + + Alternatively, Exiv2 is also available with a commercial license, + which allows it to be used in closed-source projects. Contact me for + more information. + + Exiv2 is distributed in the hope that it will be useful, but WITHOUT + ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, 5th Floor, Boston, MA 02110-1301 USA. + +On Debian systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. --- exiv2-0.15.orig/debian/exiv2.examples +++ exiv2-0.15/debian/exiv2.examples @@ -0,0 +1 @@ +doc/cmd.txt --- exiv2-0.15.orig/debian/dirs +++ exiv2-0.15/debian/dirs @@ -0,0 +1 @@ +usr/bin --- exiv2-0.15.orig/debian/exiv2.install +++ exiv2-0.15/debian/exiv2.install @@ -0,0 +1 @@ +debian/tmp/usr/bin/exiv2 --- exiv2-0.15.orig/debian/README.Debian +++ exiv2-0.15/debian/README.Debian @@ -0,0 +1,146 @@ +Debian kde-extras Team +---------------------- + +1. Contacts +----------- + +General help requests + mailing list + #debian-kde on irc + +Packaging queries + mailing list + #debian-qt-kde on irc + +Maintainers + mailing list + + +2. Subversion repository +------------------------ + +You can browse it only at: + +http://svn.debian.org/wsvn/pkg-kde/kde-extras/ + +To "checkout" the repository use these commands: + + $ svn co svn+ssh://${ALIOTH_USERNAME}@svn.debian.org/svn/pkg-kde/kde-extras + +Authorized SSH keys are controlled at https://alioth.debian.org/account/ + +The repository layout is: + +- packagename/ +    - trunk/ +    - branches/ +    - tags/ +        - 0.7.2-1/ +        - 0.7.2-2/ +        - 0.7.2-2ubuntu1/ +        - 0.7.2-2ubuntu2/ +        - 0.7.2-2ubuntu3/ +        - 0.8.0/ +        ... + +If only one version of the package is available at the time, development must +be made at trunk/ dir, copying the dir to tags/'pkg-version' each time a new +release is made. + +When, at some point, the need to have two different versions at the same time +arises (for example, if we need a version to be in unstable and a different one +to be in experimental), experimental development will be made in trunk/ and +if a new unstable package needs to be cooked, copying +tag/'latest_version_in_sid' to tag/'latest_version_in_sid'+1 will make the +trick. + +3. Using svn-buildpackage +-------------------------- + +Packages with an upstream tarball will require you to set the mergeWithUpstream +property first (from the package root) so that svn-buildpackage will look for +the .orig.tar.gz in the ../tarballs directory. + + % svn propset mergeWithUpstream 1 debian + +Please note that this only works for packages which have only the debian/ +directory committed. Consequently, you must use CDBS's simple-patchsys.mk or +dpatch to modify the upstream sources. + +After you have finished and committed your Debian patches via + + % svn commit [PACKAGE] + +as well as copying the orig.tar.gz to ../tarballs/ if necessary, you may build +your package with the following commands: + + % svn-buildpackage --svn-ignore-new -rfakeroot + +Please, don't commit tarballs/ or build-area/ directories to SVN. + +4. Tarballs and Build-area directories +------------------------------------ + +During pkg development before uploaded to debian the tarballs can be found at: + + http://pkg-kde.alioth.debian.org/kde-extra/orig.tar.gz/ + +You need to place those dirs in the parent directory of the one from which you're +running svn-buildpackage. Usually this means placing tarballs/ and build-area/ dirs +in 'pkgname'/ dir, at the same level as trunk/ + +If you want to compile inside one version in tags/ dir, you'll need to place those +dirs inside that dir. Of course the easiest and cleanest way of doing it is +by making a symlink of those dirs inside tags/ dir. + +5. Using svn-inject +------------------- + +To inject a new package into the Debian KDE Extras svn archive you should use svn-inject(1) +as follows: + + svn-inject -o .dsc svn+ssh://${ALIOTH_USERNAME}@svn.debian.org/svn/pkg-kde/kde-extras + +Type in your alioth password a few hundred times :-) and your package should be +uploaded to the archive. Note you will also need to manually copy the +package.orig.tar.gz to your tarballs directory. The -o option is important as +this ensures that we 'Only keep modified files under SVN control' + +6. Versioning +------------- + +As the autobuilder and fellow developers will need to differentiate between +versions that are uploaded into debian already and those which will be at a +later point, do use the UNRELEASED distribution until the time you actually do +upload to incoming. Whoever is not a DD himself should let the sponsor do that +final step if that sponsor has SVN commit rights to the kde-extras archive. + +The autobuilder packs can be found at http://kde-extras.buildserver.net/. +The logs can be found at http://status.buildserver.net/. + +As the archive runs britney, it may well be that a built and installed package +is not appearing to the archive until its reverse depends are (re)built too. In +case of questions, feel free to mail kilian@debian.org. + +7. Automatic Backport hooks +--------------------------- + +The checkout script for putting together the sources can run a backports hook +for certain dists (like Debian sarge) which need certain adjustments to the +source like altered Build-Depends. This hook is a plain shell script (or +makefile like debian/rules) which needs to be put in the debian/backports +directory and made executable by means of the svn properties set. The codenames +for the current dists are: sid, etch, sarge, edgy and dapper. For an example +see asterisk-addons/trunk/debian/backports/sarge which may be more illustrating +what to do. + +8. Autotools, libtool, am_maintainer, buildprep and configure updates +--------------------------------------------------------------------- + +Achim, Please add some text in here to document when it is necessary and +how we update the build enviroment for a package. + +-(snip)- + +In case any of the above is unclear to you or seems outdated, please drop us a +note to the maintainers list. --- exiv2-0.15.orig/debian/libexiv2-0.install +++ exiv2-0.15/debian/libexiv2-0.install @@ -0,0 +1 @@ +debian/tmp/usr/lib/lib*.so.* --- exiv2-0.15.orig/debian/compat +++ exiv2-0.15/debian/compat @@ -0,0 +1 @@ +4 --- exiv2-0.15.orig/debian/watch +++ exiv2-0.15/debian/watch @@ -0,0 +1,6 @@ +# See uscan(1) for format + +# Compulsory line, this is a version 3 file +version=3 + +http://www.exiv2.org/download.html exiv2-(.*[\d])\.tar\.gz debian svn-upgrade --- exiv2-0.15.orig/debian/patches/Bug417176-gcc4.3.diff +++ exiv2-0.15/debian/patches/Bug417176-gcc4.3.diff @@ -0,0 +1,223 @@ +From tbm@cyrius.com Mon Apr 2 04:44:19 2007 +Return-path: +Envelope-to: debian@purcell.id.au +Delivery-date: Sun, 01 Apr 2007 19:58:39 +0100 +Received: from master.debian.org ([70.103.162.29]) + by bristol.purcell.id.au with esmtp (Exim 4.63) + (envelope-from ) + id 1HY5G4-0008ND-1W + for debian@purcell.id.au; Sun, 01 Apr 2007 19:58:39 +0100 +Received: from alioth.debian.org ([217.196.43.134]) + by master.debian.org with esmtp (Exim 4.50) + id 1HY5G2-0002Zc-Hy + for debian@purcell.id.au; Sun, 01 Apr 2007 18:58:30 +0000 +Received: from localhost ([127.0.0.1] helo=alioth.debian.org) + by alioth.debian.org with esmtp (Exim 4.50) + id 1HY5G1-0004qK-Tw + for msp@debian.org; Sun, 01 Apr 2007 18:58:29 +0000 +Received: from master.debian.org ([70.103.162.29]) + by alioth.debian.org with esmtp (Exim 4.50) id 1HY5Fu-0004q1-FM + for pkg-voip-maintainers@lists.alioth.debian.org; + Sun, 01 Apr 2007 18:58:27 +0000 +Received: from qa by master.debian.org with local (Exim 4.50) + id 1HY5Fs-0002Vm-Sb; Sun, 01 Apr 2007 18:58:20 +0000 +Received: from rietz.debian.org ([140.211.166.43]) by master.debian.org + with esmtp (Exim 4.50) id 1HY57A-0000XJ-5R for + exiv2@packages.qa.debian.org; Sun, 01 Apr 2007 18:49:20 +0000 +Received: from debbugs by rietz.debian.org with local (Exim 4.50) id + 1HY53D-0002cQ-FA; Sun, 01 Apr 2007 18:45:15 +0000 +X-Loop: owner@bugs.debian.org +Resent-From: Martin Michlmayr +Resent-To: debian-bugs-dist@lists.debian.org +Resent-CC: Debian KDE Extras Team +Resent-Date: Sun, 01 Apr 2007 18:45:12 +0000 +Resent-Message-Id: +X-Debian-PR-Message: report 417176 +X-Debian-PR-Package: exiv2 +X-Debian-PR-Keywords: patch +X-Debian-PR-Source: exiv2 +Received: via spool by submit@bugs.debian.org id=B.11754530725947 (code B + ref -1); Sun, 01 Apr 2007 18:45:12 +0000 +Received: (at submit) by bugs.debian.org; 1 Apr 2007 18:44:32 +0000 +Received: from sorrow.cyrius.com ([65.19.161.204]) by rietz.debian.org + with esmtp (Exim 4.50) id 1HY52W-0001WW-5N for submit@bugs.debian.org; + Sun, 01 Apr 2007 18:44:32 +0000 +Received: by sorrow.cyrius.com (Postfix, from userid 10) id C1C0B64D3E; + Sun, 1 Apr 2007 18:44:31 +0000 (UTC) +Received: by deprecation.cyrius.com (Postfix, from userid 1000) id + 4EFDD54373; Sun, 1 Apr 2007 19:44:19 +0100 (BST) +Date: Sun, 1 Apr 2007 19:44:19 +0100 +From: Martin Michlmayr +To: submit@bugs.debian.org +Message-Id: <20070401184419.GS29178@deprecation.cyrius.com> +References: +MIME-Version: 1.0 +Content-Type: text/plain; + charset=us-ascii +Content-Disposition: inline +In-Reply-To: +User-Agent: Mutt/1.5.13 (2006-08-11) +Delivered-To: submit@bugs.debian.org +Resent-Sender: Debian BTS +Resent-Date: Sun, 01 Apr 2007 18:45:15 +0000 +Delivered-To: exiv2@packages.qa.debian.org +Precedence: list +X-Loop: exiv2@packages.qa.debian.org +X-PTS-Package: exiv2 +X-PTS-Keyword: bts +X-Unsubscribe: echo 'unsubscribe exiv2' | mail pts@qa.debian.org +X-BeenThere: pkg-voip-maintainers@lists.alioth.debian.org +X-Mailman-Version: 2.1.5 +Reply-To: Martin Michlmayr , + 417176@bugs.debian.org +List-Id: VoIP package maintainers list + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +Sender: pkg-voip-maintainers-bounces+msp=debian.org@lists.alioth.debian.org +Errors-To: pkg-voip-maintainers-bounces+msp=debian.org@lists.alioth.debian.org +X-SA-Exim-Connect-IP: 70.103.162.29 +X-SA-Exim-Rcpt-To: debian@purcell.id.au +X-SA-Exim-Mail-From: pkg-voip-maintainers-bounces+msp=debian.org@lists.alioth.debian.org +X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on debian +X-Spam-Level: +X-Spam-Status: No, score=-2.6 required=1.0 tests=AWL,BAYES_00, + UNPARSEABLE_RELAY autolearn=ham version=3.1.7-deb +X-Spam-Report: + * 0.0 UNPARSEABLE_RELAY Informational: message has unparseable relay + * lines + * -2.6 BAYES_00 BODY: Bayesian spam probability is 0 to 1% + * [score: 0.0000] + * -0.0 AWL AWL: From: address is in the auto white-list +Subject: Bug#417176: FTBFS with GCC 4.3: missing #includes +X-SA-Exim-Version: 4.2.1 (built Tue, 09 Jan 2007 17:23:22 +0000) +X-SA-Exim-Scanned: Yes (on bristol.purcell.id.au) +X-Length: 6955 +X-KMail-EncryptionState: +X-KMail-SignatureState: +X-KMail-MDN-Sent: +X-UID: 2335 +Status: R +X-Status: NC + +Package: exiv2 +Version: 0.12-1 +Usertags: ftbfs-gcc-4.3 +Tags: patch + +Your package fails to build with GCC 4.3. Version 4.3 has not been +released yet but I'm building with a snapshot in order to find errors +and give people an advance warning. In GCC 4.3, the C++ header +dependencies have been cleaned up. The advantage of this is that +programs will compile faster. The downside is that you actually +need to directly #include everything you use (but you really should +do this anyway, otherwise your program won't work with any compiler +other than GCC). Some background of this can be found at +http://gcc.gnu.org/PR28080 + +You can reproduce this problem with gcc-snapshot from unstable. + +> Automatic build of exiv2_0.12-1 on coconut0 by sbuild/ia64 0.49 +... +> /usr/lib/gcc-snapshot/lib/gcc/ia64-linux-gnu/4.3.0/../../../../include/c++/4.3.0/bits/basic_string.h:387: warning: conversion to 'long unsigned int' from 'long int' may alter its value +> g++ -g -Wall -O2 -pedantic -Wall -Wundef -Wcast-align -Wconversion -Wpointer-arith -Wformat-security -Wmissing-format-attribute -W -I. -c -o utils.o utils.cpp +> utils.cpp: In function 'bool Util::strtol(const char*, long int&)': +> utils.cpp:141: error: 'LONG_MAX' was not declared in this scope +> utils.cpp:141: error: 'LONG_MIN' was not declared in this scope + +--- exiv2-0.15.orig/src/utils.cpp~ 2007-04-01 18:38:25.000000000 +0000 ++++ exiv2-0.15/src/utils.cpp 2007-04-01 18:38:33.000000000 +0000 +@@ -49,6 +49,7 @@ + # include // for getopt(), stat() + #endif + ++#include + #include + #include + #include + +-- +Martin Michlmayr +http://www.cyrius.com/ + + + +_______________________________________________ +Pkg-voip-maintainers mailing list +Pkg-voip-maintainers@lists.alioth.debian.org +http://lists.alioth.debian.org/mailman/listinfo/pkg-voip-maintainers + +only in patch2: +unchanged: +--- exiv2-0.15.orig/src/types.cpp ++++ exiv2-0.15/src/types.cpp +@@ -44,6 +44,7 @@ + #include + #include + #include ++#include + + // ***************************************************************************** + // class member definitions +only in patch2: +unchanged: +--- exiv2-0.15.orig/src/basicio.cpp ++++ exiv2-0.15/src/basicio.cpp +@@ -45,6 +45,7 @@ + #include + #include + #include ++#include + #include // for remove, rename + #include // for alloc, realloc, free + #include // for stat, chmod +@@ -427,7 +428,7 @@ + // Minimum size for 1st block is 32kB + long size = std::max(32768 * (1 + need / 32768), size_); + byte* data = (byte*)std::malloc(size); +- std::memcpy(data, data_, size_); ++ memcpy(data, data_, size_); + data_ = data; + sizeAlloced_ = size; + isMalloced_ = true; +only in patch2: +unchanged: +--- exiv2-0.15.orig/src/iotest.cpp ++++ exiv2-0.15/src/iotest.cpp +@@ -34,6 +34,7 @@ + #include "futils.hpp" + #include "basicio.hpp" + #include ++#include + + using Exiv2::byte; + using Exiv2::BasicIo; +only in patch2: +unchanged: +--- exiv2-0.15.orig/src/value.hpp ++++ exiv2-0.15/src/value.hpp +@@ -37,6 +37,7 @@ + + // + standard includes + #include ++#include + #include + #include + #include +only in patch2: +unchanged: +--- exiv2-0.15.orig/src/makernote.cpp ++++ exiv2-0.15/src/makernote.cpp +@@ -39,6 +39,7 @@ + #include "error.hpp" + + // + standard includes ++#include + #include + #include + #include --- exiv2-0.15.orig/debian/patches/security-01_nikon_floating_crash.diff +++ exiv2-0.15/debian/patches/security-01_nikon_floating_crash.diff @@ -0,0 +1,57 @@ +# Upstream: http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/nikonmn.cpp?r1=1398&r2=1399 +diff -Nur -x '*.orig' -x '*~' exiv2-0.15/src/nikonmn.cpp exiv2-0.15.new/src/nikonmn.cpp +--- exiv2-0.15/src/nikonmn.cpp 2007-06-25 19:30:37.000000000 -0700 ++++ exiv2-0.15.new/src/nikonmn.cpp 2008-10-14 16:17:33.000000000 -0700 +@@ -931,29 +931,31 @@ + std::ostream& Nikon3MakerNote::print0x0084(std::ostream& os, + const Value& value) + { +- if (value.count() == 4) { +- long len1 = value.toLong(0); +- long len2 = value.toLong(1); +- Rational fno1 = value.toRational(2); +- Rational fno2 = value.toRational(3); +- os << len1; +- if (len2 != len1) { +- os << "-" << len2; +- } +- os << "mm "; +- std::ostringstream oss; +- oss.copyfmt(os); +- os << "F" << std::setprecision(2) +- << static_cast(fno1.first) / fno1.second; +- if (fno2 != fno1) { +- os << "-" << std::setprecision(2) +- << static_cast(fno2.first) / fno2.second; +- } +- os.copyfmt(oss); +- } +- else { ++ if ( value.count() != 4 ++ || value.toRational(0).second == 0 ++ || value.toRational(1).second == 0) { + os << "(" << value << ")"; ++ return os; ++ } ++ long len1 = value.toLong(0); ++ long len2 = value.toLong(1); ++ ++ Rational fno1 = value.toRational(2); ++ Rational fno2 = value.toRational(3); ++ os << len1; ++ if (len2 != len1) { ++ os << "-" << len2; ++ } ++ os << "mm "; ++ std::ostringstream oss; ++ oss.copyfmt(os); ++ os << "F" << std::setprecision(2) ++ << static_cast(fno1.first) / fno1.second; ++ if (fno2 != fno1) { ++ os << "-" << std::setprecision(2) ++ << static_cast(fno2.first) / fno2.second; + } ++ os.copyfmt(oss); + return os; + } + --- exiv2-0.15.orig/debian/patches/security-02_exif_crashes.diff +++ exiv2-0.15/debian/patches/security-02_exif_crashes.diff @@ -0,0 +1,93 @@ +# Upstream: http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/exif.cpp?r1=1231&r2=1346&pathrev=1346 +diff -Nur -x '*.orig' -x '*~' exiv2-0.15/src/exif.cpp exiv2-0.15.new/src/exif.cpp +--- exiv2-0.15/src/exif.cpp 2007-02-02 02:09:31.000000000 -0800 ++++ exiv2-0.15.new/src/exif.cpp 2008-10-14 16:26:27.000000000 -0700 +@@ -215,11 +215,13 @@ + ExifData::const_iterator sizes; + ExifKey key("Exif.Thumbnail.StripByteCounts"); + sizes = exifData.findKey(key); +- if (sizes == exifData.end()) return 2; ++ if (sizes == exifData.end()) return 1; + +- long totalSize = 0; ++ uint32_t totalSize = 0; + for (long i = 0; i < sizes->count(); ++i) { +- totalSize += sizes->toLong(i); ++ uint32_t size = sizes->toLong(i); ++ if (size > 0xffffffff - totalSize) return 1; ++ totalSize += size; + } + DataBuf stripsBuf(totalSize); + +@@ -228,22 +230,24 @@ + ExifData::iterator stripOffsets; + key = ExifKey("Exif.Thumbnail.StripOffsets"); + stripOffsets = exifData.findKey(key); +- if (stripOffsets == exifData.end()) return 2; +- if (stripOffsets->count() != sizes->count()) return 2; ++ if (stripOffsets == exifData.end()) return 1; ++ if (stripOffsets->count() != sizes->count()) return 1; + + std::ostringstream os; // for the strip offsets +- long currentOffset = 0; +- long firstOffset = stripOffsets->toLong(0); +- long lastOffset = 0; +- long lastSize = 0; ++ uint32_t currentOffset = 0; ++ uint32_t firstOffset = stripOffsets->toLong(0); ++ uint32_t lastOffset = 0; ++ uint32_t lastSize = 0; + for (long i = 0; i < stripOffsets->count(); ++i) { +- long offset = stripOffsets->toLong(i); ++ uint32_t offset = stripOffsets->toLong(i); + lastOffset = offset; +- long size = sizes->toLong(i); ++ uint32_t size = sizes->toLong(i); + lastSize = size; +- if (len < offset + size) return 1; +- +- memcpy(stripsBuf.pData_ + currentOffset, buf + offset, size); ++ if ( size > 0xffffffff - offset ++ || static_cast(len) < offset + size) { ++ return 2; ++ } ++ std::memcpy(stripsBuf.pData_ + currentOffset, buf + offset, size); + os << currentOffset << " "; + currentOffset += size; + } +@@ -303,12 +307,15 @@ + ExifKey key("Exif.Thumbnail.JPEGInterchangeFormat"); + ExifData::iterator format = exifData.findKey(key); + if (format == exifData.end()) return 1; +- long offset = format->toLong(); ++ uint32_t offset = format->toLong(); + key = ExifKey("Exif.Thumbnail.JPEGInterchangeFormatLength"); + ExifData::const_iterator length = exifData.findKey(key); + if (length == exifData.end()) return 1; +- long size = length->toLong(); +- if (len < offset + size) return 2; ++ uint32_t size = length->toLong(); ++ if ( size > 0xffffffff - offset ++ || static_cast(len) < offset + size) { ++ return 2; ++ } + format->setDataArea(buf + offset, size); + format->setValue("0"); + if (pIfd1) { +@@ -595,8 +602,14 @@ + if (pIopIfd_) add(pIopIfd_->begin(), pIopIfd_->end(), byteOrder()); + if (pGpsIfd_) add(pGpsIfd_->begin(), pGpsIfd_->end(), byteOrder()); + if (pIfd1_) add(pIfd1_->begin(), pIfd1_->end(), byteOrder()); +- // Read the thumbnail (but don't worry whether it was successful or not) +- readThumbnail(); ++ // Finally, read the thumbnail ++ rc = readThumbnail(); ++ if (0 < rc) { ++#ifndef SUPPRESS_WARNINGS ++ std::cerr << "Warning: Failed to read thumbnail, rc = " ++ << rc << "\n"; ++#endif ++ } + + return 0; + } // ExifData::load --- exiv2-0.15.orig/debian/patches/rev-1124.diff +++ exiv2-0.15/debian/patches/rev-1124.diff @@ -0,0 +1,22 @@ +--- branches/exiv2-tiffparser/src/tiffvisitor.cpp 2007/02/14 06:15:40 1053 ++++ branches/exiv2-tiffparser/src/tiffvisitor.cpp 2007/06/09 15:18:59 1124 +@@ -1047,6 +1047,19 @@ + } + p += 2; + object->count_ = getULong(p, byteOrder()); ++ if (object->count_ >= 0x10000000 && typeSize != 0) { ++ if (object->count_ >= 0x80000000 / typeSize) { ++#ifndef SUPPRESS_WARNINGS ++ std::cerr << "Error: Directory " << tiffGroupName(object->group()) ++ << ", entry 0x" << std::setw(4) ++ << std::setfill('0') << std::hex << object->tag() ++ << " has invalid size " ++ << std::dec << object->count_ << "*" << typeSize ++ << "; skipping entry.\n"; ++#endif ++ return; ++ } ++ } + p += 4; + object->size_ = typeSize * object->count_; + object->offset_ = getLong(p, byteOrder());