--- libexif-0.6.16.orig/config.sub +++ libexif-0.6.16/config.sub @@ -177,6 +177,10 @@ os=-sco5v6 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; + -sco6) + os=-sco5v6 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; -sco5) os=-sco3.2v5 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` @@ -197,6 +201,10 @@ # Don't forget version if it is 3.2v4 or newer. basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; + -sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; -sco*) os=-sco3.2v2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` @@ -299,6 +307,9 @@ ms1) basic_machine=mt-unknown ;; + ms1) + basic_machine=mt-unknown + ;; # We use `pc' rather than `unknown' # because (1) that's what they normally are, and @@ -392,6 +403,9 @@ abacus) basic_machine=abacus-unknown ;; + abacus) + basic_machine=abacus-unknown + ;; adobe68k) basic_machine=m68010-adobe os=-scout @@ -412,6 +426,9 @@ amd64-*) basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` ;; + amd64-*) + basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; amdahl) basic_machine=580-amdahl os=-sysv @@ -518,6 +535,10 @@ basic_machine=i586-pc os=-msdosdjgpp ;; + djgpp) + basic_machine=i586-pc + os=-msdosdjgpp + ;; dpx20 | dpx20-*) basic_machine=rs6000-bull os=-bosx @@ -711,6 +732,9 @@ ms1-*) basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` ;; + ms1-*) + basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` + ;; mvs) basic_machine=i370-ibm os=-mvs @@ -824,6 +848,12 @@ pc98-*) basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` ;; + pc98) + basic_machine=i386-pc + ;; + pc98-*) + basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; pentium | p5 | k5 | k6 | nexgen | viac3) basic_machine=i586-pc ;; @@ -884,6 +914,10 @@ basic_machine=i386-pc os=-rdos ;; + rdos) + basic_machine=i386-pc + os=-rdos + ;; rom68k) basic_machine=m68k-rom68k os=-coff @@ -900,6 +934,12 @@ s390x | s390x-*) basic_machine=s390x-ibm ;; + s390 | s390-*) + basic_machine=s390-ibm + ;; + s390x | s390x-*) + basic_machine=s390x-ibm + ;; sa29200) basic_machine=a29k-amd os=-udi @@ -914,6 +954,10 @@ basic_machine=mipsisa32-sde os=-elf ;; + sde) + basic_machine=mipsisa32-sde + os=-elf + ;; sei) basic_machine=mips-sei os=-seiux @@ -925,6 +969,9 @@ basic_machine=sh-hitachi os=-hms ;; + sh5el) + basic_machine=sh5le-unknown + ;; sh64) basic_machine=sh64-unknown ;; @@ -1031,6 +1078,10 @@ basic_machine=s390x-ibm os=-tpf ;; + tpf) + basic_machine=s390x-ibm + os=-tpf + ;; udi29k) basic_machine=a29k-amd os=-udi @@ -1078,6 +1129,10 @@ basic_machine=i686-pc os=-mingw32 ;; + xbox) + basic_machine=i686-pc + os=-mingw32 + ;; xps | xps100) basic_machine=xps100-honeywell ;; @@ -1111,6 +1166,9 @@ mmix) basic_machine=mmix-knuth ;; + mmix) + basic_machine=mmix-knuth + ;; rs6000) basic_machine=rs6000-ibm ;; @@ -1261,6 +1319,9 @@ -os400*) os=-os400 ;; + -os400*) + os=-os400 + ;; -wince*) os=-wince ;; @@ -1285,6 +1346,9 @@ -syllable*) os=-syllable ;; + -syllable*) + os=-syllable + ;; -386bsd) os=-bsd ;; @@ -1310,6 +1374,9 @@ -tpf*) os=-tpf ;; + -tpf*) + os=-tpf + ;; -triton*) os=-sysv3 ;; @@ -1349,6 +1416,9 @@ -zvmoe) os=-zvmoe ;; + -zvmoe) + os=-zvmoe + ;; -none) ;; *) @@ -1414,6 +1484,9 @@ m68*-cisco) os=-aout ;; + mep-*) + os=-elf + ;; mips*-cisco) os=-elf ;; --- libexif-0.6.16.orig/config.guess +++ libexif-0.6.16/config.guess @@ -161,6 +161,7 @@ arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; *) machine=${UNAME_MACHINE_ARCH}-unknown ;; esac # The Operating System including object format, if it has switched --- libexif-0.6.16.orig/ltmain.sh +++ libexif-0.6.16/ltmain.sh @@ -43,19 +43,13 @@ PROGRAM=ltmain.sh PACKAGE=libtool -VERSION=1.5.22 +VERSION="1.5.22 Debian 1.5.22-4" TIMESTAMP=" (1.1220.2.365 2005/12/18 22:14:06)" -# Be Bourne compatible (taken from Autoconf:_AS_BOURNE_COMPATIBLE). -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' +# See if we are running on zsh, and set the options which allow our +# commands through without removal of \ escapes. +if test -n "${ZSH_VERSION+set}" ; then setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac fi # Check that we have a working $echo. @@ -111,14 +105,12 @@ # These must not be set unconditionally because not all systems understand # e.g. LANG=C (notably SCO). # We save the old values to restore during execute mode. -for lt_var in LANG LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES -do - eval "if test \"\${$lt_var+set}\" = set; then - save_$lt_var=\$$lt_var - $lt_var=C - export $lt_var - fi" -done +if test "${LC_ALL+set}" = set; then + save_LC_ALL="$LC_ALL"; LC_ALL=C; export LC_ALL +fi +if test "${LANG+set}" = set; then + save_LANG="$LANG"; LANG=C; export LANG +fi # Make sure IFS has a sensible default lt_nl=' @@ -144,8 +136,6 @@ preserve_args= lo2o="s/\\.lo\$/.${objext}/" o2lo="s/\\.${objext}\$/.lo/" -extracted_archives= -extracted_serial=0 ##################################### # Shell function definitions: @@ -337,17 +327,7 @@ *) my_xabs=`pwd`"/$my_xlib" ;; esac my_xlib=`$echo "X$my_xlib" | $Xsed -e 's%^.*/%%'` - my_xlib_u=$my_xlib - while :; do - case " $extracted_archives " in - *" $my_xlib_u "*) - extracted_serial=`expr $extracted_serial + 1` - my_xlib_u=lt$extracted_serial-$my_xlib ;; - *) break ;; - esac - done - extracted_archives="$extracted_archives $my_xlib_u" - my_xdir="$my_gentop/$my_xlib_u" + my_xdir="$my_gentop/$my_xlib" $show "${rm}r $my_xdir" $run ${rm}r "$my_xdir" @@ -778,7 +758,6 @@ *.f90) xform=f90 ;; *.for) xform=for ;; *.java) xform=java ;; - *.obj) xform=obj ;; esac libobj=`$echo "X$libobj" | $Xsed -e "s/\.$xform$/.lo/"` @@ -1159,9 +1138,8 @@ for arg do case $arg in - -all-static | -static | -static-libtool-libs) - case $arg in - -all-static) + -all-static | -static) + if test "X$arg" = "X-all-static"; then if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then $echo "$modename: warning: complete static linking is impossible in this configuration" 1>&2 fi @@ -1169,20 +1147,12 @@ dlopen_self=$dlopen_self_static fi prefer_static_libs=yes - ;; - -static) + else if test -z "$pic_flag" && test -n "$link_static_flag"; then dlopen_self=$dlopen_self_static fi prefer_static_libs=built - ;; - -static-libtool-libs) - if test -z "$pic_flag" && test -n "$link_static_flag"; then - dlopen_self=$dlopen_self_static - fi - prefer_static_libs=yes - ;; - esac + fi build_libtool_libs=no build_old_libs=yes break @@ -1742,7 +1712,7 @@ continue ;; - -static | -static-libtool-libs) + -static) # The effects of -static are defined in a previous loop. # We used to do the same as -all-static on platforms that # didn't have a PIC flag, but the assumption that the effects @@ -2112,7 +2082,10 @@ case $pass in dlopen) libs="$dlfiles" ;; dlpreopen) libs="$dlprefiles" ;; - link) libs="$deplibs %DEPLIBS% $dependency_libs" ;; + link) + libs="$deplibs %DEPLIBS%" + test "X$link_all_deplibs" != Xno && libs="$libs $dependency_libs" + ;; esac fi if test "$pass" = dlopen; then @@ -2520,9 +2493,7 @@ if test "$linkmode,$pass" = "prog,link"; then if test -n "$library_names" && - { { test "$prefer_static_libs" = no || - test "$prefer_static_libs,$installed" = "built,yes"; } || - test -z "$old_library"; }; then + { test "$prefer_static_libs" = no || test -z "$old_library"; }; then # We need to hardcode the library path if test -n "$shlibpath_var" && test -z "$avoidtemprpath" ; then # Make sure the rpath contains only unique directories. @@ -3218,7 +3189,7 @@ # which has an extra 1 added just for fun # case $version_type in - darwin|linux|osf|windows|none) + darwin|linux|osf|windows) current=`expr $number_major + $number_minor` age="$number_minor" revision="$number_revision" @@ -3233,6 +3204,11 @@ age="$number_minor" revision="$number_minor" ;; + *) + $echo "$modename: unknown library version type \`$version_type'" 1>&2 + $echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2 + exit $EXIT_FAILURE + ;; esac ;; no) @@ -3442,11 +3418,11 @@ fi # Eliminate all temporary directories. -# for path in $notinst_path; do -# lib_search_path=`$echo "$lib_search_path " | ${SED} -e "s% $path % %g"` -# deplibs=`$echo "$deplibs " | ${SED} -e "s% -L$path % %g"` -# dependency_libs=`$echo "$dependency_libs " | ${SED} -e "s% -L$path % %g"` -# done + for path in $notinst_path; do + lib_search_path=`$echo "$lib_search_path " | ${SED} -e "s% $path % %g"` + deplibs=`$echo "$deplibs " | ${SED} -e "s% -L$path % %g"` + dependency_libs=`$echo "$dependency_libs " | ${SED} -e "s% -L$path % %g"` + done if test -n "$xrpath"; then # If the user specified any rpath flags, then add them. @@ -3547,12 +3523,13 @@ int main() { return 0; } EOF $rm conftest - if $LTCC $LTCFLAGS -o conftest conftest.c $deplibs; then + $LTCC $LTCFLAGS -o conftest conftest.c $deplibs + if test "$?" -eq 0 ; then ldd_output=`ldd conftest` for i in $deplibs; do name=`expr $i : '-l\(.*\)'` # If $name is empty we are operating on a -L argument. - if test "$name" != "" && test "$name" != "0"; then + if test "$name" != "" && test "$name" -ne "0"; then if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then case " $predeps $postdeps " in *" $i "*) @@ -3591,7 +3568,9 @@ # If $name is empty we are operating on a -L argument. if test "$name" != "" && test "$name" != "0"; then $rm conftest - if $LTCC $LTCFLAGS -o conftest conftest.c $i; then + $LTCC $LTCFLAGS -o conftest conftest.c $i + # Did it work? + if test "$?" -eq 0 ; then ldd_output=`ldd conftest` if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then case " $predeps $postdeps " in @@ -3623,7 +3602,7 @@ droppeddeps=yes $echo $echo "*** Warning! Library $i is needed by this library but I was not able to" - $echo "*** make it link in! You will probably need to install it or some" + $echo "*** make it link in! You will probably need to install it or some" $echo "*** library that it depends on before this library will be fully" $echo "*** functional. Installing it before continuing would be even better." fi @@ -4268,14 +4247,12 @@ reload_conv_objs= gentop= # reload_cmds runs $LD directly, so let us get rid of - # -Wl from whole_archive_flag_spec and hope we can get by with - # turning comma into space.. + # -Wl from whole_archive_flag_spec wl= if test -n "$convenience"; then if test -n "$whole_archive_flag_spec"; then - eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\" - reload_conv_objs=$reload_objs\ `$echo "X$tmp_whole_archive_flags" | $Xsed -e 's|,| |g'` + eval reload_conv_objs=\"\$reload_objs $whole_archive_flag_spec\" else gentop="$output_objdir/${obj}x" generated="$generated $gentop" @@ -4723,16 +4700,16 @@ case $host in *cygwin* | *mingw* ) if test -f "$output_objdir/${outputname}.def" ; then - compile_command=`$echo "X$compile_command" | $SP2NL | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%" | $NL2SP` - finalize_command=`$echo "X$finalize_command" | $SP2NL | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%" | $NL2SP` + compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"` + finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}.def $output_objdir/${outputname}S.${objext}%"` else - compile_command=`$echo "X$compile_command" | $SP2NL | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%" | $NL2SP` - finalize_command=`$echo "X$finalize_command" | $SP2NL | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%" | $NL2SP` + compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` + finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` fi ;; * ) - compile_command=`$echo "X$compile_command" | $SP2NL | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%" | $NL2SP` - finalize_command=`$echo "X$finalize_command" | $SP2NL | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%" | $NL2SP` + compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` + finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` ;; esac ;; @@ -4747,13 +4724,13 @@ # really was required. # Nullify the symbol file. - compile_command=`$echo "X$compile_command" | $SP2NL | $Xsed -e "s% @SYMFILE@%%" | $NL2SP` - finalize_command=`$echo "X$finalize_command" | $SP2NL | $Xsed -e "s% @SYMFILE@%%" | $NL2SP` + compile_command=`$echo "X$compile_command" | $Xsed -e "s% @SYMFILE@%%"` + finalize_command=`$echo "X$finalize_command" | $Xsed -e "s% @SYMFILE@%%"` fi if test "$need_relink" = no || test "$build_libtool_libs" != yes; then # Replace the output file specification. - compile_command=`$echo "X$compile_command" | $SP2NL | $Xsed -e 's%@OUTPUT@%'"$output"'%g' | $NL2SP` + compile_command=`$echo "X$compile_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'` link_command="$compile_command$compile_rpath" # We have no uninstalled library dependencies, so finalize right now. @@ -4840,7 +4817,7 @@ if test "$fast_install" != no; then link_command="$finalize_var$compile_command$finalize_rpath" if test "$fast_install" = yes; then - relink_command=`$echo "X$compile_var$compile_command$compile_rpath" | $SP2NL | $Xsed -e 's%@OUTPUT@%\$progdir/\$file%g' | $NL2SP` + relink_command=`$echo "X$compile_var$compile_command$compile_rpath" | $Xsed -e 's%@OUTPUT@%\$progdir/\$file%g'` else # fast_install is set to needless relink_command= @@ -4877,7 +4854,7 @@ fi done relink_command="(cd `pwd`; $relink_command)" - relink_command=`$echo "X$relink_command" | $SP2NL | $Xsed -e "$sed_quote_subst" | $NL2SP` + relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"` fi # Quote $echo for shipping. @@ -5284,18 +5261,6 @@ Xsed='${SED} -e 1s/^X//' sed_quote_subst='$sed_quote_subst' -# Be Bourne compatible (taken from Autoconf:_AS_BOURNE_COMPATIBLE). -if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on \${1+\"\$@\"}, which - # is contrary to our usage. Disable this feature. - alias -g '\${1+\"\$@\"}'='\"\$@\"' - setopt NO_GLOB_SUBST -else - case \`(set -o) 2>/dev/null\` in *posix*) set -o posix;; esac -fi - # The HP-UX ksh and POSIX shell print the target directory to stdout # if CDPATH is set. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH @@ -5438,7 +5403,7 @@ ;; esac $echo >> $output "\ - \$echo \"\$0: cannot exec \$program \$*\" + \$echo \"\$0: cannot exec \$program \${1+\"\$@\"}\" exit $EXIT_FAILURE fi else @@ -5624,7 +5589,7 @@ done # Quote the link command for shipping. relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" - relink_command=`$echo "X$relink_command" | $SP2NL | $Xsed -e "$sed_quote_subst" | $NL2SP` + relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"` if test "$hardcode_automatic" = yes ; then relink_command= fi @@ -5969,9 +5934,9 @@ if test -n "$inst_prefix_dir"; then # Stick the inst_prefix_dir data into the link command. - relink_command=`$echo "$relink_command" | $SP2NL | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%" | $NL2SP` + relink_command=`$echo "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"` else - relink_command=`$echo "$relink_command" | $SP2NL | $SED "s%@inst_prefix_dir@%%" | $NL2SP` + relink_command=`$echo "$relink_command" | $SED "s%@inst_prefix_dir@%%"` fi $echo "$modename: warning: relinking \`$file'" 1>&2 @@ -6180,7 +6145,7 @@ file=`$echo "X$file$stripped_ext" | $Xsed -e 's%^.*/%%'` outputname="$tmpdir/$file" # Replace the output file specification. - relink_command=`$echo "X$relink_command" | $SP2NL | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g' | $NL2SP` + relink_command=`$echo "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'` $show "$relink_command" if $run eval "$relink_command"; then : @@ -6819,9 +6784,9 @@ -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3) -export-symbols SYMFILE - try to export only the symbols listed in SYMFILE + try to export only the symbols listed in SYMFILE -export-symbols-regex REGEX - try to export only the symbols matching REGEX + try to export only the symbols matching REGEX -LLIBDIR search LIBDIR for required installed libraries -lNAME OUTPUT-FILE requires the installed library libNAME -module build a library that can dlopened @@ -6835,11 +6800,9 @@ -release RELEASE specify package release information -rpath LIBDIR the created library will eventually be installed in LIBDIR -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries - -static do not do any dynamic linking of uninstalled libtool libraries - -static-libtool-libs - do not do any dynamic linking of libtool libraries + -static do not do any dynamic linking of libtool libraries -version-info CURRENT[:REVISION[:AGE]] - specify library version info [each variable defaults to 0] + specify library version info [each variable defaults to 0] All other options (arguments beginning with \`-') are ignored. --- libexif-0.6.16.orig/debian/control +++ libexif-0.6.16/debian/control @@ -0,0 +1,24 @@ +Source: libexif +Section: libs +Priority: optional +Maintainer: Frederic Peters +Build-Depends: debhelper (>> 5.0.0), doxygen, graphviz, dpatch +Standards-Version: 3.7.2 + +Package: libexif-dev +Section: libdevel +Architecture: any +Depends: libexif12 (= ${Source-Version}), libc6-dev +Description: library to parse EXIF files (development files) + Most digital cameras produce EXIF files, which are JPEG files with + extra tags that contain information about the image. The EXIF library + allows you to parse an EXIF file and read the data from those tags. + +Package: libexif12 +Section: libs +Architecture: any +Depends: ${shlibs:Depends} +Description: library to parse EXIF files + Most digital cameras produce EXIF files, which are JPEG files with + extra tags that contain information about the image. The EXIF library + allows you to parse an EXIF file and read the data from those tags. --- libexif-0.6.16.orig/debian/compat +++ libexif-0.6.16/debian/compat @@ -0,0 +1 @@ +5 --- libexif-0.6.16.orig/debian/changelog +++ libexif-0.6.16/debian/changelog @@ -0,0 +1,251 @@ +libexif (0.6.16-2.1) unstable; urgency=high + + * Non-maintainer upload by security team. + * This update addresses the following security issues: + - possible denial of service attack via crafted + image file leading to an infinite recursion in the + exif-loader.c (CVE-2007-6351; Closes: #457330). + - integer overflow in exif-data.c triggered by a crafted + image file could lead to arbitrary code execution + (CVE-2007-6352; Closes: #457330). + + -- Nico Golde Fri, 21 Dec 2007 17:13:58 +0100 + +libexif (0.6.16-2) unstable; urgency=low + + * debian/libexif12.docs: added README file (closes: #434773) + + -- Frederic Peters Thu, 26 Jul 2007 19:37:47 +0200 + +libexif (0.6.16-1) unstable; urgency=high + + * New upstream release, with security fix: + * Integer overflow in the exif_data_load_data_entry (CVE-2006-4168) + (closes: #430012) + + -- Frederic Peters Thu, 21 Jun 2007 20:42:24 +0200 + +libexif (0.6.15-1) unstable; urgency=high + + * New upstream release, with security fixes: + * Integer overflow in the exif_data_load_data_entry (CVE-2007-2645) + (closes: #424775) + * Don't dereference NULL (CID 4) (no assigned CVE) + * Don't parse Makernote when there is not enough data for + (makernote-irelevant) IFD1 (no assigned CVE) + * debian/patches/30_olympus_makernote.dpatch: merged upstream + * debian/patches/40_crash_looking_up_invalid_values.dpatch: merged upstream + * debian/patches/50_relibtoolize.dpatch: run libtoolize on sources + + -- Frederic Peters Fri, 25 May 2007 10:04:00 +0200 + +libexif (0.6.13-6) unstable; urgency=low + + * debian/control: added build-depends on dpatch + * debian/rules: use dpatch + * debian/patches/10_pkg_config_header_dir.dpatch: patch from 0.6.13-4 + * debian/patches/20_extra_colorspace_check.dpatch: patch from 0.6.13-5 + * debian/patches/30_olympus_makernote.dpatch: added support for Olympus S760 + & S770 makernote (closes: #418945) + * debian/patches/40_crash_looking_up_invalid_values.dpatch: backport of + "fixed crashes when looking up invalid values (upstream #1457501)". + + -- Frederic Peters Tue, 08 May 2007 11:47:19 +0200 + +libexif (0.6.13-5) unstable; urgency=low + + * libexif/exif-entry.c: added extra check against value read for color + space (closes: #398426) (this is not from upstream but upstream is + said to have this fixed as well, couldn't find how) + + -- Frederic Peters Sun, 19 Nov 2006 22:57:21 +0100 + +libexif (0.6.13-4) unstable; urgency=low + + * libexif/libexif.pc.in: fixed CFLAGS, so include dir is correctly set. + (closes: #356567) + + -- Frederic Peters Sun, 12 Mar 2006 21:14:27 +0100 + +libexif (0.6.13-3) unstable; urgency=low + + * debian/watch: added uscan file. + + -- Frederic Peters Mon, 6 Mar 2006 00:06:29 +0100 + +libexif (0.6.13-2) unstable; urgency=low + + * ship NEWS file in libexif12 package. (closes: #355262) + + -- Frederic Peters Sat, 4 Mar 2006 16:57:03 +0100 + +libexif (0.6.13-1) unstable; urgency=low + + * New upstream release. + * debian/control: depends on doxygen and graphviz to build documentation; + packaged in libexif-dev. + + -- Frederic Peters Sun, 26 Feb 2006 20:09:03 +0100 + +libexif (0.6.12-2) unstable; urgency=low + + * libexif/exif-data.c: backported fix from CVS (revision 1.68) + (closes: #318662) + + -- Frederic Peters Sun, 17 Jul 2005 02:49:46 +0200 + +libexif (0.6.12-1) unstable; urgency=low + + * New upstream release. (closes: #281297) + * soname bumped to 12 + * buffer size checks in exif-data.c merged upstream. + * po-domain.path merged upstream. + * libexif/exif-utils.c: fixed exif_get_sshort declaration mismatch. + + -- Frederic Peters Sat, 16 Jul 2005 10:08:51 +0200 + +libexif (0.6.9-6) unstable; urgency=low + + * libexif/exif-loader.h: don't include itself. (closes: #299507) + + -- Frederic Peters Mon, 14 Mar 2005 16:56:48 +0100 + +libexif (0.6.9-5) unstable; urgency=high + + * Urgency high since it fixes a security issue. + * Patch provided from Ubuntu by Martin Pitt, written by Sylvain Defresne. + * libexif/exif-data.c: Add buffer size checks in several places before + trying to access it. (closes: #298464) + * Reference: https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152 + * debian/control: reworded description synopsis. + + -- Frederic Peters Mon, 7 Mar 2005 18:56:31 +0100 + +libexif (0.6.9-4) unstable; urgency=low + + * debian/copyright: fixed license (LGPL, not GPL) (closes: #281442) + + -- Frederic Peters Tue, 16 Nov 2004 10:40:55 +0100 + +libexif (0.6.9-3) unstable; urgency=medium + + * src/exif-data.c: fix for crasher bug with EXIF data in some Canon + pictures. (closes: #279337) + * debian/rules: fixed clean target + + -- Frederic Peters Wed, 3 Nov 2004 09:38:13 +0100 + +libexif (0.6.9-2) unstable; urgency=medium + + * Adopted package. + * debian/control: bumped Standards-Version to 3.6.1 + * debian/rules: delete po/libexif-$(major).pot in clean target + * libexif/exif-data.c: fixed segfault on some pictures (urgency medium since + it broke gimp and others with those files) + + -- Frederic Peters Mon, 11 Oct 2004 09:44:24 +0200 + +libexif (0.6.9-1) unstable; urgency=low + + * New upstream release. + + -- christophe barbe Fri, 28 May 2004 16:15:19 -0400 + +libexif (0.5.12-1) unstable; urgency=low + + * New upstream release (Closes: #206081). + + -- christophe barbe Mon, 18 Aug 2003 21:00:57 -0400 + +libexif (0.5.10-2) unstable; urgency=low + + * Use soname in po domain to avoid conflict with libexif5 (Closes: #203956). + + -- christophe barbe Sun, 3 Aug 2003 10:24:48 -0400 + +libexif (0.5.10-1) unstable; urgency=low + + * New upstream featuring a new exif-loader. + + -- christophe barbe Sun, 27 Jul 2003 16:01:27 -0400 + +libexif (0.5.9-5) unstable; urgency=low + + * Move DH_COMPAT in debian/compat. + * Bump Standards-Version up to 3.5.9. + * In new libdevel section. + + -- christophe barbe Thu, 3 Apr 2003 20:42:49 -0500 + +libexif (0.5.9-4) unstable; urgency=low + + * Apply the libtool patch soon enough. + + -- christophe barbe Mon, 27 Jan 2003 10:26:40 -0500 + +libexif (0.5.9-3) unstable; urgency=low + + * Libtool update to finally get a working MIPS package (Closes: 177973). + + -- christophe barbe Sun, 26 Jan 2003 16:04:42 -0500 + +libexif (0.5.9-2) unstable; urgency=low + + * Added autotools-dev code (so the MIPS package should be built). + + -- christophe barbe Wed, 22 Jan 2003 09:01:47 -0500 + +libexif (0.5.9-1) unstable; urgency=low + + * New upstream release. + + -- christophe barbe Mon, 20 Jan 2003 16:48:14 -0500 + +libexif (0.5.7-1) unstable; urgency=low + + * New upstream release. + + -- christophe barbe Mon, 2 Dec 2002 21:29:45 -0500 + +libexif (0.5.6-4) unstable; urgency=low + + * Fix override disparity (The 'I can do it' release). + + -- christophe barbe Sat, 16 Nov 2002 16:12:16 -0500 + +libexif (0.5.6-3) unstable; urgency=low + + * Fix override disparity. + + -- christophe barbe Sat, 16 Nov 2002 16:00:59 -0500 + +libexif (0.5.6-2) unstable; urgency=low + + * Quick fix to avoid conflict with libexif5 (Closes: #169313, #169336, #169337). + + -- christophe barbe Sat, 16 Nov 2002 15:18:18 -0500 + +libexif (0.5.6-1) unstable; urgency=low + + * New upstream release (Closes: #168382). + + -- christophe barbe Sun, 10 Nov 2002 22:20:05 -0500 + +libexif (0.5.3-1) unstable; urgency=low + + * New upstream release. + + -- christophe barbe Tue, 18 Jun 2002 21:17:56 -0400 + +libexif (0.5.0-2) unstable; urgency=low + + * Fix wrong email address in control file. + + -- christophe barbe Wed, 24 Apr 2002 14:38:37 -0400 + +libexif (0.5.0-1) unstable; urgency=low + + * Initial Release. + + -- christophe barbe Wed, 13 Feb 2002 17:58:36 -0500 + --- libexif-0.6.16.orig/debian/libexif-dev.files +++ libexif-0.6.16/debian/libexif-dev.files @@ -0,0 +1,4 @@ +usr/lib/pkgconfig/libexif.pc +usr/include/libexif/* +usr/lib/lib*.{a,la,so} +usr/share/doc/libexif-dev/ --- libexif-0.6.16.orig/debian/watch +++ libexif-0.6.16/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://sf.net/libexif/libexif-([\d\.]*)\.tar\.gz --- libexif-0.6.16.orig/debian/patches/40_crash_looking_up_invalid_values.dpatch +++ libexif-0.6.16/debian/patches/40_crash_looking_up_invalid_values.dpatch @@ -0,0 +1,39 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 40_crash_looking_up_invalid_values.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Fixed crashes when looking up invalid values (upstream bug #1457501) + +@DPATCH@ +diff -urNad libexif-0.6.13~/libexif/exif-entry.c libexif-0.6.13/libexif/exif-entry.c +--- libexif-0.6.13~/libexif/exif-entry.c 2005-10-03 20:32:03.000000000 +0200 ++++ libexif-0.6.13/libexif/exif-entry.c 2007-05-08 11:43:36.582110536 +0200 +@@ -527,7 +527,8 @@ + { EXIF_TAG_COLOR_SPACE, + { {1, {N_("sRGB"), NULL}}, + {2, {N_("Adobe RGB"), NULL}}, +- {0xffff, {N_("Uncalibrated"), NULL}}}}, ++ {0xffff, {N_("Uncalibrated"), NULL}}, ++ {0x0000, {NULL}}}}, + {0, } + }; + +@@ -902,7 +903,7 @@ + } + + /* Find the value */ +- for (j = 0; list2[i].elem[j].values && ++ for (j = 0; list2[i].elem[j].values[0] && + (list2[i].elem[j].index < v_short); j++); + if (list2[i].elem[j].index != v_short) { + snprintf (val, maxlen, _("Internal error (unknown " +@@ -912,8 +913,7 @@ + + /* Find a short enough value */ + memset (val, 0, maxlen); +- for (k = 0; list2[i].elem[j].values && +- list2[i].elem[j].values[k]; k++) { ++ for (k = 0; list2[i].elem[j].values[k]; k++) { + l = strlen (_(list2[i].elem[j].values[k])); + if ((maxlen > l) && (strlen (val) < l)) + strncpy (val, _(list2[i].elem[j].values[k]), maxlen - 1); --- libexif-0.6.16.orig/debian/patches/CVE-2007-6352.dpatch +++ libexif-0.6.16/debian/patches/CVE-2007-6352.dpatch @@ -0,0 +1,23 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## CVE-2007-6352.dpatch by Nico Golde +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad libexif-0.6.16~/libexif/exif-data.c libexif-0.6.16/libexif/exif-data.c +--- libexif-0.6.16~/libexif/exif-data.c 2007-06-12 15:01:54.000000000 +0200 ++++ libexif-0.6.16/libexif/exif-data.c 2007-12-21 17:13:15.000000000 +0100 +@@ -288,10 +288,9 @@ + exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d, + unsigned int ds, ExifLong offset, ExifLong size) + { +- if (ds < offset + size) { ++ if (ds < offset + size || (offset < 0) || (size < 0) || (offset + size < offset)) { + exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", +- "Bogus thumbnail offset and size: %i < %i + %i.", +- (int) ds, (int) offset, (int) size); ++ "Bogus thumbnail offset and size"); + return; + } + if (data->data) --- libexif-0.6.16.orig/debian/patches/10_pkg_config_header_dir.dpatch +++ libexif-0.6.16/debian/patches/10_pkg_config_header_dir.dpatch @@ -0,0 +1,16 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 10_pkg_config_header_dir.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad libexif-0.6.15~/libexif.pc.in libexif-0.6.15/libexif.pc.in +--- libexif-0.6.15~/libexif.pc.in 2007-05-25 10:09:25.000000000 +0200 ++++ libexif-0.6.15/libexif.pc.in 2007-05-25 10:10:00.770905277 +0200 +@@ -8,4 +8,4 @@ + Requires: + Version: @VERSION@ + Libs: -L${libdir} -lexif -lm +-Cflags: -I${includedir} ++Cflags: -I${includedir}/libexif --- libexif-0.6.16.orig/debian/patches/00list +++ libexif-0.6.16/debian/patches/00list @@ -0,0 +1,5 @@ +10_pkg_config_header_dir +20_extra_colorspace_check +50_relibtoolize.dpatch +CVE-2007-6351 +CVE-2007-6352 --- libexif-0.6.16.orig/debian/patches/30_olympus_makernote.dpatch +++ libexif-0.6.16/debian/patches/30_olympus_makernote.dpatch @@ -0,0 +1,125 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 30_olympus_makernote.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Added support for Olympus S760 & S770 makernote (upstream bug #1703284) +## DP: (closes: #418945) + +@DPATCH@ +diff -urNad libexif-0.6.13~/libexif/exif-data.c libexif-0.6.13/libexif/exif-data.c +--- libexif-0.6.13~/libexif/exif-data.c 2007-05-08 12:00:57.000000000 +0200 ++++ libexif-0.6.13/libexif/exif-data.c 2007-05-08 12:05:15.156112051 +0200 +@@ -665,8 +665,8 @@ + return EXIF_DATA_TYPE_MAKER_NOTE_NONE; + + /* Olympus & Nikon */ +- if ((e->size >= 5) && (!memcmp (e->data, "OLYMP", 5) || +- !memcmp (e->data, "Nikon", 5))) ++ if ((e->size >= 8) && (!memcmp (e->data, "OLYMP", 6) || ++ !memcmp (e->data, "OLYMPUS", 8) || !memcmp (e->data, "Nikon", 6))) + return EXIF_DATA_TYPE_MAKER_NOTE_OLYMPUS; + + em = exif_data_get_entry (d, EXIF_TAG_MAKE); +diff -urNad libexif-0.6.13~/libexif/olympus/exif-mnote-data-olympus.c libexif-0.6.13/libexif/olympus/exif-mnote-data-olympus.c +--- libexif-0.6.13~/libexif/olympus/exif-mnote-data-olympus.c 2005-07-11 22:20:29.000000000 +0200 ++++ libexif-0.6.13/libexif/olympus/exif-mnote-data-olympus.c 2007-05-08 12:05:57.658534126 +0200 +@@ -86,7 +86,7 @@ + unsigned char **buf, unsigned int *buf_size) + { + ExifMnoteDataOlympus *n = (ExifMnoteDataOlympus *) ne; +- unsigned int i, o, s, doff, base = 0, o2 = 6; ++ unsigned int i, o, s, doff, base = 0, o2 = 6 + 2; + int datao = 0; + + if (!n || !buf || !buf_size) return; +@@ -95,9 +95,8 @@ + * Allocate enough memory for all entries and the number of entries. + */ + *buf_size = 6 + 2 + 2 + n->count * 12; +- o2 += 2; + switch (n->version) { +- case olympus: ++ case olympusV1: + *buf = exif_mem_alloc (ne->mem, *buf_size); + if (!*buf) return; + +@@ -105,6 +104,20 @@ + strcpy ((char *)*buf, "OLYMP"); + datao = n->offset; + break; ++ case olympusV2: ++ *buf_size += 8-6 + 4; ++ *buf = exif_mem_alloc (ne->mem, *buf_size); ++ if (!*buf) return; ++ ++ /* Write the header and the number of entries. */ ++ strcpy ((char *)*buf, "OLYMPUS"); ++ exif_set_short (*buf + 8, n->order, (ExifShort) ( ++ (n->order == EXIF_BYTE_ORDER_INTEL) ? ++ ('I' << 8) | 'I' : ++ ('M' << 8) | 'M')); ++ exif_set_short (*buf + 10, n->order, (ExifShort) 3); ++ o2 += 4; ++ break; + case nikonV1: + base = MNOTE_NIKON1_TAG_BASE; + +@@ -201,14 +214,31 @@ + * lastly 0x2A. + */ + if (buf_size - n->offset < 22) return; +- if (!memcmp (buf + o2, "OLYMP", 5)) { ++ if (!memcmp (buf + o2, "OLYMP", 6)) { + exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataOlympus", +- "Parsing Olympus maker note..."); ++ "Parsing Olympus maker note v1..."); + + /* The number of entries is at position 8. */ +- n->version = olympus; ++ n->version = olympusV1; + o2 += 8; + ++ } else if (!memcmp (buf + o2, "OLYMPUS", 8)) { ++ /* Olympus S760, S770 */ ++ datao = o2; ++ o2 += 8; ++ exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataOlympus", ++ "Parsing Olympus maker note v2 (0x%02x, %02x, %02x, %02x)...", ++ buf[o2], buf[o2 + 1], buf[o2 + 2], buf[o2 + 3]); ++ ++ if ((buf[o2] == 'I') && (buf[o2 + 1] == 'I')) ++ n->order = EXIF_BYTE_ORDER_INTEL; ++ else if ((buf[o2] == 'M') && (buf[o2 + 1] == 'M')) ++ n->order = EXIF_BYTE_ORDER_MOTOROLA; ++ ++ /* The number of entries is at position 8+4. */ ++ n->version = olympusV2; ++ o2 += 4; ++ + } else if (!memcmp (buf + o2, "Nikon", 6)) { + o2 += 6; + exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataOlympus", +diff -urNad libexif-0.6.13~/libexif/olympus/exif-mnote-data-olympus.h libexif-0.6.13/libexif/olympus/exif-mnote-data-olympus.h +--- libexif-0.6.13~/libexif/olympus/exif-mnote-data-olympus.h 2005-07-11 22:20:29.000000000 +0200 ++++ libexif-0.6.13/libexif/olympus/exif-mnote-data-olympus.h 2007-05-08 12:05:15.156112051 +0200 +@@ -26,7 +26,7 @@ + #include + #include + +-enum OlympusVersion {olympus = 0, nikonV1 = 1, nikonV2 = 2}; ++enum OlympusVersion {nikonV1 = 1, nikonV2 = 2, olympusV1 = 3, olympusV2 = 4 }; + + + typedef struct _ExifMnoteDataOlympus ExifMnoteDataOlympus; +diff -urNad libexif-0.6.13~/libexif/olympus/mnote-olympus-entry.c libexif-0.6.13/libexif/olympus/mnote-olympus-entry.c +--- libexif-0.6.13~/libexif/olympus/mnote-olympus-entry.c 2005-08-15 22:24:05.000000000 +0200 ++++ libexif-0.6.13/libexif/olympus/mnote-olympus-entry.c 2007-05-08 12:05:15.156112051 +0200 +@@ -432,7 +432,7 @@ + break; + case MNOTE_OLYMPUS_TAG_INFO: + CF (entry->format, EXIF_FORMAT_ASCII, v, maxlen); +- CC2 (entry->components, 52, 53, v, maxlen); ++ CC2 (entry->components, 52, 60, v, maxlen); + strncpy (v, (char *)entry->data, MIN (maxlen, entry->size)); + break; + case MNOTE_OLYMPUS_TAG_ID: --- libexif-0.6.16.orig/debian/patches/50_relibtoolize.dpatch +++ libexif-0.6.16/debian/patches/50_relibtoolize.dpatch @@ -0,0 +1,337 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 50_relibtoolize.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: run libtoolize -c -f on sources + +@DPATCH@ +diff -urNad libexif-0.6.16~/config.guess libexif-0.6.16/config.guess +--- libexif-0.6.16~/config.guess 2007-06-21 20:44:16.000000000 +0200 ++++ libexif-0.6.16/config.guess 2007-04-20 04:09:10.000000000 +0200 +@@ -4,7 +4,7 @@ + # 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, + # Inc. + +-timestamp='2006-07-02' ++timestamp='2007-03-06' + + # This file is free software; you can redistribute it and/or modify it + # under the terms of the GNU General Public License as published by +@@ -781,7 +781,7 @@ + i*:CYGWIN*:*) + echo ${UNAME_MACHINE}-pc-cygwin + exit ;; +- i*:MINGW*:*) ++ *:MINGW*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit ;; + i*:windows32*:*) +@@ -791,12 +791,15 @@ + i*:PW*:*) + echo ${UNAME_MACHINE}-pc-pw32 + exit ;; +- x86:Interix*:[3456]*) +- echo i586-pc-interix${UNAME_RELEASE} +- exit ;; +- EM64T:Interix*:[3456]*) +- echo x86_64-unknown-interix${UNAME_RELEASE} +- exit ;; ++ *:Interix*:[3456]*) ++ case ${UNAME_MACHINE} in ++ x86) ++ echo i586-pc-interix${UNAME_RELEASE} ++ exit ;; ++ EM64T | authenticamd) ++ echo x86_64-unknown-interix${UNAME_RELEASE} ++ exit ;; ++ esac ;; + [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) + echo i${UNAME_MACHINE}-pc-mks + exit ;; +@@ -951,6 +954,9 @@ + x86_64:Linux:*:*) + echo x86_64-unknown-linux-gnu + exit ;; ++ xtensa:Linux:*:*) ++ echo xtensa-unknown-linux-gnu ++ exit ;; + i*86:Linux:*:*) + # The BFD linker knows what the default object file format is, so + # first see if it will tell us. cd to the root directory to prevent +@@ -1209,6 +1215,15 @@ + SX-6:SUPER-UX:*:*) + echo sx6-nec-superux${UNAME_RELEASE} + exit ;; ++ SX-7:SUPER-UX:*:*) ++ echo sx7-nec-superux${UNAME_RELEASE} ++ exit ;; ++ SX-8:SUPER-UX:*:*) ++ echo sx8-nec-superux${UNAME_RELEASE} ++ exit ;; ++ SX-8R:SUPER-UX:*:*) ++ echo sx8r-nec-superux${UNAME_RELEASE} ++ exit ;; + Power*:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit ;; +diff -urNad libexif-0.6.16~/config.sub libexif-0.6.16/config.sub +--- libexif-0.6.16~/config.sub 2007-06-21 20:44:16.000000000 +0200 ++++ libexif-0.6.16/config.sub 2007-04-20 04:09:10.000000000 +0200 +@@ -4,7 +4,7 @@ + # 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, + # Inc. + +-timestamp='2006-09-20' ++timestamp='2007-01-18' + + # This file is (in principle) common to ALL GNU software. + # The presence of a machine in this file suggests that SOME GNU software +@@ -177,10 +177,6 @@ + os=-sco5v6 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; +- -sco6) +- os=-sco5v6 +- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` +- ;; + -sco5) + os=-sco3.2v5 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` +@@ -201,10 +197,6 @@ + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; +- -sco5v6*) +- # Don't forget version if it is 3.2v4 or newer. +- basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` +- ;; + -sco*) + os=-sco3.2v2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` +@@ -253,12 +245,12 @@ + | bfin \ + | c4x | clipper \ + | d10v | d30v | dlx | dsp16xx \ +- | fr30 | frv \ ++ | fido | fr30 | frv \ + | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | i370 | i860 | i960 | ia64 \ + | ip2k | iq2000 \ + | m32c | m32r | m32rle | m68000 | m68k | m88k \ +- | maxq | mb | microblaze | mcore \ ++ | maxq | mb | microblaze | mcore | mep \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64el \ +@@ -307,9 +299,6 @@ + ms1) + basic_machine=mt-unknown + ;; +- ms1) +- basic_machine=mt-unknown +- ;; + + # We use `pc' rather than `unknown' + # because (1) that's what they normally are, and +@@ -335,7 +324,7 @@ + | clipper-* | craynv-* | cydra-* \ + | d10v-* | d30v-* | dlx-* \ + | elxsi-* \ +- | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ ++ | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ + | h8300-* | h8500-* \ + | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | i*86-* | i860-* | i960-* | ia64-* \ +@@ -403,9 +392,6 @@ + abacus) + basic_machine=abacus-unknown + ;; +- abacus) +- basic_machine=abacus-unknown +- ;; + adobe68k) + basic_machine=m68010-adobe + os=-scout +@@ -426,9 +412,6 @@ + amd64-*) + basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; +- amd64-*) +- basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` +- ;; + amdahl) + basic_machine=580-amdahl + os=-sysv +@@ -535,10 +518,6 @@ + basic_machine=i586-pc + os=-msdosdjgpp + ;; +- djgpp) +- basic_machine=i586-pc +- os=-msdosdjgpp +- ;; + dpx20 | dpx20-*) + basic_machine=rs6000-bull + os=-bosx +@@ -732,9 +711,6 @@ + ms1-*) + basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` + ;; +- ms1-*) +- basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` +- ;; + mvs) + basic_machine=i370-ibm + os=-mvs +@@ -848,12 +824,6 @@ + pc98-*) + basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; +- pc98) +- basic_machine=i386-pc +- ;; +- pc98-*) +- basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` +- ;; + pentium | p5 | k5 | k6 | nexgen | viac3) + basic_machine=i586-pc + ;; +@@ -914,10 +884,6 @@ + basic_machine=i386-pc + os=-rdos + ;; +- rdos) +- basic_machine=i386-pc +- os=-rdos +- ;; + rom68k) + basic_machine=m68k-rom68k + os=-coff +@@ -934,12 +900,6 @@ + s390x | s390x-*) + basic_machine=s390x-ibm + ;; +- s390 | s390-*) +- basic_machine=s390-ibm +- ;; +- s390x | s390x-*) +- basic_machine=s390x-ibm +- ;; + sa29200) + basic_machine=a29k-amd + os=-udi +@@ -954,10 +914,6 @@ + basic_machine=mipsisa32-sde + os=-elf + ;; +- sde) +- basic_machine=mipsisa32-sde +- os=-elf +- ;; + sei) + basic_machine=mips-sei + os=-seiux +@@ -1078,10 +1034,6 @@ + basic_machine=s390x-ibm + os=-tpf + ;; +- tpf) +- basic_machine=s390x-ibm +- os=-tpf +- ;; + udi29k) + basic_machine=a29k-amd + os=-udi +@@ -1129,10 +1081,6 @@ + basic_machine=i686-pc + os=-mingw32 + ;; +- xbox) +- basic_machine=i686-pc +- os=-mingw32 +- ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; +@@ -1166,9 +1114,6 @@ + mmix) + basic_machine=mmix-knuth + ;; +- mmix) +- basic_machine=mmix-knuth +- ;; + rs6000) + basic_machine=rs6000-ibm + ;; +@@ -1277,7 +1222,7 @@ + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ + | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ + | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ +- | -skyos* | -haiku* | -rdos* | -toppers*) ++ | -skyos* | -haiku* | -rdos* | -toppers* | -drops*) + # Remember, each alternative MUST END IN *, to match a version number. + ;; + -qnx*) +@@ -1319,9 +1264,6 @@ + -os400*) + os=-os400 + ;; +- -os400*) +- os=-os400 +- ;; + -wince*) + os=-wince + ;; +@@ -1346,9 +1288,6 @@ + -syllable*) + os=-syllable + ;; +- -syllable*) +- os=-syllable +- ;; + -386bsd) + os=-bsd + ;; +@@ -1374,9 +1313,6 @@ + -tpf*) + os=-tpf + ;; +- -tpf*) +- os=-tpf +- ;; + -triton*) + os=-sysv3 + ;; +@@ -1416,9 +1352,6 @@ + -zvmoe) + os=-zvmoe + ;; +- -zvmoe) +- os=-zvmoe +- ;; + -none) + ;; + *) +diff -urNad libexif-0.6.16~/ltmain.sh libexif-0.6.16/ltmain.sh +--- libexif-0.6.16~/ltmain.sh 2007-06-21 20:44:16.000000000 +0200 ++++ libexif-0.6.16/ltmain.sh 2006-03-11 19:49:04.000000000 +0100 +@@ -6421,13 +6421,12 @@ + fi + + # Restore saved environment variables +- for lt_var in LANG LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES +- do +- eval "if test \"\${save_$lt_var+set}\" = set; then +- $lt_var=\$save_$lt_var; export $lt_var +- fi" +- done +- ++ if test "${save_LC_ALL+set}" = set; then ++ LC_ALL="$save_LC_ALL"; export LC_ALL ++ fi ++ if test "${save_LANG+set}" = set; then ++ LANG="$save_LANG"; export LANG ++ fi + + # Now prepare to actually exec the command. + exec_cmd="\$cmd$args" --- libexif-0.6.16.orig/debian/patches/CVE-2007-6351.dpatch +++ libexif-0.6.16/debian/patches/CVE-2007-6351.dpatch @@ -0,0 +1,20 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## CVE-2007-6351.dpatch by Nico Golde +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad libexif-0.6.16~/libexif/exif-loader.c libexif-0.6.16/libexif/exif-loader.c +--- libexif-0.6.16~/libexif/exif-loader.c 2006-10-03 21:41:36.000000000 +0200 ++++ libexif-0.6.16/libexif/exif-loader.c 2007-12-21 17:12:36.000000000 +0100 +@@ -176,6 +176,9 @@ + break; + } + ++ if(!len) ++ return 1; ++ + exif_log (eld->log, EXIF_LOG_CODE_DEBUG, "ExifLoader", + "Scanning %i byte(s) of data...", len); + --- libexif-0.6.16.orig/debian/patches/20_extra_colorspace_check.dpatch +++ libexif-0.6.16/debian/patches/20_extra_colorspace_check.dpatch @@ -0,0 +1,20 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 20_extra_colorspace_check.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: added extra check against value read for color +## DP: space (closes: #398426) + +@DPATCH@ +diff -urNad libexif-0.6.13~/libexif/exif-entry.c libexif-0.6.13/libexif/exif-entry.c +--- libexif-0.6.13~/libexif/exif-entry.c 2005-10-03 20:32:03.000000000 +0200 ++++ libexif-0.6.13/libexif/exif-entry.c 2007-05-08 11:37:44.062021561 +0200 +@@ -904,7 +904,7 @@ + /* Find the value */ + for (j = 0; list2[i].elem[j].values && + (list2[i].elem[j].index < v_short); j++); +- if (list2[i].elem[j].index != v_short) { ++ if (list2[i].elem[j].index != v_short || v_short == 65535) { + snprintf (val, maxlen, _("Internal error (unknown " + "value %i)."), v_short); + break; --- libexif-0.6.16.orig/debian/libexif12.docs +++ libexif-0.6.16/debian/libexif12.docs @@ -0,0 +1,2 @@ +NEWS +README --- libexif-0.6.16.orig/debian/copyright +++ libexif-0.6.16/debian/copyright @@ -0,0 +1,33 @@ +This package was debianized by christophe barbe on +Wed, 13 Feb 2002 17:58:36 -0500. + +It was downloaded from http://prdownloads.sourceforge.net/libexif/ + +Upstream Authors: + + Lutz Müller + Curtis Galloway + +Copyright © 2001-2004 Lutz Müller + +License is GNU LGPL v2 or later. + + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the + * Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, + * Boston, MA 02110-1301, USA. + + +On Debian systems, the complete text of the GNU Lesser General Public License +version 2 can be found in `/usr/share/common-licenses/LGPL-2`. + --- libexif-0.6.16.orig/debian/rules +++ libexif-0.6.16/debian/rules @@ -0,0 +1,87 @@ +#!/usr/bin/make -f + +#export DH_VERBOSE=1 + +include /usr/share/dpatch/dpatch.make + +version=`ls libexif/.libs/lib*.so.* | \ + awk '{if (match($$0,/[0-9]+\.[0-9]+\.[0-9]+$$/)) print substr($$0,RSTART)}'` +major=`ls libexif/.libs/lib*.so.* | \ + awk '{if (match($$0,/\.so\.[0-9]+$$/)) print substr($$0,RSTART+4)}'` + +export DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +export DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) + +ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) + confflags += --build $(DEB_HOST_GNU_TYPE) +else + confflags += --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE) +endif + +configure: configure-stamp +configure-stamp: patch + dh_testdir + ./configure $(confflags) --prefix=/usr + touch configure-stamp + +build: build-stamp +build-stamp: configure-stamp + dh_testdir + $(MAKE) + touch build-stamp + +patch: patch-stamp +patch-stamp: + dpatch apply-all + +clean: unpatch-stamp + dh_testdir + dh_testroot + rm -f build-stamp configure-stamp + rm -f po/libexif-$(major).pot + -$(MAKE) distclean + dh_clean + +unpatch: unpatch-stamp +unpatch-stamp: + dpatch deapply-all + rm -rf patch-stamp debian/patched + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + $(MAKE) install prefix=$(CURDIR)/debian/libexif$(major)/usr + mv $(CURDIR)/debian/libexif$(major)/usr/share/doc/libexif \ + $(CURDIR)/debian/libexif$(major)/usr/share/doc/libexif-dev + rm $(CURDIR)/debian/libexif$(major)/usr/share/doc/libexif-dev/AUTHORS + rm $(CURDIR)/debian/libexif$(major)/usr/share/doc/libexif-dev/COPYING + + dh_movefiles --sourcedir=debian/libexif$(major) + find debian -type d | xargs rmdir -p --ignore-fail-on-non-empty + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installdocs + dh_installchangelogs ChangeLog + dh_link + dh_strip + dh_compress + dh_fixperms + dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install configure