%ifarch x86_64 %define mark64 ()(64bit) %else %define mark64 %{nil} %endif %define fname SDL %define subrel 1 %define rel 19 %define lib_name_orig lib%{fname} %define apiver 1.2 %define major 0 %define libname %mklibname %{fname} %{apiver} %{major} %define develname %mklibname %{fname} -d %define staticname %mklibname %{fname} -d -s %define build_plugins 0 %define build_directfb 0 %define build_ggi 1 %define build_aalib 1 Summary: Simple DirectMedia Layer Name: SDL12 Version: 1.2.15 Release: %mkrel %{rel} License: LGPLv2+ Group: System/Libraries URL: http://www.libsdl.org/ Source0: http://www.libsdl.org/release/%{fname}-%{version}.tar.gz Patch0: SDL-1.2.10-fixrpath.patch Patch1: SDL-1.2.10-libtool.patch Patch4: SDL-1.2.13-libdir.patch Patch5: SDL-1.2.15-const_XData32.patch Patch21: SDL-1.2.14-anonymous-enums.patch # (cg) 1.2.13-10mdv Use pulse output by default Patch51: SDL-1.2.13-preferpulse.patch Patch52: SDL-1.2.12-pagesize.patch Patch54: SDL-1.2.14-dont-propagate-lpthread.patch # (fc) 1.2.13-7mdv fix crash in pulseaudio backend when /proc is not mounted (Mdv bug #38220) Patch57: SDL-1.2.14-noproc.patch # (misc) patch from fedora to solve ri-li crash ( mdv bug #45721 ) Patch58: SDL-1.2.13-rh484362.patch # upstream patch to fix mga#11800 (upstream SDL bug #1460) Patch59: SDL-1.2.15-joystick-axes.patch # Synced with Fedora Patch100: SDL-1.2.15-CVE-2019-7577-Fix-a-buffer-overread-in-MS_ADPCM_deco.patch # Fix CVE-2019-7575 (a buffer overwrite in MS_ADPCM_decode), bug #1676744, # upstream bug #4493, proposed to upstream Patch101: SDL-1.2.15-CVE-2019-7575-Fix-a-buffer-overwrite-in-MS_ADPCM_dec.patch # Fix CVE-2019-7574 (a buffer overread in IMA_ADPCM_decode), bug #1676750, # upstream bug #4496, proposed to upstream Patch102: SDL-1.2.15-CVE-2019-7574-Fix-a-buffer-overread-in-IMA_ADPCM_dec.patch # Fix CVE-2019-7572 (a buffer overread in IMA_ADPCM_nibble), bug #1676754, # upstream bug #4495, proposed to upstream Patch103: SDL-1.2.15-CVE-2019-7572-Fix-a-buffer-overread-in-IMA_ADPCM_nib.patch # Fix CVE-2019-7572 (a buffer overwrite in IMA_ADPCM_nibble), bug #1676754, # upstream bug #4495, proposed to upstream Patch104: SDL-1.2.15-CVE-2019-7572-Fix-a-buffer-overwrite-in-IMA_ADPCM_de.patch # Fix CVE-2019-7573, CVE-2019-7576 (buffer overreads in InitMS_ADPCM), # bugs #1676752, #1676756, upstream bugs #4491, #4490, proposed to upstream Patch105: SDL-1.2.15-CVE-2019-7573-CVE-2019-7576-Fix-buffer-overreads-in-.patch # Fix CVE-2019-7578, (a buffer overread in InitIMA_ADPCM), bug #1676782, # upstream bug #4491, proposed to upstream Patch106: SDL-1.2.15-CVE-2019-7578-Fix-a-buffer-overread-in-InitIMA_ADPCM.patch # Fix CVE-2019-7638, CVE-2019-7636 (buffer overflows when processing BMP # images with too high number of colors), bugs #1677144, #1677157, # upstream bugs #4500, #4499, in upstream after 1.2.15 Patch107: SDL-1.2.15-CVE-2019-7638-CVE-2019-7636-Refuse-loading-BMP-image.patch # Fix CVE-2019-7637 (an integer overflow in SDL_CalculatePitch), bug #1677152, # upstream bug #4497, in upstream after 1.2.15 Patch108: SDL-1.2.15-CVE-2019-7637-Fix-in-integer-overflow-in-SDL_Calcula.patch # Fix CVE-2019-7635 (a buffer overread when blitting a BMP image with pixel # colors out the palette), bug #1677159, upstream bug #4498, # proposed to upstream Patch109: SDL-1.2.15-CVE-2019-7635-Reject-BMP-images-with-pixel-colors-ou.patch # Reject 2, 3, 5, 6, 7-bpp BMP images (related to CVE-2019-7635), # bug #1677159, upstream bug #4498, in upstream after 1.2.15 Patch110: SDL-1.2.15-Reject-2-3-5-6-7-bpp-BMP-images.patch # Fix CVE-2019-7577 (Fix a buffer overread in MS_ADPCM_nibble and # MS_ADPCM_decode on an invalid predictor), bug #1676510, upstream bug #4492, # proposed to upstream Patch111: SDL-1.2.15-CVE-2019-7577-Fix-a-buffer-overread-in-MS_ADPCM_nibb.patch # libGL is required to enable glx support BuildRequires: pkgconfig(glu) BuildRequires: nas-devel BuildRequires: chrpath BuildRequires: libpulseaudio-devel BuildRequires: pkgconfig(alsa) BuildRequires: pkgconfig(xrandr) BuildRequires: pkgconfig(zlib) %ifarch %{ix86} BuildRequires: yasm %endif %if %{build_plugins} BuildRequires: libtool-devel %endif %if %{build_directfb} BuildRequires: DirectFB-devel >= 1.0.0 %endif %if %{build_ggi} BuildRequires: libggi-devel %endif %if %{build_aalib} BuildRequires: aalib-devel %endif %description This is the Simple DirectMedia Layer, a generic API that provides low level access to audio, keyboard, mouse, and display framebuffer across multiple platforms. %if %{build_plugins} %if %{build_ggi} %package -n %{libname}-video-ggi Summary: GGI video support for SDL Group: System/Libraries Requires: %{libname} = %{version}-%{release} %description -n %{libname}-video-ggi This is the Simple DirectMedia Layer, a generic API that provides low level access to audio, keyboard, mouse, and display framebuffer across multiple platforms. This package provides GGI video support as a plugin to SDL. %endif %if %{build_directfb} %package -n %{libname}-video-directfb Summary: DirectFB video support for SDL Group: System/Libraries Requires: %{libname} = %{version}-%{release} %description -n %{libname}-video-directfb This is the Simple DirectMedia Layer, a generic API that provides low level access to audio, keyboard, mouse, and display framebuffer across multiple platforms. This package provides DirectFB video support as a plugin to SDL. %endif %endif %package -n %{libname} Summary: Main library for %{name} Group: System/Libraries Provides: %{name} = %{version}-%{release} Provides: %{lib_name_orig} = %{version}-%{release} Requires: libGL.so.1%{mark64} Obsoletes: %mklibname SDL 1.2 Provides: %mklibname SDL 1.2 %description -n %{libname} This package contains the library needed to run programs dynamically linked with %{name}. %package -n %{develname} Summary: Headers for developing programs that will use %{name} Group: Development/C Requires: %{libname} = %{version} Requires: libalsa-devel >= 0.9.0 # GL/GLU referenced in headers, but is dlopened so there are no autodeps: Requires: mesagl-devel Requires: mesaglu-devel Provides: %{lib_name_orig}-devel = %{version}-%{release} Provides: SDL-devel = %{version}-%{release} Provides: SDL%{apiver}-devel = %{version}-%{release} Obsoletes: %mklibname SDL 1.2 -d Provides: %mklibname SDL 1.2 -d %description -n %{develname} This package contains the headers that programmers will need to develop applications which will use %{name}. %package -n %{staticname} Summary: Static libraries for %{name} Group: Development/C Requires: %{libname} = %{version} %description -n %{staticname} This package contains the static libraries that programmers will need to develop applications which will use %{name} statically. %prep %setup -q -n %{fname}-%{version} %patch0 -p1 #patch1 -p1 -b .libtool #patch4 -p1 -b .libdir %patch5 -p1 -b .xdata %patch21 -p1 -b .enums #patch51 -p1 -b .preferpulsealsa #patch52 -p1 -b .pagesize %patch54 -p1 -b .no_lpthread %patch57 -p1 -b .noproc %patch58 -p1 -b .disable_SDL_revcpy %patch59 -p1 -b .joystick-axes %patch100 -p1 %patch101 -p1 %patch102 -p1 %patch103 -p1 %patch104 -p1 %patch105 -p1 %patch106 -p1 %patch107 -p1 %patch108 -p1 %patch109 -p1 %patch110 -p1 %patch111 -p1 iconv -f ISO-8859-1 -t UTF-8 CREDITS > CREDITS.tmp touch -r CREDITS CREDITS.tmp mv CREDITS.tmp CREDITS %build ./autogen.sh export CFLAGS="%{optflags} -fPIC -funroll-loops -ffast-math -O3" export CXXFLAGS="$CFLAGS" %configure2_5x --enable-video-opengl \ --disable-video-svga \ %if %{build_ggi} --enable-video-ggi \ %if %{build_plugins} --enable-video-ggi-plugin \ %endif %endif %if %{build_directfb} --enable-video-directfb \ %if %{build_plugins} --enable-video-directfb-plugin \ %endif %endif %if %{build_aalib} --enable-video-aalib \ %if %{build_plugins} --enable-video-aalib-plugin \ %endif %endif %ifarch %{ix86} x86_64 --enable-nasm \ %else --disable-nasm \ %endif --enable-assembly \ --enable-sdl-dlopen \ --enable-nas \ --enable-nas-shared \ --enable-pulseaudio \ --enable-pulseaudio-shared \ --enable-alsa \ --enable-alsa-shared \ --disable-arts \ --program-prefix= \ --disable-rpath --disable-static %make_build %install %make_install # remove unpackaged files %if %{build_plugins} rm -f %{buildroot}%{_libdir}/SDL/*.a %endif find %{buildroot} -name '*.la' -delete # --disable-rpath does not seem to work correctly chrpath -d %{buildroot}%{_libdir}/libSDL.so %multiarch_binaries %{buildroot}%{_bindir}/sdl-config %files -n %{libname} %doc README-SDL.txt CREDITS BUGS %{_libdir}/libSDL-%{apiver}.so.%{major}{,.*} %if %{build_plugins} %dir %{_libdir}/SDL %endif %if %{build_plugins} %if %{build_ggi} %files -n %{libname}-video-ggi %{_libdir}/SDL/video_ggi.* %endif %if %{build_directfb} %files -n %{libname}-video-directfb %{_libdir}/SDL/video_directfb.* %endif %endif %files -n %{develname} %doc README README-SDL.txt CREDITS BUGS WhatsNew docs.html %doc docs/html/*.html %{_bindir}/sdl-config %multiarch %{multiarch_bindir}/sdl-config %{_libdir}/pkgconfig/sdl.pc %{_libdir}/*.so %dir %{_includedir}/SDL %{_includedir}/SDL/*.h %{_datadir}/aclocal/* %{_mandir}/*/* %files -n %{staticname} %{_libdir}/*.a %changelog * Fri Mar 29 2019 akien <akien> 1.2.15-19.1.mga6 + Revision: 1381069 - Sync security patches with Fedora: Tue Mar 12 2019 Petr Pisar <ppisar@redhat.com> - 1.2.15-38 o Fix CVE-2019-7577 completely (a buffer overread in MS_ADPCM_nibble and MS_ADPCM_decode on an invalid predictor) (bug #1676510) o Fix CVE-2019-7577 (a buffer overread in MS_ADPCM_decode) (bug #1676510) o Fix CVE-2019-7575 (a buffer overwrite in MS_ADPCM_decode) (bug #1676744) o Fix CVE-2019-7574 (a buffer overread in IMA_ADPCM_decode) (bug #1676750) o Fix CVE-2019-7572 (a buffer overread in IMA_ADPCM_nibble) (bug #1676754) o Fix CVE-2019-7572 (a buffer overwrite in IMA_ADPCM_nibble) (bug #1676754) o Fix CVE-2019-7573, CVE-2019-7576 (buffer overreads in InitMS_ADPCM) (bugs #1676752, #1676756) o Fix CVE-2019-7578 (a buffer overread in InitIMA_ADPCM) (bug #1676782) o Fix CVE-2019-7638, CVE-2019-7636 (buffer overflows when processing BMP images with too high number of colors) (bugs #1677144, #1677157) o Fix CVE-2019-7637 (an integer overflow in SDL_CalculatePitch) (bug #1677152) o Fix CVE-2019-7635 (a buffer overread when blitting a BMP image with pixel colors out the palette) (bug #1677159) o Reject 2, 3, 5, 6, 7-bpp BMP images (bug #1677159) * Wed Mar 01 2017 ghibo <ghibo> 1.2.15-19.mga6 + Revision: 1088232 - Rebuilt against pulseaudio 10 * Fri Feb 12 2016 umeabot <umeabot> 1.2.15-18.mga6 + Revision: 958841 - Mageia 6 Mass Rebuild * Sat Jan 02 2016 luigiwalser <luigiwalser> 1.2.15-17.mga6 + Revision: 918212 - rebuild without directfb * Fri Jan 23 2015 akien <akien> 1.2.15-16.mga5 + Revision: 811957 - Split static lib out of the main devel package * Wed Oct 15 2014 umeabot <umeabot> 1.2.15-15.mga5 + Revision: 738840 - Second Mageia 5 Mass Rebuild * Tue Sep 16 2014 umeabot <umeabot> 1.2.15-14.mga5 + Revision: 687017 - Rebuild to fix library dependencies * Tue Sep 16 2014 umeabot <umeabot> 1.2.15-13.mga5 + Revision: 677651 - Mageia 5 Mass Rebuild * Wed Aug 06 2014 sander85 <sander85> 1.2.15-12.mga5 + Revision: 660285 - Rebuild for new directfb * Sat May 17 2014 shlomif <shlomif> 1.2.15-11.mga5 + Revision: 623200 - Rebuild for new libdirectfb. * Wed Apr 30 2014 ovitters <ovitters> 1.2.15-10.mga5 + Revision: 619081 - rebuild for new directfb * Sat Feb 15 2014 luigiwalser <luigiwalser> 1.2.15-9.mga5 + Revision: 592122 - rebuild for directfb * Thu Dec 12 2013 luigiwalser <luigiwalser> 1.2.15-8.mga4 + Revision: 556520 - add upstream patch to fix joystick axis issue (mga#11800) * Sat Oct 19 2013 umeabot <umeabot> 1.2.15-7.mga4 + Revision: 532182 - Mageia 4 Mass Rebuild * Sat Aug 17 2013 fwang <fwang> 1.2.15-6.mga4 + Revision: 467236 - rebuild for new dfb * Sun Jun 02 2013 fwang <fwang> 1.2.15-5.mga4 + Revision: 434615 - add fedora patch to fix building - rebuild for new libpng * Fri Jan 11 2013 umeabot <umeabot> 1.2.15-4.mga3 + Revision: 345081 - Mass Rebuild - https://wiki.mageia.org/en/Feature:Mageia3MassRebuild * Sat Jul 28 2012 fwang <fwang> 1.2.15-3.mga3 + Revision: 275241 - rebuild for new directfb * Tue May 29 2012 shlomif <shlomif> 1.2.15-2.mga3 + Revision: 249157 - Remove some commented out patch applications - Remove an unneeded patch. * Mon May 28 2012 shlomif <shlomif> 1.2.15-1.mga3 + Revision: 248792 - New version 1.2.15 * Sun Apr 15 2012 luigiwalser <luigiwalser> 1.2.14-10.mga2 + Revision: 230942 - sync changes from Mandriva: - enable assembly instructions on x86_64 as well - use system nas library - compile with -ffast-math and -funroll-loops - remove obsolete configure options - add missing version to some provides - update dont propagate pthread patch (from debian) - add fedora patches accepted upstream - fix bug in wesnoth windowed mode, updated from debian - fix nasm 2.09 compatibility - do not call memcpy on overlapping areas - fix xio error - fix linking with libx11-1.4.99.1 * Fri Jan 27 2012 fwang <fwang> 1.2.14-9.mga2 + Revision: 202172 - add requires on libgl * Sun Sep 11 2011 fwang <fwang> 1.2.14-7.mga2 + Revision: 142354 - update file list - rebuild for new directfb * Mon Jul 18 2011 fwang <fwang> 1.2.14-6.mga2 + Revision: 125763 - rebuild for new directfb * Mon Jul 11 2011 ahmad <ahmad> 1.2.14-5.mga2 + Revision: 122125 - Add a patch from upstream to fix some crashes with joysticks, (hint from Debian http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564831) should fix (mga#2084) * Mon May 09 2011 misc <misc> 1.2.14-4.mga1 + Revision: 96643 - disable esound ( deprecated and removed from the distribution ) * Wed Jan 12 2011 supp <supp> 1.2.14-3.mga1 + Revision: 7736 - fix SPEC typo - get rid of old macros... - imported package SDL12