From c6843aebc9e5e8ca3ce14e64c6886b40b33788f4 Mon Sep 17 00:00:00 2001
From: Rosa <rosa@rosa-build.rosalab.ru>
Date: Tue, 7 Aug 2012 10:02:39 +0000
Subject: [PATCH] Automatic import for version 1.1.1-1.1

---
 libjpeg-turbo-1.0.1-CVE-2012-2806.patch | 13 +++++++++++++
 libjpeg-turbo.spec                      |  9 +++++++--
 2 files changed, 20 insertions(+), 2 deletions(-)
 create mode 100644 libjpeg-turbo-1.0.1-CVE-2012-2806.patch

diff --git a/libjpeg-turbo-1.0.1-CVE-2012-2806.patch b/libjpeg-turbo-1.0.1-CVE-2012-2806.patch
new file mode 100644
index 0000000..3e97f86
--- /dev/null
+++ b/libjpeg-turbo-1.0.1-CVE-2012-2806.patch
@@ -0,0 +1,13 @@
+Index: jdmarker.c
+===================================================================
+--- jdmarker.c.orig
++++ jdmarker.c
+@@ -276,7 +276,7 @@ get_sof (j_decompress_ptr cinfo, boolean
+ 			((j_common_ptr) cinfo, JPOOL_IMAGE,
+ 			 cinfo->num_components * SIZEOF(jpeg_component_info));
+   
+-  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
++  for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components && ci < MAX_COMPS_IN_SCAN;
+        ci++, compptr++) {
+     compptr->component_index = ci;
+     INPUT_BYTE(cinfo, compptr->component_id, return FALSE);
diff --git a/libjpeg-turbo.spec b/libjpeg-turbo.spec
index 0abddd3..b981f3e 100644
--- a/libjpeg-turbo.spec
+++ b/libjpeg-turbo.spec
@@ -9,7 +9,8 @@
 Summary:	A MMX/SSE2 accelerated library for manipulating JPEG image files
 Name:		libjpeg-turbo
 Version:	1.1.1
-Release:	2
+%define subrel 1
+Release:	%mkrel 1
 Epoch:		1
 License:	wxWidgets Library License
 Group:		System/Libraries
@@ -23,7 +24,7 @@ Source2:	http://jpegclub.org/jpegexiforient.c
 Source3:	http://jpegclub.org/exifautotran.txt
 Patch0:		jpeg-6b-c++fixes.patch
 Patch1:		libjpeg-turbo11-noinst_jpgtest.patch
-
+Patch2:		libjpeg-turbo-1.0.1-CVE-2012-2806.patch
 BuildRequires:	libtool >= 1.4
 %ifarch %{ix86} x86_64
 BuildRequires:	nasm
@@ -117,6 +118,7 @@ have orientation markings in the EXIF data.
 %setup -q
 %patch0 -p0
 %patch1 -p1
+%patch2 -p0 -b .CVE-2012-2806
 
 cp %{SOURCE2} jpegexiforient.c
 cp %{SOURCE3} exifautotran
@@ -203,6 +205,9 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Wed Aug 01 2012 Oden Eriksson <oeriksson@mandriva.com> 1:1.1.1-1.1
+- P2: security fix for CVE-2012-2806 (suse)
+
 * Fri May 27 2011 Funda Wang <fwang@mandriva.org> 1:1.1.1-1
 + Revision: 679380
 - update to new version 1.1.1