Update for release 2.3.1

CHANGELOG.md

@@ -1,5 +1,83 @@
 # Changelog
 
+## [v2.3.1](https://github.com/uclouvain/openjpeg/releases/v2.3.1) (2019-04-02)
+[Full Changelog](https://github.com/uclouvain/openjpeg/compare/v2.3.0...v2.3.1)
+
+**Closed issues:**
+
+- v2.2.0 regression for decoding images where TNsot == 0 [\#1120](https://github.com/uclouvain/openjpeg/issues/1120)
+- Int overflow in jp3d [\#1162](https://github.com/uclouvain/openjpeg/issues/1162)
+- Heap buffer overflow in opj\_j2k\_update\_image\_data\(\) triggered with Ghostscript [\#1157](https://github.com/uclouvain/openjpeg/issues/1157)
+- LINUX install doesn't work when building shared libraries is disabled [\#1155](https://github.com/uclouvain/openjpeg/issues/1155)
+- OPENJPEG null ptr dereference in openjpeg-2.3.0/src/bin/jp2/convert.c:2243 [\#1152](https://github.com/uclouvain/openjpeg/issues/1152)
+- How to drop certain subbands/layers in DWT [\#1147](https://github.com/uclouvain/openjpeg/issues/1147)
+- where is the MQ-Coder ouput stream in t2.c? [\#1146](https://github.com/uclouvain/openjpeg/issues/1146)
+- OpenJPEG 2.3 \(and 2.2?\) multi component image fails to decode with KDU v7.10 [\#1132](https://github.com/uclouvain/openjpeg/issues/1132)
+- Missing checks for header\_info.height and header\_info.width in function pnmtoimage in src/bin/jpwl/convert.c, which can lead to heap buffer overflow [\#1126](https://github.com/uclouvain/openjpeg/issues/1126)
+- Assertion Failure in jp2.c [\#1125](https://github.com/uclouvain/openjpeg/issues/1125)
+- Division-by-zero vulnerabilities in the function pi\_next\_pcrl, pi\_next\_cprl and pi\_next\_rpcl in src/lib/openjp3d/pi.c [\#1123](https://github.com/uclouvain/openjpeg/issues/1123)
+- Precinct switch \(-c\) doesn't right-shift last record to remaining resolution levels [\#1117](https://github.com/uclouvain/openjpeg/issues/1117)
+- Sample: encode J2K a data using streams??? [\#1114](https://github.com/uclouvain/openjpeg/issues/1114)
+- HIGH THROUGHPUT JPEG 2000 \(HTJ2K\) [\#1112](https://github.com/uclouvain/openjpeg/issues/1112)
+- How to build openjpeg for arm linux? [\#1108](https://github.com/uclouvain/openjpeg/issues/1108)
+- crash [\#1106](https://github.com/uclouvain/openjpeg/issues/1106)
+- JP2000 returning OPJ\_CLRSPC\_UNKNOWN color space [\#1103](https://github.com/uclouvain/openjpeg/issues/1103)
+- Compilation successful but install unsuccessful: Calling executables throws libraries missing error [\#1102](https://github.com/uclouvain/openjpeg/issues/1102)
+- fprintf format string requires 1 parameter but only 0 are given [\#1093](https://github.com/uclouvain/openjpeg/issues/1093)
+- fprintf format string requires 1 parameter but only 0 are given [\#1092](https://github.com/uclouvain/openjpeg/issues/1092)
+- sprintf buffer overflow [\#1088](https://github.com/uclouvain/openjpeg/issues/1088)
+- sprintf buffer overflow [\#1085](https://github.com/uclouvain/openjpeg/issues/1085)
+- Infinite loop when reading jp2 [\#1081](https://github.com/uclouvain/openjpeg/issues/1081)
+- missing format string parameter [\#1074](https://github.com/uclouvain/openjpeg/issues/1074)
+- Excessive Iteration in opj\_t1\_encode\_cblks \(src/lib/openjp2/t1.c\) [\#1059](https://github.com/uclouvain/openjpeg/issues/1059)
+- Out-of-bound left shift in opj\_j2k\_setup\_encoder \(src/lib/openjp2/j2k.c\) [\#1057](https://github.com/uclouvain/openjpeg/issues/1057)
+- Encode image on Unsplash [\#1054](https://github.com/uclouvain/openjpeg/issues/1054)
+- Integer overflow in opj\_t1\_encode\_cblks \(src/lib/openjp2/t1.c\) [\#1053](https://github.com/uclouvain/openjpeg/issues/1053)
+- Signed Integer Overflow - 68065512 [\#1048](https://github.com/uclouvain/openjpeg/issues/1048)
+- Similar vulnerable functions related to CVE-2017-14041 [\#1044](https://github.com/uclouvain/openjpeg/issues/1044)
+- \[ERROR\] COD marker already read. No more than one COD marker per tile.  [\#1043](https://github.com/uclouvain/openjpeg/issues/1043)
+- failing to install latest version of openjpeg from source [\#1041](https://github.com/uclouvain/openjpeg/issues/1041)
+- Trouble compressing large raw image [\#1032](https://github.com/uclouvain/openjpeg/issues/1032)
+- Download and installed code from 2.3 archive. Installing 2.2? [\#1030](https://github.com/uclouvain/openjpeg/issues/1030)
+- missing fclose [\#1029](https://github.com/uclouvain/openjpeg/issues/1029)
+- NULL Pointer Access in function imagetopnm of convert.c\(jp2\):1289 [\#860](https://github.com/uclouvain/openjpeg/issues/860)
+- NULL Pointer Access in function imagetopnm of convert.c:2226\(jp2\)  [\#859](https://github.com/uclouvain/openjpeg/issues/859)
+- Heap Buffer Overflow in function imagetotga of convert.c\(jp2\):942 [\#858](https://github.com/uclouvain/openjpeg/issues/858)
+
+**Merged pull requests:**
+
+- abi-check.sh: fix broken download URL [\#1188](https://github.com/uclouvain/openjpeg/pull/1188) ([rouault](https://github.com/rouault))
+- opj\_t1\_encode\_cblks: fix UBSAN signed integer overflow [\#1187](https://github.com/uclouvain/openjpeg/pull/1187) ([rouault](https://github.com/rouault))
+- convertbmp: detect invalid file dimensions early \(CVE-2018-6616\) [\#1172](https://github.com/uclouvain/openjpeg/pull/1172) ([hlef](https://github.com/hlef))
+- color\_apply\_icc\_profile: avoid potential heap buffer overflow [\#1170](https://github.com/uclouvain/openjpeg/pull/1170) ([rouault](https://github.com/rouault))
+- Fix multiple potential vulnerabilities and bugs [\#1168](https://github.com/uclouvain/openjpeg/pull/1168) ([Young-X](https://github.com/Young-X))
+- Fix several memory and resource leaks [\#1163](https://github.com/uclouvain/openjpeg/pull/1163) ([nforro](https://github.com/nforro))
+- Fix some potential overflow issues [\#1161](https://github.com/uclouvain/openjpeg/pull/1161) ([stweil](https://github.com/stweil))
+- jp3d/jpwl convert: fix write stack buffer overflow [\#1160](https://github.com/uclouvain/openjpeg/pull/1160) ([hlef](https://github.com/hlef))
+- Int overflow fixed [\#1159](https://github.com/uclouvain/openjpeg/pull/1159) ([ichlubna](https://github.com/ichlubna))
+- Update knownfailures- files given current configurations [\#1149](https://github.com/uclouvain/openjpeg/pull/1149) ([rouault](https://github.com/rouault))
+- CVE-2018-5785: fix issues with zero bitmasks [\#1148](https://github.com/uclouvain/openjpeg/pull/1148) ([hlef](https://github.com/hlef))
+- openjp2/jp2: Fix two format strings [\#1143](https://github.com/uclouvain/openjpeg/pull/1143) ([stweil](https://github.com/stweil))
+- Changes in pnmtoimage if image data are missing [\#1141](https://github.com/uclouvain/openjpeg/pull/1141) ([szukw000](https://github.com/szukw000))
+- Relative path to header files is hardcoded in OpenJPEGConfig.cmake.in file [\#1140](https://github.com/uclouvain/openjpeg/pull/1140) ([bukatlib](https://github.com/bukatlib))
+- Cast on uint ceildiv [\#1136](https://github.com/uclouvain/openjpeg/pull/1136) ([reverson](https://github.com/reverson))
+- Add -DBUILD\_PKGCONFIG\_FILES to install instructions [\#1133](https://github.com/uclouvain/openjpeg/pull/1133) ([robe2](https://github.com/robe2))
+- Fix some typos in code comments and documentation [\#1128](https://github.com/uclouvain/openjpeg/pull/1128) ([stweil](https://github.com/stweil))
+- Fix regression in reading files with TNsot == 0 \(refs \#1120\) [\#1121](https://github.com/uclouvain/openjpeg/pull/1121) ([rouault](https://github.com/rouault))
+- Use local type declaration for POSIX standard type only for MS compiler [\#1119](https://github.com/uclouvain/openjpeg/pull/1119) ([stweil](https://github.com/stweil))
+- Fix Mac builds [\#1104](https://github.com/uclouvain/openjpeg/pull/1104) ([rouault](https://github.com/rouault))
+- jp3d: Replace sprintf\(\) by snprintf\(\) in volumetobin\(\) [\#1101](https://github.com/uclouvain/openjpeg/pull/1101) ([kbabioch](https://github.com/kbabioch))
+- opj\_mj2\_extract: Rename output\_location to output\_prefix [\#1096](https://github.com/uclouvain/openjpeg/pull/1096) ([kbabioch](https://github.com/kbabioch))
+- mj2: Add missing variable to format string in fprintf\(\) invocation in meta\_out.c [\#1094](https://github.com/uclouvain/openjpeg/pull/1094) ([kbabioch](https://github.com/kbabioch))
+- Convert files to UTF-8 encoding [\#1090](https://github.com/uclouvain/openjpeg/pull/1090) ([stweil](https://github.com/stweil))
+- fix unchecked integer multiplication overflow [\#1080](https://github.com/uclouvain/openjpeg/pull/1080) ([setharnold](https://github.com/setharnold))
+- Fixed typos [\#1062](https://github.com/uclouvain/openjpeg/pull/1062) ([radarhere](https://github.com/radarhere))
+- Note that seek uses SEEK\_SET behavior. [\#1055](https://github.com/uclouvain/openjpeg/pull/1055) ([ideasman42](https://github.com/ideasman42))
+- Some Doxygen tags are removed [\#1050](https://github.com/uclouvain/openjpeg/pull/1050) ([szukw000](https://github.com/szukw000))
+- Fix resource leak \(CID 179466\) [\#1047](https://github.com/uclouvain/openjpeg/pull/1047) ([stweil](https://github.com/stweil))
+- Changed cmake version test to allow for cmake 2.8.11.x [\#1042](https://github.com/uclouvain/openjpeg/pull/1042) ([radarhere](https://github.com/radarhere))
+- Add missing fclose\(\) statement in error condition. [\#1037](https://github.com/uclouvain/openjpeg/pull/1037) ([gfiumara](https://github.com/gfiumara))
+
 ## [v2.3.0](https://github.com/uclouvain/openjpeg/releases/v2.3.0) (2017-10-04)
 [Full Changelog](https://github.com/uclouvain/openjpeg/compare/v2.2.0...v2.3.0)
 

NEWS.md

@@ -1,6 +1,12 @@
 # OpenJPEG NEWS
 
-More details in the [Changelog](https://github.com/uclouvain/openjpeg/blob/master/CHANGELOG.md)
+More details in the [CHANGELOG](https://github.com/uclouvain/openjpeg/blob/master/CHANGELOG.md)
+
+## OpenJPEG 2.3.1 (April 2019)
+
+No API/ABI break compared to v2.3.0
+
+* Many bug fixes (including security fixes)
 
 ## OpenJPEG 2.3.0 (October 2017)