98 KiB

Raw Blame History

Changelog

v2.5.0 (2022-05-13)

Full Changelog

Merged pull requests:

tools/travis-ci/install.sh: git clone with https:// to fix 'The unaut… #1419 (rouault)
Java Support 1.8 now... #1418 (jiapei100)
Separate fuzz targets to increase coverage #1416 (Navidem)
CMakeLists.txt: do not set INSTALL_NAME_DIR for MacOS builds for CMake >= 3.0 fixes \#1404 #1410 (rouault)
Avoid integer overflows in DWT. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44544 #1408 (rouault)
Updated "added support for partial bitstream decoding" #1407 (Neopallium)
opj_encoder_set_extra_options(): add a GUARD_BITS=value option #1403 (rouault)
More overflow related bug fixes #1402 (Eharve14)
opj_j2k_setup_encoder(): validate number of tiles to avoid illegal values and potential overflow fixes \#1399 #1401 (rouault)
Missed conversion from unsigned int to OPJ_INT32 #1398 (Eharve14)
Added check for integer overflow in get_num_images #1397 (Eharve14)
Added overflow check for CVE-2021-29338 #1396 (Eharve14)
Fix integer overflow in num_images #1395 (baparham)
Remove duplicate assignments in function tiftoimage #1392 (stweil)
Fix some typos found by codespell #1390 (stweil)
CI: Add CIFuzz action #1386 (DavidKorczynski)
Feature/decimation #1384 (msheby)
API: deprecate 'bpp' member in favor of 'prec' #1383 (rouault)
Added support for high throughput HTJ2K decoding. #1381 (rouault)
verify-indentation.sh: fix for pull request from bar/master to foo/master #1380 (rouault)
Change integer for version libtiff 4.3.0 #1377 (Jamaika1)
Port continuous integration to github actions #1376 (rouault)
Avoid integer overflows in DWT. #1375 (rouault)
LGTM warning: Comparison result is always the same #1373 (DimitriPapadopoulos)
A couple typos found by codespell #1371 (DimitriPapadopoulos)
cmake: add install interface include directory #1370 (madebr)
fix issues 1368: exist a issues of freeing uninitialized pointer in src/bin/jp2/opj_decompress.c，that will cause a segfault #1369 (xiaoxiaoafeifei)
opj_j2k_is_imf_compliant: Fix out of bounds access #1366 (sebras)
opj_j2k_is_imf_compliant: Fix argument formatting for warnings. #1365 (sebras)
CMakeLists.txt/appveyor.yml: update version number to 2.5.0… #1361 (rouault)
.travis.yml: try to fix gcc 4.8 config by updating to xenial #1360 (rouault)
Add support for enabling generation of TLM markers in encoder #1359 (rouault)
Fix various compiler warnings #1358 (rouault)
fix #1345: don't remove big endian test for other platforms #1354 (msabwat)
Remove obsolete components JPWL, JP3D and MJ2 #1350 (rouault)
tools/travis-ci/install.sh: fix links to Kakadu and jpylyzer binaries #1348 (rouault)
emscripten: disable big endian test #1345 (msabwat)
Fix cmake file with DESTDIR #1321 (ffontaine)
CMakeLists.txt: Don't require a C++ compiler #1317 (ffontaine)
Import files tiff and yuv(raw) #1316 (Jamaika1)
Fix year in NEWS #1312 (stweil)
Fix lcms2 static linking using pgk config #867 (pseiderer)
fix static build only against tiff and its indirect dependencies #866 (tSed)

Closed issues:

integer constant is too large for 'long' type #61
Openjpeg3D lossy compression not working #501
mj2: Array overflow #485
OPJ fails to decode image that KDU manages correctly #419
yuvtoimage() bug in v1 and v2 for 16-Bit: please apply ASAP #384
JP3D: Fix CVE-2013-4289 CVE-2013-4290 #298
MJ2 libraries are installed in lib #204
MJ2: realloc is misused and may leak memory #168
MJ2 wrapper not functional #143
JPWL is broken in trunk #137
MJ2 files not using OPENJPEG API correctly #53
Maximum bit depth supported by the OpenJPEG implementation of JP3D #9
does openjpeg support either visually lossless or numerically lossless jpeg2000 compression? #1406
extract jpeg2000 tile without decompression #1405
openjpeg doesn't install a relocatable shared lib on macOS #1404
pull request - the cinema industry awaits! #1400
Integer overflows in j2K #1399
why lossly compression performance worse than jpeg when compress png？ #1393
cect #1389
the docs don't describe bpp and prec in opj_image_comp very well #1379
converting .png to .jp2 by opj_compress is different from the original image #1378
Comparison result is always the same #1372
Exist a issues of freeing uninitialized pointer in src/bin/jp2/opj_decompress.c，that will cause a segfault #1368
```
TEST NOT RUNNING
```
opj_decompress 2.4.0 built with library 2.3.0. #1352
New library htjpeg2000 #1351
Integer Overflow in num_images #1338
All IMF Profile Selections Result in PART1 #1337
grayscale image #1334
error C2169: 'lrintf': intrinsic function, cannot be defined #1333
Generate lower-case extension #1332
color of reconstructed png file much darker #1330
CVE-2019-6988, CVE-2018-20846 and CVE-2018-16376 #1328
opj 2.4.0: opj_free missing in opj3d #1327
Not able to compress volumetric data #1326
HTML documents are not installed in specified place #1322
Can't find openjpeg.h when cross-compile. #1320
OpenJPEG is available with EasyConfig #1319
Building Test Programs #1318
Builds are not reproducible #1275
strange behaviour of opj_jp3d_compress/decompress utility #1274
Potential heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c and src/lib/openjp3d/t2.c #1272
Function tgatoimage in src/bin/jpwl/convert.c need to check that the file is big enough to avoid excessive memory allocations #1271
memory & cpu are exhausted when converting jp2 file into png #1250
Cannot compress PGX into JP3D despite following the directions? #1134
sscanf buffer overflow in opj_jp3d_compress.c #1130
integer underflow may lead to writing garbage #1089
sscanf buffer overflow #1087
strcpy overflows #1086
sprintf buffer overflows #1084
strcpy buffer overflow #1083
integer overflow in malloc() #1082
out of bounds writes #1078
out of bounds writes #1077
divide by zero, perhaps multiplication overflow #1076
missing format string parameter #1075
leaks from cppcheck in lib folder #1038
How to initialize DEBUG_PROFILE in color.c? #958
JP3D sample files #865
BIG_ENDIAN bug in jpwl.c #839
OpenJPEG fails to decode partial j2c where kdu succeeds #715
building mj2 binaries fails #652
openmj2\mj2.c: Out of bounds #646
bin\mj2\opj_mj2_decompress.c 101 wrong check / leak #608

v2.4.0 (2020-12-28)

Full Changelog

Closed issues:

OPENJPEG_INSTALL_DOC_DIR does not control a destination directory where HTML docs would be installed. #1309
Heap-buffer-overflow in lib/openjp2/pi.c:312 #1302
Heap-buffer-overflow in lib/openjp2/t2.c:973 #1299
Heap-buffer-overflow in lib/openjp2/pi.c:623 #1293
Global-buffer-overflow in lib/openjp2/dwt.c:1980 #1286
Heap-buffer-overflow in lib/openjp2/tcd.c:2417 #1284
Heap-buffer-overflow in lib/openjp2/mqc.c:499 #1283
Openjpeg could not encode 32bit RGB float image #1281
Openjpeg could not encode 32bit RGB float image #1280
ISO/IEC 15444-1:2019 E compared with 'cio.h' #1277
Test-suite failure due to hash mismatch #1264
Heap use-after-free #1261
Memory leak when failing to allocate object... #1259
Memory leak of Tier 1 handle when OpenJPEG fails to set it as TLS... #1257
Any plan to build release for CVE-2020-8112/CVE-2020-6851 #1247
failing to convert 16-bit file: opj_t2_encode_packet(): only 5251 bytes remaining in output buffer. 5621 needed. #1243
CMake+VS2017 Compile OK, thirdparty Compile OK, but thirdparty not install #1239
New release to solve CVE-2019-6988 ? #1238
Many tests fail to pass after the update of libtiff to version 4.1.0 #1233
Another heap buffer overflow in libopenjp2 #1231
Heap buffer overflow in libopenjp2 #1228
Endianness of binary volume JP3D #1224
New release to resolve CVE-2019-12973 #1222
how to set the block size,like 128,256 ? #1216
compress YUV files to motion jpeg2000 standard #1213
Repair/update Java wrapper, and include in release #1208
abc #1206
Slow decoding #1202
Installation question #1201
Typo in test_decode_area - *ptilew is assigned instead of *ptileh #1195
Creating a J2K file with one POC is broken #1191
Make fails on Arch Linux #1174
Heap buffer overflow in opj_t1_clbl_decode_processor() triggered with Ghostscript #1158
opj_stream_get_number_byte_left: Assertion `p_stream->m_byte_offset >= 0' failed. #1151
The fuzzer ignores too many inputs #1079
out of bounds read #1068

Merged pull requests:

Change defined WIN32 #1310 (Jamaika1)
docs: fix simple typo, producted -> produced #1308 (timgates42)
Set ${OPENJPEG_INSTALL_DOC_DIR} to DESTINATION of HTMLs #1307 (lemniscati)
Use INC_DIR for OPENJPEG_INCLUDE_DIRS fixes uclouvain\#1174 #1306 (matthew-sharp)
pi.c: avoid out of bounds access with POC fixes \#1302 #1304 (rouault)
Encoder: grow again buffer size #1303 (zodf0055980)
opj_j2k_write_sod(): avoid potential heap buffer overflow fixes \#1299 probably master only #1301 (rouault)
pi.c: avoid out of bounds access with POC refs https://github.com/uclouvain/openjpeg/issues/1293\#issuecomment-737122836 #1300 (rouault)
opj_t2_encode_packet(): avoid out of bound access of #1297, but likely not the proper fix #1298 (rouault)
opj_t2_encode_packet(): avoid out of bound access of #1294, but likely not the proper fix #1296 (rouault)
opj_j2k_setup_encoder(): validate POC compno0 and compno1 fixes \#1293 #1295 (rouault)
Encoder: avoid global buffer overflow on irreversible conversion when… #1292 (rouault)
Decoding: deal with some SPOT6 images that have tiles with a single tile-part with TPsot == 0 and TNsot == 0, and with missing EOC #1291 (rouault)
Free p_tcd_marker_info to avoid memory leak #1288 (zodf0055980)
Encoder: grow again buffer size #1287 (zodf0055980)
Encoder: avoid uint32 overflow when allocating memory for codestream buffer fixes \#1243 #1276 (rouault)
Java compatibility from 1.5 to 1.6 #1263 (jiapei100)
opj_decompress: fix double-free on input directory with mix of valid and invalid images #1262 (rouault)
openjp2: Plug image leak when failing to allocate codestream index. #1260 (sebras)
openjp2: Plug memory leak when setting data as TLS fails. #1258 (sebras)
openjp2: Error out if failing to create Tier 1 handle. #1256 (sebras)
Testing for invalid values of width, height, numcomps #1254 (szukw000)
Single-threaded performance improvements in forward DWT for 5-3 and 9-7 and other improvements #1253 (rouault)
Add support for multithreading in encoder #1248 (rouault)
Add support for generation of PLT markers in encoder #1246 (rouault)
Fix warnings about signed/unsigned casts in pi.c #1244 (rouault)
opj_decompress: add sanity checks to avoid segfault in case of decoding error #1240 (rouault)
ignore wrong icc #1236 (szukw000)
Implement writing of IMF profiles #1235 (rouault)
tests: add alternate checksums for libtiff 4.1 #1234 (rouault)
opj_tcd_init_tile(): avoid integer overflow #1232 (rouault)
tests/fuzzers: link fuzz binaries using $LIB_FUZZING_ENGINE. #1230 (Dor1s)
opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX fixes \#1228 #1229 (rouault)
Fix resource leaks #1226 (dodys)
abi-check.sh: fix false positive ABI error, and display output error log #1218 (rouault)
pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets() #1217 (rouault)
Add check to validate SGcod/SPcoc/SPcod parameter values. #1211 (sebras)
Fix buffer overflow reading an image file less than four characters #1196 (robert-ancell)
compression: emit POC marker when only one single POC is requested (f… #1192 (rouault)
Fix several potential vulnerabilities #1185 (Young-X)
openjp2/j2k: Report error if all wanted components are not decoded. #1164 (sebras)

v2.3.1 (2019-04-02)

Full Changelog

Closed issues:

v2.2.0 regression for decoding images where TNsot == 0 #1120
Int overflow in jp3d #1162
Heap buffer overflow in opj_j2k_update_image_data() triggered with Ghostscript #1157
LINUX install doesn't work when building shared libraries is disabled #1155
OPENJPEG null ptr dereference in openjpeg-2.3.0/src/bin/jp2/convert.c:2243 #1152
How to drop certain subbands/layers in DWT #1147
where is the MQ-Coder ouput stream in t2.c? #1146
OpenJPEG 2.3 and 2.2? multi component image fails to decode with KDU v7.10 #1132
Missing checks for header_info.height and header_info.width in function pnmtoimage in src/bin/jpwl/convert.c, which can lead to heap buffer overflow #1126
Assertion Failure in jp2.c #1125
Division-by-zero vulnerabilities in the function pi_next_pcrl, pi_next_cprl and pi_next_rpcl in src/lib/openjp3d/pi.c #1123
Precinct switch -c doesn't right-shift last record to remaining resolution levels #1117
Sample: encode J2K a data using streams??? #1114
HIGH THROUGHPUT JPEG 2000 HTJ2K #1112
How to build openjpeg for arm linux? #1108
crash #1106
JP2000 returning OPJ_CLRSPC_UNKNOWN color space #1103
Compilation successful but install unsuccessful: Calling executables throws libraries missing error #1102
fprintf format string requires 1 parameter but only 0 are given #1093
fprintf format string requires 1 parameter but only 0 are given #1092
sprintf buffer overflow #1088
sprintf buffer overflow #1085
Infinite loop when reading jp2 #1081
missing format string parameter #1074
Excessive Iteration in opj_t1_encode_cblks src/lib/openjp2/t1.c #1059
Out-of-bound left shift in opj_j2k_setup_encoder src/lib/openjp2/j2k.c #1057
Encode image on Unsplash #1054
Integer overflow in opj_t1_encode_cblks src/lib/openjp2/t1.c #1053
Signed Integer Overflow - 68065512 #1048
Similar vulnerable functions related to CVE-2017-14041 #1044
```
ERROR
```
failing to install latest version of openjpeg from source #1041
Trouble compressing large raw image #1032
Download and installed code from 2.3 archive. Installing 2.2? #1030
missing fclose #1029
NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 #860
NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) #859
Heap Buffer Overflow in function imagetotga of convert.c(jp2):942 #858

Merged pull requests:

abi-check.sh: fix broken download URL #1188 (rouault)
opj_t1_encode_cblks: fix UBSAN signed integer overflow #1187 (rouault)
convertbmp: detect invalid file dimensions early CVE-2018-6616 #1172 (hlef)
color_apply_icc_profile: avoid potential heap buffer overflow #1170 (rouault)
Fix multiple potential vulnerabilities and bugs #1168 (Young-X)
Fix several memory and resource leaks #1163 (nforro)
Fix some potential overflow issues #1161 (stweil)
jp3d/jpwl convert: fix write stack buffer overflow #1160 (hlef)
Int overflow fixed #1159 (ichlubna)
Update knownfailures- files given current configurations #1149 (rouault)
CVE-2018-5785: fix issues with zero bitmasks #1148 (hlef)
openjp2/jp2: Fix two format strings #1143 (stweil)
Changes in pnmtoimage if image data are missing #1141 (szukw000)
Relative path to header files is hardcoded in OpenJPEGConfig.cmake.in file #1140 (bukatlib)
Cast on uint ceildiv #1136 (reverson)
Add -DBUILD_PKGCONFIG_FILES to install instructions #1133 (robe2)
Fix some typos in code comments and documentation #1128 (stweil)
Fix regression in reading files with TNsot == 0 refs \#1120 #1121 (rouault)
Use local type declaration for POSIX standard type only for MS compiler #1119 (stweil)
Fix Mac builds #1104 (rouault)
jp3d: Replace sprintf() by snprintf() in volumetobin() #1101 (kbabioch)
opj_mj2_extract: Rename output_location to output_prefix #1096 (kbabioch)
mj2: Add missing variable to format string in fprintf() invocation in meta_out.c #1094 (kbabioch)
Convert files to UTF-8 encoding #1090 (stweil)
fix unchecked integer multiplication overflow #1080 (setharnold)
Fixed typos #1062 (radarhere)
Note that seek uses SEEK_SET behavior. #1055 (ideasman42)
Some Doxygen tags are removed #1050 (szukw000)
Fix resource leak CID 179466 #1047 (stweil)
Changed cmake version test to allow for cmake 2.8.11.x #1042 (radarhere)
Add missing fclose() statement in error condition. #1037 (gfiumara)

v2.3.0 (2017-10-04)

Full Changelog

Implemented enhancements:

Sub-tile decoding: only decode precincts and codeblocks that intersect the window specified in opj_set_decode_area() #990 (rouault)
Sub-tile decoding: only apply IDWT on areas that participate to the window of interest #1001 (rouault)
Sub-tile decoding: memory use reduction and perf improvements #1010 (rouault)
Add capability to decode only a subset of all components of an image. #1022 (rouault)

Fixed bugs:

Setting x offset of decode region to -1 causes opj_decompress to go into infinite loop #736
Problem decoding multiple tiles with get_decoded_tile when cmap/pclr/cdef boxes are present in jp2 file #484
set reduce_factor_may_fail #474
opj_compress.exe, command line parser, infinite loop #469
Various memory access issues found via fuzzing #448
Multiple warnings when building OpenJPEG trunk #442
Bulk fuzz-testing report #427
remove all printf from openjpeg / use proper function pointer for logging #371
minor changes, clean-up #349
image->numcomps > 4 #333
Improve support for region of interest #39
Public function to tell kernel type used 5x3 vs 9x7 #3
elf binary in source package ? #1026
opj_cio_open #1025
Building with Visual Studio 2015 #1023
tcd.cpp>:1617:33: error: assigning to 'OPJ_INT32 *' aka 'int \*' from incompatible type 'void *' #1021
j2k.cpp > comparison of address of 'p_j2k->m_cp.tcps[0].m_data' not equal to a null pointer is always true #1020
Openjpeg 2.2.0 always build shared library even though -DBUILD_SHARED_LIBS:bool=off #1019
missing fclose #1018
Use opj_image_data_free instead of opj_free for image->comps[].data #1014
malloc poison on some compilers - cross compiling #1013
Add OPJ_VERSION_MAJOR, OPJ_VERSION_MINOR, OPJ_VERSION_MICRO macros in openjpeg.h #1011
Encode: do not perform rate control for single-tile lossless #1009
opj_set_decoded_resolution_factor(): bad interaction with opj_set_decode_area() and/or opj_decode() #1006
memory allocation failure with .pgx file #999
Unable to fuzz with raw image as input #998
stack-based buffer overflow write in pgxtoimage /convert.c #997
freeze with a crafted bmp #996
invalid memory write in tgatoimage convert.c #995
static build on Windows fails #994
another heap-based buffer overflow in opj_t2_encode_packet t2.c #993
heap-based buffer overflow in opj_t2_encode_packet t2.c #992
heap-based buffer overflow in opj_write_bytes_LE cio.c unfixed \#985 #991
heap overflow in opj_compress #988
heap overflow in opj_decompress #987
heap-based buffer overflow in opj_bio_byteout bio.c #986
heap-based buffer overflow in opj_write_bytes_LE cio.c #985
memory allocation failure in opj_aligned_alloc_n opj\_malloc.c #983
heap-base buffer overflow in opj_mqc_flush mqc.c #982
Decode fails for JP2s with ICC profile #981
Unit tests failing on Ubuntu 17.04 #916
Encoder crashes on small images #901
openjpeg-1.5.3 fails to compile #830
opj_compress crops image win or creates a jp2 which cannot be decompressed lin #716
-d flag is silently ignored when decoding a single tile #693
transition away from dev-utils #628
update instructions to build with Visual Studio and 64-Bit Visual C++ Toolset. #1028 (quangnh89)
Add missing newline at end of file #1024 (stweil)
merge master into coverity_scan to update coverity results #1008 (detonin)
Use more const qualifiers #984 (stweil)
Changes in converttif.c for PPC64 #980 (szukw000)

v2.2.0 (2017-08-10)

Full Changelog

Implemented enhancements:

Memory consumption reduction at decoding side #968 (rouault)
T1 & DWT multithreading decoding optimizations #786 (rouault)
Tier1 decoder speed optimizations #783 (rouault)
Inverse DWT 5x3: lift implementation / SSE accelerated version #953
install static libraries #969 (jeroen)
IDWT 5x3 single-pass lifting and SSE2/AVX2 implementation #957 (rouault)
build both shared and static library #954 (jeroen)
T1 flag optimizations \#172 #945 (rouault)
CMake: add stronger warnings for openjp2 lib/bin by default, and error out on declaration-after-statement #936 (rouault)
Quiet mode for opj_decompress via -quiet long parameter. #928 (RussellMcOrmond)
Implement predictive termination check #800 (rouault)

Fixed bugs:

Several issues spotted by Google OSS Fuzz - see here
Missing fclose #976
Heap buffer overflow read in openjpeg imagetopnm #970
opj_decompress opj_j2k_update_image_data() Segment falut #948
Generic Crash in 1.5.0 #941
Segmentation Faults #940
Assertions thrown #939
Floating Point Errors #938
Division by zero crash #937
malformed jp2 can cause heap-buffer-overflow #909
NULL dereference can cause by malformed file #908
Out of bound read in opj_j2k_add_mct #907
Check bpno_plus_one in opj_t1_decode_cblk #903
Undefined-shift in opj_j2k_read_siz #902
opj_compress v2.1.2 can create images opj_decompress cannot read #891
Improper usage of opj_int_ceildiv can cause overflows #889
Undefined shift in opj_get_all_encoding_parameters #885
Denial of service crash due to use-after-free when decoding an illegal JPEG2000 image file v2.1.2 (2017-04 #880
Denial of service crash when decoding an illegal JPEG2000 image file v2.1.2 2017-03 #879
bug png 2 j2k #868
Inconsistent compression using cinema settings on folder of non-compliant image #864
Openjpeg-2.1.2 Heap Buffer Overflow Vulnerability due to Insufficient check #862
Heap Buffer Overflow in function pnmtoimage of convert.c #861
CVE-2016-9112 FPE(Floating Point Exception) in lib/openjp2/pi.c:523 #855
CVE-2016-5139, CVE-2016-5152, CVE-2016-5158, CVE-2016-5159 #854
Undefined Reference error #853
opj_compress with lossy compression results in strange pixel values #851
CVE-2016-1626 and CVE-2016-1628 #850
Out-of-Bounds Write in opj_mqc_byteout of mqc.c #835
WARNING in tgt_create tree->numnodes == 0, no tree created. #794
Potential overflow when precision is larger than 32 #781
division-by-zero in function opj_pi_next_rpcl of pi.c line 366 #780
division-by-zero in function opj_pi_next_rpcl of pi.c line 363 #779
division-by-zero in function opj_pi_next_pcrl of pi.c line 447 #778
division-by-zero in function opj_pi_next_pcrl of pi.c line 444 #777
Encoding the following file with 32x32 tiling produces jp2 image with artifact #737
division-by-zero SIGFPE error in opj_pi_next_cprl function line 526 of pi.c #732
division-by-zero SIGFPE error in opj_pi_next_cprl function line 523 of pi.c #731
OpenJpeg 2.1 and 1.4 fails to decompress this file correctly #721
MQ Encode :uninitialized memory access when first pass does not output any bytes #709
Out-of-bounds read in opj_j2k_update_image_data and opj_tgt_reset function #704
Remove opj_aligned_malloc / opj_aligned_realloc / opj_aligned_free? #689
There is an issue with rendering some type of jpeg file. Please ref the link. #672
Null Dereference in tcd_malloc_decode_tile #657
ETS-C1P0-p0_12.j2k-compare2ref & NR-C1P0-p0_12.j2k-compare2base failing under windows #655
Memory leak #631
Test 481 reports error in valgrind memcheck #612
reserved identifier violation #587
Buffer overflow when compressing some 16 bits images of the test suite #539
Heap-buffer-overflow in opj_dwt_decode_1 #480
Automated fuzz testing #468
Expected to find EPH marker #425
read: segment too long 6182 with max 35872 for codeblock 0 p=19, b=2, r=5, c=1 #284
building 64bit version has lots of warnings #244
Wrong encoding of small tiles with high level number #239
Errors raised in pi.c by VS11 analyzer #190
Undocumented optimization found in v2 branch of openjpeg #183
T1 optimisations jpeg2000 #172
Remove OPJ_NOSANITIZE in opj_bio_read() and opj_bio_write() \#761 #955 (rouault)
Fix bypass pterm termall and lossless decomposition issue \#891, \#892 #949 (rouault)
Escape quotes to ensure README renders on GitHub correctly #914 (alexwlchan)
Remove spurious .R macros from manpages #899 (jwilk)
Remove warnings related to empty tag-trees. #893 (rouault)

Maintenance-related tasks:

Submit OpenJPEG to oss-fuzz #965
Updates for Doxygen to suppress warnings #849
Remove useless knownfailures since LAZY encoding is fixed #964 (rouault)
Enable AVX2 at runtime on Travis-CI and AppVeyor #963 (rouault)
Tests: test opj_compress in VSC mode related to \#172 #935 (rouault)
Reformat: apply reformattin on .h files \#128 #926 (rouault)
Add mechanisms to reformat and check code style, and reformat whole codebase \#128 #919 (rouault)
Add profiling of CPU and memory usage \#912 #918 (rouault)
Add performance benchmarking scripts #917 (rouault)
Fix retrieval of jpylyzer in AppVeyor #915 (rouault)

v2.1.2 (2016-09-28)

Full Changelog

Closed issues:

null ptr dereference in convert.c:1331 #843
Out-of-Bounds Read in function bmp24toimage of convertbmp.c #833
Disable automatic compilation of t1_generate_luts in CMakeLists.txt #831
CVE-2016-7163 Integer overflow in opj_pi_create_decode #826
Security Advisory for OpenJPEG #810
Add dashboard with static lib #804
hidden visibility for the static library / building with -DOPJ_STATIC against shared lib #802
Optimization when building library from source #799
unsigned int16 on Solaris 11.2/sparc #796
appveyor #793
FFMpeg will not link to 2.1.1 release built as shared library #766
API change since v2: opj_event_mgr_t not available #754
openjpeg.h needs dependencies #673
"master" does not build on ubuntu #658
Package 'openjp2', required by 'libopenjpip', not found #594

Merged pull requests:

Fix PNM file reading #847 (mayeut)
Fix some issues reported by Coverity Scan #846 (stweil)
Fix potential out-of-bounds read coverity #844 (stweil)
Remove TODO for overflow check #842 (mayeut)
Add overflow checks for opj_aligned_malloc #841 (mayeut)
Flags in T1 shall be unsigned #840 (mayeut)
Fix some warnings #838 (mayeut)
Fix issue 833. #834 (trylab)
Add overflow checks for opj_aligned_malloc #832 (mayeut)
Add test for issue 820 #829 (mayeut)
Add test for issue 826 #827 (mayeut)
Fix coverity 113065 CWE-484 #824 (mayeut)
Add sanity check for tile coordinates #823 (mayeut)
Add test for PR 818 #822 (mayeut)
Update to libpng 1.6.25 #821 (mayeut)
CVE-2016-8332: fix incrementing of "l_tcp->m_nb_mcc_records" in opj_j2k_read_mcc #820 (mayeut)
Add overflow check in opj_tcd_init_tile #819 (mayeut)
Fix leak & invalid behavior of opj_jp2_read_ihdr #818 (mayeut)
Add overflow check in opj_j2k_update_image_data #817 (mayeut)
Change 'restrict' define to 'OPJ_RESTRICT' #816 (mayeut)
Switch to clang 3.8 #814 (mayeut)
Fix an integer overflow issue #809 (trylab)
Update to lcms 2.8 #808 (mayeut)
Update to libpng 1.6.24 #807 (mayeut)
Reenable clang-3.9 build on travis #806 (mayeut)
Bit fields type #805 (smuehlst)
Add compilation test for standalone inclusion of openjpeg.h #798 (mayeut)
jpwl: Remove non-portable data type u_int16_t fix issue \#796 #797 (stweil)
Fix dependency for pkg-config issue \#594 #795 (stweil)
Add .gitignore #787 (stweil)

v2.1.1 (2016-07-05)

Full Changelog

Implemented enhancements:

opj_malloc replacement #625
backport "-p" and "-force-rgb" options in 1.5 #606
Use travis-ci matrix build #581
Add Coverity Scan analysis #580
Unnecessary rate distortion calculations #479
Add images from various security issues to test suite #415
Coding speed for 9/7 on 32bits platforms x86/ARM can be improved with a quick fix #220

Fixed bugs:

Out-of-Bounds Access in function opj_tgt_reset of tgt.c #775
Heap Buffer Overflow in function color_cmyk_to_rgb of color.c #774
division-by-zero SIGFPE error in opj_tcd_init_tile function line 730 of tcd.c #733
Out-Of-Bounds Read in sycc422_to_rgb function #726
Heap Corruption in opj_free function #725
Out-Of-Bounds Read in opj_tcd_free_tile function #724
Cannot handle box of undefined size #653
Compilation fails without platform-supplied aligned malloc #642
HP compiler warns about redeclaration of static function #640
Implementation-defined behavior of malloc causes different behavior on Linux and AIX #635
Build on AIX fails because "opj_includes.h" is included after system headers #633
Compiling with SSE2 on Linux 32-bit causes crashes in OpenJPEG #624
Build on AIX fails because of "restrict" pointers #620
bug in new tif conversion code #609
bin/jp2/convert.c line 1085 Resource leak #607
bin/jp2/convert.c memory leak #601
Resource leak in opj_j2k_create_cstr_index in case of failure #599
Resource leak in opj_j2k_encode in case of failure #598
Resource leak in opj_j2k_decode_one_tile in case of failure #597
Resource Leak #573
opj_compress fails to compress lossless on gcc/x86 -m32 #571
Use-after-free in opj_j2k_write_mco #563
openjpeg-master-2015-07-30 failed to compile on LINUX #556
PNG images are always read as RGB(A) images #536
g4_colr.j2c not handled properly #532
Bigendian: opj_compress + opj_decompress fails #518
Suspicious code in j2k.c #517
Decode times almost double(!!) on Visual Studio 2013, 2015 #505
opj_data/input/nonregression/issue226.j2k #500
opj_setup_encoder always returns true #497
Double free in j2k_read_ppm_v3 parsing \(presumably invalid image. #496
Invalid write in opj_j2k_update_image_data #495
Undefined printf format specifier %ud used in code #494
Potential double free on malloc failure in opj_j2k_copy_default_tcp_and_create_tcp() #492
Do not link with -ffast-math #488
Heap-buffer-overflow in opj_dwt_decode #486
opj_dump fails on Windows 7, 64 bits #482
SIGSEGV in opj_j2k_update_image_data via pdfium_test #481
Heap-buffer-overflow in opj_j2k_tcp_destroy #477
Invalid image causes write past end of heap buffer #476
Assertion `l_res->x0 >= 0' fails when parsing invalid images #475
Bug on opj_write_bytes_BE function #472
Refactor j2k_read_ppm_v3 function #470
compression: strange precinct dimensions #466
:- Console message in opj\_decompress -: #465
opj_decompress fails to decompress any files #463
bio->ct is unnecessarily set to zero in opj_bio_flush method #461
Maximal unsigned short is 65535, not 65536 #460
OpenJpeg fails to encode components with different precision properly #459
component precision upscaling isn't correct in opj_decompress #458
Multiple precision components won't get encoded to jp2 if 1 component is unsigned 1 bit #457
Incorrect code in ../bin/jp2/convert.c, function rawtoimage_common(...) #456
```
OpenJPEG-trunk
```
NR-DEC-kodak_2layers_lrcp.j2c-31-decode-md5 fails randomly when running tests in parallel #454
compare_raw_files doesn't report an error on invalid arguments / missing input files #453
Forward discrete wavelet transform: implement periodic symmetric extension at boundaries #452
Bug in tiff reading method in convert.c #449
Image in pdf don't display #447
Multiple issues causing opj_decompress to segfault #446
opj_compress: 40% of encode time is spent freeing data #445
Multiple warnings when configuring OpenJPEG on MacOS with CMake 3.x trunk #443
valgrind memleak found #437
global-buffer-overflow src/lib/openjp2/t1.c:1146 opj_t1_getwmsedec #436
Warning introduced on trunk r2923 & r2924 #435
heap-buffer-overflow in opj_t1_decode_cblks #432
Heap-buffer-overflow in opj_tcd_init_decode_tile #431
Heap-buffer-overflow in opj_j2k_tcp_destroy #430
Heap-buffer-overflow in opj_jp2_apply_pclr #429
issue412 revisited #428
Image distorted sides look cankered #423
openjpeg-2.x-trunk-r2918 is broken in color.c #422
Heap-buffer-overflow in opj_tcd_init_decode_tile #420
Heap-use-after-free in opj_t1_decode_cblks #418
UNKNOWN in opj_read_bytes_LE #417
Transparency problem #416
Image with per channel alpha cdef does not decode properly #414
OpenJPEG crashes with attached image #413
Palette image with cdef fails to decompress #412
Invalid member values from opj_read_header or opj_decode ? #411
MD5 Checksum hangs under valgrind on MacOS X #410
Heap-buffer-overflow in opj_tcd_get_decoded_tile_size #408
C++ style comments in trunk/src/lib/openjp2/j2k.c #407
Backport bugfixes from trunk to 2.1 branch #405
Heap-buffer-overflow in parse_cmdline_encoder #403
Heap-buffer-overflow in opj_v4dwt_interleave_h #400
Heap-buffer-overflow in opj_dwt_decode #399
Heap-use-after-free in opj_t1_decode_cblks #398
Heap-buffer-overflow in opj_jp2_apply_cdef #397
Heap-buffer-overflow in opj_t2_read_packet_header #396
Heap-buffer-overflow in opj_t2_read_packet_header #395
Heap-buffer-overflow in opj_dwt_decode_1 #394
Heap-double-free in j2k_read_ppm_v3 #393
Security hole in j2k.c #392
Security: double-free in opj_tcd_code_block_dec_deallocate #391
check for negative-size params in code #390
Heap-buffer-overflow in opj_t2_read_packet_header #389
Heap overflow in OpenJpeg 1.5.2 #388
openjpip.so.6 file too short #387
Corrupted JP3D file #386
variable assigned to itself #383
Null pointer dereferencing #382
bad use of case statement #381
Release 2.1 as a Ubuntu package #380
Bug in libopenjpwl.pc #374
inconsistent tile numbering in decode output message #370
error in code block calculations #369
r2872 fails to compile due to "attempt to use poisoned malloc" error in j2k.c #368
OSX build gives libopenjp2.6.dylib with not-absolute install name id #367
opj_decompress gives error but successfully decompress in OPJ 2.1 #366
pngtoimage() and imagetopng() have wrong byte order for 16-Bit image #365
PDF crash in chrome - part2 due to attachment limit #364
PDF crash in chrome - part1 #363
PDF crash in chrome - part0 #362
Compilation fails on Windows with mingw32 gcc4.8 #361
security issue #360
improve memory management #359
how to compress a yuv420 raw data using opj_compress #357
Some memory allocation are not checked #355
Static library symbols shall be marked as hidden #354
opj_compress rejects valid bmp files #353
opj_compress crashes when number of resolutions is set to zero #352
Compilation error under Visual Studio 2003 #351
opj_compress description example error [Low priority] #350
opj_write_bytes_BE is wrong in trunk #345
PART1ONLY option in release.sh doesn't work properly #332
openjpeg crash error #330
openjpeg decompress error #329
openjpeg decompress issue #326
limited tif support #322
asoc value of 65536 is allowed #321
opj_skip_from_file error #314
Heavy quota usage in openjpeg #309
Verify -help actually match letter #307
g3_colr.j2c not handled #288
reopen/fix issue 165 #280
kakadu conformance tests #279
missing break after case statement in opj_dwt_decode_real #274
Run Coverity on trunk #270
NR-ENC-random-issue-0005.tif-12-encode #259
Use new add_test signature to handle cross compilation #258
Loss decoding quality in 2.0.0 #254
Decompress that worked in 1.5.1 fails in 2.0 #252
Expected endianness with raw input is not documented leading to SEGFAULT #251
OpenJPEG writes to stderr #246
Inconsistent logging of tile index #245
patch for openjpeg-trunk-r2347 and BIG_ENDIAN #242
CMAP: MTYP == 0 direct use not handled properly #235
Black Pixel #233
opj_compress runtime error after fresh Linux install due to apparent failure to execute ldconfig #219
openjp2 debug works, release build does not #217
openjpeg-branch15-r2299 and openjpeg-trunk-r2299 fail to decode a JP2 file #212
openjpeg-trunk issue with Win7 #201
undefined reference to `opj_version' #200
In tgt.c we used fprintf not the openjpeg message reporter #184
Windows binaries not working under WinXP #176
add ability to use intel ipp performance primitive within OpenJPEG #164
Migration guide v2 #160
Cannot decompress JPEG2000Aware3.18.7.3Win32_kdutranscode6.3.1.j2k #158
Cannot decompress JPEG2000Aware3.18.7.3Win32.j2k #157
openjpeg@googlegroups.com has disappeared #153
OpenJPEG 1.5.0 crashes on a ridiculously big file... #151
opj_image vs free #146
Windows .dll file invalid #140
Problem with second layer of a 2 layer coded LRCP with precincts #135
version 1.4 crashes when opening PDF file with JPEG2000 images #133
Setup a win64 dashboard #132
J2KP4files/codestreams_profile0/p0_13.j2k question jpeg2000 #131
Out of memory: Kill process 11204 opj\_server score 917 or sacrifice child #123
FILE* in opj API is unsafe #120
third-party lib order #119
openjpeg-1.5.0-Darwin-powerpc.dmg is huge ! #113
misleading info in JP2 box lead to wrong number of components #110
Image_to_j2k says that j2k files is generated but no file is on the HDD #109
Error in openjpegV1.4 on compiling image_to_j2k: crash on reading bmp file #108
Update to abi-compliance-checker 1.96 #106
Decode error on the attached JPEG...works in KDU and with JASPER...please help! #101
Mac binaries v1.4 is broken #95
jp2_read_boxhdr() has size bug in version 1 #92
Support for Java JAI Imageio #90
encoding test failing #86
source archive on demand #85
CMakeLists.txt and Makefile.am for JPIP are buggy #84
pclr-cmap-cdef #82
Error when compiling openjpeg_v1_4_sources_r697 #79
J2K codec issue on Windows Mobile #77
image_to_j2k.exe crashes on large .bmp file #75
fatal error C1900 building the project on windows #65
same option but different size #54
Missing openjpegConfigure.h #38
Not an issue in openjpeg, but ... #37
OpenJPEG-1.3.0 pclr, cmap and cdef #27
realloc maybe too big t2.c #26
libopenjpeg/opj_malloc.h breaks on FreeBSD/Darwin systems #20
image_to_j2k not outputting to win32 console properly #18
```
OpenJPEG
```
JP2 Color Space modification by Matteo Italia #13
Patch submission exotic video formats, and a few things #12
16 bits lossy compression #10
pnm file formats not accepting bitdepth greater than 8 bpp #8
Heap corruption in j2k encoder #5
JPWL crash in marker reallocation(+patch), segfault while decoding image with main header protection #4
a couple of small errors in libopenjpeg detected by coverity #1

Closed issues:

Shared library build broken on ubuntu #728
opj_includes.h shouldn't define \_\_attribute\_\_ #727
Possible website problems due to Jekyll upgrade #713
Stable Release? #712
Meta Issue : try to fix some of these critical bugs before thinking about optimizing the library #710
Tiled encoding broken for images with non power of 2 dimensions #702
install_name still not set on OS X #700
Add section in wiki describing where one can get test images #699
Make EvenManager into singleton #698
Remove old branches from repo #696
MQ Coder encode: Conditional jump or move depends on uninitialised value(s) #695
Can we add these files to our test suite ? #688
-t and -d command line flags for decode are not documented on OpenJPEG website #685
Decoding at the precinct level #676
Support unscaled 10 bit data for 2K cinema @ 48 FPS, as per DCI standard #671
Use parallel jobs in ctest #664
```
Security
```
lossy encoding a 16 bit TIF file : severe artifacts in decompressed image #660
opj_compress and opj_decompress : get_next_file method uses hard-coded unix path separator #630
Uninitialized variable #629
Use of enum variable for bit flags prevents compilation as C++ source #619
Serious problem with quantization during lossy encoding #615
Decompression does not work with sequential data source #613
potential overflow in opj_tcd_tile_t #605
Logical condition #596
file9.jp2 does not dump correctly on 1.5 #595
opj_compress man page is missing documentation of -jpip option #593
opj_compress fails to compress lossless on gcc/x86 -m32 in 1.5 branch #591
Example: opj_compress -i image.j2k -o image.pgm #577
Mismatching delete #575
Compilation fails on Win7 #546
NR-JP2-file5.jp2-compare2base fails with third party libcms #540
CTest spits out an error at the end of the test run #516
opj_uint_adds() is questionable #515
Might consider renaming this method: #491
opj_compress run twice gives different fiile sizes for same file #490
Android Support #483
Add SSE2/SSE41 implementations for mct.c #451
Reduce encoder code block memory usage for non 64x64 code block sizes #444
valgrind "Uninitialized Memory Read" & "Uninitialized Memory Conditional" found #438
No way to debug opj_tcd_init_encode_tile or opj_tcd_init_decode_tile #433
Add option to call dsymutil on built binaries #409
Allow opj_compress and opj_decompress to read/write images over stdin/stdout #379
reduce memory significantly for single tile RGB encoding #375
Switch code repo to github and start using pull request workflow #373
This is a BigTIFF file. This format not supported #125
Add a test suite to check the convert functions #99
Add build config to the dashboard to verify the autotools build #88

Merged pull requests:

Correct abi-check.sh for PR #791 (mayeut)
Update tcd.c #790 (maddin200)
Update lcms2 #773 (mayeut)
Use lowercase for cmake commands consistently #769 (julienmalik)
Ignore clang's summary warning #768 (julienmalik)
Fix UBSan gcc warning for first arg to memset non null #767 (julienmalik)
Update to libtiff-4.0.6 #764 (mayeut)
Fix warnings #763 (mayeut)
Check SSIZ is valid in opj_j2k_read_siz #762 (mayeut)
Fix unsigned int overflow reported by UBSan #761 (mayeut)
Fix unsigned int overflow reported by UBSan #759 (mayeut)
Fix negative shift left reported by UBSan #758 (mayeut)
Fix negative shift left reported by UBSan #757 (mayeut)
Add clang 3.9 build to Travis matrix #753 (julienmalik)
Fix implicit floating bool conversion #752 (julienmalik)
Do not define __attribute__ in opj_includes.h #751 (mayeut)
Allow to read/write 3/5/7/9/11/13/15 bpp TIF files #750 (mayeut)
Fix heap-buffer-overflow in color_esycc_to_rgb #748 (mayeut)
update libpng to from 1.6.17 to 1.6.21 #747 (julienmalik)
Update cmake & jpylyzer for travis builds #746 (julienmalik)
Fix Out-Of-Bounds Read in sycc42x_to_rgb function #745 (mayeut)
cppcheck fix for openjp2 #740 (julienmalik)
Fix uninitialized variable reported by cppcheck #735 (julienmalik)
Remove dead code in opj_dump #734 (julienmalik)
issue #695 MQ Encode: ensure that bp pointer never points to uninitialized memory #708 (boxerab)
Fix issue 135 #706 (mayeut)
Fix implementation of opj_calloc #705 (stweil)
```
git/2.1 regression
```
Fix fatal crash on 64 bit Linux #687 (stweil)
```
libtiff
```
Fix duplicate article in comments #684 (stweil)
Fix grammar in comment #679 (stweil)
Remove whitespace and CR at line endings #678 (stweil)
Fix typos #665 (jwilk)
Add missing source for the JPIP library and executables issue \#658 #659 (stweil)
Fix undefined size jp2 box handling #654 (mayeut)
opj_decompress: Update error message #651 (stweil)
Fix support of posix_memalloc for Linux #648 (stweil)
Fix typo in comments #647 (stweil)
Avoid pointer arithmetic with void \* pointers #644 (smuehlst)
Fix HP compiler warning about redeclaration of function \#640 #641 (smuehlst)
Fix format strings and unneeded assignment #638 (stweil)
Fix repository for JPEG2000 test data #637 (stweil)
Update allocation functions #636 (mayeut)
Fix OpenJPEG GitHub issue #633. #634 (smuehlst)
travis-ci: Include add ons in matrix #632 (mayeut)
Add Appveyor #627 (mayeut)
Use Travis-ci to run ABI check #626 (mayeut)
Fix warnings for C++ #623 (stweil)
Fixed problem that C++ compilation failed because of enum variable. #622 (smuehlst)
Added missing casts for return values of opj_malloc()/opj_calloc(). #618 (smuehlst)
Add check for seek support before trying TPsot==TNsot workaround #617 (mayeut)
Fix some typos found by codespell #610 (stweil)
Correct leak in color_cielab_to_rgb #590 (mayeut)
Add Travis-ci build matrix #584 (mayeut)
Correct lossless issue on linux x86 #579 (mayeut)
Travis-ci update #578 (mayeut)
Correct CMake version requirements #572 (mayeut)
Add tests for CMYK/esYCC/CIELab #567 (mayeut)
Add support for CIELab, EYCC and CMYK #559 (szukw000)
Remove printf/fprintf to stdout/stderr throughout openjp2 lib #558 (mayeut)
better -ffast-math handling #555 (rdieter)
Add jpylyzer tests for JP2 compression #552 (mayeut)
Add COC/QCC in main header when needed #551 (mayeut)
Use __emul under msvc x86 for fast 64 = 32 * 32 #550 (mayeut)
Update convert for PNG output #549 (mayeut)
Remove some warnings when building #548 (mayeut)
Switch to libpng-1.6.17 #547 (mayeut)
Add some missing static keywords #545 (mayeut)
Switch to libcms2 mm2/Little-CMS@0e8234e090 #544 (mayeut)
Prevent overflow when coding 16 bits images #543 (mayeut)
Switch to libcms2-2.6 #542 (mayeut)
Update PNG support #538 (mayeut)
Various Minor fixes #537 (mayeut)
Update TIFF conversion to support more bit depth. #535 (mayeut)
Add checks for odd looking cmap & for cmap outside jp2h box #534 (mayeut)
Refactor opj_j2k_read_ppm & opj_j2k_read_ppt #533 (mayeut)
Add option to force component splitting in imagetopnm #531 (mayeut)
fix Suspicious code in j2k.c #517 #529 (renevanderark)
Update zlib to version 1.2.8 #528 (mayeut)
Fix opj_write_bytes_BE \#518 #521 (manisandro)
Correctly decode files with incorrect tile-part header fields TPsot==TNsot #514 (mayeut)
Fixed typos #510 (radarhere)
Formatted the readme file #507 (htmfilho)