Date: Saturday, February 26, 2011 @ 16:09:48 Author: heftig Revision: 111449
upgpkg: evince 2.91.90-1 Update for gnome-unstable Modified: evince/trunk/PKGBUILD evince/trunk/evince.install Deleted: evince/trunk/security_issues_in_dvi-backend.patch evince/trunk/update_to_poppler_api.patch --------------------------------------+ PKGBUILD | 48 ++++++---------- evince.install | 19 ++---- security_issues_in_dvi-backend.patch | 97 --------------------------------- update_to_poppler_api.patch | 58 ------------------- 4 files changed, 25 insertions(+), 197 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2011-02-26 20:15:29 UTC (rev 111448) +++ PKGBUILD 2011-02-26 21:09:48 UTC (rev 111449) @@ -2,50 +2,40 @@ # Maintainer: Jan de Groot <[email protected]> pkgname=evince -pkgver=2.32.0 -pkgrel=7 +pkgver=2.91.90 +pkgrel=1 pkgdesc="Simply a document viewer" url="http://projects.gnome.org/evince/"; arch=('i686' 'x86_64') license=('GPL') -depends=('libspectre>=0.2.6' 'gsfonts' 'poppler-glib>=0.16.2' 'libdjvu>=3.5.22' 'gnome-icon-theme>=2.31.0' 't1lib' 'libgnome-keyring>=2.32.0' 'desktop-file-utils' 'gconf' 'dconf') -## gconf still needed -## https://bugzilla.gnome.org/show_bug.cgi?id=628945 -makedepends=('gnome-doc-utils>=0.20.1' 'nautilus>=2.32.0' 'pkgconfig' 'texlive-bin' 'intltool' 'gobject-introspection' 'gnome-common' 'gtk-doc') +depends=('libspectre' 'gsfonts' 'poppler-glib' 'djvulibre' 'gnome-icon-theme' + 't1lib' 'libgnome-keyring' 'desktop-file-utils' 'dconf') +makedepends=('nautilus' 'texlive-bin' 'intltool' 'gobject-introspection' + 'gtk-doc' 'gnome-common') optdepends=('texlive-bin: DVI support') replaces=('gpdf') groups=('gnome-extra') install=evince.install options=('!libtool' '!emptydirs') -source=(http://ftp.gnome.org/pub/gnome/sources/${pkgname}/2.32/${pkgname}-${pkgver}.tar.bz2 - update_to_poppler_api.patch - security_issues_in_dvi-backend.patch) -sha256sums=('2a4c91ae38f8b5028cebb91b9da9ddc50ea8ae3f3d429df89ba351da2d787ff7' - '2990c789c8cfd50e46f4dfa7a2406499b3ee26f4db9840c8b9a6e1dee40f61f4' - '49d1ed8adc734a005d4d8fdc1912bb115d97f734071d64bcae0aae60f2b5626a') +source=(http://ftp.gnome.org/pub/gnome/sources/${pkgname}/${pkgver%.*}/${pkgname}-${pkgver}.tar.bz2) +sha256sums=('3c36457e80e99854ce32cf39b009f992b758f662158adacf2cdfa31db8fc46eb') build() { cd "${srcdir}/${pkgname}-${pkgver}" - patch -Np1 -i "${srcdir}/update_to_poppler_api.patch" - patch -Np1 -i "${srcdir}/security_issues_in_dvi-backend.patch" ./autogen.sh - - ./configure --prefix=/usr --sysconfdir=/etc \ - --localstatedir=/var --libexecdir=/usr/lib/evince \ - --disable-static --enable-nautilus \ - --enable-pdf --enable-tiff \ - --enable-djvu --enable-dvi \ - --enable-t1lib --enable-pixbuf \ - --enable-comics --enable-impress \ - --enable-introspection \ - --disable-scrollkeeper \ + ./configure --prefix=/usr --sysconfdir=/etc \ + --localstatedir=/var --libexecdir=/usr/lib/evince \ + --disable-static --enable-nautilus \ + --enable-pdf --enable-tiff \ + --enable-djvu --enable-dvi \ + --enable-t1lib --enable-comics \ + --disable-introspection --disable-scrollkeeper \ --disable-schemas-compile make - make GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL=1 DESTDIR="${pkgdir}" install +} - install -m755 -d "${pkgdir}/usr/share/gconf/schemas" - gconf-merge-schema "${pkgdir}/usr/share/gconf/schemas/${pkgname}.schemas" --domain evince ${pkgdir}/etc/gconf/schemas/*.schemas - rm -f ${pkgdir}/etc/gconf/schemas/*.schemas - +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install } Modified: evince.install =================================================================== --- evince.install 2011-02-26 20:15:29 UTC (rev 111448) +++ evince.install 2011-02-26 21:09:48 UTC (rev 111449) @@ -1,26 +1,19 @@ -pkgname=evince - post_install() { usr/bin/glib-compile-schemas usr/share/glib-2.0/schemas - usr/sbin/gconfpkg --install ${pkgname} - gtk-update-icon-cache -q -f -t usr/share/icons/hicolor update-desktop-database -q + gtk-update-icon-cache -q -t -f usr/share/icons/hicolor } pre_upgrade() { - pre_remove $1 + if (( $(vercmp $2 2.90.0) < 0 )); then + usr/sbin/gconfpkg --uninstall evince + fi } post_upgrade() { - post_install $1 + post_install } -pre_remove() { - usr/sbin/gconfpkg --uninstall ${pkgname} - usr/bin/glib-compile-schemas usr/share/glib-2.0/schemas -} - post_remove() { - update-desktop-database -q - gtk-update-icon-cache -q -f -t usr/share/icons/hicolor + post_install } Deleted: security_issues_in_dvi-backend.patch =================================================================== --- security_issues_in_dvi-backend.patch 2011-02-26 20:15:29 UTC (rev 111448) +++ security_issues_in_dvi-backend.patch 2011-02-26 21:09:48 UTC (rev 111449) @@ -1,97 +0,0 @@ -From 8e473c9796b9a61b811213e7892fd36fd570303a Mon Sep 17 00:00:00 2001 -From: José Aliste <[email protected]> -Date: Tue, 07 Dec 2010 18:56:47 +0000 -Subject: backends: Fix several security issues in the dvi-backend. - -See CVE-2010-2640, CVE-2010-2641, CVE-2010-2642 and CVE-2010-2643. ---- -diff --git a/backend/dvi/mdvi-lib/afmparse.c b/backend/dvi/mdvi-lib/afmparse.c -index 164366b..361e23d 100644 ---- a/backend/dvi/mdvi-lib/afmparse.c -+++ b/backend/dvi/mdvi-lib/afmparse.c -@@ -160,7 +160,7 @@ static char *token(FILE *stream) - - idx = 0; - while (ch != EOF && ch != ' ' && ch != lineterm -- && ch != '\t' && ch != ':' && ch != ';') -+ && ch != '\t' && ch != ':' && ch != ';' && idx < MAX_NAME) - { - ident[idx++] = ch; - ch = fgetc(stream); -diff --git a/backend/dvi/mdvi-lib/dviread.c b/backend/dvi/mdvi-lib/dviread.c -index 97b7b84..ac98068 100644 ---- a/backend/dvi/mdvi-lib/dviread.c -+++ b/backend/dvi/mdvi-lib/dviread.c -@@ -1537,6 +1537,10 @@ int special(DviContext *dvi, int opcode) - Int32 arg; - - arg = dugetn(dvi, opcode - DVI_XXX1 + 1); -+ if (arg <= 0) { -+ dvierr(dvi, _("malformed special length\n")); -+ return -1; -+ } - s = mdvi_malloc(arg + 1); - dread(dvi, s, arg); - s[arg] = 0; -diff --git a/backend/dvi/mdvi-lib/pk.c b/backend/dvi/mdvi-lib/pk.c -index a579186..08377e6 100644 ---- a/backend/dvi/mdvi-lib/pk.c -+++ b/backend/dvi/mdvi-lib/pk.c -@@ -469,6 +469,15 @@ static int pk_load_font(DviParams *unused, DviFont *font) - } - if(feof(p)) - break; -+ -+ /* Although the PK format support bigger char codes, -+ * XeTeX and other extended TeX engines support charcodes up to -+ * 65536, while normal TeX engine supports only charcode up to 255.*/ -+ if (cc < 0 || cc > 65536) { -+ mdvi_error (_("%s: unexpected charcode (%d)\n"), -+ font->fontname,cc); -+ goto error; -+ } - if(cc < loc) - loc = cc; - if(cc > hic) -@@ -512,7 +521,7 @@ static int pk_load_font(DviParams *unused, DviFont *font) - } - - /* resize font char data */ -- if(loc > 0 || hic < maxch-1) { -+ if(loc > 0 && hic < maxch-1) { - memmove(font->chars, font->chars + loc, - (hic - loc + 1) * sizeof(DviFontChar)); - font->chars = xresize(font->chars, -diff --git a/backend/dvi/mdvi-lib/tfmfile.c b/backend/dvi/mdvi-lib/tfmfile.c -index 73ebf26..8c2a30b 100644 ---- a/backend/dvi/mdvi-lib/tfmfile.c -+++ b/backend/dvi/mdvi-lib/tfmfile.c -@@ -172,7 +172,8 @@ int tfm_load_file(const char *filename, TFMInfo *info) - /* We read the entire TFM file into core */ - if(fstat(fileno(in), &st) < 0) - return -1; -- if(st.st_size == 0) -+ /* according to the spec, TFM files are smaller than 16K */ -+ if(st.st_size == 0 || st.st_size >= 16384) - goto bad_tfm; - - /* allocate a word-aligned buffer to hold the file */ -diff --git a/backend/dvi/mdvi-lib/vf.c b/backend/dvi/mdvi-lib/vf.c -index fb49847..a5ae3bb 100644 ---- a/backend/dvi/mdvi-lib/vf.c -+++ b/backend/dvi/mdvi-lib/vf.c -@@ -165,6 +165,12 @@ static int vf_load_font(DviParams *params, DviFont *font) - cc = fuget1(p); - tfm = fuget3(p); - } -+ if (cc < 0 || cc > 65536) { -+ /* TeX engines do not support char codes bigger than 65535 */ -+ mdvi_error(_("(vf) %s: unexpected character %d\n"), -+ font->fontname, cc); -+ goto error; -+ } - if(loc < 0 || cc < loc) - loc = cc; - if(hic < 0 || cc > hic) --- -cgit v0.8.3.1 Deleted: update_to_poppler_api.patch =================================================================== --- update_to_poppler_api.patch 2011-02-26 20:15:29 UTC (rev 111448) +++ update_to_poppler_api.patch 2011-02-26 21:09:48 UTC (rev 111449) @@ -1,58 +0,0 @@ -From f77e6cf4fd7fef49ac91d8c62b6a9a993529adb8 Mon Sep 17 00:00:00 2001 -From: Carlos Garcia Campos <[email protected]> -Date: Fri, 17 Sep 2010 11:21:16 +0000 -Subject: [pdf] Update to poppler api changes - -Linearized PopplerDocument property is now boolean rather than string. ---- -diff --git a/backend/pdf/ev-poppler.cc b/backend/pdf/ev-poppler.cc -index aa080e6..ced3ef7 100644 ---- a/backend/pdf/ev-poppler.cc -+++ b/backend/pdf/ev-poppler.cc -@@ -722,6 +722,9 @@ pdf_document_get_info (EvDocument *document) - PopplerPermissions permissions; - EvPage *page; - char *metadata; -+#ifdef HAVE_POPPLER_DOCUMENT_IS_LINEARIZED -+ gboolean linearized; -+#endif - - info = g_new0 (EvDocumentInfo, 1); - -@@ -758,7 +761,11 @@ pdf_document_get_info (EvDocument *document) - "producer", &(info->producer), - "creation-date", &(info->creation_date), - "mod-date", &(info->modified_date), -+#ifdef HAVE_POPPLER_DOCUMENT_IS_LINEARIZED -+ "linearized", &linearized, -+#else - "linearized", &(info->linearized), -+#endif - "metadata", &metadata, - NULL); - -@@ -864,6 +871,10 @@ pdf_document_get_info (EvDocument *document) - info->security = g_strdup (_("No")); - } - -+#ifdef HAVE_POPPLER_DOCUMENT_IS_LINEARIZED -+ info->linearized = linearized ? g_strdup (_("Yes")) : g_strdup (_("No")); -+#endif -+ - return info; - } - -diff --git a/configure.ac b/configure.ac -index 0faa16e..9619349 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -512,6 +512,7 @@ if test "x$enable_pdf" = "xyes"; then - AC_CHECK_FUNCS(poppler_page_get_text_layout) - AC_CHECK_FUNCS(poppler_page_get_selected_text) - AC_CHECK_FUNCS(poppler_page_add_annot) -+ AC_CHECK_FUNCS(poppler_document_is_linearized) - LIBS=$evince_save_LIBS - PKG_CHECK_MODULES(CAIRO_PDF, cairo-pdf, enable_cairo_pdf=yes, enable_cairo_pdf=no) - if test x$enable_cairo_pdf = xyes; then --- -cgit v0.8.3.1
