[gentoo-commits] proj/gnome:master commit in: x11-libs/gdk-pixbuf/, x11-libs/gdk-pixbuf/files/
commit: 8b8838b33991886bdd0913f6b496f8f4f65da372 Author: Ole Reifschneider gentoo org> AuthorDate: Thu Mar 24 23:58:44 2016 + Commit: Ole Reifschneider gentoo org> CommitDate: Fri Mar 25 00:55:46 2016 + URL:https://gitweb.gentoo.org/proj/gnome.git/commit/?id=8b8838b3 x11-libs/gdk-pixbuf: Bump version to 2.34.0 Package-Manager: portage-2.2.28 Manifest-Sign-Key: 0xE9E568677E8B4D42 .../gdk-pixbuf-2.32.3-fix-lowmem-uclibc.patch | 34 ++ ...pixbuf-.ebuild => gdk-pixbuf-2.34.0.ebuild} | 26 + x11-libs/gdk-pixbuf/gdk-pixbuf-.ebuild | 17 +-- 3 files changed, 49 insertions(+), 28 deletions(-) diff --git a/x11-libs/gdk-pixbuf/files/gdk-pixbuf-2.32.3-fix-lowmem-uclibc.patch b/x11-libs/gdk-pixbuf/files/gdk-pixbuf-2.32.3-fix-lowmem-uclibc.patch new file mode 100644 index 000..77ea7e7 --- /dev/null +++ b/x11-libs/gdk-pixbuf/files/gdk-pixbuf-2.32.3-fix-lowmem-uclibc.patch @@ -0,0 +1,34 @@ +From 21b8eb73d9272e06707ad6d0357f3034b8d9a46f Mon Sep 17 00:00:00 2001 +From: "Anthony G. Basile"+Date: Wed, 14 Oct 2015 16:18:19 -0400 +Subject: [PATCH] tests/pixbuf-lowmem.c: Do not run pixbuf-lowmem test on + uClibc + +pixbuf-lowmem.c depends on GNU libc internals and does not build +on musl or uClibc. Commit e1fd25a fixes this issue for musl by +testing if __GLIBC__ is set. However, uClibc sets __GLIBC__ and +so this check is insufficient there. We expand the check so that +we run pixbuf-lowmem on glibc, while avoiding it on both musl and +uClibc. + +Signed-off-by: Anthony G. Basile +--- + tests/pixbuf-lowmem.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/pixbuf-lowmem.c b/tests/pixbuf-lowmem.c +index 9e9571f..ec7504f 100644 +--- a/tests/pixbuf-lowmem.c b/tests/pixbuf-lowmem.c +@@ -24,7 +24,7 @@ + #include + #include + +-#ifdef __GLIBC__ ++#if defined(__GLIBC__) && !defined(__UCLIBC__) + #define PRETEND_MEM_SIZE (16 * 1024 * 1024) + #define REMAINING_MEM_SIZE 10 + +-- +2.4.9 + diff --git a/x11-libs/gdk-pixbuf/gdk-pixbuf-.ebuild b/x11-libs/gdk-pixbuf/gdk-pixbuf-2.34.0.ebuild similarity index 80% copy from x11-libs/gdk-pixbuf/gdk-pixbuf-.ebuild copy to x11-libs/gdk-pixbuf/gdk-pixbuf-2.34.0.ebuild index 14c57b8..d674ae1 100644 --- a/x11-libs/gdk-pixbuf/gdk-pixbuf-.ebuild +++ b/x11-libs/gdk-pixbuf/gdk-pixbuf-2.34.0.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2015 Gentoo Foundation +# Copyright 1999-2016 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Id$ @@ -7,26 +7,19 @@ GCONF_DEBUG="no" GNOME2_LA_PUNT="yes" inherit eutils flag-o-matic gnome2 multilib libtool multilib-minimal -if [[ ${PV} = ]]; then - inherit gnome2-live -fi DESCRIPTION="Image loading library for GTK+" -HOMEPAGE="http://www.gtk.org/; +HOMEPAGE="https://git.gnome.org/browse/gdk-pixbuf; LICENSE="LGPL-2+" SLOT="2" -if [[ ${PV} = ]]; then - KEYWORDS="" -else - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-freebsd ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -fi -IUSE="+X debug +introspection jpeg jpeg2k tiff test" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-freebsd ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="X debug +introspection jpeg jpeg2k tiff test" COMMON_DEPEND=" >=dev-libs/glib-2.37.6:2[${MULTILIB_USEDEP}] >=media-libs/libpng-1.4:0=[${MULTILIB_USEDEP}] - introspection? ( >=dev-libs/gobject-introspection-0.9.3 ) + introspection? ( >=dev-libs/gobject-introspection-0.9.3:= ) jpeg? ( virtual/jpeg:0=[${MULTILIB_USEDEP}] ) jpeg2k? ( media-libs/jasper:=[${MULTILIB_USEDEP}] ) tiff? ( >=media-libs/tiff-3.9.2:0=[${MULTILIB_USEDEP}] ) @@ -43,10 +36,6 @@ RDEPEND="${COMMON_DEPEND} !https://bugzilla.gnome.org/show_bug.cgi?id=756590 + epatch "${FILESDIR}"/${PN}-2.32.3-fix-lowmem-uclibc.patch # This will avoid polluting the pkg-config file with versioned libpng, # which is causing problems with libpng14 -> libpng15 upgrade @@ -125,7 +115,7 @@ pkg_postinst() { pkg_postrm() { gnome2_pkg_postrm - if [[ -z ${REPLACED_BY_VERSIONS} ]]; then + if [[ -z ${REPLACED_BY_VERSION} ]]; then rm -f "${EROOT}"usr/lib*/${PN}-2.0/2.10.0/loaders.cache fi } diff --git a/x11-libs/gdk-pixbuf/gdk-pixbuf-.ebuild b/x11-libs/gdk-pixbuf/gdk-pixbuf-.ebuild index 14c57b8..faa412e 100644 --- a/x11-libs/gdk-pixbuf/gdk-pixbuf-.ebuild +++ b/x11-libs/gdk-pixbuf/gdk-pixbuf-.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2015 Gentoo
[gentoo-commits] proj/gnome:master commit in: x11-libs/gdk-pixbuf/, x11-libs/gdk-pixbuf/files/
commit: 9e48855fcf4528e77c4c86b9bd1b12fa3176b23a Author: Alexandre Rostovtsev gentoo org> AuthorDate: Fri Aug 21 04:49:52 2015 + Commit: Alexandre Rostovtsev gentoo org> CommitDate: Tue Sep 1 04:25:03 2015 + URL:https://gitweb.gentoo.org/proj/gnome.git/commit/?id=9e48855f x11-libs/gdk-pixbuf: 2.31.5 → 2.31.6 and more fixes for CVE-2015-4491 Really fix the overflow. Gentoo-Bug: 556314 Upstream-Bug-url: https://bugzilla.gnome.org/show_bug.cgi?id=752297 Package-Manager: portage-2.2.20.1 Manifest-Sign-Key: 0x18E5B6F2D8D5EC8D .../files/gdk-pixbuf-2.31.6-alpha-overflow.patch | 70 + .../files/gdk-pixbuf-2.31.6-jpeg-overflow.patch| 35 + .../gdk-pixbuf-2.31.6-pixops-gcc-optimizer.patch | 46 ++ .../files/gdk-pixbuf-2.31.6-pixops-overflow.patch | 173 + .../gdk-pixbuf-2.31.6-pixops-variable-type.patch | 37 + .../files/gdk-pixbuf-2.31.6-png-overflow.patch | 72 + .../files/gdk-pixbuf-2.31.6-rotate-overflow.patch | 27 ...xbuf-2.31.5.ebuild => gdk-pixbuf-2.31.6.ebuild} | 15 +- 8 files changed, 474 insertions(+), 1 deletion(-) diff --git a/x11-libs/gdk-pixbuf/files/gdk-pixbuf-2.31.6-alpha-overflow.patch b/x11-libs/gdk-pixbuf/files/gdk-pixbuf-2.31.6-alpha-overflow.patch new file mode 100644 index 000..bd4abfa --- /dev/null +++ b/x11-libs/gdk-pixbuf/files/gdk-pixbuf-2.31.6-alpha-overflow.patch @@ -0,0 +1,70 @@ +From ca3c56421c075e729750cf80c3438b283232cce8 Mon Sep 17 00:00:00 2001 +From: Matthias Clasen+Date: Mon, 24 Aug 2015 15:20:08 -0400 +Subject: [PATCH] Avoid integer overflow in gdk_pixbuf_add_alpha + +Same as before: don't do ptr = base + y * rowstride if y and +rowstride are integers. + +This should fix http://bugzilla.gnome/org/753569 +--- + gdk-pixbuf/gdk-pixbuf-util.c | 18 +- + 1 file changed, 9 insertions(+), 9 deletions(-) + +diff --git a/gdk-pixbuf/gdk-pixbuf-util.c b/gdk-pixbuf/gdk-pixbuf-util.c +index 6abe9b9..3600450 100644 +--- a/gdk-pixbuf/gdk-pixbuf-util.c b/gdk-pixbuf/gdk-pixbuf-util.c +@@ -67,6 +67,8 @@ gdk_pixbuf_add_alpha (const GdkPixbuf *pixbuf, + int x, y; + const guint8 *src_pixels; + guint8 *ret_pixels; ++ const guchar *src; ++ guchar *dest; + + g_return_val_if_fail (GDK_IS_PIXBUF (pixbuf), NULL); + g_return_val_if_fail (pixbuf->colorspace == GDK_COLORSPACE_RGB, NULL); +@@ -85,20 +87,18 @@ gdk_pixbuf_add_alpha (const GdkPixbuf *pixbuf, + } else { + new_pixbuf = gdk_pixbuf_new (GDK_COLORSPACE_RGB, TRUE, 8, pixbuf->width, pixbuf->height); + } +- ++ + if (!new_pixbuf) + return NULL; + + ret_pixels = gdk_pixbuf_get_pixels (new_pixbuf); + +- for (y = 0; y < pixbuf->height; y++) { +- const guchar *src; +- guchar *dest; ++ for (y = 0; y < pixbuf->height; y++, src_pixels += pixbuf->rowstride, ret_pixels += new_pixbuf->rowstride) { + guchar tr, tg, tb; + +- src = src_pixels + y * pixbuf->rowstride; +- dest = ret_pixels + y * new_pixbuf->rowstride; +- ++src = src_pixels; ++dest = ret_pixels; ++ + if (pixbuf->has_alpha) { + /* Just subst color, we already copied everything else */ + for (x = 0; x < pixbuf->width; x++) { +@@ -107,12 +107,12 @@ gdk_pixbuf_add_alpha (const GdkPixbuf *pixbuf, + src += 4; + dest += 4; + } +-} else { ++} else { + for (x = 0; x < pixbuf->width; x++) { + tr = *dest++ = *src++; + tg = *dest++ = *src++; + tb = *dest++ = *src++; +- ++ + if (substitute_color && tr == r && tg == g && tb == b) + *dest++ = 0; + else +-- +2.5.1 + diff --git a/x11-libs/gdk-pixbuf/files/gdk-pixbuf-2.31.6-jpeg-overflow.patch b/x11-libs/gdk-pixbuf/files/gdk-pixbuf-2.31.6-jpeg-overflow.patch new file mode 100644 index 000..ebec196 --- /dev/null +++ b/x11-libs/gdk-pixbuf/files/gdk-pixbuf-2.31.6-jpeg-overflow.patch @@ -0,0 +1,35 @@ +From fde8d1d12a32740770253e97ddc9602654e16865 Mon Sep 17 00:00:00 2001 +From: Matthias Clasen +Date: Mon, 24 Aug 2015 15:48:51 -0400 +Subject: [PATCH] jpeg: Fix some integer overflows + +Similar to the previous commit. +--- + gdk-pixbuf/io-jpeg.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/gdk-pixbuf/io-jpeg.c b/gdk-pixbuf/io-jpeg.c +index fa6bec1..eb48aed 100644 +--- a/gdk-pixbuf/io-jpeg.c b/gdk-pixbuf/io-jpeg.c +@@ -886,7 +886,7 @@ gdk_pixbuf__jpeg_image_load_lines