subject:"\[gentoo\-commits\] repo\/gentoo\:master commit in\: media\-libs\/libwebp\/files\/, media\-libs\/libwebp\/"

[gentoo-commits] repo/gentoo:master commit in: media-libs/libwebp/files/, media-libs/libwebp/

2023-06-30 Thread Stephan Hartmann

commit: 3b41cdefc20c6fa856e84e96ed94bc9bda7ba9e1
Author: Stephan Hartmann  gentoo  org>
AuthorDate: Fri Jun 30 16:25:22 2023 +
Commit: Stephan Hartmann  gentoo  org>
CommitDate: Fri Jun 30 16:25:48 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3b41cdef

media-libs/libwebp: backport fix for CVE-2023-1999

Bug: https://bugs.gentoo.org/909369
Signed-off-by: Stephan Hartmann  gentoo.org>

 .../files/libwebp-1.2.4-CVE-2023-1999.patch| 50 ++
 media-libs/libwebp/libwebp-1.2.4-r2.ebuild | 78 ++
 2 files changed, 128 insertions(+)

diff --git a/media-libs/libwebp/files/libwebp-1.2.4-CVE-2023-1999.patch 
b/media-libs/libwebp/files/libwebp-1.2.4-CVE-2023-1999.patch
new file mode 100644
index ..9c023712a5aa
--- /dev/null
+++ b/media-libs/libwebp/files/libwebp-1.2.4-CVE-2023-1999.patch
@@ -0,0 +1,50 @@
+commit a486d800b60d0af4cc0836bf7ed8f21e12974129
+Author: James Zern 
+Date:   Wed Feb 22 22:15:47 2023 -0800
+
+EncodeAlphaInternal: clear result->bw on error
+
+This avoids a double free should the function fail prior to
+VP8BitWriterInit() and a previous trial result's buffer carried over.
+Previously in ApplyFiltersAndEncode() trial.bw (with a previous
+iteration's buffer) would be freed, followed by best.bw pointing to the
+same buffer.
+
+Since:
+187d379d add a fallback to ALPHA_NO_COMPRESSION
+
+In addition, check the return value of VP8BitWriterInit() in this
+function.
+
+Bug: webp:603
+Change-Id: Ic258381ee26c8c16bc211d157c8153831c8c6910
+
+diff --git a/src/enc/alpha_enc.c b/src/enc/alpha_enc.c
+index f7c02690..7d205586 100644
+--- a/src/enc/alpha_enc.c
 b/src/enc/alpha_enc.c
+@@ -13,6 +13,7 @@
+ 
+ #include 
+ #include 
++#include 
+ 
+ #include "src/enc/vp8i_enc.h"
+ #include "src/dsp/dsp.h"
+@@ -148,6 +149,7 @@ static int EncodeAlphaInternal(const uint8_t* const data, 
int width, int height,
+   }
+ } else {
+   VP8LBitWriterWipeOut(&tmp_bw);
++  memset(&result->bw, 0, sizeof(result->bw));
+   return 0;
+ }
+   }
+@@ -162,7 +164,7 @@ static int EncodeAlphaInternal(const uint8_t* const data, 
int width, int height,
+   header = method | (filter << 2);
+   if (reduce_levels) header |= ALPHA_PREPROCESSED_LEVELS << 4;
+ 
+-  VP8BitWriterInit(&result->bw, ALPHA_HEADER_LEN + output_size);
++  if (!VP8BitWriterInit(&result->bw, ALPHA_HEADER_LEN + output_size)) ok = 0;
+   ok = ok && VP8BitWriterAppend(&result->bw, &header, ALPHA_HEADER_LEN);
+   ok = ok && VP8BitWriterAppend(&result->bw, output, output_size);
+ 

diff --git a/media-libs/libwebp/libwebp-1.2.4-r2.ebuild 
b/media-libs/libwebp/libwebp-1.2.4-r2.ebuild
new file mode 100644
index ..bcf5f8174336
--- /dev/null
+++ b/media-libs/libwebp/libwebp-1.2.4-r2.ebuild
@@ -0,0 +1,78 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools multilib-minimal
+
+MY_P="${P/_/-}"
+
+DESCRIPTION="A lossy image compression format"
+HOMEPAGE="https://developers.google.com/speed/webp/download";
+SRC_URI="https://storage.googleapis.com/downloads.webmproject.org/releases/webp/${MY_P}.tar.gz";
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="BSD"
+SLOT="0/7" # subslot = libwebp soname version
+if [[ ${PV} != *_rc* ]] ; then
+   KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc 
~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos 
~x64-solaris"
+fi
+IUSE="cpu_flags_arm_neon cpu_flags_x86_sse2 cpu_flags_x86_sse4_1 gif +jpeg 
opengl +png static-libs swap-16bit-csp tiff"
+
+# TODO: dev-lang/swig bindings in swig/ subdirectory
+RDEPEND="gif? ( media-libs/giflib:= )
+   jpeg? ( media-libs/libjpeg-turbo:= )
+   opengl? (
+   media-libs/freeglut
+   virtual/opengl
+   )
+   png? ( media-libs/libpng:= )
+   tiff? ( media-libs/tiff:= )"
+DEPEND="${RDEPEND}"
+
+PATCHES=(
+   "${FILESDIR}"/${PN}-1.2.3-libpng-pkg-config.patch
+   "${FILESDIR}"/${PN}-1.2.4-CVE-2023-1999.patch
+)
+
+src_prepare() {
+   default
+
+   # Fix libtool relinking, bug #499270.
+   #elibtoolize
+
+   # Needed for pkg-config patch
+   eautoreconf
+}
+
+multilib_src_configure() {
+   local args=(
+   --enable-libwebpmux
+   --enable-libwebpdemux
+   --enable-libwebpdecoder
+   $(use_enable static-libs static)
+   $(use_enable swap-16bit-csp)
+   $(use_enable jpeg)
+   $(use_enable png)
+   $(use_enable opengl gl)
+   $(use_enable tiff)
+
+   $(use_enable cpu_flags_x86_sse2 sse2)
+   $(use_enable cpu_flags_x86_sse4_1 sse4.1)
+   $(use_enable cpu_flags_arm_neon neon)
+
+   # Only used for gif2webp binary wrt bug #486646
+   $(multilib_native_use_enable gif)
+

[gentoo-commits] repo/gentoo:master commit in: media-libs/libwebp/files/, media-libs/libwebp/

2022-07-16 Thread Sam James

commit: 4371e9da3c3342b8560873ecb2c6fabeaa3b7fa4
Author: Sam James  gentoo  org>
AuthorDate: Sat Jul 16 13:25:58 2022 +
Commit: Sam James  gentoo  org>
CommitDate: Sat Jul 16 14:33:28 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4371e9da

media-libs/libwebp: add 1.2.3

Signed-off-by: Sam James  gentoo.org>

 media-libs/libwebp/Manifest|  1 +
 .../files/libwebp-1.2.3-libpng-pkg-config.patch| 66 +++
 media-libs/libwebp/libwebp-1.2.3.ebuild| 76 ++
 3 files changed, 143 insertions(+)

diff --git a/media-libs/libwebp/Manifest b/media-libs/libwebp/Manifest
index 9e43af44ebb8..84d12388a11e 100644
--- a/media-libs/libwebp/Manifest
+++ b/media-libs/libwebp/Manifest
@@ -2,3 +2,4 @@ DIST libwebp-1.1.0.tar.gz 4033877 BLAKE2B 
ac6c2267f43ba42079975938c8fecb75237a49
 DIST libwebp-1.2.0.tar.gz 4092120 BLAKE2B 
213b2385f646dd0fbaa7c9103b0d33a9cb5e7285d9df91107db722f514428ab8cc896704d71a3913ca1aedffeb706fcda4c7a59a3960ebc21c74ca9422632605
 SHA512 
c46b41899a543cc80914c89646dd607dbb5d025a9727dd83ef70994b9310eedc697666bd812141a90aa16632a9a354a031d9360a9ee1112295c7e154e69f0b74
 DIST libwebp-1.2.1.tar.gz 4100806 BLAKE2B 
6bbc6dd1a3ec094a6ad0045fd483bcce055c5f3dd15022595de090c4719e5b7bfec60818a8c6ab2546325a515526d750c9fd31017278ac6d747218570f5e
 SHA512 
5208ac9532c89ea9fec01122cb307afacdbf5c501ed1c6056e9ffc98e2a3386e637224e0301da88ae3a32aa0c210364e1e4eac79487e465ef9e54eb9b1af80aa
 DIST libwebp-1.2.2.tar.gz 4117468 BLAKE2B 
8bdb5a82317f06c39458b04580fa674399bc02f15a8e28f8a17456e1e26af74d87a63ecfda9f2760822ba318e8bd42a9c84f87cc2a3c63bad4fbdc00d212010e
 SHA512 
0dd0a721352b513a218d55383bcd0cc45b786df8089f70f87257b5dcc0c4e2f1798e20f1ca98b8fe51710abb667f9c4c14f20f980a11c484c8832f0dc66e3bff
+DIST libwebp-1.2.3.tar.gz 4141192 BLAKE2B 
9205dccc7be478bcba97fa7859446979fd508bba939cb4bd6468820db6a34a6aa043e4294c0a77835d1af70630d8985b88518eda934878c65fb7c72f1c7deeeb
 SHA512 
4320ac0b0f0c5571a0d6ead3dc588e184762916305cec8b37eaedbbf906d31258a285275d5a02becae853d7cf8a9f0ae0f5f9efa09c68ebc869e7dd132a2

diff --git a/media-libs/libwebp/files/libwebp-1.2.3-libpng-pkg-config.patch 
b/media-libs/libwebp/files/libwebp-1.2.3-libpng-pkg-config.patch
new file mode 100644
index ..fe33b97fa270
--- /dev/null
+++ b/media-libs/libwebp/files/libwebp-1.2.3-libpng-pkg-config.patch
@@ -0,0 +1,66 @@
+--- a/configure.ac
 b/configure.ac
+@@ -518,43 +518,15 @@ AS_IF([test "x$enable_sdl" != "xno"], [
+ AM_CONDITIONAL([BUILD_VWEBP_SDL], [test "$build_vwebp_sdl" = "yes"])
+ 
+ dnl === check for PNG support ===
++PKG_PROG_PKG_CONFIG
+ 
+ AC_ARG_ENABLE([png], AS_HELP_STRING([--disable-png],
+ [Disable detection of PNG format support
+  @<:@default=auto@:>@]))
+ AS_IF([test "x$enable_png" != "xno"], [
+-  CLEAR_LIBVARS([PNG])
+-  AC_PATH_PROGS([LIBPNG_CONFIG],
+-[libpng-config libpng16-config libpng15-config 
libpng14-config \
+- libpng12-config])
+-  if test -n "$LIBPNG_CONFIG"; then
+-PNG_INCLUDES=`$LIBPNG_CONFIG --cflags`
+-PNG_LIBS="`$LIBPNG_CONFIG --ldflags`"
+-  fi
+-
+-  WITHLIB_OPTION([png], [PNG])
+-
+-  LIBCHECK_PROLOGUE([PNG])
+-  AC_CHECK_HEADER(png.h,
+-AC_SEARCH_LIBS(png_get_libpng_ver, [png],
+-   [test "$ac_cv_search_png_get_libpng_ver" = "none required" 
\
+-  || PNG_LIBS="$PNG_LIBS $ac_cv_search_png_get_libpng_ver"
+-PNG_INCLUDES="$PNG_INCLUDES -DWEBP_HAVE_PNG"
+-AC_DEFINE(WEBP_HAVE_PNG, [1],
+-  [Set to 1 if PNG library is installed])
+-png_support=yes
+-   ],
+-   [AC_MSG_WARN(Optional png library not found)
+-PNG_LIBS=""
+-PNG_INCLUDES=""
+-   ],
+-   [$MATH_LIBS]),
+-[AC_MSG_WARN(png library not available - no png.h)
+- PNG_LIBS=""
+- PNG_INCLUDES=""
+-],
+-  )
+-  LIBCHECK_EPILOGUE([PNG])
++  PKG_CHECK_MODULES([LIBPNG], [libpng])
++  PNG_INCLUDES="${LIBPNG_CFLAGS}"
++  PNG_LIBS="${LIBPNG_LIBS}"
+ ])
+ 
+ dnl === check for JPEG support ===
+diff --git a/configure.ac b/configure.ac
+index b7a0d3e..5709913 100644
+--- a/configure.ac
 b/configure.ac
+@@ -524,9 +524,11 @@ AC_ARG_ENABLE([png], AS_HELP_STRING([--disable-png],
+ [Disable detection of PNG format support
+  @<:@default=auto@:>@]))
+ AS_IF([test "x$enable_png" != "xno"], [
++  LIBCHECK_PROLOGUE([PNG])
+   PKG_CHECK_MODULES([LIBPNG], [libpng])
+   PNG_INCLUDES="${LIBPNG_CFLAGS}"
+   PNG_LIBS="${LIBPNG_LIBS}"
++  LIBCHECK_EPILOGUE([PNG])
+ ])
+ 
+ dnl === check for JPEG support ===

diff --git a/media-libs/libwebp/libwebp-1.2.3.ebuild 
b/media-libs/libwebp/libwebp-1.2.3.ebuild
new file mode 100644
index ..32347

[gentoo-commits] repo/gentoo:master commit in: media-libs/libwebp/files/, media-libs/libwebp/

[gentoo-commits] repo/gentoo:master commit in: media-libs/libwebp/files/, media-libs/libwebp/

2 matches

Site Navigation

Mail list logo

Footer information