1 |
tetromino 13/10/01 17:57:26 |
2 |
|
3 |
Modified: ChangeLog |
4 |
Added: librsvg-2.36.4-r1.ebuild |
5 |
Removed: librsvg-2.37.0.ebuild |
6 |
Log: |
7 |
Fix information disclosure vulnerability (CVE-2013-1881, bug #486600, thanks to Agostino Sarubbo). Drop vulnerable version. |
8 |
|
9 |
(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key CF0ADD61) |
10 |
|
11 |
Revision Changes Path |
12 |
1.311 gnome-base/librsvg/ChangeLog |
13 |
|
14 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/librsvg/ChangeLog?rev=1.311&view=markup |
15 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/librsvg/ChangeLog?rev=1.311&content-type=text/plain |
16 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/librsvg/ChangeLog?r1=1.310&r2=1.311 |
17 |
|
18 |
Index: ChangeLog |
19 |
=================================================================== |
20 |
RCS file: /var/cvsroot/gentoo-x86/gnome-base/librsvg/ChangeLog,v |
21 |
retrieving revision 1.310 |
22 |
retrieving revision 1.311 |
23 |
diff -u -r1.310 -r1.311 |
24 |
--- ChangeLog 30 Sep 2013 21:57:30 -0000 1.310 |
25 |
+++ ChangeLog 1 Oct 2013 17:57:25 -0000 1.311 |
26 |
@@ -1,6 +1,16 @@ |
27 |
# ChangeLog for gnome-base/librsvg |
28 |
# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 |
29 |
-# $Header: /var/cvsroot/gentoo-x86/gnome-base/librsvg/ChangeLog,v 1.310 2013/09/30 21:57:30 pacho Exp $ |
30 |
+# $Header: /var/cvsroot/gentoo-x86/gnome-base/librsvg/ChangeLog,v 1.311 2013/10/01 17:57:25 tetromino Exp $ |
31 |
+ |
32 |
+*librsvg-2.36.4-r1 (01 Oct 2013) |
33 |
+ |
34 |
+ 01 Oct 2013; Alexandre Rostovtsev <tetromino@g.o> |
35 |
+ +librsvg-2.36.4-r1.ebuild, -librsvg-2.37.0.ebuild, |
36 |
+ +files/librsvg-2.36.4-resource-uri-1.patch, |
37 |
+ +files/librsvg-2.36.4-resource-uri-2.patch, |
38 |
+ +files/librsvg-2.36.4-resource-uri-3.patch: |
39 |
+ Fix information disclosure vulnerability (CVE-2013-1881, bug #486600, thanks |
40 |
+ to Agostino Sarubbo). Drop vulnerable version. |
41 |
|
42 |
*librsvg-2.39.0 (30 Sep 2013) |
43 |
|
44 |
|
45 |
|
46 |
|
47 |
1.1 gnome-base/librsvg/librsvg-2.36.4-r1.ebuild |
48 |
|
49 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/librsvg/librsvg-2.36.4-r1.ebuild?rev=1.1&view=markup |
50 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/gnome-base/librsvg/librsvg-2.36.4-r1.ebuild?rev=1.1&content-type=text/plain |
51 |
|
52 |
Index: librsvg-2.36.4-r1.ebuild |
53 |
=================================================================== |
54 |
# Copyright 1999-2013 Gentoo Foundation |
55 |
# Distributed under the terms of the GNU General Public License v2 |
56 |
# $Header: /var/cvsroot/gentoo-x86/gnome-base/librsvg/librsvg-2.36.4-r1.ebuild,v 1.1 2013/10/01 17:57:25 tetromino Exp $ |
57 |
|
58 |
EAPI="5" |
59 |
GCONF_DEBUG="no" |
60 |
GNOME2_LA_PUNT="yes" |
61 |
VALA_MIN_API_VERSION="0.18" |
62 |
VALA_USE_DEPEND="vapigen" |
63 |
|
64 |
inherit autotools eutils gnome2 multilib vala |
65 |
|
66 |
DESCRIPTION="Scalable Vector Graphics (SVG) rendering library" |
67 |
HOMEPAGE="https://live.gnome.org/LibRsvg" |
68 |
|
69 |
LICENSE="LGPL-2" |
70 |
SLOT="2" |
71 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x86-freebsd ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris" |
72 |
IUSE="+gtk +introspection tools vala" |
73 |
REQUIRED_USE="vala? ( introspection )" |
74 |
|
75 |
RDEPEND=">=dev-libs/glib-2.24:2 |
76 |
>=x11-libs/cairo-1.2 |
77 |
>=x11-libs/pango-1.16 |
78 |
>=dev-libs/libxml2-2.7:2 |
79 |
>=dev-libs/libcroco-0.6.1 |
80 |
x11-libs/gdk-pixbuf:2[introspection?] |
81 |
gtk? ( |
82 |
>=x11-libs/gtk+-2.16:2 |
83 |
tools? ( >=x11-libs/gtk+-3:3 ) ) |
84 |
introspection? ( >=dev-libs/gobject-introspection-0.10.8 ) |
85 |
" |
86 |
DEPEND="${RDEPEND} |
87 |
dev-libs/gobject-introspection-common |
88 |
dev-libs/vala-common |
89 |
>=dev-util/gtk-doc-am-1.13 |
90 |
virtual/pkgconfig |
91 |
vala? ( $(vala_depend) ) |
92 |
" |
93 |
# >=gtk-doc-am-1.13, gobject-introspection-common, vala-common needed by eautoreconf |
94 |
|
95 |
src_prepare() { |
96 |
# Make rsvg-view non-automagic, upstream bug #653323 |
97 |
epatch "${FILESDIR}/${PN}-2.36.0-rsvg-view-automagic.patch" |
98 |
|
99 |
# Information disclosure, CVE-2013-1881, bug #486600; fixed in 2.39.0 |
100 |
epatch "${FILESDIR}/${P}-resource-uri"-{1,2,3}.patch |
101 |
|
102 |
use vala && vala_src_prepare |
103 |
|
104 |
eautoreconf |
105 |
gnome2_src_prepare |
106 |
} |
107 |
|
108 |
src_configure() { |
109 |
local myconf="" |
110 |
|
111 |
if use gtk && use tools; then |
112 |
myconf="${myconf} --enable-rsvg-view" |
113 |
else |
114 |
myconf="${myconf} --disable-rsvg-view" |
115 |
fi |
116 |
# -Bsymbolic is not supported by the Darwin toolchain |
117 |
if [[ ${CHOST} == *-darwin* ]]; then |
118 |
myconf="${myconf} --disable-Bsymbolic" |
119 |
fi |
120 |
|
121 |
gnome2_src_configure \ |
122 |
--disable-static \ |
123 |
$(use_enable tools) \ |
124 |
$(use_enable gtk gtk-theme) \ |
125 |
$(use_enable introspection) \ |
126 |
$(use_enable vala) \ |
127 |
--enable-pixbuf-loader \ |
128 |
${myconf} |
129 |
} |
130 |
|
131 |
src_compile() { |
132 |
# causes segfault if set, see bug #411765 |
133 |
unset __GL_NO_DSO_FINALIZER |
134 |
gnome2_src_compile |
135 |
} |
136 |
|
137 |
pkg_postinst() { |
138 |
# causes segfault if set, see bug 375615 |
139 |
unset __GL_NO_DSO_FINALIZER |
140 |
gnome2_pkg_postinst |
141 |
} |
142 |
|
143 |
pkg_postrm() { |
144 |
# causes segfault if set, see bug 375615 |
145 |
unset __GL_NO_DSO_FINALIZER |
146 |
gnome2_pkg_postrm |
147 |
} |