[gentoo-commits] repo/gentoo:master commit in: app-office/pinpoint/files/, app-office/pinpoint/ - gentoo-commits

From:	Pacho Ramos <pacho@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-office/pinpoint/files/, app-office/pinpoint/
Date:	Wed, 28 Mar 2018 18:23:40
Message-Id:	`1522261411.41d04b8d7079876adcf13bf3792a5c9701686ca6.pacho@gentoo`

1

commit:     41d04b8d7079876adcf13bf3792a5c9701686ca6

2

Author:     Pacho Ramos <pacho <AT> gentoo <DOT> org>

3

AuthorDate: Wed Mar 28 18:22:37 2018 +0000

4

Commit:     Pacho Ramos <pacho <AT> gentoo <DOT> org>

5

CommitDate: Wed Mar 28 18:23:31 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41d04b8d

7

8

app-office/pinpoint: Fix CVE-2013-7447 (#574384)

9

10

Package-Manager: Portage-2.3.24, Repoman-2.3.6

11

12

 .../files/pinpoint-0.1.8-CVE-2013-7447.patch       | 33 ++++++++++++++

13

 app-office/pinpoint/pinpoint-0.1.8-r1.ebuild       | 50 ++++++++++++++++++++++

14

 2 files changed, 83 insertions(+)

15

16

diff --git a/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch b/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch

17

new file mode 100644

18

index 00000000000..b9c39ad7206

19

--- /dev/null

20

+++ b/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch

21

@@ -0,0 +1,33 @@

22

+From f90483245250456d6306b4fff2f68f445ef33864 Mon Sep 17 00:00:00 2001

23

+From: RyuzakiKK <aasonykk@×××××.com>

24

+Date: Sat, 5 Aug 2017 20:00:30 +0200

25

+Subject: [PATCH] Avoid integer overflow

26

+

27

+pinpoint is affected by a possible integer overflow, that was also

28

+found and patched upstream in gtk+

29

+https://git.gnome.org/browse/gtk+/commit/?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6

30

+

31

+With g_malloc_m we can avoid the integer overflow.

32

+

33

+As pointed out by Pacho Ramos in

34

+https://bugzilla.gnome.org/show_bug.cgi?id=762029

35

+---

36

+ pp-cairo.c | 2 +-

37

+ 1 file changed, 1 insertion(+), 1 deletion(-)

38

+

39

+diff --git a/pp-cairo.c b/pp-cairo.c

40

+index 8afb362..dc0a452 100644

41

+--- a/pp-cairo.c

42

++++ b/pp-cairo.c

43

+@@ -120,7 +120,7 @@ _cairo_new_surface_from_pixbuf (const GdkPixbuf *pixbuf)

44

+     format = CAIRO_FORMAT_ARGB32;

45

+

46

+   cairo_stride = cairo_format_stride_for_width (format, width);

47

+-  cairo_pixels = g_malloc (height * cairo_stride);

48

++  cairo_pixels = g_malloc_n (height, cairo_stride);

49

+   surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels,

50

+                                                  format,

51

+                                                  width, height, cairo_stride);

52

+--

53

+2.13.4

54

+

55

56

diff --git a/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild b/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild

57

new file mode 100644

58

index 00000000000..7bf59666c4c

59

--- /dev/null

60

+++ b/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild

61

@@ -0,0 +1,50 @@

62

+# Copyright 1999-2018 Gentoo Foundation

63

+# Distributed under the terms of the GNU General Public License v2

64

+

65

+EAPI=6

66

+inherit gnome2

67

+

68

+DESCRIPTION="A tool for making hackers do excellent presentations"

69

+HOMEPAGE="https://wiki.gnome.org/Apps/Pinpoint"

70

+

71

+LICENSE="LGPL-2.1"

72

+SLOT="0"

73

+KEYWORDS="~amd64 ~x86"

74

+IUSE="+gstreamer +pdf"

75

+

76

+# rsvg is used for svg-in-pdf -- clubbing it under pdf for now

77

+RDEPEND="

78

+	>=media-libs/clutter-1.23.7:1.0

79

+	>=media-libs/clutter-gtk-1.6:1.0

80

+	>=dev-libs/glib-2.28:2

81

+	>=x11-libs/cairo-1.9.4

82

+	x11-libs/pango

83

+	x11-libs/gdk-pixbuf:2

84

+	gstreamer? ( media-libs/clutter-gst:3.0 )

85

+	pdf? ( gnome-base/librsvg:2 )

86

+"

87

+DEPEND="${RDEPEND}

88

+	virtual/pkgconfig

89

+"

90

+

91

+PATCHES=(

92

+	# Fix CVE-2013-7447, bug #574384, https://bugzilla.gnome.org/show_bug.cgi?id=762029

93

+	"${FILESDIR}"/${P}-CVE-2013-7447.patch

94

+)

95

+

96

+src_configure() {

97

+	# dax support is disabled because we don't have it in tree yet and it's

98

+	# experimental

99

+	gnome2_src_configure \

100

+		--disable-dax \

101

+		$(use_enable gstreamer cluttergst) \

102

+		$(use_enable pdf rsvg)

103

+}

104

+

105

+src_install() {

106

+	gnome2_src_install

107

+

108

+	docompress -x /usr/share/doc/${PF}/examples

109

+	insinto "/usr/share/doc/${PF}/examples"

110

+	doins introduction.pin bg.jpg bowls.jpg linus.jpg

111

+}

1	commit: 41d04b8d7079876adcf13bf3792a5c9701686ca6
2	Author: Pacho Ramos <pacho <AT> gentoo <DOT> org>
3	AuthorDate: Wed Mar 28 18:22:37 2018 +0000
4	Commit: Pacho Ramos <pacho <AT> gentoo <DOT> org>
5	CommitDate: Wed Mar 28 18:23:31 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41d04b8d
7
8	app-office/pinpoint: Fix CVE-2013-7447 (#574384)
9
10	Package-Manager: Portage-2.3.24, Repoman-2.3.6
11
12	.../files/pinpoint-0.1.8-CVE-2013-7447.patch \| 33 ++++++++++++++
13	app-office/pinpoint/pinpoint-0.1.8-r1.ebuild \| 50 ++++++++++++++++++++++
14	2 files changed, 83 insertions(+)
15
16	diff --git a/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch b/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch
17	new file mode 100644
18	index 00000000000..b9c39ad7206
19	--- /dev/null
20	+++ b/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch
21	@@ -0,0 +1,33 @@
22	+From f90483245250456d6306b4fff2f68f445ef33864 Mon Sep 17 00:00:00 2001
23	+From: RyuzakiKK <aasonykk@×××××.com>
24	+Date: Sat, 5 Aug 2017 20:00:30 +0200
25	+Subject: [PATCH] Avoid integer overflow
26	+
27	+pinpoint is affected by a possible integer overflow, that was also
28	+found and patched upstream in gtk+
29	+https://git.gnome.org/browse/gtk+/commit/?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6
30	+
31	+With g_malloc_m we can avoid the integer overflow.
32	+
33	+As pointed out by Pacho Ramos in
34	+https://bugzilla.gnome.org/show_bug.cgi?id=762029
35	+---
36	+ pp-cairo.c \| 2 +-
37	+ 1 file changed, 1 insertion(+), 1 deletion(-)
38	+
39	+diff --git a/pp-cairo.c b/pp-cairo.c
40	+index 8afb362..dc0a452 100644
41	+--- a/pp-cairo.c
42	++++ b/pp-cairo.c
43	+@@ -120,7 +120,7 @@ _cairo_new_surface_from_pixbuf (const GdkPixbuf *pixbuf)
44	+ format = CAIRO_FORMAT_ARGB32;
45	+
46	+ cairo_stride = cairo_format_stride_for_width (format, width);
47	+- cairo_pixels = g_malloc (height * cairo_stride);
48	++ cairo_pixels = g_malloc_n (height, cairo_stride);
49	+ surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels,
50	+ format,
51	+ width, height, cairo_stride);
52	+--
53	+2.13.4
54	+
55
56	diff --git a/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild b/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild
57	new file mode 100644
58	index 00000000000..7bf59666c4c
59	--- /dev/null
60	+++ b/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild
61	@@ -0,0 +1,50 @@
62	+# Copyright 1999-2018 Gentoo Foundation
63	+# Distributed under the terms of the GNU General Public License v2
64	+
65	+EAPI=6
66	+inherit gnome2
67	+
68	+DESCRIPTION="A tool for making hackers do excellent presentations"
69	+HOMEPAGE="https://wiki.gnome.org/Apps/Pinpoint"
70	+
71	+LICENSE="LGPL-2.1"
72	+SLOT="0"
73	+KEYWORDS="~amd64 ~x86"
74	+IUSE="+gstreamer +pdf"
75	+
76	+# rsvg is used for svg-in-pdf -- clubbing it under pdf for now
77	+RDEPEND="
78	+ >=media-libs/clutter-1.23.7:1.0
79	+ >=media-libs/clutter-gtk-1.6:1.0
80	+ >=dev-libs/glib-2.28:2
81	+ >=x11-libs/cairo-1.9.4
82	+ x11-libs/pango
83	+ x11-libs/gdk-pixbuf:2
84	+ gstreamer? ( media-libs/clutter-gst:3.0 )
85	+ pdf? ( gnome-base/librsvg:2 )
86	+"
87	+DEPEND="${RDEPEND}
88	+ virtual/pkgconfig
89	+"
90	+
91	+PATCHES=(
92	+ # Fix CVE-2013-7447, bug #574384, https://bugzilla.gnome.org/show_bug.cgi?id=762029
93	+ "${FILESDIR}"/${P}-CVE-2013-7447.patch
94	+)
95	+
96	+src_configure() {
97	+ # dax support is disabled because we don't have it in tree yet and it's
98	+ # experimental
99	+ gnome2_src_configure \
100	+ --disable-dax \
101	+ $(use_enable gstreamer cluttergst) \
102	+ $(use_enable pdf rsvg)
103	+}
104	+
105	+src_install() {
106	+ gnome2_src_install
107	+
108	+ docompress -x /usr/share/doc/${PF}/examples
109	+ insinto "/usr/share/doc/${PF}/examples"
110	+ doins introduction.pin bg.jpg bowls.jpg linus.jpg
111	+}

Gentoo Archives: gentoo-commits