[gentoo-commits] repo/gentoo:master commit in: media-gfx/optipng/files/, media-gfx/optipng/ - gentoo-commits

From:	Sebastian Pipping <sping@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: media-gfx/optipng/files/, media-gfx/optipng/
Date:	Mon, 04 Dec 2017 19:40:51
Message-Id:	`1512416411.0da7381ee3668b7d015fc4082a001dcda0b94707.sping@gentoo`

1

commit:     0da7381ee3668b7d015fc4082a001dcda0b94707

2

Author:     Sebastian Pipping <sping <AT> gentoo <DOT> org>

3

AuthorDate: Mon Dec  4 19:37:28 2017 +0000

4

Commit:     Sebastian Pipping <sping <AT> gentoo <DOT> org>

5

CommitDate: Mon Dec  4 19:40:11 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0da7381e

7

8

media-gfx/optipng: CVE-2017-16938

9

10

Package-Manager: Portage-2.3.16, Repoman-2.3.6

11

12

 .../files/optipng-0.7.6-cve-2017-16938.patch       | 22 ++++++++

13

 media-gfx/optipng/optipng-0.7.6-r2.ebuild          | 59 ++++++++++++++++++++++

14

 2 files changed, 81 insertions(+)

15

16

diff --git a/media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch b/media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch

17

new file mode 100644

18

index 00000000000..71edf20cfef

19

--- /dev/null

20

+++ b/media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch

21

@@ -0,0 +1,22 @@

22

+From e05fb81a20541833a2d62ce08552b18c0920b9a1 Mon Sep 17 00:00:00 2001

23

+From: Cosmin Truta <ctruta@×××××.com>

24

+Date: Sat, 25 Nov 2017 23:17:46 -0500

25

+Subject: [PATCH] gifread: Detect indirect circular dependencies in LZW tables

26

+

27

+---

28

+ src/gifread/gifread.c | 2 ++

29

+ 1 file changed, 2 insertions(+)

30

+

31

+diff --git a/src/gifread/gifread.c b/src/gifread/gifread.c

32

+index 0123456789abcdef..0123456789abcdef 100644

33

+--- a/src/gifread/gifread.c

34

++++ b/src/gifread/gifread.c

35

+@@ -499,6 +499,8 @@ static int LZWReadByte(int init_flag, int input_code_size, FILE *stream)

36

+             *sp++ = table[1][code];

37

+             if (code == table[0][code])

38

+                 GIFError("GIF/LZW error: circular table entry");

39

++            if ((size_t)(sp - stack) >= sizeof(stack) / sizeof(stack[0]))

40

++                GIFError("GIF/LZW error: circular table");

41

+             code = table[0][code];

42

+         }

43

+

44

45

diff --git a/media-gfx/optipng/optipng-0.7.6-r2.ebuild b/media-gfx/optipng/optipng-0.7.6-r2.ebuild

46

new file mode 100644

47

index 00000000000..b5096a87c8f

48

--- /dev/null

49

+++ b/media-gfx/optipng/optipng-0.7.6-r2.ebuild

50

@@ -0,0 +1,59 @@

51

+# Copyright 1999-2017 Gentoo Foundation

52

+# Distributed under the terms of the GNU General Public License v2

53

+

54

+EAPI=6

55

+

56

+inherit eutils toolchain-funcs

57

+

58

+DESCRIPTION="Compress PNG files without affecting image quality"

59

+HOMEPAGE="http://optipng.sourceforge.net/"

60

+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"

61

+

62

+LICENSE="ZLIB"

63

+SLOT="0"

64

+KEYWORDS="~alpha ~amd64 ~arm ~ppc ~ppc64 ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos ~x86-solaris"

65

+IUSE=""

66

+

67

+RDEPEND="sys-libs/zlib

68

+	media-libs/libpng:0"

69

+DEPEND="${RDEPEND}

70

+	sys-apps/findutils"

71

+

72

+src_prepare() {

73

+	epatch "${FILESDIR}"/${PN}-0.7.5-estonian.patch

74

+	epatch "${FILESDIR}"/${PN}-0.7.6-cve-2017-1000229.patch  # bug 637936

75

+	epatch "${FILESDIR}"/${PN}-0.7.6-cve-2017-16938.patch  # bug 639690

76

+

77

+	rm -R src/{libpng,zlib} || die

78

+	find . -type d -name build -exec rm -R {} + || die

79

+

80

+	# next release is almost a complete rewrite, so plug this compilation

81

+	# problem in anticipation of the much (c)leaner(?) rewrite

82

+	sed -i \

83

+		-e 's/^#ifdef AT_FDCWD/#if defined(AT_FDCWD) \&\& !(defined (__SVR4) \&\& defined (__sun))/' \

84

+		src/optipng/osys.c || die

85

+

86

+	tc-export CC AR RANLIB

87

+	export LD=$(tc-getCC)

88

+

89

+	eapply_user

90

+}

91

+

92

+src_configure() {

93

+	./configure \

94

+		-with-system-libpng \

95

+		-with-system-zlib \

96

+		|| die "configure failed"

97

+}

98

+

99

+src_compile() {

100

+	emake -C src/optipng

101

+}

102

+

103

+src_install() {

104

+	dodoc README.txt doc/*.txt

105

+	dohtml doc/*.html

106

+	doman src/${PN}/man/${PN}.1

107

+

108

+	dobin src/${PN}/${PN}

109

+}

1	commit: 0da7381ee3668b7d015fc4082a001dcda0b94707
2	Author: Sebastian Pipping <sping <AT> gentoo <DOT> org>
3	AuthorDate: Mon Dec 4 19:37:28 2017 +0000
4	Commit: Sebastian Pipping <sping <AT> gentoo <DOT> org>
5	CommitDate: Mon Dec 4 19:40:11 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0da7381e
7
8	media-gfx/optipng: CVE-2017-16938
9
10	Package-Manager: Portage-2.3.16, Repoman-2.3.6
11
12	.../files/optipng-0.7.6-cve-2017-16938.patch \| 22 ++++++++
13	media-gfx/optipng/optipng-0.7.6-r2.ebuild \| 59 ++++++++++++++++++++++
14	2 files changed, 81 insertions(+)
15
16	diff --git a/media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch b/media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch
17	new file mode 100644
18	index 00000000000..71edf20cfef
19	--- /dev/null
20	+++ b/media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch
21	@@ -0,0 +1,22 @@
22	+From e05fb81a20541833a2d62ce08552b18c0920b9a1 Mon Sep 17 00:00:00 2001
23	+From: Cosmin Truta <ctruta@×××××.com>
24	+Date: Sat, 25 Nov 2017 23:17:46 -0500
25	+Subject: [PATCH] gifread: Detect indirect circular dependencies in LZW tables
26	+
27	+---
28	+ src/gifread/gifread.c \| 2 ++
29	+ 1 file changed, 2 insertions(+)
30	+
31	+diff --git a/src/gifread/gifread.c b/src/gifread/gifread.c
32	+index 0123456789abcdef..0123456789abcdef 100644
33	+--- a/src/gifread/gifread.c
34	++++ b/src/gifread/gifread.c
35	+@@ -499,6 +499,8 @@ static int LZWReadByte(int init_flag, int input_code_size, FILE *stream)
36	+ *sp++ = table[1][code];
37	+ if (code == table[0][code])
38	+ GIFError("GIF/LZW error: circular table entry");
39	++ if ((size_t)(sp - stack) >= sizeof(stack) / sizeof(stack[0]))
40	++ GIFError("GIF/LZW error: circular table");
41	+ code = table[0][code];
42	+ }
43	+
44
45	diff --git a/media-gfx/optipng/optipng-0.7.6-r2.ebuild b/media-gfx/optipng/optipng-0.7.6-r2.ebuild
46	new file mode 100644
47	index 00000000000..b5096a87c8f
48	--- /dev/null
49	+++ b/media-gfx/optipng/optipng-0.7.6-r2.ebuild
50	@@ -0,0 +1,59 @@
51	+# Copyright 1999-2017 Gentoo Foundation
52	+# Distributed under the terms of the GNU General Public License v2
53	+
54	+EAPI=6
55	+
56	+inherit eutils toolchain-funcs
57	+
58	+DESCRIPTION="Compress PNG files without affecting image quality"
59	+HOMEPAGE="http://optipng.sourceforge.net/"
60	+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
61	+
62	+LICENSE="ZLIB"
63	+SLOT="0"
64	+KEYWORDS="~alpha ~amd64 ~arm ~ppc ~ppc64 ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos ~x86-solaris"
65	+IUSE=""
66	+
67	+RDEPEND="sys-libs/zlib
68	+ media-libs/libpng:0"
69	+DEPEND="${RDEPEND}
70	+ sys-apps/findutils"
71	+
72	+src_prepare() {
73	+ epatch "${FILESDIR}"/${PN}-0.7.5-estonian.patch
74	+ epatch "${FILESDIR}"/${PN}-0.7.6-cve-2017-1000229.patch # bug 637936
75	+ epatch "${FILESDIR}"/${PN}-0.7.6-cve-2017-16938.patch # bug 639690
76	+
77	+ rm -R src/{libpng,zlib} \|\| die
78	+ find . -type d -name build -exec rm -R {} + \|\| die
79	+
80	+ # next release is almost a complete rewrite, so plug this compilation
81	+ # problem in anticipation of the much (c)leaner(?) rewrite
82	+ sed -i \
83	+ -e 's/^#ifdef AT_FDCWD/#if defined(AT_FDCWD) \&\& !(defined (__SVR4) \&\& defined (__sun))/' \
84	+ src/optipng/osys.c \|\| die
85	+
86	+ tc-export CC AR RANLIB
87	+ export LD=$(tc-getCC)
88	+
89	+ eapply_user
90	+}
91	+
92	+src_configure() {
93	+ ./configure \
94	+ -with-system-libpng \
95	+ -with-system-zlib \
96	+ \|\| die "configure failed"
97	+}
98	+
99	+src_compile() {
100	+ emake -C src/optipng
101	+}
102	+
103	+src_install() {
104	+ dodoc README.txt doc/*.txt
105	+ dohtml doc/*.html
106	+ doman src/${PN}/man/${PN}.1
107	+
108	+ dobin src/${PN}/${PN}
109	+}

Gentoo Archives: gentoo-commits