[gentoo-commits] repo/gentoo:master commit in: media-libs/lcms/files/, media-libs/lcms/ - gentoo-commits

From:	Andreas Sturmlechner <asturm@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: media-libs/lcms/files/, media-libs/lcms/
Date:	Tue, 18 Sep 2018 18:25:46
Message-Id:	`1537295103.139bfc57747c094af6dc04e4485e433dd56acbde.asturm@gentoo`

1

commit:     139bfc57747c094af6dc04e4485e433dd56acbde

2

Author:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>

3

AuthorDate: Tue Sep 18 15:41:14 2018 +0000

4

Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>

5

CommitDate: Tue Sep 18 18:25:03 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=139bfc57

7

8

media-libs/lcms: Cleanup vulnerable

9

10

Bug: https://bugs.gentoo.org/628478

11

Package-Manager: Portage-2.3.49, Repoman-2.3.10

12

13

 media-libs/lcms/Manifest                           |  1 -

14

 .../lcms/files/lcms-2.8-CVE-2016-10165.patch       | 22 ----------

15

 media-libs/lcms/lcms-2.8-r1.ebuild                 | 46 -------------------

16

 media-libs/lcms/lcms-2.8-r2.ebuild                 | 51 ----------------------

17

 4 files changed, 120 deletions(-)

18

19

diff --git a/media-libs/lcms/Manifest b/media-libs/lcms/Manifest

20

index 52781d41770..619b6ff86f5 100644

21

--- a/media-libs/lcms/Manifest

22

+++ b/media-libs/lcms/Manifest

23

@@ -1,2 +1 @@

24

-DIST lcms2-2.8.tar.gz 6687005 BLAKE2B fb187eeb5ffbd5bc9c836fa75c26111605c582281edcdf27c91175248b8b71c69017b9bcd632b5a51360173777c87dff58cab51d209c0e8dda9f329f0d2e3eaf SHA512 a9478885b4892c79314a2ef9ab560e6655ac8f2d17abae0805e8b871138bb190e21f0e5c805398449f9dad528dc50baaf9e3cce8b8158eb8ff74179be5733f8f

25

 DIST lcms2-2.9.tar.gz 10953949 BLAKE2B 6f22a0a8901562e8a84a82c077f31b0155bf81d2b5023211059fa157061e78ebe170bd4744f6d15ab76c96ff9dae521a7560e9665a230337d149e1f0c9018788 SHA512 d91e320a97ef9d64cce31585b7df7c85accb52a0c46a10ed0f45a0ba46cc2ad6687de5151e59ac62170ea878ab48595c1493125f4afb1872824afe1c3f3c459b

26

27

diff --git a/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch b/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch

28

deleted file mode 100644

29

index b380cf40d5a..00000000000

30

--- a/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch

31

+++ /dev/null

32

@@ -1,22 +0,0 @@

33

-From 5ca71a7bc18b6897ab21d815d15e218e204581e2 Mon Sep 17 00:00:00 2001

34

-From: Marti <marti.maria@×××××××××××××.com>

35

-Date: Mon, 15 Aug 2016 23:31:39 +0200

36

-Subject: [PATCH] Added an extra check to MLU bounds

37

-

38

-Thanks to Ibrahim el-sayed for spotting the bug

39

----

40

- src/cmstypes.c | 1 +

41

- 1 file changed, 1 insertion(+)

42

-

43

-diff --git a/src/cmstypes.c b/src/cmstypes.c

44

-index cb61860..c7328b9 100644

45

---- a/src/cmstypes.c

46

-+++ b/src/cmstypes.c

47

-@@ -1460,6 +1460,7 @@ void *Type_MLU_Read(struct _cms_typehandler_struct* self, cmsIOHANDLER* io, cmsU

48

-

49

-         // Check for overflow

50

-         if (Offset < (SizeOfHeader + 8)) goto Error;

51

-+        if ((Offset + Len) > SizeOfTag + 8) goto Error;

52

-

53

-         // True begin of the string

54

-         BeginOfThisString = Offset - SizeOfHeader - 8;

55

56

diff --git a/media-libs/lcms/lcms-2.8-r1.ebuild b/media-libs/lcms/lcms-2.8-r1.ebuild

57

deleted file mode 100644

58

index df3cb187556..00000000000

59

--- a/media-libs/lcms/lcms-2.8-r1.ebuild

60

+++ /dev/null

61

@@ -1,46 +0,0 @@

62

-# Copyright 1999-2018 Gentoo Foundation

63

-# Distributed under the terms of the GNU General Public License v2

64

-

65

-EAPI=6

66

-AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules"

67

-inherit eutils multilib-minimal

68

-

69

-DESCRIPTION="A lightweight, speed optimized color management engine"

70

-HOMEPAGE="http://www.littlecms.com/"

71

-SRC_URI="mirror://sourceforge/${PN}/lcms2-${PV}.tar.gz"

72

-

73

-LICENSE="MIT"

74

-SLOT="2"

75

-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris"

76

-IUSE="doc jpeg static-libs +threads test tiff zlib"

77

-

78

-RDEPEND="jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] )

79

-	tiff? ( >=media-libs/tiff-4.0.3-r6:0=[${MULTILIB_USEDEP}] )

80

-	zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )"

81

-DEPEND="${RDEPEND}"

82

-

83

-S=${WORKDIR}/lcms2-${PV}

84

-

85

-PATCHES=(

86

-	"${FILESDIR}/${P}-CVE-2016-10165.patch"

87

-)

88

-

89

-multilib_src_configure() {

90

-	local myeconfargs=(

91

-		$(use_with jpeg)

92

-		$(use_with tiff)

93

-		$(use_with zlib)

94

-		$(use_with threads)

95

-	)

96

-	ECONF_SOURCE="${S}" \

97

-	econf ${myeconfargs[@]}

98

-}

99

-

100

-multilib_src_install_all() {

101

-	find "${ED}" \( -name "*.la" -o -name "*.a" \) -delete || die

102

-

103

-	if use doc; then

104

-		docinto pdf

105

-		dodoc doc/*.pdf

106

-	fi

107

-}

108

109

diff --git a/media-libs/lcms/lcms-2.8-r2.ebuild b/media-libs/lcms/lcms-2.8-r2.ebuild

110

deleted file mode 100644

111

index e39e224c996..00000000000

112

--- a/media-libs/lcms/lcms-2.8-r2.ebuild

113

+++ /dev/null

114

@@ -1,51 +0,0 @@

115

-# Copyright 1999-2018 Gentoo Foundation

116

-# Distributed under the terms of the GNU General Public License v2

117

-

118

-EAPI=6

119

-

120

-inherit libtool multilib-minimal

121

-

122

-DESCRIPTION="A lightweight, speed optimized color management engine"

123

-HOMEPAGE="http://www.littlecms.com/"

124

-SRC_URI="mirror://sourceforge/${PN}/lcms2-${PV}.tar.gz"

125

-

126

-LICENSE="MIT"

127

-SLOT="2"

128

-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris"

129

-IUSE="doc jpeg static-libs test +threads tiff"

130

-

131

-RDEPEND="

132

-	jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] )

133

-	tiff? ( >=media-libs/tiff-4.0.3-r6:0=[${MULTILIB_USEDEP}] )

134

-"

135

-DEPEND="${RDEPEND}"

136

-

137

-S="${WORKDIR}/lcms2-${PV}"

138

-

139

-PATCHES=( "${FILESDIR}/${P}-CVE-2016-10165.patch" )

140

-

141

-src_prepare() {

142

-	default

143

-	elibtoolize  # for Prefix/Solaris

144

-}

145

-

146

-multilib_src_configure() {

147

-	local myeconfargs=(

148

-		$(use_with jpeg)

149

-		$(use_enable static-libs static)

150

-		$(use_with threads)

151

-		$(use_with tiff)

152

-		--without-zlib

153

-	)

154

-	ECONF_SOURCE="${S}" \

155

-	econf ${myeconfargs[@]}

156

-}

157

-

158

-multilib_src_install_all() {

159

-	find "${ED}" -name "*.la" -delete || die

160

-

161

-	if use doc; then

162

-		docinto pdf

163

-		dodoc doc/*.pdf

164

-	fi

165

-}

1	commit: 139bfc57747c094af6dc04e4485e433dd56acbde
2	Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
3	AuthorDate: Tue Sep 18 15:41:14 2018 +0000
4	Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
5	CommitDate: Tue Sep 18 18:25:03 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=139bfc57
7
8	media-libs/lcms: Cleanup vulnerable
9
10	Bug: https://bugs.gentoo.org/628478
11	Package-Manager: Portage-2.3.49, Repoman-2.3.10
12
13	media-libs/lcms/Manifest \| 1 -
14	.../lcms/files/lcms-2.8-CVE-2016-10165.patch \| 22 ----------
15	media-libs/lcms/lcms-2.8-r1.ebuild \| 46 -------------------
16	media-libs/lcms/lcms-2.8-r2.ebuild \| 51 ----------------------
17	4 files changed, 120 deletions(-)
18
19	diff --git a/media-libs/lcms/Manifest b/media-libs/lcms/Manifest
20	index 52781d41770..619b6ff86f5 100644
21	--- a/media-libs/lcms/Manifest
22	+++ b/media-libs/lcms/Manifest
23	@@ -1,2 +1 @@
24	-DIST lcms2-2.8.tar.gz 6687005 BLAKE2B fb187eeb5ffbd5bc9c836fa75c26111605c582281edcdf27c91175248b8b71c69017b9bcd632b5a51360173777c87dff58cab51d209c0e8dda9f329f0d2e3eaf SHA512 a9478885b4892c79314a2ef9ab560e6655ac8f2d17abae0805e8b871138bb190e21f0e5c805398449f9dad528dc50baaf9e3cce8b8158eb8ff74179be5733f8f
25	DIST lcms2-2.9.tar.gz 10953949 BLAKE2B 6f22a0a8901562e8a84a82c077f31b0155bf81d2b5023211059fa157061e78ebe170bd4744f6d15ab76c96ff9dae521a7560e9665a230337d149e1f0c9018788 SHA512 d91e320a97ef9d64cce31585b7df7c85accb52a0c46a10ed0f45a0ba46cc2ad6687de5151e59ac62170ea878ab48595c1493125f4afb1872824afe1c3f3c459b
26
27	diff --git a/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch b/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch
28	deleted file mode 100644
29	index b380cf40d5a..00000000000
30	--- a/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch
31	+++ /dev/null
32	@@ -1,22 +0,0 @@
33	-From 5ca71a7bc18b6897ab21d815d15e218e204581e2 Mon Sep 17 00:00:00 2001
34	-From: Marti <marti.maria@×××××××××××××.com>
35	-Date: Mon, 15 Aug 2016 23:31:39 +0200
36	-Subject: [PATCH] Added an extra check to MLU bounds
37	-
38	-Thanks to Ibrahim el-sayed for spotting the bug
39	----
40	- src/cmstypes.c \| 1 +
41	- 1 file changed, 1 insertion(+)
42	-
43	-diff --git a/src/cmstypes.c b/src/cmstypes.c
44	-index cb61860..c7328b9 100644
45	---- a/src/cmstypes.c
46	-+++ b/src/cmstypes.c
47	-@@ -1460,6 +1460,7 @@ void Type_MLU_Read(struct _cms_typehandler_struct self, cmsIOHANDLER* io, cmsU
48	-
49	- // Check for overflow
50	- if (Offset < (SizeOfHeader + 8)) goto Error;
51	-+ if ((Offset + Len) > SizeOfTag + 8) goto Error;
52	-
53	- // True begin of the string
54	- BeginOfThisString = Offset - SizeOfHeader - 8;
55
56	diff --git a/media-libs/lcms/lcms-2.8-r1.ebuild b/media-libs/lcms/lcms-2.8-r1.ebuild
57	deleted file mode 100644
58	index df3cb187556..00000000000
59	--- a/media-libs/lcms/lcms-2.8-r1.ebuild
60	+++ /dev/null
61	@@ -1,46 +0,0 @@
62	-# Copyright 1999-2018 Gentoo Foundation
63	-# Distributed under the terms of the GNU General Public License v2
64	-
65	-EAPI=6
66	-AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules"
67	-inherit eutils multilib-minimal
68	-
69	-DESCRIPTION="A lightweight, speed optimized color management engine"
70	-HOMEPAGE="http://www.littlecms.com/"
71	-SRC_URI="mirror://sourceforge/${PN}/lcms2-${PV}.tar.gz"
72	-
73	-LICENSE="MIT"
74	-SLOT="2"
75	-KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris"
76	-IUSE="doc jpeg static-libs +threads test tiff zlib"
77	-
78	-RDEPEND="jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] )
79	- tiff? ( >=media-libs/tiff-4.0.3-r6:0=[${MULTILIB_USEDEP}] )
80	- zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] )"
81	-DEPEND="${RDEPEND}"
82	-
83	-S=${WORKDIR}/lcms2-${PV}
84	-
85	-PATCHES=(
86	- "${FILESDIR}/${P}-CVE-2016-10165.patch"
87	-)
88	-
89	-multilib_src_configure() {
90	- local myeconfargs=(
91	- $(use_with jpeg)
92	- $(use_with tiff)
93	- $(use_with zlib)
94	- $(use_with threads)
95	- )
96	- ECONF_SOURCE="${S}" \
97	- econf ${myeconfargs[@]}
98	-}
99	-
100	-multilib_src_install_all() {
101	- find "${ED}" \( -name ".la" -o -name ".a" \) -delete \|\| die
102	-
103	- if use doc; then
104	- docinto pdf
105	- dodoc doc/*.pdf
106	- fi
107	-}
108
109	diff --git a/media-libs/lcms/lcms-2.8-r2.ebuild b/media-libs/lcms/lcms-2.8-r2.ebuild
110	deleted file mode 100644
111	index e39e224c996..00000000000
112	--- a/media-libs/lcms/lcms-2.8-r2.ebuild
113	+++ /dev/null
114	@@ -1,51 +0,0 @@
115	-# Copyright 1999-2018 Gentoo Foundation
116	-# Distributed under the terms of the GNU General Public License v2
117	-
118	-EAPI=6
119	-
120	-inherit libtool multilib-minimal
121	-
122	-DESCRIPTION="A lightweight, speed optimized color management engine"
123	-HOMEPAGE="http://www.littlecms.com/"
124	-SRC_URI="mirror://sourceforge/${PN}/lcms2-${PV}.tar.gz"
125	-
126	-LICENSE="MIT"
127	-SLOT="2"
128	-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris"
129	-IUSE="doc jpeg static-libs test +threads tiff"
130	-
131	-RDEPEND="
132	- jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] )
133	- tiff? ( >=media-libs/tiff-4.0.3-r6:0=[${MULTILIB_USEDEP}] )
134	-"
135	-DEPEND="${RDEPEND}"
136	-
137	-S="${WORKDIR}/lcms2-${PV}"
138	-
139	-PATCHES=( "${FILESDIR}/${P}-CVE-2016-10165.patch" )
140	-
141	-src_prepare() {
142	- default
143	- elibtoolize # for Prefix/Solaris
144	-}
145	-
146	-multilib_src_configure() {
147	- local myeconfargs=(
148	- $(use_with jpeg)
149	- $(use_enable static-libs static)
150	- $(use_with threads)
151	- $(use_with tiff)
152	- --without-zlib
153	- )
154	- ECONF_SOURCE="${S}" \
155	- econf ${myeconfargs[@]}
156	-}
157	-
158	-multilib_src_install_all() {
159	- find "${ED}" -name "*.la" -delete \|\| die
160	-
161	- if use doc; then
162	- docinto pdf
163	- dodoc doc/*.pdf
164	- fi
165	-}

Gentoo Archives: gentoo-commits