From 60a11f87366fdfbd114cdc91ff813518858e5f8d Mon Sep 17 00:00:00 2001 From: Nicolás Reynolds Date: Tue, 18 Feb 2014 01:51:27 +0000 Subject: Tue Feb 18 01:50:28 UTC 2014 --- extra/cairo-perl/PKGBUILD | 14 ++-- extra/dbus-glib/PKGBUILD | 13 +-- extra/glib-perl/PKGBUILD | 12 +-- extra/gnome-perl/PKGBUILD | 15 ++-- extra/gnome-vfs-perl/PKGBUILD | 15 ++-- extra/gnumeric/PKGBUILD | 12 +-- extra/gob2/PKGBUILD | 10 +-- extra/goffice/PKGBUILD | 10 +-- extra/gtk2-perl/PKGBUILD | 22 +++-- extra/libpng/PKGBUILD | 15 ++-- extra/mpg123/PKGBUILD | 6 +- extra/pango-perl/PKGBUILD | 14 ++-- extra/t1lib/CVE-2010-2642.patch | 24 ++++++ extra/t1lib/CVE-2011-0764.diff | 32 +++++++ extra/t1lib/CVE-2011-1552_1553_1554.patch | 133 ++++++++++++++++++++++++++++++ extra/t1lib/PKGBUILD | 31 +++++-- extra/t1lib/format-security.diff | 33 ++++++++ extra/t1lib/lib-cleanup.diff | 59 +++++++++++++ extra/t1lib/overflow.patch | 15 ---- extra/x265/PKGBUILD | 26 ++++++ extra/yasm/PKGBUILD | 10 ++- 21 files changed, 424 insertions(+), 97 deletions(-) create mode 100644 extra/t1lib/CVE-2010-2642.patch create mode 100644 extra/t1lib/CVE-2011-0764.diff create mode 100644 extra/t1lib/CVE-2011-1552_1553_1554.patch create mode 100644 extra/t1lib/format-security.diff create mode 100644 extra/t1lib/lib-cleanup.diff delete mode 100644 extra/t1lib/overflow.patch create mode 100644 extra/x265/PKGBUILD (limited to 'extra') diff --git a/extra/cairo-perl/PKGBUILD b/extra/cairo-perl/PKGBUILD index f111bccb1..ac554e614 100644 --- a/extra/cairo-perl/PKGBUILD +++ b/extra/cairo-perl/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 186371 2013-05-26 09:24:20Z bluewind $ +# $Id: PKGBUILD 206084 2014-02-17 10:33:08Z jgc $ # Maintainer: Jan de Groot pkgname=cairo-perl -pkgver=1.103 -pkgrel=2 +pkgver=1.104 +pkgrel=1 pkgdesc="Perl wrappers for cairo" arch=(i686 x86_64) license=('LGPL') @@ -12,20 +12,20 @@ options=('!emptydirs') depends=('cairo' 'perl') makedepends=('perl-extutils-depends' 'perl-extutils-pkgconfig') source=(http://downloads.sourceforge.net/sourceforge/gtk2-perl/Cairo-${pkgver}.tar.gz) -md5sums=('c693e5535ed60283c068d92120412f98') +md5sums=('c7d2eee6c319588c04a6b95efe39b0ae') build() { - cd "${srcdir}/Cairo-${pkgver}" + cd Cairo-$pkgver perl Makefile.PL INSTALLDIRS=vendor make } check() { - cd "${srcdir}/Cairo-${pkgver}" + cd Cairo-$pkgver make test } package() { - cd "${srcdir}/Cairo-${pkgver}" + cd Cairo-$pkgver make DESTDIR="${pkgdir}" install } diff --git a/extra/dbus-glib/PKGBUILD b/extra/dbus-glib/PKGBUILD index 196421592..18e286cae 100644 --- a/extra/dbus-glib/PKGBUILD +++ b/extra/dbus-glib/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 197905 2013-10-30 11:35:42Z allan $ +# $Id: PKGBUILD 206080 2014-02-17 10:22:31Z jgc $ # Maintainer: Jan de Groot pkgname=dbus-glib -pkgver=0.100.2 +pkgver=0.102 pkgrel=1 pkgdesc="GLib bindings for DBUS" arch=(i686 x86_64) @@ -11,17 +11,18 @@ url="http://www.freedesktop.org/wiki/Software/DBusBindings" depends=('dbus-core' 'glib2') makedepends=('pkgconfig') options=('!emptydirs') -source=(http://dbus.freedesktop.org/releases/${pkgname}/${pkgname}-${pkgver}.tar.gz) -md5sums=('ad0920c7e3aad669163bb59171cf138e') +source=(http://dbus.freedesktop.org/releases/${pkgname}/${pkgname}-${pkgver}.tar.gz{,.asc}) +md5sums=('f76b8558fd575d0106c3a556eaa49184' + 'SKIP') build() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ --enable-static=no --enable-bash-completion=no make } package() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver make DESTDIR="${pkgdir}" install } diff --git a/extra/glib-perl/PKGBUILD b/extra/glib-perl/PKGBUILD index 47a6d4259..f2fd3d328 100644 --- a/extra/glib-perl/PKGBUILD +++ b/extra/glib-perl/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 191337 2013-07-23 17:10:45Z jgc $ +# $Id: PKGBUILD 206082 2014-02-17 10:29:53Z jgc $ # Maintainer: Jan de Groot # Contributor: Sarah Hay pkgname=glib-perl -pkgver=1.301 +pkgver=1.304 pkgrel=1 pkgdesc="Perl wrappers for glib 2.x, including GObject" arch=(i686 x86_64) @@ -13,20 +13,20 @@ options=('!emptydirs') depends=('glib2' 'perl') makedepends=('perl-extutils-depends' 'perl-extutils-pkgconfig') source=(http://downloads.sourceforge.net/sourceforge/gtk2-perl/Glib-${pkgver}.tar.gz) -md5sums=('7c0d005a20afff174c99a83c72f9786b') +md5sums=('62e454da4eb8eccdb59452c8bfd8565c') build() { - cd "${srcdir}/Glib-${pkgver}" + cd Glib-$pkgver perl Makefile.PL INSTALLDIRS=vendor make } check() { - cd "${srcdir}/Glib-${pkgver}" + cd Glib-$pkgver make test } package() { - cd "${srcdir}/Glib-${pkgver}" + cd Glib-$pkgver make DESTDIR="${pkgdir}" install } diff --git a/extra/gnome-perl/PKGBUILD b/extra/gnome-perl/PKGBUILD index ae54a978f..a1a8de1c0 100644 --- a/extra/gnome-perl/PKGBUILD +++ b/extra/gnome-perl/PKGBUILD @@ -1,10 +1,9 @@ -# $Id: PKGBUILD 186378 2013-05-26 09:24:29Z bluewind $ +# $Id: PKGBUILD 206096 2014-02-17 13:00:33Z jgc $ # Maintainer: Jan de Groot pkgname=gnome-perl -_realname=Gnome2 -pkgver=1.042 -pkgrel=9 +pkgver=1.045 +pkgrel=1 pkgdesc="Perl bindings for libgnome" arch=('i686' 'x86_64') license=('LGPL') @@ -12,16 +11,16 @@ url="http://gtk2-perl.sourceforge.net/" makedepends=('perl-extutils-pkgconfig' 'perl-extutils-depends') depends=('gnomecanvas-perl' 'gnome-vfs-perl' 'libgnomeui' 'perl') options=('!emptydirs') -source=(http://downloads.sourceforge.net/sourceforge/gtk2-perl/${_realname}-${pkgver}.tar.gz) -md5sums=('eb7b624114e45e54e022a633ffc1cce6') +source=(http://downloads.sourceforge.net/sourceforge/gtk2-perl/Gnome2-${pkgver}.tar.gz) +md5sums=('95c06139f9d950df17c9cb0340c74168') build() { - cd "${srcdir}/${_realname}-${pkgver}" + cd Gnome2-$pkgver perl Makefile.PL INSTALLDIRS=vendor make } package() { - cd "${srcdir}/${_realname}-${pkgver}" + cd Gnome2-$pkgver make DESTDIR="${pkgdir}" install } diff --git a/extra/gnome-vfs-perl/PKGBUILD b/extra/gnome-vfs-perl/PKGBUILD index 9af97014d..c58991ab6 100644 --- a/extra/gnome-vfs-perl/PKGBUILD +++ b/extra/gnome-vfs-perl/PKGBUILD @@ -1,10 +1,9 @@ -# $Id: PKGBUILD 186379 2013-05-26 09:24:30Z bluewind $ +# $Id: PKGBUILD 206092 2014-02-17 12:47:14Z jgc $ # Maintainer: Jan de Groot pkgname=gnome-vfs-perl -_realname=Gnome2-VFS -pkgver=1.081 -pkgrel=7 +pkgver=1.082 +pkgrel=1 pkgdesc="Gnome2-VFS perl bindings for gnome-vfs" arch=(i686 x86_64) license=('LGPL') @@ -12,16 +11,16 @@ url="http://gtk2-perl.sourceforge.net/" makedepends=('perl-extutils-pkgconfig' 'perl-extutils-depends') depends=('gtk2-perl' 'gnome-vfs' 'perl') options=('!emptydirs') -source=(http://downloads.sourceforge.net/sourceforge/gtk2-perl/${_realname}-${pkgver}.tar.gz) -md5sums=('3d220cbbe9f1ebc78d7047593f9cd633') +source=(http://downloads.sourceforge.net/sourceforge/gtk2-perl/Gnome2-VFS-${pkgver}.tar.gz) +md5sums=('374e7d611d080d893bb3da9d40c64733') build() { - cd "${srcdir}/${_realname}-${pkgver}" + cd Gnome2-VFS-$pkgver perl Makefile.PL INSTALLDIRS=vendor make } package() { - cd "${srcdir}/${_realname}-${pkgver}" + cd Gnome2-VFS-$pkgver make DESTDIR="${pkgdir}" install } diff --git a/extra/gnumeric/PKGBUILD b/extra/gnumeric/PKGBUILD index 7b56fd033..c4257fe7d 100644 --- a/extra/gnumeric/PKGBUILD +++ b/extra/gnumeric/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 206060 2014-02-16 13:36:11Z jgc $ +# $Id: PKGBUILD 206076 2014-02-17 09:13:47Z jgc $ # Maintainer: Eric Belanger # Contributor: Kritoke pkgname=gnumeric -pkgver=1.12.10 +pkgver=1.12.11 pkgrel=1 pkgdesc="A GNOME Spreadsheet Program" arch=('i686' 'x86_64') @@ -19,11 +19,11 @@ optdepends=('python2-gobject: for python plugin support' install=gnumeric.install source=(http://ftp.gnome.org/pub/gnome/sources/${pkgname}/${pkgver:0:4}/${pkgname}-${pkgver}.tar.xz revert-warnings.patch) -sha256sums=('4c9ee095af14a24b3cb9ed9051736d41488cacaf2960a00fe1e135ca0f3b1fde' +sha256sums=('554224f8a91743702b90010bf4bd7f04b9086e89c023a2aa1b2dbc31426c538f' 'bcafca016b809000c2a5bf911e2e3dfa4de28f9e541d9964574cac5c7ce09e53') prepare() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver patch -Np0 -i ../revert-warnings.patch @@ -34,13 +34,13 @@ prepare() { } build() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ --disable-schemas-compile --enable-introspection make } package() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver make DESTDIR="${pkgdir}" install } diff --git a/extra/gob2/PKGBUILD b/extra/gob2/PKGBUILD index b2f85a97f..6a33f8036 100644 --- a/extra/gob2/PKGBUILD +++ b/extra/gob2/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 183109 2013-04-17 15:27:46Z jgc $ +# $Id: PKGBUILD 206098 2014-02-17 13:06:55Z jgc $ # Contributor: Sarah Hay # Maintainer: Kevin Piche pkgname=gob2 -pkgver=2.0.19 +pkgver=2.0.20 pkgrel=1 pkgdesc="GTK Object Builder (GOB) is a simple preprocessor for easily creating GTK objects" arch=(i686 x86_64) @@ -11,15 +11,15 @@ license=('GPL') depends=('glib2') url="http://www.5z.com/jirka/gob.html" source=(http://ftp.5z.com/pub/gob/${pkgname}-${pkgver}.tar.xz) -md5sums=('d7f2e7b96c33458d69b6381e28e4ac69') +md5sums=('b830859993bfa82bc8773207b9a4a698') build() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver ./configure --prefix=/usr make } package() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver make DESTDIR="${pkgdir}" install } diff --git a/extra/goffice/PKGBUILD b/extra/goffice/PKGBUILD index b8d7af711..834726b65 100644 --- a/extra/goffice/PKGBUILD +++ b/extra/goffice/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 206051 2014-02-16 12:04:40Z jgc $ +# $Id: PKGBUILD 206074 2014-02-17 08:07:16Z jgc $ # Maintainer: Aaron Griffin pkgname=goffice -pkgver=0.10.10 +pkgver=0.10.11 pkgrel=1 pkgdesc="A library of document-centric objects and utilities built on top of GLib and Gtk+" arch=('i686' 'x86_64') @@ -11,16 +11,16 @@ license=('GPL') makedepends=('pkgconfig' 'intltool' 'gtk-doc' 'gobject-introspection') depends=('librsvg' 'gtk3' 'libgsf' 'libspectre') source=(http://ftp.gnome.org/pub/gnome/sources/${pkgname}/${pkgver:0:4}/${pkgname}-${pkgver}.tar.xz) -sha256sums=('03f5305d6d99c3c5afa808ba8e65abb3f7f738ecc06d25911de32945920bd538') +sha256sums=('43f419aff4ecdfff8c201e2cac884050e6906dc679e6bbac9c6647c6c706ff24') build() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver ./configure --prefix=/usr --sysconfdir=/etc \ --localstatedir=/var --disable-static --enable-introspection make } package() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver make DESTDIR="${pkgdir}" install } diff --git a/extra/gtk2-perl/PKGBUILD b/extra/gtk2-perl/PKGBUILD index 1dcdaa2d8..27cf9837b 100644 --- a/extra/gtk2-perl/PKGBUILD +++ b/extra/gtk2-perl/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 186383 2013-05-26 09:24:36Z bluewind $ +# $Id: PKGBUILD 206090 2014-02-17 11:55:52Z jgc $ # Maintainer: Jan de Groot # Contributor: Sarah Hay pkgname=gtk2-perl -pkgver=1.247 -pkgrel=2 +pkgver=1.249 +pkgrel=1 pkgdesc="Perl bindings for GTK+ 2.x" arch=(i686 x86_64) license=('LGPL') @@ -14,22 +14,28 @@ depends=('gtk2' 'pango-perl') checkdepends=('ttf-dejavu' 'xorg-server-xvfb') options=('!emptydirs') source=(http://downloads.sourceforge.net/sourceforge/gtk2-perl/Gtk2-${pkgver}.tar.gz) -md5sums=('b65b0293cce3ac3786c37a7fa508e506') +md5sums=('605b419fca92c5166f0d0077663c7c98') + +prepare() { + cd Gtk2-$pkgver + # Disable failing test. Doesn't work for several versions, might be related to Xvfb too + sed -e 's/gnome-foot.png/gnome-foot2.png/' -i t/GdkPixbufLoader.t +} build() { - cd "${srcdir}/Gtk2-${pkgver}" + cd Gtk2-$pkgver PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor make } check() { - cd "${srcdir}/Gtk2-${pkgver}" - LD_PRELOAD="" Xvfb -nolisten tcp -extension GLX -screen 0 1280x1024x24 :99 & + cd Gtk2-$pkgver + LD_PRELOAD="" Xvfb -nolisten tcp -extension GLX -screen 0 1280x1024x24 :99 2>/dev/null & LD_PRELOAD="" DISPLAY=:99 make test kill $! } package() { - cd "${srcdir}/Gtk2-${pkgver}" + cd Gtk2-$pkgver make install DESTDIR="${pkgdir}" } diff --git a/extra/libpng/PKGBUILD b/extra/libpng/PKGBUILD index dba30a40b..3cb1abe6f 100644 --- a/extra/libpng/PKGBUILD +++ b/extra/libpng/PKGBUILD @@ -1,12 +1,12 @@ -# $Id: PKGBUILD 204723 2014-01-25 21:53:14Z bluewind $ +# $Id: PKGBUILD 206101 2014-02-17 13:12:04Z jgc $ # Maintainer: Jan de Groot # Contributor: dorphell # Contributor: Travis Willard # Contributor: Douglas Soares de Andrade pkgname=libpng -pkgver=1.6.8 -_apngver=1.6.8 +pkgver=1.6.9 +_apngver=1.6.9 pkgrel=1 pkgdesc="A collection of routines used to create PNG format graphics files" arch=('i686' 'x86_64') @@ -15,9 +15,9 @@ license=('custom') depends=('zlib' 'sh') source=(http://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname-$pkgver.tar.xz{,.asc} http://downloads.sourceforge.net/sourceforge/libpng-apng/libpng-$_apngver-apng.patch.gz) -md5sums=('51ce71a1642cdde1f4485a7ff82193c0' +md5sums=('14e037c5c9f1db16844760285ad5c2d6' 'SKIP' - '6ddeea37e1945d809959a152d4258987') + 'd784762a28f6a6c697a162873807f479') prepare() { cd $pkgname-$pkgver @@ -34,6 +34,11 @@ build() { make } +check() { + cd $pkgname-$pkgver + make check +} + package() { cd $pkgname-$pkgver make DESTDIR="$pkgdir" install diff --git a/extra/mpg123/PKGBUILD b/extra/mpg123/PKGBUILD index 52e2f9f9e..7e457c5f6 100644 --- a/extra/mpg123/PKGBUILD +++ b/extra/mpg123/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 204942 2014-02-01 04:52:42Z eric $ +# $Id: PKGBUILD 206070 2014-02-17 00:39:41Z eric $ # Maintainer: Eric Bélanger pkgname=mpg123 -pkgver=1.18.0 +pkgver=1.18.1 pkgrel=1 pkgdesc="A console based real time MPEG Audio Player for Layer 1, 2 and 3" arch=('i686' 'x86_64') @@ -14,7 +14,7 @@ optdepends=('sdl: for sdl audio support' 'jack: for jack audio support' 'libpulse: for pulse audio support') source=(http://downloads.sourceforge.net/sourceforge/${pkgname}/${pkgname}-${pkgver}.tar.bz2{,.sig}) -sha1sums=('d6e59eeb972a7d11dfcc7505cf1f3e0ae875f439' +sha1sums=('89ca967a393cb85070eed693acab77de2e6491c1' 'SKIP') build() { diff --git a/extra/pango-perl/PKGBUILD b/extra/pango-perl/PKGBUILD index 1b8079cee..ac5e67192 100644 --- a/extra/pango-perl/PKGBUILD +++ b/extra/pango-perl/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 186391 2013-05-26 09:24:50Z bluewind $ +# $Id: PKGBUILD 206086 2014-02-17 10:37:47Z jgc $ # Maintainer: Jan de Groot pkgname=pango-perl -pkgver=1.224 -pkgrel=2 +pkgver=1.225 +pkgrel=1 pkgdesc="Perl bindings for Pango" arch=(i686 x86_64) license=('LGPL') @@ -12,20 +12,20 @@ makedepends=('perl-extutils-pkgconfig' 'perl-extutils-depends') depends=('pango' 'glib-perl' 'cairo-perl') options=('!emptydirs') source=(http://downloads.sourceforge.net/sourceforge/gtk2-perl/Pango-${pkgver}.tar.gz) -md5sums=('8c411f367cffb0aa16d0e3963294d32e') +md5sums=('944ed0b4a89823c66362d5e2ecbe1054') build() { - cd "${srcdir}/Pango-${pkgver}" + cd Pango-$pkgver PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor make } check() { - cd "${srcdir}/Pango-${pkgver}" + cd Pango-$pkgver make test } package() { - cd "${srcdir}/Pango-${pkgver}" + cd Pango-$pkgver make install DESTDIR="${pkgdir}" } diff --git a/extra/t1lib/CVE-2010-2642.patch b/extra/t1lib/CVE-2010-2642.patch new file mode 100644 index 000000000..cd5488958 --- /dev/null +++ b/extra/t1lib/CVE-2010-2642.patch @@ -0,0 +1,24 @@ +diff --git a/lib/t1lib/parseAFM.c b/lib/t1lib/parseAFM.c +index 6a31d7f..ba64541 100644 +--- a/lib/t1lib/parseAFM.c ++++ b/lib/t1lib/parseAFM.c +@@ -199,7 +199,9 @@ static char *token(stream) + idx = 0; + + while (ch != EOF && ch != ' ' && ch != CR && ch != LF && +- ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'){ ++ ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';' ++ && idx < (MAX_NAME -1)) ++ { + ident[idx++] = ch; + ch = fgetc(stream); + } /* while */ +@@ -235,7 +237,7 @@ static char *linetoken(stream) + while ((ch = fgetc(stream)) == ' ' || ch == '\t' ); + + idx = 0; +- while (ch != EOF && ch != CR && ch != LF && ch != CTRL_Z) ++ while (ch != EOF && ch != CR && ch != LF && ch != CTRL_Z && idx < (MAX_NAME - 1)) + { + ident[idx++] = ch; + ch = fgetc(stream); diff --git a/extra/t1lib/CVE-2011-0764.diff b/extra/t1lib/CVE-2011-0764.diff new file mode 100644 index 000000000..c2d9e173b --- /dev/null +++ b/extra/t1lib/CVE-2011-0764.diff @@ -0,0 +1,32 @@ +Description: Don't lookup previous point if there isn't any +Author: Marc Deslauriers +Forwarded: no + +Index: t1lib-5.1.2/lib/type1/type1.c +=================================================================== +--- t1lib-5.1.2.orig/lib/type1/type1.c 2011-12-13 14:24:14.280965637 -0600 ++++ t1lib-5.1.2/lib/type1/type1.c 2011-12-13 14:25:25.893320747 -0600 +@@ -1700,6 +1700,7 @@ + long pindex = 0; + + /* compute hinting for previous segment! */ ++ if (ppoints == NULL) Error0i("RLineTo: No previous point!\n"); + FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx, dy); + + /* Allocate a new path point and pre-setup data */ +@@ -1728,6 +1729,7 @@ + long pindex = 0; + + /* compute hinting for previous point! */ ++ if (ppoints == NULL) Error0i("RRCurveTo: No previous point!\n"); + FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx1, dy1); + + /* Allocate three new path points and pre-setup data */ +@@ -1903,6 +1905,7 @@ + FindStems( currx, curry, 0, 0, dx, dy); + } + else { ++ if (ppoints == NULL) Error0i("RMoveTo: No previous point!\n"); + FindStems( currx, curry, ppoints[numppoints-2].x, ppoints[numppoints-2].y, dx, dy); + } + diff --git a/extra/t1lib/CVE-2011-1552_1553_1554.patch b/extra/t1lib/CVE-2011-1552_1553_1554.patch new file mode 100644 index 000000000..aaa31f7b9 --- /dev/null +++ b/extra/t1lib/CVE-2011-1552_1553_1554.patch @@ -0,0 +1,133 @@ +Author: Jaroslav Škarvada +Description: Fix more crashes on oversized fonts +Bug-Redhat: http://bugzilla.redhat.com/show_bug.cgi?id=692909 +Index: t1lib-5.1.2/lib/type1/lines.c +=================================================================== +--- t1lib-5.1.2.orig/lib/type1/lines.c 2007-12-23 09:49:42.000000000 -0600 ++++ t1lib-5.1.2/lib/type1/lines.c 2012-01-17 14:15:08.000000000 -0600 +@@ -67,6 +67,10 @@ + None. + */ + ++#define BITS (sizeof(LONG)*8) ++#define HIGHTEST(p) (((p)>>(BITS-2)) != 0) /* includes sign bit */ ++#define TOOBIG(xy) ((xy < 0) ? HIGHTEST(-xy) : HIGHTEST(xy)) ++ + /* + :h2.StepLine() - Produces Run Ends for a Line After Checks + +@@ -84,6 +88,9 @@ + IfTrace4((LineDebug > 0), ".....StepLine: (%d,%d) to (%d,%d)\n", + x1, y1, x2, y2); + ++ if ( TOOBIG(x1) || TOOBIG(x2) || TOOBIG(y1) || TOOBIG(y2)) ++ abort("Lines this big not supported", 49); ++ + dy = y2 - y1; + + /* +Index: t1lib-5.1.2/lib/type1/objects.c +=================================================================== +--- t1lib-5.1.2.orig/lib/type1/objects.c 2007-12-23 09:49:42.000000000 -0600 ++++ t1lib-5.1.2/lib/type1/objects.c 2012-01-17 14:15:08.000000000 -0600 +@@ -1137,12 +1137,13 @@ + "Context: out of them", /* 46 */ + "MatrixInvert: can't", /* 47 */ + "xiStub called", /* 48 */ +- "Illegal access type1 abort() message" /* 49 */ ++ "Lines this big not supported", /* 49 */ ++ "Illegal access type1 abort() message" /* 50 */ + }; + +- /* no is valid from 1 to 48 */ +- if ( (number<1)||(number>48)) +- number=49; ++ /* no is valid from 1 to 49 */ ++ if ( (number<1)||(number>49)) ++ number=50; + return( err_msgs[number-1]); + + } +Index: t1lib-5.1.2/lib/type1/type1.c +=================================================================== +--- t1lib-5.1.2.orig/lib/type1/type1.c 2012-01-17 14:13:28.000000000 -0600 ++++ t1lib-5.1.2/lib/type1/type1.c 2012-01-17 14:19:54.000000000 -0600 +@@ -1012,6 +1012,7 @@ + double nextdtana = 0.0; /* tangent of post-delta against horizontal line */ + double nextdtanb = 0.0; /* tangent of post-delta against vertical line */ + ++ if (ppoints == NULL || numppoints < 1) Error0v("FindStems: No previous point!\n"); + + /* setup default hinted position */ + ppoints[numppoints-1].ax = ppoints[numppoints-1].x; +@@ -1289,7 +1290,7 @@ + static int DoRead(CodeP) + int *CodeP; + { +- if (strindex >= CharStringP->len) return(FALSE); /* end of string */ ++ if (!CharStringP || strindex >= CharStringP->len) return(FALSE); /* end of string */ + /* We handle the non-documented Adobe convention to use lenIV=-1 to + suppress charstring encryption. */ + if (blues->lenIV==-1) { +@@ -1700,7 +1701,7 @@ + long pindex = 0; + + /* compute hinting for previous segment! */ +- if (ppoints == NULL) Error0i("RLineTo: No previous point!\n"); ++ if (ppoints == NULL || numppoints < 2) Error0i("RLineTo: No previous point!\n"); + FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx, dy); + + /* Allocate a new path point and pre-setup data */ +@@ -1729,7 +1730,7 @@ + long pindex = 0; + + /* compute hinting for previous point! */ +- if (ppoints == NULL) Error0i("RRCurveTo: No previous point!\n"); ++ if (ppoints == NULL || numppoints < 2) Error0i("RRCurveTo: No previous point!\n"); + FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx1, dy1); + + /* Allocate three new path points and pre-setup data */ +@@ -1788,7 +1789,9 @@ + long tmpind; + double deltax = 0.0; + double deltay = 0.0; +- ++ ++ if (ppoints == NULL || numppoints < 1) Error0i("DoClosePath: No previous point!"); ++ + /* If this ClosePath command together with the starting point of this + path completes to a segment aligned to a stem, we would miss + hinting for this point. --> Check and explicitly care for this! */ +@@ -1803,6 +1806,7 @@ + deltax = ppoints[i].x - ppoints[numppoints-1].x; + deltay = ppoints[i].y - ppoints[numppoints-1].y; + ++ if (ppoints == NULL || numppoints <= i + 1) Error0i("DoClosePath: No previous point!"); + /* save nummppoints and reset to move point */ + tmpind = numppoints; + numppoints = i + 1; +@@ -1905,7 +1909,7 @@ + FindStems( currx, curry, 0, 0, dx, dy); + } + else { +- if (ppoints == NULL) Error0i("RMoveTo: No previous point!\n"); ++ if (ppoints == NULL || numppoints < 2) Error0i("RMoveTo: No previous point!\n"); + FindStems( currx, curry, ppoints[numppoints-2].x, ppoints[numppoints-2].y, dx, dy); + } + +@@ -2155,6 +2159,7 @@ + DOUBLE cx, cy; + DOUBLE ex, ey; + ++ if (ppoints == NULL || numppoints < 8) Error0v("FlxProc: No previous point!"); + + /* Our PPOINT list now contains 7 moveto commands which + are about to be consumed by the Flex mechanism. --> Remove these +@@ -2324,6 +2329,7 @@ + /* Returns currentpoint on stack */ + static void FlxProc2() + { ++ if (ppoints == NULL || numppoints < 1) Error0v("FlxProc2: No previous point!"); + /* Push CurrentPoint on fake PostScript stack */ + PSFakePush( ppoints[numppoints-1].x); + PSFakePush( ppoints[numppoints-1].y); diff --git a/extra/t1lib/PKGBUILD b/extra/t1lib/PKGBUILD index 0e40c7abc..62849e831 100644 --- a/extra/t1lib/PKGBUILD +++ b/extra/t1lib/PKGBUILD @@ -1,25 +1,44 @@ -# $Id: PKGBUILD 197366 2013-10-25 02:59:44Z allan $ +# $Id: PKGBUILD 206078 2014-02-17 09:58:12Z jgc $ # Maintainer: tobias # Contributor: Rainer Moll pkgname=t1lib pkgver=5.1.2 -pkgrel=4 +pkgrel=5 pkgdesc="Library for generating character- and string-glyphs from Adobe Type 1 fonts" arch=('i686' 'x86_64') url="http://www.ibiblio.org/pub/Linux/libs/graphics/!INDEX.html" license=('GPL') depends=('libxaw') -source=(http://www.ibiblio.org/pub/Linux/libs/graphics/${pkgname}-${pkgver}.tar.gz ) -md5sums=('a5629b56b93134377718009df1435f3c') +source=(http://www.ibiblio.org/pub/Linux/libs/graphics/${pkgname}-${pkgver}.tar.gz + lib-cleanup.diff + format-security.diff + CVE-2011-0764.diff + CVE-2011-1552_1553_1554.patch + CVE-2010-2642.patch) +md5sums=('a5629b56b93134377718009df1435f3c' + '82dafb6051d64a94f32c73d59649ddd0' + 'b947e6a732729db2819d4f857a686e2f' + '60fb9f058a6bb1f760ddaf2ed7d71879' + '22e03d81fab188139acbe7fd3a0a706a' + '2283c116d1dda278ee77ef27c1a8e397') + +prepare() { + cd $pkgname-$pkgver + patch -Np1 -i ../lib-cleanup.diff + patch -Np1 -i ../format-security.diff + patch -Np1 -i ../CVE-2011-0764.diff + patch -Np1 -i ../CVE-2011-1552_1553_1554.patch + patch -Np1 -i ../CVE-2010-2642.patch +} build() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver ./configure --prefix=/usr make without_doc } package() { - cd "${srcdir}/${pkgname}-${pkgver}" + cd $pkgname-$pkgver make DESTDIR="${pkgdir}" install } diff --git a/extra/t1lib/format-security.diff b/extra/t1lib/format-security.diff new file mode 100644 index 000000000..442545571 --- /dev/null +++ b/extra/t1lib/format-security.diff @@ -0,0 +1,33 @@ +--- a/lib/type1/objects.c ++++ b/lib/type1/objects.c +@@ -957,7 +957,7 @@ + + sprintf(typemsg, "Wrong object type in %s; expected %s, found %s.\n", + name, TypeFmt(expect), TypeFmt(obj->type)); +- IfTrace0(TRUE,typemsg); ++ IfTrace1(TRUE, "%s", typemsg); + + ObjectPostMortem(obj); + +--- a/lib/t1lib/t1subset.c ++++ b/lib/t1lib/t1subset.c +@@ -759,7 +759,7 @@ + tr_len); + T1_PrintLog( "T1_SubsetFont()", err_warn_msg_buf, + T1LOG_DEBUG); +- l+=sprintf( &(trailerbuf[l]), linebuf); /* contains the PostScript trailer */ ++ l+=sprintf( &(trailerbuf[l]), "%s", linebuf); /* contains the PostScript trailer */ + } + + /* compute size of output file */ +--- a/lib/type1/objects.h ++++ b/lib/type1/objects.h +@@ -214,7 +214,7 @@ + /*SHARED*/ + /* NDW: personally, I want to see status and error messages! */ + #define IfTrace0(condition,model) \ +- {if (condition) printf(model);} ++ {if (condition) fputs(model,stdout);} + #define IfTrace1(condition,model,arg0) \ + {if (condition) printf(model,arg0);} + #define IfTrace2(condition,model,arg0,arg1) \ diff --git a/extra/t1lib/lib-cleanup.diff b/extra/t1lib/lib-cleanup.diff new file mode 100644 index 000000000..bd109d1a7 --- /dev/null +++ b/extra/t1lib/lib-cleanup.diff @@ -0,0 +1,59 @@ +do not link against libraries that are not needed + +Index: t1lib-5.1.1/lib/Makefile.in +=================================================================== +--- t1lib-5.1.1.orig/lib/Makefile.in 2008-01-05 19:17:21.000000000 +0100 ++++ t1lib-5.1.1/lib/Makefile.in 2008-01-05 19:17:38.000000000 +0100 +@@ -24,7 +24,7 @@ + X_LIBS = @X_LIBS@ + TOPSRC = @top_srcdir@ + XPM_LIB = -lXpm +-XLIB = @X_PRE_LIBS@ -lXext -lX11 @X_EXTRA_LIBS@ ++XLIB = -lX11 + LDFLAGS = @LDFLAGS@ + LDLIBS = @LDLIBS@ + AR = ar rc +@@ -137,7 +137,7 @@ + $(LIBTOOL) --mode=link \ + $(CC) $(LDFLAGS) -o $@ $(T1LIBX_OBJS) \ + -version-info @T1LIB_LT_CURRENT@:@T1LIB_LT_REVISION@:@T1LIB_LT_AGE@ \ +- libt1.la $(X_LIBS) $(XPM_LIB) $(XLIB) -no-undefined -rpath $(libdir) ++ libt1.la $(X_LIBS) $(XLIB) -no-undefined -rpath $(libdir) + cp t1lib/t1libx.h . + + +Index: t1lib-5.1.1/type1afm/Makefile.in +=================================================================== +--- t1lib-5.1.1.orig/type1afm/Makefile.in 2008-01-05 19:17:52.000000000 +0100 ++++ t1lib-5.1.1/type1afm/Makefile.in 2008-01-05 19:18:02.000000000 +0100 +@@ -70,7 +70,7 @@ + + type1afm: $(OBJS) ../lib/t1lib.h + $(LIBTOOL) --mode=link \ +- $(CC) -o type1afm $(LDFLAGS) $(OBJS) $(T1LIB) $(LDLIBS) ++ $(CC) -o type1afm $(LDFLAGS) $(OBJS) $(T1LIB) + + .SUFFIXES: .lo + .c.lo: +Index: t1lib-5.1.1/xglyph/Makefile.in +=================================================================== +--- t1lib-5.1.1.orig/xglyph/Makefile.in 2008-01-05 19:18:15.000000000 +0100 ++++ t1lib-5.1.1/xglyph/Makefile.in 2008-01-05 19:18:31.000000000 +0100 +@@ -24,7 +24,7 @@ + X_LIBS = @X_LIBS@ + TOPSRC = @top_srcdir@ + XPM_LIB = -lXpm +-XLIB = @X_PRE_LIBS@ -lXext -lX11 @X_EXTRA_LIBS@ ++XLIB = -lX11 @X_EXTRA_LIBS@ + LDFLAGS = @LDFLAGS@ + LDLIBS = @LDLIBS@ + AR = ar rc +@@ -65,7 +65,7 @@ + + T1LIB = ../lib/libt1.la + T1LIBX = ../lib/libt1x.la +-XAWLIB = -lXaw -lXt -lXmu ++XAWLIB = -lXaw -lXt + + + all: xglyph diff --git a/extra/t1lib/overflow.patch b/extra/t1lib/overflow.patch deleted file mode 100644 index 9f033c0de..000000000 --- a/extra/t1lib/overflow.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- t1env.c.orig 2007-09-16 19:56:38.319184208 +0200 -+++ t1env.c 2007-09-16 20:05:02.057070439 +0200 -@@ -611,6 +611,12 @@ - #endif - strcat( pathbuf, DIRECTORY_SEP); - /* And finally the filename: */ -+ /* If current pathbuf + StrippedName + 1 byte for NULL is bigger than pathbuf -+ let's try next pathbuf */ -+ if( strlen(pathbuf) + strlen(StrippedName) + 1 > sizeof(pathbuf) ) { -+ i++; -+ continue; -+ } - strcat( pathbuf, StrippedName); - - /* Check for existence of the path: */ diff --git a/extra/x265/PKGBUILD b/extra/x265/PKGBUILD new file mode 100644 index 000000000..01b0fb2e7 --- /dev/null +++ b/extra/x265/PKGBUILD @@ -0,0 +1,26 @@ +# $Id$ +# Maintainer: Bartłomiej Piotrowski +# Contributor: kfgz + +pkgname=x265 +pkgver=0.7 +pkgrel=1 +pkgdesc='Open Source H265/HEVC video encoder' +arch=('i686' 'x86_64') +license=('GPL') +depends=('gcc-libs') +makedepends=('yasm' 'cmake') +url='https://bitbucket.org/multicoreware/x265' +source=($url/get/$pkgver.tar.bz2) +md5sums=('SKIP') + +build() { + cd multicoreware-x265-*/build/linux + cmake -G "Unix Makefiles" -DCMAKE_INSTALL_PREFIX=/usr ../../source + make +} + +package() { + cd multicoreware-x265-*/build/linux + make DESTDIR="$pkgdir" install +} diff --git a/extra/yasm/PKGBUILD b/extra/yasm/PKGBUILD index 3c229a87a..6c0be5bb6 100644 --- a/extra/yasm/PKGBUILD +++ b/extra/yasm/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 197451 2013-10-26 06:45:33Z eric $ +# $Id: PKGBUILD 206072 2014-02-17 01:23:38Z eric $ # Maintainer: Eric Bélanger pkgname=yasm pkgver=1.2.0 -pkgrel=3 +pkgrel=4 pkgdesc="A rewrite of NASM to allow for multiple syntax supported (NASM, TASM, GAS, etc.)" arch=('i686' 'x86_64') url="http://www.tortall.net/projects/yasm/" @@ -13,6 +13,12 @@ options=('staticlibs') source=(http://www.tortall.net/projects/yasm/releases/${pkgname}-${pkgver}.tar.gz) sha1sums=('773d28f27f83c44ac35079add0d3167ca6c1def8') +prepare() { + cd ${pkgname}-${pkgver} +# FS#38940 + sed -i 's/#define NHASH 31/#define NHASH 4096/' modules/preprocs/nasm/nasm-pp.c +} + build() { cd ${pkgname}-${pkgver} ./configure --prefix=/usr -- cgit v1.2.3-54-g00ecf