reinit the tree, so we can have metadata

5 files changed, 353 insertions, 0 deletions

diff --git a/app-text/evince/Manifest b/app-text/evince/Manifest
new file mode 100644
index 000000000000..383fe91d121a
--- /dev/null
+++ b/app-text/evince/Manifest
@@ -0,0 +1,8 @@
+AUX 3.22.1-CVE-2017-1000083.patch 5157 SHA256 7e755824da994a0d9b82f85733ac20c17a881fa98d9e5165368387b2f9e279fd SHA512 f7bf0a0015191d4994d7e6a40a8a3bc4b8b2ec18ad04ca8fc46cca455709955d9f13d7ab2a0f419faca55a85064c4fe9c9f57ac4d9683f0c3fb61331996eb921 WHIRLPOOL 3261868e9c82009dad0aadd52c535a38dcb86b7071a27c352614d8eab93d68aa69a0a11d1d42a9b26193e82f102698590e487b55444fc3a0d72f83b8c9850082
+DIST evince-3.22.1.tar.xz 3365004 SHA256 f3d439db3b5a5745d26175d615a71dffa1535235b1e3aa0b85d397ea33ab231c SHA512 c36a90bf98f25b4f9f05536f1a09c38be30b814529e17a4ab159ba7c1e952402a211f335d4cdf1928ace8a5b46d6d019fbbd457ce11c2ffa264d8bb7c32d5a18 WHIRLPOOL 7b646bab40f9c05b7689de70b1de2e313b0576a772887187d71b51b00c456251169b7e5bb85f44f443a0dcce5199a405dc303c49a4be3d62c244225493c58749
+DIST evince-3.24.1.tar.xz 3511576 SHA256 9ca0c5213407b37be55fddb04a85d9301b692c4412c5920319d975403bff0f37 SHA512 205c1c9b68c9215bdcebf0c36841a35898e056ef8e56208db62c1fac04c4efad8fbc0800f410e3c94c526536adba5e8ead68bebec8f81061a3831789c5173726 WHIRLPOOL de0074c42ec8614a7ef34848de6768a722a855f3113fdad7392993a913f707f6e4fc55f86cbab945b41bc84ba92d79c82e2bc0b680a99702681b4d775706e3c6
+EBUILD evince-3.22.1-r1.ebuild 2874 SHA256 0832fb9f4f4095f23763a6c9b6f419c12d29768ad4e42365d911f81a1ce94012 SHA512 0b41b16686f158123aebc9cd939186524c6c0c84bb2e8dd043620538f2d283ebdf98fcdedadb713adc8f969403bf29b42b0c4854ad7ee043ac68e721d6aab075 WHIRLPOOL a838857c14986adef4f0671a6ac60560a1d98daf8a49c82195b1b09d47f38e6d9809b875cee1d3c185bb75269b7dbf3b1d133f0a52bdb5e84245e1cf9a38c3da
+EBUILD evince-3.24.1.ebuild 2819 SHA256 af3cebcf6c6ded6a839280df54f92a2106d9183fd13b5f1028d8eecc31b735b1 SHA512 7aebe03d4e66ee9a686c08ac8f0c3c0e9205a3cc35e3334fc463eaa4112b01a817558c2760a25f57371685e0e6fc3e9f7bbc57003f1879c5a43eeda3ad7a94f2 WHIRLPOOL 48b96ace9dd75c62fe41f88d5fb5f2a8ca18ca9185c47939156622cbc943150c03a52c1241ab75410a78bb1df721f4661ce830a97b43fd4b8273b09f0628deac
+MISC ChangeLog 5311 SHA256 e1308727ba2c885331119d8bc2e280c78edb8ca853493bd9e8c575f647c7bc1c SHA512 d58d5bafd59b1f3c04d4781edb6c0509a1583dd53f8ef5ea020c1042b63e2be0d7d5d7ce037833a31d82fa7e13394991bc1643751ac0250f1e07c2cd49992290 WHIRLPOOL c6b16268ac6c374eb945800e66709691205c8255a4914ef4114e547d35eb648ac6e43a86d5a117018c076789cb3f3a201930d9036a6b9b147a2c7a742a6a620e
+MISC ChangeLog-2015 44981 SHA256 e8ed4f19d188781c6eb9321bbcea98648fbc3800a6d2e18167adfec313c7e589 SHA512 eb0b055150f34498fdf1a951195e4571ac79b4a43c99f4f5aa86c66a55a5db42335e29712e4bfb7f1e6cd89a98bf49bb4de7709a7c75812826f03f7194016ed9 WHIRLPOOL 4eccd6bf9e9293a82e01c3d45a40fa097556cf1cd18c7d04f7483a2a1c37d79e1823904b12ff54d9f0eec4065af099036d17b35c7e1c4c8eb7622a48f9ef0107
+MISC metadata.xml 612 SHA256 9dcf1b7b52be95787c7208d719f965fbcb88ec5b40d50e4a994dfff9af9dcbb4 SHA512 a9ce7d786d979e14c852b0fe3f722b346dce2f1f52b8f9ab272a1f2291ce88adba78c5d347e3e33a3bb0a58f46d77d20febc92516a4c12bc9f987cccd7aa977c WHIRLPOOL c766224427b16bdc43a415c9753fa9a4dc55b2d8ac5f745003a1bbc175a3f13e85be7731800b55fe84340cc752124c7361b39e8ca032ca075b8c6d6d0948e526
diff --git a/app-text/evince/evince-3.22.1-r1.ebuild b/app-text/evince/evince-3.22.1-r1.ebuild
new file mode 100644
index 000000000000..7ce30ec41a4e
--- /dev/null
+++ b/app-text/evince/evince-3.22.1-r1.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+GNOME2_LA_PUNT="yes"
+
+inherit gnome2 systemd
+
+DESCRIPTION="Simple document viewer for GNOME"
+HOMEPAGE="https://wiki.gnome.org/Apps/Evince"
+
+LICENSE="GPL-2+ CC-BY-SA-3.0"
+# subslot = evd3.(suffix of libevdocument3)-evv3.(suffix of libevview3)
+SLOT="0/evd3.4-evv3.3"
+IUSE="djvu dvi gstreamer gnome gnome-keyring +introspection nautilus nsplugin +postscript t1lib tiff xps"
+KEYWORDS="~alpha amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux ~x64-solaris"
+
+# atk used in libview
+# gdk-pixbuf used all over the place
+COMMON_DEPEND="
+	dev-libs/atk
+	>=dev-libs/glib-2.36:2[dbus]
+	>=dev-libs/libxml2-2.5:2
+	sys-libs/zlib:=
+	x11-libs/gdk-pixbuf:2
+	>=x11-libs/gtk+-3.16.0:3[introspection?]
+	gnome-base/gsettings-desktop-schemas
+	>=x11-libs/cairo-1.10:=
+	>=app-text/poppler-0.33[cairo]
+	djvu? ( >=app-text/djvu-3.5.22:= )
+	dvi? (
+		virtual/tex-base
+		dev-libs/kpathsea:=
+		t1lib? ( >=media-libs/t1lib-5:= ) )
+	gstreamer? (
+		media-libs/gstreamer:1.0
+		media-libs/gst-plugins-base:1.0
+		media-libs/gst-plugins-good:1.0 )
+	gnome? ( gnome-base/gnome-desktop:3= )
+	gnome-keyring? ( >=app-crypt/libsecret-0.5 )
+	introspection? ( >=dev-libs/gobject-introspection-1:= )
+	nautilus? ( >=gnome-base/nautilus-2.91.4[introspection?] )
+	postscript? ( >=app-text/libspectre-0.2:= )
+	tiff? ( >=media-libs/tiff-3.6:0= )
+	xps? ( >=app-text/libgxps-0.2.1:= )
+"
+RDEPEND="${COMMON_DEPEND}
+	gnome-base/gvfs
+	gnome-base/librsvg
+	|| (
+		>=x11-themes/adwaita-icon-theme-2.17.1
+		>=x11-themes/hicolor-icon-theme-0.10 )
+"
+DEPEND="${COMMON_DEPEND}
+	app-text/docbook-xml-dtd:4.3
+	app-text/yelp-tools
+	dev-util/gdbus-codegen
+	>=dev-util/gtk-doc-am-1.13
+	>=dev-util/intltool-0.35
+	dev-util/itstool
+	sys-devel/gettext
+	virtual/pkgconfig
+"
+# eautoreconf needs:
+#  app-text/yelp-tools
+
+PATCHES=(
+	"${FILESDIR}"/${PV}-CVE-2017-1000083.patch
+)
+
+src_prepare() {
+	gnome2_src_prepare
+
+	# Do not depend on adwaita-icon-theme, bug #326855, #391859
+	# https://bugs.freedesktop.org/show_bug.cgi?id=29942
+	sed -e 's/adwaita-icon-theme >= $ADWAITA_ICON_THEME_REQUIRED//g' \
+		-i configure || die "sed failed"
+}
+
+src_configure() {
+	gnome2_src_configure \
+		--disable-static \
+		--enable-pdf \
+		--enable-comics \
+		--enable-thumbnailer \
+		--with-platform=gnome \
+		--enable-dbus \
+		$(use_enable djvu) \
+		$(use_enable dvi) \
+		$(use_enable gstreamer multimedia) \
+		$(use_enable gnome libgnome-desktop) \
+		$(use_with gnome-keyring keyring) \
+		$(use_enable introspection) \
+		$(use_enable nautilus) \
+		$(use_enable nsplugin browser-plugin) \
+		$(use_enable postscript ps) \
+		$(use_enable t1lib) \
+		$(use_enable tiff) \
+		$(use_enable xps) \
+		BROWSER_PLUGIN_DIR="${EPREFIX}"/usr/$(get_libdir)/nsbrowser/plugins \
+		--with-systemduserunitdir="$(systemd_get_userunitdir)"
+}
diff --git a/app-text/evince/evince-3.24.1.ebuild b/app-text/evince/evince-3.24.1.ebuild
new file mode 100644
index 000000000000..28ce5a2f8a0d
--- /dev/null
+++ b/app-text/evince/evince-3.24.1.ebuild
@@ -0,0 +1,98 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+GNOME2_LA_PUNT="yes"
+
+inherit gnome2 systemd
+
+DESCRIPTION="Simple document viewer for GNOME"
+HOMEPAGE="https://wiki.gnome.org/Apps/Evince"
+
+LICENSE="GPL-2+ CC-BY-SA-3.0"
+# subslot = evd3.(suffix of libevdocument3)-evv3.(suffix of libevview3)
+SLOT="0/evd3.4-evv3.3"
+IUSE="djvu dvi gstreamer gnome gnome-keyring +introspection nautilus nsplugin +postscript t1lib tiff xps"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~x64-solaris"
+
+# atk used in libview
+# gdk-pixbuf used all over the place
+COMMON_DEPEND="
+	dev-libs/atk
+	>=dev-libs/glib-2.36:2[dbus]
+	>=dev-libs/libxml2-2.5:2
+	sys-libs/zlib:=
+	x11-libs/gdk-pixbuf:2
+	>=x11-libs/gtk+-3.16.0:3[introspection?]
+	gnome-base/gsettings-desktop-schemas
+	>=x11-libs/cairo-1.10:=
+	>=app-text/poppler-0.33[cairo]
+	djvu? ( >=app-text/djvu-3.5.22:= )
+	dvi? (
+		virtual/tex-base
+		dev-libs/kpathsea:=
+		t1lib? ( >=media-libs/t1lib-5:= ) )
+	gstreamer? (
+		media-libs/gstreamer:1.0
+		media-libs/gst-plugins-base:1.0
+		media-libs/gst-plugins-good:1.0 )
+	gnome? ( gnome-base/gnome-desktop:3= )
+	gnome-keyring? ( >=app-crypt/libsecret-0.5 )
+	introspection? ( >=dev-libs/gobject-introspection-1:= )
+	nautilus? ( >=gnome-base/nautilus-2.91.4[introspection?] )
+	postscript? ( >=app-text/libspectre-0.2:= )
+	tiff? ( >=media-libs/tiff-3.6:0= )
+	xps? ( >=app-text/libgxps-0.2.1:= )
+"
+RDEPEND="${COMMON_DEPEND}
+	gnome-base/gvfs
+	gnome-base/librsvg
+	|| (
+		>=x11-themes/adwaita-icon-theme-2.17.1
+		>=x11-themes/hicolor-icon-theme-0.10 )
+"
+DEPEND="${COMMON_DEPEND}
+	app-text/docbook-xml-dtd:4.3
+	app-text/yelp-tools
+	dev-util/gdbus-codegen
+	>=dev-util/gtk-doc-am-1.13
+	>=dev-util/intltool-0.35
+	dev-util/itstool
+	sys-devel/gettext
+	virtual/pkgconfig
+"
+# eautoreconf needs:
+#  app-text/yelp-tools
+
+src_prepare() {
+	gnome2_src_prepare
+
+	# Do not depend on adwaita-icon-theme, bug #326855, #391859
+	# https://bugs.freedesktop.org/show_bug.cgi?id=29942
+	sed -e 's/adwaita-icon-theme >= $ADWAITA_ICON_THEME_REQUIRED//g' \
+		-i configure || die "sed failed"
+}
+
+src_configure() {
+	gnome2_src_configure \
+		--disable-static \
+		--enable-pdf \
+		--enable-comics \
+		--enable-thumbnailer \
+		--with-platform=gnome \
+		--enable-dbus \
+		$(use_enable djvu) \
+		$(use_enable dvi) \
+		$(use_enable gstreamer multimedia) \
+		$(use_enable gnome libgnome-desktop) \
+		$(use_with gnome-keyring keyring) \
+		$(use_enable introspection) \
+		$(use_enable nautilus) \
+		$(use_enable nsplugin browser-plugin) \
+		$(use_enable postscript ps) \
+		$(use_enable t1lib) \
+		$(use_enable tiff) \
+		$(use_enable xps) \
+		BROWSER_PLUGIN_DIR="${EPREFIX}"/usr/$(get_libdir)/nsbrowser/plugins \
+		--with-systemduserunitdir="$(systemd_get_userunitdir)"
+}
diff --git a/app-text/evince/files/3.22.1-CVE-2017-1000083.patch b/app-text/evince/files/3.22.1-CVE-2017-1000083.patch
new file mode 100644
index 000000000000..9164c618145a
--- /dev/null
+++ b/app-text/evince/files/3.22.1-CVE-2017-1000083.patch
@@ -0,0 +1,130 @@
+From: Bastien Nocera
+Date: Thu, 6 Jul 2017 20:02:00 +0200
+Subject: comics: Remove support for tar and tar-like commands
+
+When handling tar files, or using a command with tar-compatible syntax,
+to open comic-book archives, both the archive name (the name of the
+comics file) and the filename (the name of a page within the archive)
+are quoted to not be interpreted by the shell.
+
+But the filename is completely with the attacker's control and can start
+with "--" which leads to tar interpreting it as a command line flag.
+
+This can be exploited by creating a CBT file (a tar archive with the
+.cbt suffix) with an embedded file named something like this:
+"--checkpoint-action=exec=bash -c 'touch ~/hacked;'.jpg"
+
+CBT files are infinitely rare (CBZ is usually used for DRM-free
+commercial releases, CBR for those from more dubious provenance), so
+removing support is the easiest way to avoid the bug triggering. All
+this code was rewritten in the development release for GNOME 3.26 to not
+shell out to any command, closing off this particular attack vector.
+
+This also removes the ability to use libarchive's bsdtar-compatible
+binary for CBZ (ZIP), CB7 (7zip), and CBR (RAR) formats. The first two
+are already supported by unzip and 7zip respectively. libarchive's RAR
+support is limited, so unrar is a requirement anyway.
+
+Discovered by Felix Wilhelm from the Google Security Team.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=784630
+---
+ backend/comics/comics-document.c | 40 +---------------------------------------
+ configure.ac                     |  2 +-
+ 2 files changed, 2 insertions(+), 40 deletions(-)
+
+diff --git a/backend/comics/comics-document.c b/backend/comics/comics-document.c
+index 96ed26e..3af119a 100644
+--- a/backend/comics/comics-document.c
++++ b/backend/comics/comics-document.c
+@@ -56,8 +56,7 @@ typedef enum
+ 	RARLABS,
+ 	GNAUNRAR,
+ 	UNZIP,
+-	P7ZIP,
+-	TAR
++	P7ZIP
+ } ComicBookDecompressType;
+ 
+ typedef struct _ComicsDocumentClass ComicsDocumentClass;
+@@ -117,9 +116,6 @@ static const ComicBookDecompressCommand command_usage_def[] = {
+ 
+         /* 7zip */
+ 	{NULL               , "%s l -- %s"     , "%s x -y %s -o%s", FALSE, OFFSET_7Z},
+-
+-        /* tar */
+-	{"%s -xOf"          , "%s -tf %s"      , NULL             , FALSE, NO_OFFSET}
+ };
+ 
+ static GSList*    get_supported_image_extensions (void);
+@@ -364,13 +360,6 @@ comics_check_decompress_command	(gchar          *mime_type,
+ 			comics_document->command_usage = GNAUNRAR;
+ 			return TRUE;
+ 		}
+-		comics_document->selected_command =
+-				g_find_program_in_path ("bsdtar");
+-		if (comics_document->selected_command) {
+-			comics_document->command_usage = TAR;
+-			return TRUE;
+-		}
+-
+ 	} else if (g_content_type_is_a (mime_type, "application/x-cbz") ||
+ 		   g_content_type_is_a (mime_type, "application/zip")) {
+ 		/* InfoZIP's unzip program */
+@@ -396,12 +385,6 @@ comics_check_decompress_command	(gchar          *mime_type,
+ 			comics_document->command_usage = P7ZIP;
+ 			return TRUE;
+ 		}
+-		comics_document->selected_command =
+-				g_find_program_in_path ("bsdtar");
+-		if (comics_document->selected_command) {
+-			comics_document->command_usage = TAR;
+-			return TRUE;
+-		}
+ 
+ 	} else if (g_content_type_is_a (mime_type, "application/x-cb7") ||
+ 		   g_content_type_is_a (mime_type, "application/x-7z-compressed")) {
+@@ -425,27 +408,6 @@ comics_check_decompress_command	(gchar          *mime_type,
+ 			comics_document->command_usage = P7ZIP;
+ 			return TRUE;
+ 		}
+-		comics_document->selected_command =
+-				g_find_program_in_path ("bsdtar");
+-		if (comics_document->selected_command) {
+-			comics_document->command_usage = TAR;
+-			return TRUE;
+-		}
+-	} else if (g_content_type_is_a (mime_type, "application/x-cbt") ||
+-		   g_content_type_is_a (mime_type, "application/x-tar")) {
+-		/* tar utility (Tape ARchive) */
+-		comics_document->selected_command =
+-				g_find_program_in_path ("tar");
+-		if (comics_document->selected_command) {
+-			comics_document->command_usage = TAR;
+-			return TRUE;
+-		}
+-		comics_document->selected_command =
+-				g_find_program_in_path ("bsdtar");
+-		if (comics_document->selected_command) {
+-			comics_document->command_usage = TAR;
+-			return TRUE;
+-		}
+ 	} else {
+ 		g_set_error (error,
+ 			     EV_DOCUMENT_ERROR,
+diff --git a/configure.ac b/configure.ac
+index 36e866a..26a1a7d 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -795,7 +795,7 @@ AC_SUBST(TIFF_MIME_TYPES)
+ AC_SUBST(APPDATA_TIFF_MIME_TYPES)
+ AM_SUBST_NOTMAKE(APPDATA_TIFF_MIME_TYPES)
+ if test "x$enable_comics" = "xyes"; then
+-        COMICS_MIME_TYPES="application/x-cbr;application/x-cbz;application/x-cb7;application/x-cbt;application/x-ext-cbr;application/x-ext-cbz;application/vnd.comicbook+zip;application/x-ext-cb7;application/x-ext-cbt"
++        COMICS_MIME_TYPES="application/x-cbr;application/x-cbz;application/x-cb7;application/x-ext-cbr;application/x-ext-cbz;application/vnd.comicbook+zip;application/x-ext-cb7;"
+         APPDATA_COMICS_MIME_TYPES=$(echo "<mimetype>$COMICS_MIME_TYPES</mimetype>" | sed -e 's/;/<\/mimetype>\n    <mimetype>/g')
+         if test -z "$EVINCE_MIME_TYPES"; then
+            EVINCE_MIME_TYPES="${COMICS_MIME_TYPES}"
+-- 
+cgit v0.12
+
diff --git a/app-text/evince/metadata.xml b/app-text/evince/metadata.xml
new file mode 100644
index 000000000000..7601c5d749ed
--- /dev/null
+++ b/app-text/evince/metadata.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="project">
+		<email>gnome@gentoo.org</email>
+		<name>Gentoo GNOME Desktop</name>
+	</maintainer>
+	<use>
+		<flag name="dvi">Enable the built-in DVI viewer</flag>
+		<flag name="nautilus">Enable property page extension in <pkg>gnome-base/nautilus</pkg></flag>
+		<flag name="t1lib">Enable the Type-1 fonts for the built-in DVI viewer
+			(<pkg>media-libs/t1lib</pkg>)</flag>
+		<flag name="xps">Enable XPS viewer using <pkg>app-text/libgxps</pkg></flag>
+	</use>
+</pkgmetadata>