diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2018-10-07 11:03:14 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2018-10-07 11:03:14 +0100 |
| commit | 957235cf19a691360c720f7913672adda4258ed0 (patch) | |
| tree | 812bba7928f4293ead05a7ee9c1ac39c5ef9f12e /media-libs/exempi | |
| parent | 62f67115b5c46134c34f88f4b1cbdacc19384c0a (diff) | |
gentoo resync : 07.10.2018
Diffstat (limited to 'media-libs/exempi')
| -rw-r--r-- | media-libs/exempi/Manifest | 3 | ||||
| -rw-r--r-- | media-libs/exempi/exempi-2.4.5-r1.ebuild (renamed from media-libs/exempi/exempi-2.4.5.ebuild) | 24 | ||||
| -rw-r--r-- | media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch | 42 |
3 files changed, 59 insertions, 10 deletions
diff --git a/media-libs/exempi/Manifest b/media-libs/exempi/Manifest index f78b0c6ef333..7bfa1dd8f205 100644 --- a/media-libs/exempi/Manifest +++ b/media-libs/exempi/Manifest @@ -1,4 +1,5 @@ AUX exempi-2.4.2-iconv.patch 1440 BLAKE2B a3fccd3c268c28f1fe0b9e13544ba7b33d433a9a92ad9319301996c162766dac9d3fc14f97c3a3c795d787d0b7b9048dec830e1ce5d809b1a14ffa82097e2ff5 SHA512 09cc5ba46c8e0a0b0c1c3b0c86d9c49c21e64a64ca35a90053bf98ed81652b8d1c91bc29a321b5b3bf032b65af220129860f7d3f8c6e12ce608db19c01841736 +AUX exempi-2.4.5-CVE-2018-12648.patch 1556 BLAKE2B 154787079e9a1b3c747275aadd5fd2e47efd6079508b1f2db12ca5d0a83c1efb31ac87f869703e28e1b638a26d693fec6b6875d762c85c2ea63ff3adba70b036 SHA512 12594e62110d5d0e457102db94822c0920196420ca2321193b79736ed05dde6859723d66bba0177d55b0390c0716debfcf0e074ca27eaa12ef3e29e799d3913e DIST exempi-2.4.5.tar.gz 3901474 BLAKE2B 7db80266847a18464ee5d75e2ffa38a05b2b23a30fb02a16c0a4a512f853a625f00db3ee0de3f177af584e12d65c8ecd2acc96cae96ef02d7b39129ab4b5274a SHA512 2b3dd8b2d1763fbbfed1995635f625a8e909a4c3119147385737f349002b2fa038cfaca72b2b877db8f28b9022230e49264b58766a68060b0b7c322cad99b22c -EBUILD exempi-2.4.5.ebuild 1172 BLAKE2B e0ae5fd94d47b0b71dc668183c39b57218a2de780132e813824e673c8e03f8db85f43b80f655a86fb7558023d78f6c98591a7616ac62686275b7b46443130a15 SHA512 66488219608bd2c493e3f8c254ad9aee87be62c9a92e59fc0fffba930f8e41ca5026b8dd19ecad20c0fd5f88759195cb50948e7bc39342dd4a4de5340838a40f +EBUILD exempi-2.4.5-r1.ebuild 1223 BLAKE2B c2d247879a8bd65f89a9a957fd2c7be1396b8f65824a64702adea1f5592596d2367310ab57c11d6cf97a2ea0d9029bd4a6caf2bf182938f5fa1d2e53865f9173 SHA512 af2b6995b53ae1c5427eac267ca96fca20c7bc2a3475a370493c9b7022cc6e24488113fc9ea3e382a904b6798bf10611e9457ff348a7e8ef99da575f729db049 MISC metadata.xml 232 BLAKE2B b8ca675b002ba96d45a3afe7b6dd9f0e74d21db87eb002f72bae4e23fd49602115a18b372084596fdc09c3dccef80ae95ab540dad93fdf5dab0c9fb34f5d28db SHA512 21ba416ac701f1c9deb55d07f8afbf9da930fb04d274d84c5cf0df5e549554059959228ee6a4b8523d985fe0762af1a7c36aaefcb0e5b3c7baa5866e2841cfb4 diff --git a/media-libs/exempi/exempi-2.4.5.ebuild b/media-libs/exempi/exempi-2.4.5-r1.ebuild index 4a723cd96269..85ac5b69d1b6 100644 --- a/media-libs/exempi/exempi-2.4.5.ebuild +++ b/media-libs/exempi/exempi-2.4.5-r1.ebuild @@ -1,32 +1,38 @@ -# Copyright 1999-2018 Gentoo Foundation +# Copyright 1999-2018 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI=6 -inherit autotools ltprune +EAPI=7 -DESCRIPTION="Exempi is a port of the Adobe XMP SDK to work on UNIX" +inherit autotools + +DESCRIPTION="Port of the Adobe XMP SDK to work on UNIX" HOMEPAGE="https://libopenraw.freedesktop.org/wiki/Exempi" SRC_URI="https://libopenraw.freedesktop.org/download/${P}.tar.gz" LICENSE="BSD" SLOT="2/3" -KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ppc ppc64 ~sh sparc x86 ~x86-fbsd" +KEYWORDS="alpha amd64 ~arm ~arm64 ~hppa ~ia64 ppc ppc64 ~sh sparc x86 ~x86-fbsd" IUSE="examples static-libs test" RDEPEND=" >=dev-libs/expat-2:= + sys-libs/zlib virtual/libiconv - sys-libs/zlib:= " -DEPEND="${RDEPEND} +DEPEND="${RDEPEND}" +BDEPEND=" sys-devel/autoconf-archive sys-devel/gettext test? ( >=dev-libs/boost-1.48 ) " +PATCHES=( + "${FILESDIR}"/${PN}-2.4.2-iconv.patch + "${FILESDIR}"/${P}-CVE-2018-12648.patch +) + src_prepare() { default - eapply "${FILESDIR}"/${PN}-2.4.2-iconv.patch cp /usr/share/gettext/config.rpath . || die eautoreconf } @@ -41,7 +47,7 @@ src_configure() { src_install() { default - prune_libtool_files --all + find "${D}" -name '*.la' -delete || die if use examples; then emake -C samples/source distclean diff --git a/media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch b/media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch new file mode 100644 index 000000000000..36f0d0734350 --- /dev/null +++ b/media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch @@ -0,0 +1,42 @@ +From 8ed2f034705fd2d032c81383eee8208fd4eee0ac Mon Sep 17 00:00:00 2001 +From: Victor Rodriguez <victor.rodriguez.bahena@intel.com> +Date: Sat, 18 Aug 2018 13:54:55 +0000 +Subject: [PATCH] Issue #9 - Fix null-pointer-dereference (CVE-2018-12648) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The WEBP::GetLE32 function in +XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a +NULL pointer dereference. + +https://bugs.freedesktop.org/show_bug.cgi?id=106981 +https://gitlab.freedesktop.org/libopenraw/exempi/issues/9 + +Signed-off-by: Victor Rodriguez <victor.rodriguez.bahena@intel.com> +Signed-off-by: Hubert Figuière <hub@figuiere.net> +--- + XMPFiles/source/FormatSupport/WEBP_Support.cpp | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/XMPFiles/source/FormatSupport/WEBP_Support.cpp b/XMPFiles/source/FormatSupport/WEBP_Support.cpp +index ffaf220..4fe705b 100644 +--- a/XMPFiles/source/FormatSupport/WEBP_Support.cpp ++++ b/XMPFiles/source/FormatSupport/WEBP_Support.cpp +@@ -160,9 +160,11 @@ bool VP8XChunk::xmp() + } + void VP8XChunk::xmp(bool hasXMP) + { +- XMP_Uns32 flags = GetLE32(&this->data[0]); +- flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT); +- PutLE32(&this->data[0], flags); ++ if (&this->data[0] != NULL) { ++ XMP_Uns32 flags = GetLE32(&this->data[0]); ++ flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT); ++ PutLE32(&this->data[0], flags); ++ } + } + + Container::Container(WEBP_MetaHandler* handler) : Chunk(NULL, handler) +-- +2.18.0 |