diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2020-08-25 10:45:55 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2020-08-25 10:45:55 +0100 |
commit | 3cf7c3ef441822c889356fd1812ebf2944a59851 (patch) | |
tree | c513fe68548b40365c1c2ebfe35c58ad431cdd77 /media-sound/lilypond | |
parent | 05b8b0e0af1d72e51a3ee61522941bf7605cd01c (diff) |
gentoo resync : 25.08.2020
Diffstat (limited to 'media-sound/lilypond')
-rw-r--r-- | media-sound/lilypond/Manifest | 7 | ||||
-rw-r--r-- | media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch | 101 | ||||
-rw-r--r-- | media-sound/lilypond/lilypond-2.21.1-r1.ebuild (renamed from media-sound/lilypond/lilypond-2.21.1.ebuild) | 20 | ||||
-rw-r--r-- | media-sound/lilypond/lilypond-2.21.4-r1.ebuild | 130 | ||||
-rw-r--r-- | media-sound/lilypond/lilypond-9999.ebuild | 23 |
5 files changed, 243 insertions, 38 deletions
diff --git a/media-sound/lilypond/Manifest b/media-sound/lilypond/Manifest index cddef8a23359..3a0b17df2c66 100644 --- a/media-sound/lilypond/Manifest +++ b/media-sound/lilypond/Manifest @@ -1,6 +1,9 @@ AUX 50lilypond-gentoo.el 258 BLAKE2B f7db42921301c25260128a9e1e990985883b8959cd76b9dda1d67f7515f003b6e8986cfafb3988748e0b2eac5e6b64db943b376ade3fdaa63023b0b6ea5d6fab SHA512 6cffb5df0776b0d03725c534d8fd1acc09b222d964bf6480e0220c02612d7d1348e3c27da908cdc8de929549dc52678d582d620c00cf35f82aaa2203e7b4d69e AUX lilypond-2.21.1-fix-font-size.patch 505 BLAKE2B 33f98803eea6a87082a9c724bb88ea6fc9493f97856f8c581f28c786010ce215a6626970eec602d8d311ec5e84f5485cf7a3cfd3fdc1099c8096ca5af28aeae6 SHA512 a59c00e4f2c44797e4e7656bc7f097b644399a211c691c8ca1502dfbdc0806ce9efbc24644675b2d246f585b74a17bd1895a5bb830fe10cda2e6dc7c0846848c +AUX lilypond-fix-cve-2020-17353.patch 2867 BLAKE2B 135d6ccc6ed93786189b54ea77219d527e6febd59434a10b33255e2d3c21db600ea9e231d852d188a8933c6acf5f1567f48c4b7e8f905f8bc87dda1b13d8d936 SHA512 83f513a6c4999579102b592e7babc556f49a4d04f799203ff790ec211c0744a91a17700b6742c3a2044ef90c2ce52a6f768f69f376952867715315bc8096689c DIST lilypond-2.21.1.tar.gz 18135688 BLAKE2B 4a797c325e254b59cb314b28a801198f398efd7a37cac448b79d8161ab7248b0c9ca45ce742b82d0aebb784a98637209c84df74304a9e8c8f744b9f5033e18d2 SHA512 596f6a09d0f9a0c39ca717a9e4e246e03679a6cf40a78491eac9bc3eccf173799c75a0baef491cae8385bf1abda53244fd731695762b6fd841396edb92d0ab75 -EBUILD lilypond-2.21.1.ebuild 3221 BLAKE2B 33351791371ec81926732bbd0fb5d85f2835e3c3548f85a9e3eb9ecdfacbc5bd545c00ec720ad7836d38d4c2dd2ef8ad1d99ad04b8bcbf230bd502268c84c473 SHA512 8cc9002fd62a60f71a3d404c873fd5149c1da6e83e3bede9303cef2f0a2724e60bf6997da2c944cc0e17a576728e185031e1e1e2172ec55f93c6a055017aa23f -EBUILD lilypond-9999.ebuild 3232 BLAKE2B 136ffb23d241355358c792690d96a6e40b2c641c6180bfc2b513a2ae6defc228301b08530a4d8f271b76b245a722d0b85c3637193d6db9e0b68c7fa6b7ad3fb8 SHA512 5c95e8e885f9d9ee77bf469763fc738703aeba5f1580218d3b2144c56b0a1cae0f7a3b2bf0671eb4e6ab01eba8e844057763084990c073dff07bd2ea271edd41 +DIST lilypond-2.21.4.tar.gz 18011766 BLAKE2B fe9731a170ec6e551bd5e2259cca33e1c69ee5dedccaf39e7026afe3342da8d301f7450450122f4e102915d4469dddb89575b3a75db21e988d526d9b683bcc38 SHA512 29d671d411cf3817e8a62f208bec4c8d74a08c3a54b8856c1474cfa736e2882c5418b52af2675598093fae2b77c2ba4c812aae9164d99c9643ff18271cee6860 +EBUILD lilypond-2.21.1-r1.ebuild 2915 BLAKE2B 8d74f5ee00c2720c7727e01c68fc9b1b2f26c98e1fc42e924e18dc2aa5fc85d4ddf808b55a93be3b4bdaaafa61889589b3bb0c717ece561be73e556c54532e72 SHA512 d308d5fb8916446b59ef63635e18e2ff657bfac712342910836a081f2d09c3aed8236115a39ccdfd780172d472a2fed5b94c837be3205d820fb94a0cd16c8387 +EBUILD lilypond-2.21.4-r1.ebuild 2928 BLAKE2B e304dfcaf4f267b991a5f449913fdcaa195a72dd8465ddac3865395de5fb7213b296a5b5e1c0993ca1a383cbcacd83f23f262f08c99e1239755655ad3d42ecc1 SHA512 5f76b763f9f582afbc24f3b97e1ccd26593d7dc571f08e0ca9dae71f8cad93ca7b14d1bfd2608ea349174646498583185f90bf7f59e706af4c90170c04d79145 +EBUILD lilypond-9999.ebuild 2908 BLAKE2B 4fbe34b7372cc6aa790119433519b2f9f934b7315b9601f5148598dbfafdeeca2de58b0b53afe15f80efb6ed0b24fe6ff0faf13d91e21b21815184663ef9444a SHA512 2a36d755c15731d168283dd2d4a582c479d77740d5f4596baf04b502a662e9e50e63bdf4aa6becb3e273f0b0c80b098d038723ff51e441e90eaba0d75fff34b9 MISC metadata.xml 526 BLAKE2B ce52e2b93fd4d25cded4c75feef562383276aa429f8ffe083b967377193e81ff1b0d4479d1c1a0d7bb23923f7771cdde0f93bd266ef72fb3e050fb4263d48955 SHA512 1c75ebaa028d19162a24635c978d5723541212e0fed095feda44a2b96d3ad715bc7b2425da544c61e4f3c8dbfeb26b0ccfe030233e116ee75f91a224ec118f1e diff --git a/media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch b/media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch new file mode 100644 index 000000000000..e91947eae056 --- /dev/null +++ b/media-sound/lilypond/files/lilypond-fix-cve-2020-17353.patch @@ -0,0 +1,101 @@ +From b84ea4740f3279516905c5db05f4074e777c16ff Mon Sep 17 00:00:00 2001 +From: Han-Wen Nienhuys <hanwenn@gmail.com> +Date: Tue, 21 Jul 2020 14:45:08 +0200 +Subject: [PATCH] scm: disable embedded-ps and embedded-svg in -dsafe mode + +This prevents executing privileged PostScript and exploiting +Ghostscript vulnerablilities + +Tested: + $ lilypond -dsafe input/regression/les-nereides.ly + (works, kinda) + + $ cat f.ly + { c4_ \markup \postscript #" (x) show " } + + $ lilypond -dsafe f + Preprocessing graphical objects.../home/hanwen/vc/lilypond/out/share/lilypond/current/scm/define-markup-commands.scm:1145:3: In procedure ly_make_stencil in expression (ly:make-stencil (list # #) (quote #) ...): + /home/hanwen/vc/lilypond/out/share/lilypond/current/scm/define-markup-commands.scm:1145:3: Wrong type argument in position 1 (expecting registered stencil expression): (embedded-ps " +--- + scm/define-stencil-commands.scm | 65 ++++++++++++++++++++++------------------- + 1 file changed, 35 insertions(+), 30 deletions(-) + +diff --git a/scm/define-stencil-commands.scm b/scm/define-stencil-commands.scm +index 09a2299..e388788 100644 +--- a/scm/define-stencil-commands.scm ++++ b/scm/define-stencil-commands.scm +@@ -21,36 +21,41 @@ + (define-public (ly:all-stencil-commands) + "Return the list of stencil commands that can be + defined in the output modules (@file{output-*.scm})." +- '(blank +- char +- circle +- dashed-line +- draw-line +- ellipse +- embedded-ps +- embedded-svg +- end-group-node +- glyph-string +- grob-cause +- named-glyph +- no-origin +- page-link +- path +- partial-ellipse +- placebox +- polygon +- resetcolor +- resetrotation +- resetscale +- round-filled-box +- setcolor +- setrotation +- setscale +- start-group-node +- text +- unknown +- url-link +- utf-8-string ++ (let* ++ ((commands '(blank ++ char ++ circle ++ dashed-line ++ draw-line ++ ellipse ++ end-group-node ++ glyph-string ++ grob-cause ++ named-glyph ++ no-origin ++ page-link ++ path ++ partial-ellipse ++ placebox ++ polygon ++ resetcolor ++ resetrotation ++ resetscale ++ round-filled-box ++ setcolor ++ setrotation ++ setscale ++ start-group-node ++ text ++ unknown ++ url-link ++ utf-8-string ++ ))) ++ ++ (if (ly:get-option 'safe) ++ commands ++ (append '(embedded-ps embedded-svg) ++ commands)) + )) + + ;; TODO: +-- +1.9.1 + diff --git a/media-sound/lilypond/lilypond-2.21.1.ebuild b/media-sound/lilypond/lilypond-2.21.1-r1.ebuild index ffc80213cf1b..521872ddafbd 100644 --- a/media-sound/lilypond/lilypond-2.21.1.ebuild +++ b/media-sound/lilypond/lilypond-2.21.1-r1.ebuild @@ -24,11 +24,7 @@ IUSE="debug emacs guile2 profile vim-syntax" REQUIRED_USE="${PYTHON_REQUIRED_USE}" BDEPEND=" - >=dev-texlive/texlive-metapost-2013 - || ( - >=app-text/texlive-core-2013 - >=dev-tex/metapost-1.803 - ) + >=dev-texlive/texlive-metapost-2020 >=sys-apps/texinfo-4.11 >=sys-devel/bison-2.0 sys-devel/flex @@ -59,22 +55,11 @@ RESTRICT="test" PATCHES=( "${FILESDIR}"/${P}-fix-font-size.patch + "${FILESDIR}"/${PN}-fix-cve-2020-17353.patch ) DOCS=( DEDICATION HACKING README.txt ROADMAP ) -pkg_setup() { - # make sure >=metapost-1.803 is selected if it's installed, bug 498704 - if [[ ${MERGE_TYPE} != binary ]] && has_version ">=dev-tex/metapost-1.803" ; then - if [[ $(readlink "${EROOT}"/usr/bin/mpost) =~ mpost-texlive-* ]] ; then - einfo "Updating metapost symlink" - eselect mpost update || die - fi - fi - - python-single-r1_pkg_setup -} - src_prepare() { default @@ -105,6 +90,7 @@ src_configure() { $(use_enable debug debugging) $(use_enable profile profiling) ) + export VARTEXFONTS="${T}/fonts" # https://bugs.gentoo.org/692010 econf "${myeconfargs[@]}" } diff --git a/media-sound/lilypond/lilypond-2.21.4-r1.ebuild b/media-sound/lilypond/lilypond-2.21.4-r1.ebuild new file mode 100644 index 000000000000..0196e4c7d4d9 --- /dev/null +++ b/media-sound/lilypond/lilypond-2.21.4-r1.ebuild @@ -0,0 +1,130 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +PYTHON_COMPAT=( python3_{6,7,8,9} ) + +inherit elisp-common autotools python-single-r1 toolchain-funcs xdg-utils + +if [[ "${PV}" = "9999" ]]; then + inherit git-r3 + EGIT_REPO_URI="https://git.savannah.gnu.org/git/lilypond.git" +else + MAIN_VER=$(ver_cut 1-2) + SRC_URI="http://lilypond.org/download/sources/v${MAIN_VER}/${P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~x86" +fi + +DESCRIPTION="GNU Music Typesetter" +HOMEPAGE="http://lilypond.org/" + +LICENSE="GPL-3 FDL-1.3" +SLOT="0" +IUSE="debug emacs guile2 profile vim-syntax" +REQUIRED_USE="${PYTHON_REQUIRED_USE}" + +BDEPEND=" + >=dev-texlive/texlive-metapost-2020 + >=sys-apps/texinfo-4.11 + >=sys-devel/bison-2.0 + sys-devel/flex + virtual/pkgconfig +" +RDEPEND=">=app-text/ghostscript-gpl-8.15 + >=dev-scheme/guile-1.8.2:12=[deprecated,regex] + media-fonts/tex-gyre + media-libs/fontconfig + media-libs/freetype:2 + >=x11-libs/pango-1.12.3 + emacs? ( >=app-editors/emacs-23.1:* ) + guile2? ( >=dev-scheme/guile-2.2:12 ) + !guile2? ( + >=dev-scheme/guile-1.8.2:12=[deprecated,regex] + <dev-scheme/guile-2.0:12 + ) + ${PYTHON_DEPS}" +DEPEND="${RDEPEND} + app-text/t1utils + dev-lang/perl + dev-libs/kpathsea + media-gfx/fontforge[png,python] + sys-devel/gettext" + +# Correct output data for tests isn't bundled with releases +RESTRICT="test" + +PATCHES=( + "${FILESDIR}"/${PN}-2.21.1-fix-font-size.patch + "${FILESDIR}"/${PN}-fix-cve-2020-17353.patch +) + +DOCS=( DEDICATION HACKING README.txt ROADMAP ) + +src_prepare() { + default + + if ! use vim-syntax ; then + sed -i 's/vim//' GNUmakefile.in || die + fi + + # respect CFLAGS + sed -i 's/OPTIMIZE -g/OPTIMIZE/' aclocal.m4 || die + + # remove bundled texinfo file (fixes bug #448560) + rm tex/texinfo.tex || die + + eautoreconf + + xdg_environment_reset #586592 +} + +src_configure() { + # documentation generation currently not supported since it requires a newer + # version of texi2html than is currently in the tree + + local myeconfargs=( + --with-texgyre-dir=/usr/share/fonts/tex-gyre + --disable-documentation + --disable-optimising + --disable-pipe + $(use_enable debug debugging) + $(use_enable profile profiling) + ) + export VARTEXFONTS="${T}/fonts" # https://bugs.gentoo.org/692010 + + econf "${myeconfargs[@]}" +} + +src_compile() { + default + + if use emacs ; then + elisp-compile elisp/lilypond-{font-lock,indent,mode,what-beat}.el \ + || die "elisp-compile failed" + fi +} + +src_install() { + emake DESTDIR="${D}" vimdir=/usr/share/vim/vimfiles install + + # remove elisp files since they are in the wrong directory + rm -r "${ED}"/usr/share/emacs || die + + if use emacs ; then + elisp-install ${PN} elisp/*.{el,elc} elisp/out/*.el \ + || die "elisp-install failed" + elisp-site-file-install "${FILESDIR}"/50${PN}-gentoo.el + fi + + python_fix_shebang "${ED}" + + einstalldocs +} + +pkg_postinst() { + use emacs && elisp-site-regen +} + +pkg_postrm() { + use emacs && elisp-site-regen +} diff --git a/media-sound/lilypond/lilypond-9999.ebuild b/media-sound/lilypond/lilypond-9999.ebuild index eb38a121f497..fc14ef8ed34b 100644 --- a/media-sound/lilypond/lilypond-9999.ebuild +++ b/media-sound/lilypond/lilypond-9999.ebuild @@ -2,7 +2,7 @@ # Distributed under the terms of the GNU General Public License v2 EAPI=7 -PYTHON_COMPAT=( python3_{6,7,8} ) +PYTHON_COMPAT=( python3_{6,7,8,9} ) inherit elisp-common autotools python-single-r1 toolchain-funcs xdg-utils @@ -24,11 +24,7 @@ IUSE="debug emacs guile2 profile vim-syntax" REQUIRED_USE="${PYTHON_REQUIRED_USE}" BDEPEND=" - >=dev-texlive/texlive-metapost-2013 - || ( - >=app-text/texlive-core-2013 - >=dev-tex/metapost-1.803 - ) + >=dev-texlive/texlive-metapost-2020 >=sys-apps/texinfo-4.11 >=sys-devel/bison-2.0 sys-devel/flex @@ -61,19 +57,7 @@ PATCHES=( "${FILESDIR}"/${PN}-2.21.1-fix-font-size.patch ) -DOCS=( DEDICATION HACKING README.txt ROADMAP ) - -pkg_setup() { - # make sure >=metapost-1.803 is selected if it's installed, bug 498704 - if [[ ${MERGE_TYPE} != binary ]] && has_version ">=dev-tex/metapost-1.803" ; then - if [[ $(readlink "${EROOT}"/usr/bin/mpost) =~ mpost-texlive-* ]] ; then - einfo "Updating metapost symlink" - eselect mpost update || die - fi - fi - - python-single-r1_pkg_setup -} +DOCS=( DEDICATION HACKING Documentation/out/topdocs/README.txt ROADMAP ) src_prepare() { default @@ -105,6 +89,7 @@ src_configure() { $(use_enable debug debugging) $(use_enable profile profiling) ) + export VARTEXFONTS="${T}/fonts" # https://bugs.gentoo.org/692010 econf "${myeconfargs[@]}" } |