summaryrefslogtreecommitdiff
path: root/media-libs/libjpeg-turbo
diff options
context:
space:
mode:
Diffstat (limited to 'media-libs/libjpeg-turbo')
-rw-r--r--media-libs/libjpeg-turbo/Manifest4
-rw-r--r--media-libs/libjpeg-turbo/files/libjpeg-turbo-1.5.3-CVE-2020-13790.patch43
-rw-r--r--media-libs/libjpeg-turbo/files/libjpeg-turbo-2.0.4-CVE-2020-13790.patch34
-rw-r--r--media-libs/libjpeg-turbo/libjpeg-turbo-1.5.3-r3.ebuild121
-rw-r--r--media-libs/libjpeg-turbo/libjpeg-turbo-2.0.4-r1.ebuild108
5 files changed, 310 insertions, 0 deletions
diff --git a/media-libs/libjpeg-turbo/Manifest b/media-libs/libjpeg-turbo/Manifest
index 60645ce95819..12d0c9437d81 100644
--- a/media-libs/libjpeg-turbo/Manifest
+++ b/media-libs/libjpeg-turbo/Manifest
@@ -1,11 +1,15 @@
AUX libjpeg-turbo-1.2.0-x32.patch 1248 BLAKE2B 760f35a02c6a565a43702a4188186732f93c57a5c879cdc6920c427da097c3dc5eb111189c40510252c0209caf63100ecff7ffec1b10a177b09449db4dc5c3c6 SHA512 9ffc28a89db43eba9545bca2d4c1f5a11953f36a46e294b697bda190058dcaa59982f83552ce54f37ef83970d4b0fefd1e14497854c7991db38ab7f7c1c6afae
+AUX libjpeg-turbo-1.5.3-CVE-2020-13790.patch 1744 BLAKE2B 7cfd68e3f29b530ad573c5f6476ef539e3499d2cfafbe5be129c1a246cf2f3e7f170e71bfb33adbaebe6b3812ccdfd72d99c5961011e093f740d7182fd7c1398 SHA512 1f97899970327fb6dabe521e93029a518f1493bdf45f9a345f55e803f97af7f36b65d569e4921c1aab7478006b4cd34c4f17bf150a7ffdd3760f14d9acb5b303
AUX libjpeg-turbo-1.5.3-cve-2018-11813.patch 1240 BLAKE2B 469eefb5673f48ca8892050507bc7566cacb0b7ff2d2914428971a994bb41d9d717be7fe0a4908cee2ee57a74f6ca8112bee53cb021f4fadbef201536ebee979 SHA512 2542833a6afdbf1f2112695c524197bf5a319ef99c1c6ecea0fe0436681c45321bb6eb59e25fa97d8fa923717452f609e3f85d25547751fa4f8fe99f4ee789c9
AUX libjpeg-turbo-1.5.3-divzero_fix.patch 792 BLAKE2B 31d3617155ac639ebd49a5db9c3898fdd6b20dc04776003121d6c906a96a8963984405b674ad6bee81c6de97304da78fa1de249cca7000fa7eed42f011e5a918 SHA512 b8ba793319e1f8c658f550fe6427625b2053486d784133c6b9e6778fac74c4eedadb6b9c208c6725a27cf585b4857c719ae03efaf602e181c4b782d55cb9b47a
+AUX libjpeg-turbo-2.0.4-CVE-2020-13790.patch 1543 BLAKE2B f8a420aed675c7c5adc1d194bc43b7aabc1c0af7c1a362073c1e1006ef4598e92deacc1373d9645076b43f0277a777007b986e62c71bc84d9d2640308872fa46 SHA512 dbb8b6cfcc672e41af8150139a964deac3d926e7e4435e0d5125b36e7dcfdfcb3915267efeb1a7d891581b34790636ea2d1de48163d8c6ddc50e041dbd1ae140
DIST libjpeg-turbo-1.5.3.tar.gz 1658672 BLAKE2B 4d2182802aa9963fa57ec2c4fb5cf0a586847d43803e4c2d2e12cf1144c4da0ede7fdbace5965c77cd6df4547090165615960ebb65c964fd2fac823c021f50b7 SHA512 b611b1cc3d1ddedddad871854b42449d053a5f910ed1bdfa45c98e0270f4ecc110fde3a10111d2b876d847a826fa634f09c0bb8c357056c9c3a91c9065eb5202
DIST libjpeg-turbo-2.0.3.tar.gz 2161279 BLAKE2B c0def6d6d402eb2070f4861741f9579e5c360e8bc9a64924c7d53c3c65cc8d4577c01e2cf6acf8ddbe7bddc96540f605ddb47d1651a7400738638fb06928824b SHA512 ca7d4dcc5b34e23831ac450b65b8f92894d35e4afba0c52ac9e0c7dc6b41d4fa2bad66eb79198245032ec02b0b2e88cef39b8c696de17b6a869e3093a6b70e36
DIST libjpeg-turbo-2.0.4.tar.gz 2161812 BLAKE2B 9be870a5bafaae279646941b848b69fdf7c95ec08a686b01674f473ef33fe5923a04ba8a2d57df84384530308ca46fc3880a404c0eff769129417a553faed3bb SHA512 708c2e7418d9ed5abca313e2ff5a08f8176d79cad2127573cda6036583c201973db4cfb0eafc0fc8f57ecc7b000d2b4af95980de54de5a0aed45969e993a5bf9
DIST libjpeg8_8d-2.debian.tar.gz 14764 BLAKE2B e93d12afa062da28b717b540492221f70e8d9ccf3885371647cf85a2937f938ca723d4a27d5e1c5d79c26aa25dddf69b38754558851a1704172e8b52baf8e17c SHA512 8c5959fb7583a2d61e9442187f67b91b45e72d9dd30db3360d583a3b5d8e1a908db5659f760bdd455b3056e6ae3535b2fd3b847df3d58b140a1816b754003675
EBUILD libjpeg-turbo-1.5.3-r2.ebuild 2975 BLAKE2B 8adcb465f8dc025163ede13aba9c8c16ad5ba76151181d8800a549c4f3faf2f1ab259fefcca77e13b4384dbaf2f174285f7ee4a76f35b2da2e84ce0b956d189d SHA512 696184c66d92d48a66fffff01d4cd3bf0a4e723896ed659a0d4acd029c768ab23957f6dce4e0b39e576441e4c89e57b89141f8465fc202075a7a11e241cbe63c
+EBUILD libjpeg-turbo-1.5.3-r3.ebuild 2972 BLAKE2B 4154ddd9f709b22356760b786cfe3a3296699e3a7291feb415f830f16ca71963d32307654e69c52c32c054852f29191c126fb757328f017a60e0e4c1dd8bf1c1 SHA512 e4fdfdc8a6f520caf42e692e4610617bbbb132fe20d5cb1af982e2e6166b7a1d52030b2c5802062e9c972a7aeef56f5a88a4543baae6843a0103b15cb7554c51
EBUILD libjpeg-turbo-2.0.3.ebuild 2596 BLAKE2B f474623d5a37027f79a697bd13d12a14ea05ff4c302ec4cb90a82ee4703775b8290994634caa1d688a06170386f79190f4c030d4539d493b87b6c56925b5c189 SHA512 2b4b663c921eac0f088d4881352a65d81eb7a7dd398dfb17cedd062eb957177c41723a2006da1426e1eb4983bc1358e9b0e449d85fb0fe95beec1c526a41d3e6
+EBUILD libjpeg-turbo-2.0.4-r1.ebuild 2819 BLAKE2B 49ee8d67bb5d39a471fb75980ef91df148aad386518563cd45e0bd8b3099eb131d7d6e19a2c42a9a0b79a9fedb3ea335c1a964a8b16fed0d743a6d57993dbce4 SHA512 ebe40fbbcab1f1edfc73a28bcf9cbdca1c6041c5c63fb9c904496b764105c0546f8da68d9160fbc6b88c81a218f2fb7e2cc475372ed59eb79065c766881cf46b
EBUILD libjpeg-turbo-2.0.4.ebuild 2764 BLAKE2B 9c43210e19cec992e9966f71aae6249155877d333bdf822716acaf3d2e5893f973f69e8f92b55e3a9a057d270043b62b8a836b2b69196226378d7eb826343fee SHA512 92d67d8c8e27251ebc3806e8769a0912d2f043ba5858c054a0911a90c60546cc3db498af391334711ce47a7a3ce275117cb26352c0a65c05c81b7a622a9d00f4
MISC metadata.xml 328 BLAKE2B 1a865bcdd6aafcc48199e509b1149bf2b6410b189ad24d58613830e8c95943d71eafb0cc35a567d8d1f7afc3eafc40e7c08e6b40a8afad5a52f7bff4ace1db1e SHA512 410df3851c2c9bc731dcd6774dcb571a50676a834f6429ed05bd8c9a0df3c77d266f73486d12fe04bf482bb39757facd9fd8d349c28ba843fc5f1624aa7f9573
diff --git a/media-libs/libjpeg-turbo/files/libjpeg-turbo-1.5.3-CVE-2020-13790.patch b/media-libs/libjpeg-turbo/files/libjpeg-turbo-1.5.3-CVE-2020-13790.patch
new file mode 100644
index 000000000000..8a9fcbd79724
--- /dev/null
+++ b/media-libs/libjpeg-turbo/files/libjpeg-turbo-1.5.3-CVE-2020-13790.patch
@@ -0,0 +1,43 @@
+From 1bfb0b5247f4fc8f6677639781ce468543490216 Mon Sep 17 00:00:00 2001
+From: DRC <information@libjpeg-turbo.org>
+Date: Tue, 2 Jun 2020 14:15:37 -0500
+Subject: [PATCH] rdppm.c: Fix buf overrun caused by bad binary PPM
+
+This extends the fix in 1e81b0c3ea26f4ea8f56de05367469333de64a9f to
+include binary PPM files with maximum values < 255, thus preventing a
+malformed binary PPM input file with those specifications from
+triggering an overrun of the rescale array and potentially crashing
+cjpeg, TJBench, or any program that uses the tjLoadImage() function.
+
+Fixes #433
+diff --git a/rdppm.c b/rdppm.c
+index c0c096218..899436eec 100644
+--- a/rdppm.c
++++ b/rdppm.c
+@@ -5,7 +5,7 @@
+ * Copyright (C) 1991-1997, Thomas G. Lane.
+ * Modified 2009 by Bill Allombert, Guido Vollbeding.
+ * libjpeg-turbo Modifications:
+- * Copyright (C) 2015, 2016, D. R. Commander.
++ * Copyright (C) 2015, 2016, 2020, D. R. Commander.
+ * For conditions of distribution and use, see the accompanying README.ijg
+ * file.
+ *
+@@ -22,6 +22,7 @@
+ * the file is indeed PPM format).
+ */
+
++#define JPEG_INTERNALS
+ #include "cdjpeg.h" /* Common decls for cjpeg/djpeg applications */
+
+ #ifdef PPM_SUPPORTED
+@@ -425,7 +426,7 @@ start_input_ppm (j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ /* On 16-bit-int machines we have to be careful of maxval = 65535 */
+ source->rescale = (JSAMPLE *)
+ (*cinfo->mem->alloc_small) ((j_common_ptr) cinfo, JPOOL_IMAGE,
+- (size_t) (((long) maxval + 1L) *
++ (size_t) (((long) MAX(maxval, 255) + 1L) *
+ sizeof(JSAMPLE)));
+ half_maxval = maxval / 2;
+ for (val = 0; val <= (long) maxval; val++) {
+
diff --git a/media-libs/libjpeg-turbo/files/libjpeg-turbo-2.0.4-CVE-2020-13790.patch b/media-libs/libjpeg-turbo/files/libjpeg-turbo-2.0.4-CVE-2020-13790.patch
new file mode 100644
index 000000000000..e88ac174684d
--- /dev/null
+++ b/media-libs/libjpeg-turbo/files/libjpeg-turbo-2.0.4-CVE-2020-13790.patch
@@ -0,0 +1,34 @@
+From 3de15e0c344d11d4b90f4a47136467053eb2d09a Mon Sep 17 00:00:00 2001
+From: DRC <information@libjpeg-turbo.org>
+Date: Tue, 2 Jun 2020 14:15:37 -0500
+Subject: [PATCH] rdppm.c: Fix buf overrun caused by bad binary PPM
+
+This extends the fix in 1e81b0c3ea26f4ea8f56de05367469333de64a9f to
+include binary PPM files with maximum values < 255, thus preventing a
+malformed binary PPM input file with those specifications from
+triggering an overrun of the rescale array and potentially crashing
+cjpeg, TJBench, or any program that uses the tjLoadImage() function.
+
+Fixes #433
+diff --git a/rdppm.c b/rdppm.c
+index 87bc33090..a8507b902 100644
+--- a/rdppm.c
++++ b/rdppm.c
+@@ -5,7 +5,7 @@
+ * Copyright (C) 1991-1997, Thomas G. Lane.
+ * Modified 2009 by Bill Allombert, Guido Vollbeding.
+ * libjpeg-turbo Modifications:
+- * Copyright (C) 2015-2017, D. R. Commander.
++ * Copyright (C) 2015-2017, 2020, D. R. Commander.
+ * For conditions of distribution and use, see the accompanying README.ijg
+ * file.
+ *
+@@ -720,7 +720,7 @@ start_input_ppm(j_compress_ptr cinfo, cjpeg_source_ptr sinfo)
+ /* On 16-bit-int machines we have to be careful of maxval = 65535 */
+ source->rescale = (JSAMPLE *)
+ (*cinfo->mem->alloc_small) ((j_common_ptr)cinfo, JPOOL_IMAGE,
+- (size_t)(((long)maxval + 1L) *
++ (size_t)(((long)MAX(maxval, 255) + 1L) *
+ sizeof(JSAMPLE)));
+ half_maxval = maxval / 2;
+ for (val = 0; val <= (long)maxval; val++) {
diff --git a/media-libs/libjpeg-turbo/libjpeg-turbo-1.5.3-r3.ebuild b/media-libs/libjpeg-turbo/libjpeg-turbo-1.5.3-r3.ebuild
new file mode 100644
index 000000000000..0d028b01df98
--- /dev/null
+++ b/media-libs/libjpeg-turbo/libjpeg-turbo-1.5.3-r3.ebuild
@@ -0,0 +1,121 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools libtool java-pkg-opt-2 toolchain-funcs multilib-minimal
+
+DESCRIPTION="MMX, SSE, and SSE2 SIMD accelerated JPEG library"
+HOMEPAGE="https://libjpeg-turbo.org/ https://sourceforge.net/projects/libjpeg-turbo/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz
+ mirror://gentoo/libjpeg8_8d-2.debian.tar.gz"
+
+LICENSE="BSD IJG"
+SLOT="0"
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ~ppc ppc64 ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~x64-macos ~x86-macos"
+IUSE="java static-libs"
+
+ASM_DEPEND="|| ( dev-lang/nasm dev-lang/yasm )"
+COMMON_DEPEND="!media-libs/jpeg:0
+ !media-libs/jpeg:62"
+RDEPEND="${COMMON_DEPEND}
+ java? ( >=virtual/jre-1.5 )"
+DEPEND="${COMMON_DEPEND}
+ amd64? ( ${ASM_DEPEND} )
+ x86? ( ${ASM_DEPEND} )
+ amd64-fbsd? ( ${ASM_DEPEND} )
+ x86-fbsd? ( ${ASM_DEPEND} )
+ amd64-linux? ( ${ASM_DEPEND} )
+ x86-linux? ( ${ASM_DEPEND} )
+ x64-macos? ( ${ASM_DEPEND} )
+ x64-cygwin? ( ${ASM_DEPEND} )
+ java? ( >=virtual/jdk-1.5 )"
+
+MULTILIB_WRAPPED_HEADERS=( /usr/include/jconfig.h )
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-1.2.0-x32.patch #420239
+ "${FILESDIR}"/${P}-divzero_fix.patch #658624
+ "${FILESDIR}"/${P}-cve-2018-11813.patch
+ "${FILESDIR}"/${P}-CVE-2020-13790.patch
+)
+
+src_prepare() {
+ default
+
+ eautoreconf
+
+ java-pkg-opt-2_src_prepare
+}
+
+multilib_src_configure() {
+ local myconf=()
+ if multilib_is_native_abi; then
+ myconf+=( $(use_with java) )
+ if use java; then
+ export JAVACFLAGS="$(java-pkg_javac-args)"
+ export JNI_CFLAGS="$(java-pkg_get-jni-cflags)"
+ fi
+ else
+ myconf+=( --without-java )
+ fi
+ [[ ${ABI} == "x32" ]] && myconf+=( --without-simd ) #420239
+
+ # Force /bin/bash until upstream generates a new version. #533902
+ CONFIG_SHELL="${EPREFIX}"/bin/bash \
+ ECONF_SOURCE=${S} \
+ econf \
+ $(use_enable static-libs static) \
+ --with-mem-srcdst \
+ "${myconf[@]}"
+}
+
+multilib_src_compile() {
+ local _java_makeopts
+ use java && _java_makeopts="-j1"
+ emake ${_java_makeopts}
+
+ if multilib_is_native_abi; then
+ pushd ../debian/extra >/dev/null
+ emake CC="$(tc-getCC)" CFLAGS="${LDFLAGS} ${CFLAGS}"
+ popd >/dev/null
+ fi
+}
+
+multilib_src_test() {
+ emake test
+}
+
+multilib_src_install() {
+ emake \
+ DESTDIR="${D}" \
+ docdir="${EPREFIX}"/usr/share/doc/${PF} \
+ exampledir="${EPREFIX}"/usr/share/doc/${PF} \
+ install
+
+ if multilib_is_native_abi; then
+ pushd "${WORKDIR}"/debian/extra >/dev/null
+ emake \
+ DESTDIR="${D}" prefix="${EPREFIX}"/usr \
+ INSTALL="install -m755" INSTALLDIR="install -d -m755" \
+ install
+ popd >/dev/null
+
+ if use java; then
+ rm -rf "${ED}"/usr/classes
+ java-pkg_dojar java/turbojpeg.jar
+ fi
+ fi
+}
+
+multilib_src_install_all() {
+ find "${ED}" -name '*.la' -type f -delete || die
+
+ dodoc -r "${S}"/doc/html
+ newdoc "${WORKDIR}"/debian/changelog changelog.debian
+ if use java; then
+ newdoc "${S}"/java/README README.java
+ docinto html/java
+ dodoc -r "${S}"/java/doc/*
+ fi
+}
diff --git a/media-libs/libjpeg-turbo/libjpeg-turbo-2.0.4-r1.ebuild b/media-libs/libjpeg-turbo/libjpeg-turbo-2.0.4-r1.ebuild
new file mode 100644
index 000000000000..c48f5acfac1c
--- /dev/null
+++ b/media-libs/libjpeg-turbo/libjpeg-turbo-2.0.4-r1.ebuild
@@ -0,0 +1,108 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+CMAKE_ECLASS=cmake
+inherit cmake-multilib java-pkg-opt-2 libtool toolchain-funcs
+
+DESCRIPTION="MMX, SSE, and SSE2 SIMD accelerated JPEG library"
+HOMEPAGE="https://libjpeg-turbo.org/ https://sourceforge.net/projects/libjpeg-turbo/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz
+ mirror://gentoo/libjpeg8_8d-2.debian.tar.gz"
+
+LICENSE="BSD IJG"
+SLOT="0"
+[[ "$(ver_cut 3)" -ge 90 ]] || \
+KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ~ppc ppc64 ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~x64-macos ~x86-macos"
+IUSE="java static-libs"
+
+ASM_DEPEND="|| ( dev-lang/nasm dev-lang/yasm )"
+COMMON_DEPEND="!media-libs/jpeg:0
+ !media-libs/jpeg:62"
+RDEPEND="${COMMON_DEPEND}
+ java? ( >=virtual/jre-1.5 )"
+DEPEND="${COMMON_DEPEND}
+ amd64? ( ${ASM_DEPEND} )
+ x86? ( ${ASM_DEPEND} )
+ amd64-fbsd? ( ${ASM_DEPEND} )
+ x86-fbsd? ( ${ASM_DEPEND} )
+ amd64-linux? ( ${ASM_DEPEND} )
+ x86-linux? ( ${ASM_DEPEND} )
+ x64-macos? ( ${ASM_DEPEND} )
+ x64-cygwin? ( ${ASM_DEPEND} )
+ java? ( >=virtual/jdk-1.5 )"
+
+MULTILIB_WRAPPED_HEADERS=( /usr/include/jconfig.h )
+
+PATCHES=(
+ "${FILESDIR}"/${P}-CVE-2020-13790.patch
+)
+
+src_prepare() {
+ local FILE
+ ln -snf ../debian/extra/*.c . || die
+
+ for FILE in ../debian/extra/*.c; do
+ FILE=${FILE##*/}
+ cat >> CMakeLists.txt <<EOF || die
+add_executable(${FILE%.c} ${FILE})
+install(TARGETS ${FILE%.c})
+EOF
+ done
+
+ for FILE in ../debian/extra/exifautotran; do
+ cat >> CMakeLists.txt <<EOF || die
+install(FILES \${CMAKE_CURRENT_SOURCE_DIR}/${FILE} DESTINATION \${CMAKE_INSTALL_BINDIR})
+EOF
+ done
+
+ for FILE in ../debian/extra/*.[0-9]*; do
+ cat >> CMakeLists.txt <<EOF || die
+install(FILES \${CMAKE_CURRENT_SOURCE_DIR}/${FILE} DESTINATION \${CMAKE_INSTALL_MANDIR}/man${FILE##*.})
+EOF
+ done
+
+ #default
+
+ cmake_src_prepare
+ java-pkg-opt-2_src_prepare
+}
+
+multilib_src_configure() {
+ if multilib_is_native_abi && use java ; then
+ export JAVACFLAGS="$(java-pkg_javac-args)"
+ export JNI_CFLAGS="$(java-pkg_get-jni-cflags)"
+ fi
+
+ local mycmakeargs=(
+ -DCMAKE_INSTALL_DEFAULT_DOCDIR="${EPREFIX}/usr/share/doc/${PF}"
+ -DENABLE_STATIC="$(usex static-libs)"
+ -DWITH_JAVA="$(multilib_native_usex java)"
+ -DWITH_MEM_SRCDST=ON
+ )
+ [[ ${ABI} == "x32" ]] && mycmakeargs+=( -DREQUIRE_SIMD=OFF ) #420239
+ cmake_src_configure
+}
+
+multilib_src_install() {
+ cmake_src_install
+
+ if multilib_is_native_abi && use java ; then
+ rm -rf "${ED}"/usr/classes || die
+ java-pkg_dojar java/turbojpeg.jar
+ fi
+}
+
+multilib_src_install_all() {
+ find "${ED}" -type f -name '*.la' -delete || die
+
+ docinto html
+ dodoc -r "${S}"/doc/html/*
+ newdoc "${WORKDIR}"/debian/changelog changelog.debian
+ if use java; then
+ docinto html/java
+ dodoc -r "${S}"/java/doc/*
+ newdoc "${S}"/java/README README.java
+ fi
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-15 07:50:29 +0000