From d37b97a25b8b10f748eead6574b01f893f140b01 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Wed, 6 Dec 2017 18:23:20 +0000 Subject: gentoo resync : 06.12.2017 --- media-gfx/optipng/Manifest | 2 + .../files/optipng-0.7.6-cve-2017-16938.patch | 22 ++++++++ media-gfx/optipng/optipng-0.7.6-r2.ebuild | 59 ++++++++++++++++++++++ 3 files changed, 83 insertions(+) create mode 100644 media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch create mode 100644 media-gfx/optipng/optipng-0.7.6-r2.ebuild (limited to 'media-gfx/optipng') diff --git a/media-gfx/optipng/Manifest b/media-gfx/optipng/Manifest index 695741872358..61735d3898e6 100644 --- a/media-gfx/optipng/Manifest +++ b/media-gfx/optipng/Manifest @@ -1,5 +1,7 @@ AUX optipng-0.7.5-estonian.patch 1014 BLAKE2B 3c973120185be858a89c02b1f452e47da5f51866ec9ad59653d2f27cea9ea2b7d318d33b00c3eb14b6e87e629f63062d63f2ffd523e62b9927b0b75e4d781af1 SHA512 535e869c42df6181f0bd30287adb9175c18e8a9730c997a6466e64870b968d9575e6952889353be5ac4232b2087b004cde953e151da4c75b8048b3cdccb8f27d AUX optipng-0.7.6-cve-2017-1000229.patch 903 BLAKE2B d193e4c62813e40b653699d17b478838633e43536caa6bca54a7b48ad4290af3aa452b37d3bacbb194bec11aeed47e84b60cab4fd71281d554e72309e376ceb4 SHA512 2bf259c59121e735a6c65137d5819c07057b3b1e43e14793cc4f739b607f6ea4e4788ddf1dee521bd8b623796c901f974e7c925f36ff13adec669dfc6fbf449e +AUX optipng-0.7.6-cve-2017-16938.patch 878 BLAKE2B 8ad045b58d4e9072576b50c2f3b2052bc9e877ccfa367a039af27071a999deeadc48c418c5b5b5911022c08a212abb96f486dcf3860da7d74ae2a0978f82de9c SHA512 ea3e0e4823b6acb88f06cb56934147c147b98776f501c09a170f05a0b94355dd08539bb2c3ee69d47293028770df6134c3c648d091e14d5362f360961ee9c468 DIST optipng-0.7.6.tar.gz 2202237 BLAKE2B f113027ff12f2fc97bd4dc43b8e62f5af8f86e251b43c0f86ffbd59366b329d1fc2a58103aa349cb18fb0c9d2e5f051517439c02aeb44ee435c6fff0c75efb7a SHA512 d31d7494c23413d87b601a706cc2faf82923156a818da66e0bfad11741aed065db8f1b0c088d2abd66899ac192408c05f594295ded2684c4549c5f03b140a184 EBUILD optipng-0.7.6-r1.ebuild 1335 BLAKE2B 9d40e9ec7e7d8cd7f96cf82676c48bb32f4eac2eca8c7a7d67eb2419994827ae0dc2b28b02a12265034b98de08100e849d0fba2ba414237165dca3fc096a4f65 SHA512 fde34b5fcd172711ee57f55cd93c8d60eb44086a09974aac5cea7b104a3a7c961a1840a38934aaa0a6182fdc2d8be01372d420af5f30054f298ebd565c0c09f5 +EBUILD optipng-0.7.6-r2.ebuild 1422 BLAKE2B 69f122a162614400ff1c7dee8d2ef71292eee7eece93a9f799a449a07a7c8b5d5b25d87b748e2175a5803ed4ce39cc109b54c60e637fb089194d1c61be50e156 SHA512 b0c5826d47d89fcddd3fdfc6400efc1cd9467a3e2adb18a34dbd18a31574c000e6e4fb57eb4b71509b50c581652a3f7aa46c4b63bebe25b887987b8584c7ed43 MISC metadata.xml 326 BLAKE2B aa1da3dfcfd0faa4d1bcc901659c15b3ce974eace4d7b1317c7fcfdac13939ca4e0ed9d58eb46e7921caefe63475fcffe3193ad138506c9e16b0d8d9abb73bb8 SHA512 57810d8957812cf02573aff451fb8248944bd100beaa06412deb4b5622161fca2ee466ad80050d68e94acf5e2e7963c6fa657416996c0503da6ac88f1f00efdb diff --git a/media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch b/media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch new file mode 100644 index 000000000000..71edf20cfefe --- /dev/null +++ b/media-gfx/optipng/files/optipng-0.7.6-cve-2017-16938.patch @@ -0,0 +1,22 @@ +From e05fb81a20541833a2d62ce08552b18c0920b9a1 Mon Sep 17 00:00:00 2001 +From: Cosmin Truta +Date: Sat, 25 Nov 2017 23:17:46 -0500 +Subject: [PATCH] gifread: Detect indirect circular dependencies in LZW tables + +--- + src/gifread/gifread.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/gifread/gifread.c b/src/gifread/gifread.c +index 0123456789abcdef..0123456789abcdef 100644 +--- a/src/gifread/gifread.c ++++ b/src/gifread/gifread.c +@@ -499,6 +499,8 @@ static int LZWReadByte(int init_flag, int input_code_size, FILE *stream) + *sp++ = table[1][code]; + if (code == table[0][code]) + GIFError("GIF/LZW error: circular table entry"); ++ if ((size_t)(sp - stack) >= sizeof(stack) / sizeof(stack[0])) ++ GIFError("GIF/LZW error: circular table"); + code = table[0][code]; + } + diff --git a/media-gfx/optipng/optipng-0.7.6-r2.ebuild b/media-gfx/optipng/optipng-0.7.6-r2.ebuild new file mode 100644 index 000000000000..b5096a87c8f6 --- /dev/null +++ b/media-gfx/optipng/optipng-0.7.6-r2.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit eutils toolchain-funcs + +DESCRIPTION="Compress PNG files without affecting image quality" +HOMEPAGE="http://optipng.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="ZLIB" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~ppc ~ppc64 ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos ~x86-solaris" +IUSE="" + +RDEPEND="sys-libs/zlib + media-libs/libpng:0" +DEPEND="${RDEPEND} + sys-apps/findutils" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.7.5-estonian.patch + epatch "${FILESDIR}"/${PN}-0.7.6-cve-2017-1000229.patch # bug 637936 + epatch "${FILESDIR}"/${PN}-0.7.6-cve-2017-16938.patch # bug 639690 + + rm -R src/{libpng,zlib} || die + find . -type d -name build -exec rm -R {} + || die + + # next release is almost a complete rewrite, so plug this compilation + # problem in anticipation of the much (c)leaner(?) rewrite + sed -i \ + -e 's/^#ifdef AT_FDCWD/#if defined(AT_FDCWD) \&\& !(defined (__SVR4) \&\& defined (__sun))/' \ + src/optipng/osys.c || die + + tc-export CC AR RANLIB + export LD=$(tc-getCC) + + eapply_user +} + +src_configure() { + ./configure \ + -with-system-libpng \ + -with-system-zlib \ + || die "configure failed" +} + +src_compile() { + emake -C src/optipng +} + +src_install() { + dodoc README.txt doc/*.txt + dohtml doc/*.html + doman src/${PN}/man/${PN}.1 + + dobin src/${PN}/${PN} +} -- cgit v1.2.3