From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- media-libs/lcms/Manifest | 7 +++ .../lcms/files/lcms-2.8-CVE-2016-10165.patch | 22 ++++++++++ media-libs/lcms/lcms-2.8-r1.ebuild | 50 +++++++++++++++++++++ media-libs/lcms/lcms-2.8-r2.ebuild | 51 ++++++++++++++++++++++ media-libs/lcms/metadata.xml | 11 +++++ 5 files changed, 141 insertions(+) create mode 100644 media-libs/lcms/Manifest create mode 100644 media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch create mode 100644 media-libs/lcms/lcms-2.8-r1.ebuild create mode 100644 media-libs/lcms/lcms-2.8-r2.ebuild create mode 100644 media-libs/lcms/metadata.xml (limited to 'media-libs/lcms') diff --git a/media-libs/lcms/Manifest b/media-libs/lcms/Manifest new file mode 100644 index 000000000000..940012be38bd --- /dev/null +++ b/media-libs/lcms/Manifest @@ -0,0 +1,7 @@ +AUX lcms-2.8-CVE-2016-10165.patch 772 SHA256 7930bcdbfd6b12230fc7736c538259663da6a80f94e02c0a6c5d24906435c5fc SHA512 f7c53161564bad8fdf7cadff8b5ddec38f9acfd3f21a9569a9da43135529a4e6d504e4e9a2d8674ccf2e0fac33ecda09020ddc7c422e825047c17389c7abbc17 WHIRLPOOL 1d75ead0d972fb63105bc5f64dafaca7f1e0664c99f9b3e688f415f41604f7c6802d7ff79c47d2d085fc299390b40b0110656519c4d9c333545084d4adac4008 +DIST lcms2-2.8.tar.gz 6687005 SHA256 66d02b229d2ea9474e62c2b6cd6720fde946155cd1d0d2bffdab829790a0fb22 SHA512 a9478885b4892c79314a2ef9ab560e6655ac8f2d17abae0805e8b871138bb190e21f0e5c805398449f9dad528dc50baaf9e3cce8b8158eb8ff74179be5733f8f WHIRLPOOL 57c6518fa758ee69da55faeb6810ede6463a3c6b2c70e0d2ccfa789fe09cd8192fdeda04aab9800c7af3b11fea25cb08db8b914a195b48f47f3270025ce8b9b3 +EBUILD lcms-2.8-r1.ebuild 1421 SHA256 97e7085de1873fc64d699bc3e79fbfd2684d9bc49df21e47f5c71e2b2429792a SHA512 d57cbe1fcf49f860ea0b29a5c0e2a8de9381bba3f45fc863e547c463e7b6f223b77b2c87b45d853a48d188bb324e39f6e46370b42850f5a24ed6dab50a7ef0bd WHIRLPOOL 38909c5dd7bd43cf53ecd013008950910a672763bf0f06a58803dea7ab6ee81a8ca0046823742e3180939dc67890614193504ac249b2b7ee714362026e647bf4 +EBUILD lcms-2.8-r2.ebuild 1278 SHA256 585de4f89ad686d026a4e8d27476ac0652f47633fbbb2ea1bbafe443b4c3ff3a SHA512 eb3245f0bec48411922562b688677a5f64e9187b5a05c578582966ef671efe1c263dff14d45b894d235885398559da875ff25cf87d27a56ed559128ed706a15c WHIRLPOOL 3e01ed5f1dcd0ee7c5b3322694b0c3e8ed704aef50fa79e89bf57df5a4be9feb1c78ab77f83478a8342c262f3915c89a8295007ee5c54722bb8e1bc99500f2b6 +MISC ChangeLog 2713 SHA256 9494581fec240107f6ff405f1012e0c8752d763deacffb3755399ad58ccd5cf6 SHA512 a01e22d2f7d81bc24da9588fb822ef77bb3b0deaf040272ef8e7e995340c0c12303e9cfe715f93b666bee398e6bed28449a120a2418aa2c2a7c6616682eb2a68 WHIRLPOOL 450805688be07e3ffaffede192b810f0fe4937ab8643139ba21bbd64324886d5aa15f2c41096ef0234b65b405f929f6a8fffd8792d6aafe858415bdb913ed2fc +MISC ChangeLog-2015 24486 SHA256 503b862894e9944e0d92a2acb686c434ae88d0ea194fac394c4b9cbb7cc558df SHA512 5fa2b476f3689e58f3cd8ae9249b84eb9e018a9e44308122beb8940f7808bd6065d26172bb7acd94878d7190777eeeaa284e05cd60d01b0d3f4f2f6d196d6b2a WHIRLPOOL f0104eab39e7e7664715859bbab130a4a13dcb356744a822f295f421434631bd8e6a32caffae506d431408743e00dd5b17a7089e5d5945b41e8be4f7a2871d91 +MISC metadata.xml 333 SHA256 973fc54521af3c0fc589fecbdbca3cce0f43f72d8bb3ccfe963ad127bd9e7284 SHA512 d8fb0a9e8fb4073583431d2a9668c01fa87230e1f27672a66955c21c842701109d6ad75c50f9f88334849be3809339a4562a745549d79fdf7aad9c7cd1b0485e WHIRLPOOL 7ec90a30e6f86f3a9770b51870d251fe1c91806153dab66fefa070eae38df50a82b040f85f54a3f2eaf9080bf449f9dac28232edc04bb089b2e98d56dc357b2e diff --git a/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch b/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch new file mode 100644 index 000000000000..b380cf40d5a7 --- /dev/null +++ b/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch @@ -0,0 +1,22 @@ +From 5ca71a7bc18b6897ab21d815d15e218e204581e2 Mon Sep 17 00:00:00 2001 +From: Marti +Date: Mon, 15 Aug 2016 23:31:39 +0200 +Subject: [PATCH] Added an extra check to MLU bounds + +Thanks to Ibrahim el-sayed for spotting the bug +--- + src/cmstypes.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/cmstypes.c b/src/cmstypes.c +index cb61860..c7328b9 100644 +--- a/src/cmstypes.c ++++ b/src/cmstypes.c +@@ -1460,6 +1460,7 @@ void *Type_MLU_Read(struct _cms_typehandler_struct* self, cmsIOHANDLER* io, cmsU + + // Check for overflow + if (Offset < (SizeOfHeader + 8)) goto Error; ++ if ((Offset + Len) > SizeOfTag + 8) goto Error; + + // True begin of the string + BeginOfThisString = Offset - SizeOfHeader - 8; diff --git a/media-libs/lcms/lcms-2.8-r1.ebuild b/media-libs/lcms/lcms-2.8-r1.ebuild new file mode 100644 index 000000000000..9fe8c7f668db --- /dev/null +++ b/media-libs/lcms/lcms-2.8-r1.ebuild @@ -0,0 +1,50 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules" +inherit eutils multilib-minimal + +DESCRIPTION="A lightweight, speed optimized color management engine" +HOMEPAGE="http://www.littlecms.com/" +SRC_URI="mirror://sourceforge/${PN}/lcms2-${PV}.tar.gz" + +LICENSE="MIT" +SLOT="2" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris" +IUSE="doc jpeg static-libs +threads test tiff zlib" + +RDEPEND="jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] ) + tiff? ( >=media-libs/tiff-4.0.3-r6:0=[${MULTILIB_USEDEP}] ) + zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] ) + abi_x86_32? ( + !<=app-emulation/emul-linux-x86-baselibs-20130224-r10 + !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] + )" +DEPEND="${RDEPEND}" + +S=${WORKDIR}/lcms2-${PV} + +PATCHES=( + "${FILESDIR}/${P}-CVE-2016-10165.patch" +) + +multilib_src_configure() { + local myeconfargs=( + $(use_with jpeg) + $(use_with tiff) + $(use_with zlib) + $(use_with threads) + ) + ECONF_SOURCE="${S}" \ + econf ${myeconfargs[@]} +} + +multilib_src_install_all() { + find "${ED}" \( -name "*.la" -o -name "*.a" \) -delete || die + + if use doc; then + docinto pdf + dodoc doc/*.pdf + fi +} diff --git a/media-libs/lcms/lcms-2.8-r2.ebuild b/media-libs/lcms/lcms-2.8-r2.ebuild new file mode 100644 index 000000000000..32ce3dfa7b81 --- /dev/null +++ b/media-libs/lcms/lcms-2.8-r2.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit libtool multilib-minimal + +DESCRIPTION="A lightweight, speed optimized color management engine" +HOMEPAGE="http://www.littlecms.com/" +SRC_URI="mirror://sourceforge/${PN}/lcms2-${PV}.tar.gz" + +LICENSE="MIT" +SLOT="2" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x64-cygwin ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris" +IUSE="doc jpeg static-libs test +threads tiff" + +RDEPEND=" + jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] ) + tiff? ( >=media-libs/tiff-4.0.3-r6:0=[${MULTILIB_USEDEP}] ) +" +DEPEND="${RDEPEND}" + +S="${WORKDIR}/lcms2-${PV}" + +PATCHES=( "${FILESDIR}/${P}-CVE-2016-10165.patch" ) + +src_prepare() { + default + elibtoolize # for Prefix/Solaris +} + +multilib_src_configure() { + local myeconfargs=( + $(use_with jpeg) + $(use_enable static-libs static) + $(use_with threads) + $(use_with tiff) + --without-zlib + ) + ECONF_SOURCE="${S}" \ + econf ${myeconfargs[@]} +} + +multilib_src_install_all() { + find "${ED}" -name "*.la" -delete || die + + if use doc; then + docinto pdf + dodoc doc/*.pdf + fi +} diff --git a/media-libs/lcms/metadata.xml b/media-libs/lcms/metadata.xml new file mode 100644 index 000000000000..08400576a0f2 --- /dev/null +++ b/media-libs/lcms/metadata.xml @@ -0,0 +1,11 @@ + + + + + printing@gentoo.org + Gentoo Printing Project + + + lcms + + -- cgit v1.2.3