Pullup ticket #4830 - requested by bsiegert

graphics/exiv2: security update
graphics/exiv2-organize: dependant update

Revisions pulled up:
- graphics/exiv2-organize/Makefile                              1.28
- graphics/exiv2/Makefile.common                                1.5
- graphics/exiv2/PLIST                                          1.17
- graphics/exiv2/distinfo                                       1.25
- graphics/exiv2/patches/patch-aa                               1.5
- graphics/exiv2/patches/patch-configure                        1.2
- graphics/exiv2/patches/patch-src_Makefile                     1.1
- graphics/exiv2/patches/patch-src_http.cpp                     1.1
- graphics/exiv2/patches/patch-src_svn_version.sh               1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Sat Oct  3 12:08:37 UTC 2015

   Modified Files:
           pkgsrc/graphics/exiv2: Makefile.common PLIST distinfo
           pkgsrc/graphics/exiv2-organize: Makefile
           pkgsrc/graphics/exiv2/patches: patch-aa patch-configure
   Added Files:
           pkgsrc/graphics/exiv2/patches: patch-src_Makefile patch-src_http.cpp
               patch-src_svn_version.sh

   Log Message:
   Update exiv2 to 0.25, fixing a security issue. Patch from
   Timo Buhrmester via mail.


   To generate a diff of this commit:
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/graphics/exiv2/Makefile.common
   cvs rdiff -u -r1.16 -r1.17 pkgsrc/graphics/exiv2/PLIST
   cvs rdiff -u -r1.24 -r1.25 pkgsrc/graphics/exiv2/distinfo
   cvs rdiff -u -r1.27 -r1.28 pkgsrc/graphics/exiv2-organize/Makefile
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/graphics/exiv2/patches/patch-aa
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/graphics/exiv2/patches/patch-configure
   cvs rdiff -u -r0 -r1.1 pkgsrc/graphics/exiv2/patches/patch-src_Makefile \
       pkgsrc/graphics/exiv2/patches/patch-src_http.cpp \
       pkgsrc/graphics/exiv2/patches/patch-src_svn_version.sh

9 files changed, 105 insertions, 30 deletions

diff --git a/graphics/exiv2-organize/Makefile b/graphics/exiv2-organize/Makefile
index 3a3babd3fac..2496359fac2 100644
--- a/graphics/exiv2-organize/Makefile
+++ b/graphics/exiv2-organize/Makefile
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.27 2015/04/17 15:53:06 adam Exp $
+# $NetBSD: Makefile,v 1.27.4.1 2015/10/06 17:44:21 spz Exp $
 
-PKGREVISION= 1
 .include "../../graphics/exiv2/Makefile.common"
 
 PKGNAME=	${DISTNAME:S/exiv2/exiv2-organize/}
diff --git a/graphics/exiv2/Makefile.common b/graphics/exiv2/Makefile.common
index 4f19b5741d2..e544671f354 100644
--- a/graphics/exiv2/Makefile.common
+++ b/graphics/exiv2/Makefile.common
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.4 2014/10/05 16:41:07 wiz Exp $
+# $NetBSD: Makefile.common,v 1.4.8.1 2015/10/06 17:44:21 spz Exp $
 #
 # used by graphics/exiv2/Makefile
 # used by graphics/exiv2-organize/Makefile
 
-DISTNAME=	exiv2-0.24
+DISTNAME=	exiv2-0.25
 CATEGORIES=	graphics
 MASTER_SITES=	http://www.exiv2.org/
 
diff --git a/graphics/exiv2/PLIST b/graphics/exiv2/PLIST
index 943ea6436e4..0b888a5ecae 100644
--- a/graphics/exiv2/PLIST
+++ b/graphics/exiv2/PLIST
@@ -1,8 +1,8 @@
-@comment $NetBSD: PLIST,v 1.16 2014/06/05 06:43:53 adam Exp $
+@comment $NetBSD: PLIST,v 1.16.12.1 2015/10/06 17:44:21 spz Exp $
 bin/exiv2
-include/exiv2/asfvideo.hpp
 include/exiv2/basicio.hpp
 include/exiv2/bmpimage.hpp
+include/exiv2/config.h
 include/exiv2/convert.hpp
 include/exiv2/cr2image.hpp
 include/exiv2/crwimage.hpp
@@ -13,13 +13,14 @@ include/exiv2/error.hpp
 include/exiv2/exif.hpp
 include/exiv2/exiv2.hpp
 include/exiv2/exv_conf.h
+include/exiv2/exv_msvc.h
 include/exiv2/futils.hpp
 include/exiv2/gifimage.hpp
+include/exiv2/http.hpp
 include/exiv2/image.hpp
 include/exiv2/iptc.hpp
 include/exiv2/jp2image.hpp
 include/exiv2/jpgimage.hpp
-include/exiv2/matroskavideo.hpp
 include/exiv2/metadatum.hpp
 include/exiv2/mrwimage.hpp
 include/exiv2/orfimage.hpp
@@ -28,10 +29,9 @@ include/exiv2/pngimage.hpp
 include/exiv2/preview.hpp
 include/exiv2/properties.hpp
 include/exiv2/psdimage.hpp
-include/exiv2/quicktimevideo.hpp
 include/exiv2/rafimage.hpp
-include/exiv2/riffvideo.hpp
 include/exiv2/rw2image.hpp
+include/exiv2/svn_version.h
 include/exiv2/tags.hpp
 include/exiv2/tgaimage.hpp
 include/exiv2/tiffimage.hpp
@@ -43,10 +43,18 @@ include/exiv2/xmpsidecar.hpp
 lib/libexiv2.la
 lib/pkgconfig/exiv2.pc
 man/man1/exiv2.1
+share/locale/bs/LC_MESSAGES/exiv2.mo
 share/locale/de/LC_MESSAGES/exiv2.mo
 share/locale/es/LC_MESSAGES/exiv2.mo
 share/locale/fi/LC_MESSAGES/exiv2.mo
 share/locale/fr/LC_MESSAGES/exiv2.mo
+share/locale/gl/LC_MESSAGES/exiv2.mo
+share/locale/ms/LC_MESSAGES/exiv2.mo
 share/locale/pl/LC_MESSAGES/exiv2.mo
+share/locale/pt/LC_MESSAGES/exiv2.mo
 share/locale/ru/LC_MESSAGES/exiv2.mo
 share/locale/sk/LC_MESSAGES/exiv2.mo
+share/locale/sv/LC_MESSAGES/exiv2.mo
+share/locale/ug/LC_MESSAGES/exiv2.mo
+share/locale/uk/LC_MESSAGES/exiv2.mo
+share/locale/vi/LC_MESSAGES/exiv2.mo
diff --git a/graphics/exiv2/distinfo b/graphics/exiv2/distinfo
index 433d8e9e44a..04534cc0ab0 100644
--- a/graphics/exiv2/distinfo
+++ b/graphics/exiv2/distinfo
@@ -1,8 +1,11 @@
-$NetBSD: distinfo,v 1.24 2014/06/05 07:12:53 adam Exp $
+$NetBSD: distinfo,v 1.24.12.1 2015/10/06 17:44:21 spz Exp $
 
-SHA1 (exiv2-0.24.tar.gz) = 2f19538e54f8c21c180fa96d17677b7cff7dc1bb
-RMD160 (exiv2-0.24.tar.gz) = 453247926e8626bf888578afd5a0dde42c6f6962
-Size (exiv2-0.24.tar.gz) = 4635028 bytes
-SHA1 (patch-aa) = e98a4f1ae3ff2ad5ce0cd0d107ae21752a4edb45
-SHA1 (patch-configure) = 11b8d348f94eda4b84c61f34ffced54316d70a70
+SHA1 (exiv2-0.25.tar.gz) = adb8ffe63916e7c27bda9792e690d1330ec7273d
+RMD160 (exiv2-0.25.tar.gz) = 2f43f8737dad9ffd7d5759ef4dd9688658125794
+Size (exiv2-0.25.tar.gz) = 5434325 bytes
+SHA1 (patch-aa) = 947061d168d5db0d9969fa91ef837b364c641fcb
+SHA1 (patch-configure) = 39d6589dc82315d7a2bffeb332c21b6f54d69cf1
 SHA1 (patch-contrib_organize_Makefile) = de74227211b79e49126178f27391831507c2948f
+SHA1 (patch-src_Makefile) = 09c51b7da85584aece0147b446bff27ebc7f549f
+SHA1 (patch-src_http.cpp) = 75a64b80c37c54c0f65cc8455bd730ae01df0bae
+SHA1 (patch-src_svn_version.sh) = a80e142ab14ba4f5aad62936c5b5375d2a9b4b58
diff --git a/graphics/exiv2/patches/patch-aa b/graphics/exiv2/patches/patch-aa
index ea5cc533853..be4a6395c42 100644
--- a/graphics/exiv2/patches/patch-aa
+++ b/graphics/exiv2/patches/patch-aa
@@ -1,15 +1,15 @@
-$NetBSD: patch-aa,v 1.4 2014/06/05 06:43:54 adam Exp $
+$NetBSD: patch-aa,v 1.4.12.1 2015/10/06 17:44:21 spz Exp $
 
 Fix build on Solaris, from PR 37720.
 
---- config/config.mk.in.orig	2013-12-01 12:13:42.000000000 +0000
-+++ config/config.mk.in
-@@ -133,7 +133,7 @@ ifdef DEP_TRACKING
+--- config/config.mk.in.orig	2015-06-21 16:19:25.000000000 +0200
++++ config/config.mk.in	2015-10-02 05:22:11.000000000 +0200
+@@ -148,7 +148,7 @@
  
-     # Dependency files post-process commands
-     POSTDEPEND = if test ! -d $(DEPDIR); then mkdir $(DEPDIR); fi; \
--                 if test -e $*.d; then cp $*.d $(DEPDIR)/$*.d; \
-+                 if test -f $*.d; then cp $*.d $(DEPDIR)/$*.d; \
-                    sed -e 's/^\#.*//' -e 's/^[^:]*: *//' -e 's/ *\\$$//' \
+         # Dependency files post-process commands
+         POSTDEPEND = if test ! -d $(DEPDIR); then mkdir $(DEPDIR); fi; \
+-	        if test -e $*.d; then cp $*.d $(DEPDIR)/$*.d; \
++	        if test -f $*.d; then cp $*.d $(DEPDIR)/$*.d; \
+ 	        sed -e 's/^\#.*//' -e 's/^[^:]*: *//' -e 's/ *\\$$//' \
                      -e '/^$$/ d' -e 's/$$/ :/' < $*.d >> $(DEPDIR)/$*.d; \
-                    $(RM) $*.d; fi
+                 $(RM) $*.d; fi
diff --git a/graphics/exiv2/patches/patch-configure b/graphics/exiv2/patches/patch-configure
index e57f16dd4db..8cb8a95bbbc 100644
--- a/graphics/exiv2/patches/patch-configure
+++ b/graphics/exiv2/patches/patch-configure
@@ -1,13 +1,13 @@
-$NetBSD: patch-configure,v 1.1 2014/06/05 07:12:53 adam Exp $
+$NetBSD: patch-configure,v 1.1.12.1 2015/10/06 17:44:21 spz Exp $
 
 Don't add -ldl for all OS; this gets auto-detected somewhere else.
 
---- configure.orig	2014-06-05 06:53:10.000000000 +0000
-+++ configure
-@@ -17069,8 +17069,6 @@ fi
+--- configure.orig	2015-10-02 05:19:31.000000000 +0200
++++ configure	2015-10-02 05:19:34.000000000 +0200
+@@ -17321,8 +17321,6 @@
  case "$host_os" in
  *mingw* | *cygwin*)
-     LDFLAGS="$LDFLAGS -no-undefined -lpsapi" ;;
+     LDFLAGS="$LDFLAGS -no-undefined -lpsapi -lwldap32 -lws2_32" ;;
 -*)
 -    LDFLAGS="$LDFLAGS -ldl" ;;
  esac
diff --git a/graphics/exiv2/patches/patch-src_Makefile b/graphics/exiv2/patches/patch-src_Makefile
new file mode 100644
index 00000000000..99939f52973
--- /dev/null
+++ b/graphics/exiv2/patches/patch-src_Makefile
@@ -0,0 +1,26 @@
+$NetBSD: patch-src_Makefile,v 1.1.2.2 2015/10/06 17:44:21 spz Exp $
+
+Do not rely on bash being in /bin, especially when sh will do just fin...
+Remove needless use of -v with mkdir; It's not POSIX and NetBSD doesn't have it.
+
+
+--- src/Makefile.orig	2015-06-21 16:20:11.000000000 +0200
++++ src/Makefile	2015-10-02 05:40:26.000000000 +0200
+@@ -150,7 +150,7 @@
+ 
+ # ******************************************************************************
+ # Initialisations
+-SHELL = /bin/bash
++SHELL = /bin/sh
+ 
+ .SUFFIXES:
+ .SUFFIXES: .c .cpp .o .so
+@@ -252,7 +252,7 @@
+ 	@$(LIBTOOL) --mode=link $(LINK.cc) -o $@ $(LIBRARY) $@.o -rpath $(libdir)
+ 
+ $(EXIV2BIN): lib $(EXIV2OBJ) $(EXIV2COBJ)
+-	mkdir -pv ../bin 2>&1 > /dev/null
++	mkdir -p ../bin 2>&1 > /dev/null
+ 	@$(LIBTOOL) --mode=link $(LINK.cc) -o ../bin/$@ $(LIBRARY) $(EXIV2OBJ) $(EXIV2COBJ) -rpath $(libdir)
+ 
+ install-header:
diff --git a/graphics/exiv2/patches/patch-src_http.cpp b/graphics/exiv2/patches/patch-src_http.cpp
new file mode 100644
index 00000000000..6b983e52aae
--- /dev/null
+++ b/graphics/exiv2/patches/patch-src_http.cpp
@@ -0,0 +1,18 @@
+$NetBSD: patch-src_http.cpp,v 1.1.2.2 2015/10/06 17:44:21 spz Exp $
+
+Include <errno.h> rather than <sys/errno.h> because the latter doesn't
+actually make `errno` available on NetBSD; while the former is required
+to by the C standard
+
+
+--- src/http.cpp.orig	2015-10-02 05:47:47.000000000 +0200
++++ src/http.cpp	2015-10-02 05:47:52.000000000 +0200
+@@ -70,7 +70,7 @@
+ 
+ #include <unistd.h>
+ #include <strings.h>
+-#include <sys/errno.h>
++#include <errno.h>
+ #include <sys/socket.h>
+ #include <sys/un.h>
+ #include <sys/uio.h>
diff --git a/graphics/exiv2/patches/patch-src_svn_version.sh b/graphics/exiv2/patches/patch-src_svn_version.sh
new file mode 100644
index 00000000000..6b0a5a2d0ac
--- /dev/null
+++ b/graphics/exiv2/patches/patch-src_svn_version.sh
@@ -0,0 +1,21 @@
+$NetBSD: patch-src_svn_version.sh,v 1.1.2.2 2015/10/06 17:44:21 spz Exp $
+
+Replace an unneeded dependency on bash; do not use == with test(1)
+
+--- src/svn_version.sh.orig	2015-10-02 05:32:33.000000000 +0200
++++ src/svn_version.sh	2015-10-02 05:32:19.000000000 +0200
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/bin/sh
+ 
+ ## 
+ # update svn_version_h when revision changes
+@@ -11,7 +11,7 @@
+ ##
+ # from Jenkins, svn is almost always a disaster because
+ # Jenkins SVN Plugin is 1.7 and the build machine is normally at least 1.8
+-if [ "$s" == "0" ]; then
++if [ "$s" = "0" ]; then
+ 	svn_version=$(svn info .. | grep ^Revision | cut -f 2 -d' ')
+     if [ -z "$svn_version"   ]; then svn_version=0 ; fi
+ else