diff options
author | wiz <wiz@pkgsrc.org> | 2017-11-23 15:24:55 +0000 |
---|---|---|
committer | wiz <wiz@pkgsrc.org> | 2017-11-23 15:24:55 +0000 |
commit | 2d7b26f76f6babd4f4fb14013ffae9ee747a8fc6 (patch) | |
tree | 76e8afe486bfc46c4d263582b69b0fded0a95be7 /graphics | |
parent | abcd7c01ea4786727dcb70f25ea8fd02d9deeee8 (diff) | |
download | pkgsrc-2d7b26f76f6babd4f4fb14013ffae9ee747a8fc6.tar.gz |
jbig2dec: update to 0.14.
Version 0.14 (2017 October 04)
* Bug fix release.
Diffstat (limited to 'graphics')
-rw-r--r-- | graphics/jbig2dec/Makefile | 11 | ||||
-rw-r--r-- | graphics/jbig2dec/distinfo | 13 | ||||
-rw-r--r-- | graphics/jbig2dec/patches/patch-jbig2__huffman.c | 16 | ||||
-rw-r--r-- | graphics/jbig2dec/patches/patch-jbig2__image.c | 15 | ||||
-rw-r--r-- | graphics/jbig2dec/patches/patch-jbig2__symbol__dict.c | 26 |
5 files changed, 7 insertions, 74 deletions
diff --git a/graphics/jbig2dec/Makefile b/graphics/jbig2dec/Makefile index 4d81fc52905..061d1e2c420 100644 --- a/graphics/jbig2dec/Makefile +++ b/graphics/jbig2dec/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.8 2017/08/16 20:21:09 wiz Exp $ +# $NetBSD: Makefile,v 1.9 2017/11/23 15:24:55 wiz Exp $ -DISTNAME= jbig2dec-0.13 -PKGREVISION= 1 +DISTNAME= jbig2dec-0.14 CATEGORIES= graphics MASTER_SITES= http://downloads.ghostscript.com/public/jbig2dec/ @@ -11,12 +10,6 @@ COMMENT= JBIG2 decoder library LICENSE= gnu-gpl-v3 USE_LIBTOOL= yes -USE_TOOLS+= aclocal autoconf autoheader automake GNU_CONFIGURE= yes -# we need this, because someone has left wrong symbolic links within the distfile -pre-configure: - set -e; cd ${WRKSRC}; libtoolize -f; \ - aclocal; autoheader; automake -a --foreign -i; autoconf - .include "../../mk/bsd.pkg.mk" diff --git a/graphics/jbig2dec/distinfo b/graphics/jbig2dec/distinfo index f9ff4a87fb1..cf41718ce01 100644 --- a/graphics/jbig2dec/distinfo +++ b/graphics/jbig2dec/distinfo @@ -1,9 +1,6 @@ -$NetBSD: distinfo,v 1.6 2017/08/05 08:03:05 nros Exp $ +$NetBSD: distinfo,v 1.7 2017/11/23 15:24:55 wiz Exp $ -SHA1 (jbig2dec-0.13.tar.gz) = d7b07ef308e95dc44a83f2193ca4f445630e6355 -RMD160 (jbig2dec-0.13.tar.gz) = 84b4c9730d3a62e75524f4a251379b884cfe00d3 -SHA512 (jbig2dec-0.13.tar.gz) = ef64a65c54bec65f61602de7130dc9594aae58aaea7958f7cc987f25d0794511e15a423e86501ace4f40c0364796fb97ceab72edb0b69232926767ba16c1b05d -Size (jbig2dec-0.13.tar.gz) = 442571 bytes -SHA1 (patch-jbig2__huffman.c) = be3e48b6d324090ffd607babccc602003be54788 -SHA1 (patch-jbig2__image.c) = c0f18948e009be0dc3ba5f0ef67d51538c0cc932 -SHA1 (patch-jbig2__symbol__dict.c) = 5cf647fa56577e540f21772e64e6c2f89f1d647c +SHA1 (jbig2dec-0.14.tar.gz) = c4c834962d1357f9aaacecd7fca8236326e45975 +RMD160 (jbig2dec-0.14.tar.gz) = c7421f9ff09bc125f3245ba7540fd969932ba8ab +SHA512 (jbig2dec-0.14.tar.gz) = 066bd880ac0665fc1e42b0ae0e481008b125aab6e173b7f82d61a2a30e72c90085cbded9b2a68c6836f92dea3d8d8d5c2228dba76e0d99c79c922197d215705b +Size (jbig2dec-0.14.tar.gz) = 463572 bytes diff --git a/graphics/jbig2dec/patches/patch-jbig2__huffman.c b/graphics/jbig2dec/patches/patch-jbig2__huffman.c deleted file mode 100644 index f78d2b8ebaf..00000000000 --- a/graphics/jbig2dec/patches/patch-jbig2__huffman.c +++ /dev/null @@ -1,16 +0,0 @@ -$NetBSD: patch-jbig2__huffman.c,v 1.1 2017/08/05 08:03:05 nros Exp $ -* fix CVE-2017-7975 - fixed upstrema so remove this patch on the next version update. ---- jbig2_huffman.c.orig 2017-08-05 07:27:45.000000000 +0000 -+++ jbig2_huffman.c -@@ -422,8 +422,8 @@ jbig2_build_huffman_table(Jbig2Ctx *ctx, - - if (PREFLEN == CURLEN) { - int RANGELEN = lines[CURTEMP].RANGELEN; -- int start_j = CURCODE << shift; -- int end_j = (CURCODE + 1) << shift; -+ uint32_t start_j = CURCODE << shift; -+ uint32_t end_j = (CURCODE + 1) << shift; - byte eflags = 0; - - if (end_j > max_j) { diff --git a/graphics/jbig2dec/patches/patch-jbig2__image.c b/graphics/jbig2dec/patches/patch-jbig2__image.c deleted file mode 100644 index acd281ef364..00000000000 --- a/graphics/jbig2dec/patches/patch-jbig2__image.c +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-jbig2__image.c,v 1.1 2017/08/05 08:03:05 nros Exp $ -* fix CVE-2017-7976 - fixed upstream so remove this patch on the next version update ---- jbig2_image.c.orig 2017-08-05 07:31:46.000000000 +0000 -+++ jbig2_image.c -@@ -256,7 +256,8 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2 - /* general OR case */ - s = ss; - d = dd = dst->data + y * dst->stride + leftbyte; -- if (d < dst->data || leftbyte > dst->stride || h * dst->stride < 0 || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride) { -+ if (d < dst->data || leftbyte > dst->stride || h * dst->stride < 0 || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride || -+ s - leftbyte + (h - 1) * src->stride + rightbyte > src->data + src->height * src->stride) { - return jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "preventing heap overflow in jbig2_image_compose"); - } - if (leftbyte == rightbyte) { diff --git a/graphics/jbig2dec/patches/patch-jbig2__symbol__dict.c b/graphics/jbig2dec/patches/patch-jbig2__symbol__dict.c deleted file mode 100644 index 9dfdb09bbdd..00000000000 --- a/graphics/jbig2dec/patches/patch-jbig2__symbol__dict.c +++ /dev/null @@ -1,26 +0,0 @@ -$NetBSD: patch-jbig2__symbol__dict.c,v 1.1 2017/08/05 08:03:05 nros Exp $ -* fix CVE-2017-7885 and CVE-2017-9216 - fixed upstream so remove this patch on the next version update ---- jbig2_symbol_dict.c.orig 2017-08-05 07:24:59.000000000 +0000 -+++ jbig2_symbol_dict.c -@@ -499,8 +499,10 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, - } - - /* multiple symbols are handled as a text region */ -- jbig2_decode_text_region(ctx, segment, tparams, (const Jbig2SymbolDict * const *)refagg_dicts, -+ code = jbig2_decode_text_region(ctx, segment, tparams, (const Jbig2SymbolDict * const *)refagg_dicts, - n_refagg_dicts, image, data, size, GR_stats, as, ws); -+ if (code < 0) -+ goto cleanup4; - - SDNEWSYMS->glyphs[NSYMSDECODED] = image; - refagg_dicts[0]->glyphs[params->SDNUMINSYMS + NSYMSDECODED] = jbig2_image_clone(ctx, SDNEWSYMS->glyphs[NSYMSDECODED]); -@@ -633,7 +635,7 @@ jbig2_decode_symbol_dict(Jbig2Ctx *ctx, - byte *dst = image->data; - - /* SumatraPDF: prevent read access violation */ -- if (size - jbig2_huffman_offset(hs) < image->height * stride) { -+ if ((size - jbig2_huffman_offset(hs) < image->height * stride) || (size < jbig2_huffman_offset(hs))) { - jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, "not enough data for decoding (%d/%d)", image->height * stride, - size - jbig2_huffman_offset(hs)); - jbig2_image_release(ctx, image); |