diff options
| author | leot <leot@pkgsrc.org> | 2020-03-03 13:04:34 +0000 |
|---|---|---|
| committer | leot <leot@pkgsrc.org> | 2020-03-03 13:04:34 +0000 |
| commit | b4cd543936229de92d81d5c7899077341c474eaa (patch) | |
| tree | e9b658a4cbea7d8663b57e5439431a73d1b95f44 /graphics | |
| parent | b0017135868604665fdb0634e99567d7dfa1a888 (diff) | |
| download | pkgsrc-b4cd543936229de92d81d5c7899077341c474eaa.tar.gz | |
librsvg-c: Update to 2.40.21
pkgsrc changes:
- Remove patches/patch-test-driver: applied upstream
Changes:
2.40.21
-------
- CVE-2019-20446 - Backport the following fixes from 2.46.x:
- #515 - Librsvg now has limits on the number of loaded XML elements,
and the number of referenced elements within an SVG document. This
is to mitigate malicious SVGs which try to consume all memory, and
those which try to consume an exponential amount of CPU time.
- #308 - Fix stack exhaustion with circular references in <use> elements.
- #323 - Fix a denial-of-service condition from exponential explosion
of rendered elements, through nested use of SVG "use" elements in
malicious SVGs. This is similar to the XML "billion laughs attack"
but for SVG instancing.
Diffstat (limited to 'graphics')
| -rw-r--r-- | graphics/librsvg-c/Makefile | 5 | ||||
| -rw-r--r-- | graphics/librsvg-c/PLIST | 10 | ||||
| -rw-r--r-- | graphics/librsvg-c/distinfo | 11 | ||||
| -rw-r--r-- | graphics/librsvg-c/patches/patch-test-driver | 15 |
4 files changed, 8 insertions, 33 deletions
diff --git a/graphics/librsvg-c/Makefile b/graphics/librsvg-c/Makefile index 9b32e8d80d3..483aee61b11 100644 --- a/graphics/librsvg-c/Makefile +++ b/graphics/librsvg-c/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.2 2019/07/21 22:25:01 wiz Exp $ +# $NetBSD: Makefile,v 1.3 2020/03/03 13:04:34 leot Exp $ -DISTNAME= librsvg-2.40.20 -PKGREVISION= 5 +DISTNAME= librsvg-2.40.21 CATEGORIES= graphics gnome MASTER_SITES= ${MASTER_SITE_GNOME:=sources/librsvg/${PKGVERSION_NOREV:R}/} EXTRACT_SUFX= .tar.xz diff --git a/graphics/librsvg-c/PLIST b/graphics/librsvg-c/PLIST index 602d6308762..5e1f360a40a 100644 --- a/graphics/librsvg-c/PLIST +++ b/graphics/librsvg-c/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.1 2019/05/29 12:34:52 wiz Exp $ +@comment $NetBSD: PLIST,v 1.2 2020/03/03 13:04:34 leot Exp $ bin/rsvg-convert include/librsvg-2.0/librsvg/librsvg-enum-types.h include/librsvg-2.0/librsvg/librsvg-features.h @@ -12,14 +12,6 @@ man/man1/rsvg-convert.1 ${PLIST.introspection}share/gir-1.0/Rsvg-2.0.gir share/gtk-doc/html/rsvg-2.0/RsvgHandle.html share/gtk-doc/html/rsvg-2.0/annotation-glossary.html -share/gtk-doc/html/rsvg-2.0/api-index-2-14.html -share/gtk-doc/html/rsvg-2.0/api-index-2-22.html -share/gtk-doc/html/rsvg-2.0/api-index-2-32.html -share/gtk-doc/html/rsvg-2.0/api-index-2-36.html -share/gtk-doc/html/rsvg-2.0/api-index-2-4.html -share/gtk-doc/html/rsvg-2.0/api-index-2-8.html -share/gtk-doc/html/rsvg-2.0/api-index-2-9.html -share/gtk-doc/html/rsvg-2.0/api-index-deprecated.html share/gtk-doc/html/rsvg-2.0/api-index-full.html share/gtk-doc/html/rsvg-2.0/home.png share/gtk-doc/html/rsvg-2.0/index.html diff --git a/graphics/librsvg-c/distinfo b/graphics/librsvg-c/distinfo index b95ed1f2da4..89642142221 100644 --- a/graphics/librsvg-c/distinfo +++ b/graphics/librsvg-c/distinfo @@ -1,7 +1,6 @@ -$NetBSD: distinfo,v 1.1 2019/05/29 12:34:52 wiz Exp $ +$NetBSD: distinfo,v 1.2 2020/03/03 13:04:34 leot Exp $ -SHA1 (librsvg-2.40.20.tar.xz) = 244441b0f83ea8b3888cea2e9337eed3426f0149 -RMD160 (librsvg-2.40.20.tar.xz) = e697e1220779f77e81a890718ef5cda5b5e6b740 -SHA512 (librsvg-2.40.20.tar.xz) = cdd8224deb4c3786e29f48ed02c32ed9dff5cb15aba574a5ef845801ad3669cfcc3eedb9d359c22213dc7a29de24c363248825adad5877c40abf73b3688ff12f -Size (librsvg-2.40.20.tar.xz) = 1796376 bytes -SHA1 (patch-test-driver) = 802362f69cc54ce59483715f4c943d629a1680a7 +SHA1 (librsvg-2.40.21.tar.xz) = 063d1ca696633d43c462e1ca3e8be3145559d954 +RMD160 (librsvg-2.40.21.tar.xz) = 5135ad75e976658936d03655faa37f9ed1c11a3e +SHA512 (librsvg-2.40.21.tar.xz) = db0563d8e0edaae642a6b2bcd239cf54191495058ac8c7ff614ebaf88c0e30bd58dbcd41f58d82a9d5ed200ced45fc5bae22f2ed3cf3826e9348a497009e1280 +Size (librsvg-2.40.21.tar.xz) = 1655860 bytes diff --git a/graphics/librsvg-c/patches/patch-test-driver b/graphics/librsvg-c/patches/patch-test-driver deleted file mode 100644 index 232c07a5995..00000000000 --- a/graphics/librsvg-c/patches/patch-test-driver +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-test-driver,v 1.1 2019/05/29 12:34:52 wiz Exp $ - -Fix unportable test(1) operator. - ---- test-driver.orig 2017-07-20 01:11:47.000000000 +0000 -+++ test-driver -@@ -59,7 +59,7 @@ enable_hard_errors=yes - while test $# -gt 1; do - arg=${1%=*} - val=${1#*=} -- if [ $arg == $val ]; then -+ if [ $arg = $val ]; then - val=$2 - shift - fi |