diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-11-16 20:51:47 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-11-17 13:30:41 +0100 |
commit | 65d9c1e075af3943292ff2187303f6951ddd6ba6 (patch) | |
tree | 8834f4db84cdc5b0e90fe5b9d43e0b9ed7aa034b /patches | |
parent | 2aa4bf659d5d93805e81f555da0ec5455357f040 (diff) | |
download | current-65d9c1e075af3943292ff2187303f6951ddd6ba6.tar.gz current-65d9c1e075af3943292ff2187303f6951ddd6ba6.tar.xz |
Thu Nov 16 20:51:47 UTC 202320231116205147_15.0
patches/packages/gegl-0.4.46-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release, needed by the GIMP upgrade.
patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txz: Upgraded.
This release fixes security issues:
If a user loads a malicious DDS, PSD, or PSP file, this could result in a
program crash or possibly the execution of arbitrary code.
Please note that this package also requires the updated gegl package.
Thanks to henca for the heads-up.
For more information, see:
https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/
https://www.zerodayinitiative.com/advisories/ZDI-23-1591/
https://www.zerodayinitiative.com/advisories/ZDI-23-1592/
https://www.zerodayinitiative.com/advisories/ZDI-23-1593/
https://www.zerodayinitiative.com/advisories/ZDI-23-1594/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444
(* Security fix *)
Diffstat (limited to 'patches')
-rw-r--r-- | patches/packages/gegl-0.4.46-x86_64-1_slack15.0.txt | 11 | ||||
-rw-r--r-- | patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txt | 11 | ||||
-rwxr-xr-x | patches/source/gegl/gegl.SlackBuild | 128 | ||||
-rw-r--r-- | patches/source/gegl/gegl.no.runtime.dot.check.diff | 26 | ||||
-rw-r--r-- | patches/source/gegl/gegl.url | 1 | ||||
-rw-r--r-- | patches/source/gegl/slack-desc | 19 | ||||
-rwxr-xr-x | patches/source/gimp/gimp.SlackBuild | 148 | ||||
-rw-r--r-- | patches/source/gimp/slack-desc | 19 |
8 files changed, 363 insertions, 0 deletions
diff --git a/patches/packages/gegl-0.4.46-x86_64-1_slack15.0.txt b/patches/packages/gegl-0.4.46-x86_64-1_slack15.0.txt new file mode 100644 index 000000000..6f957938f --- /dev/null +++ b/patches/packages/gegl-0.4.46-x86_64-1_slack15.0.txt @@ -0,0 +1,11 @@ +gegl: gegl (Generic Graphics Library) +gegl: +gegl: GEGL (Generic Graphics Library) is a graph based image processing +gegl: framework. +gegl: +gegl: GEGL provides infrastructure to do demand based cached non destructive +gegl: image editing on larger than RAM buffers. Through babl it provides +gegl: support for a wide range of color models and pixel storage formats for +gegl: input and output. +gegl: +gegl: diff --git a/patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txt b/patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txt new file mode 100644 index 000000000..dafe1a565 --- /dev/null +++ b/patches/packages/gimp-2.10.36-x86_64-1_slack15.0.txt @@ -0,0 +1,11 @@ +gimp: gimp (The GNU Image Manipulation Program) +gimp: +gimp: The GIMP is a powerful tool for the preparation and manipulation of +gimp: digital images. The GIMP provides the user with a wide variety of +gimp: image manipulation, painting, processing, and rendering tools. The +gimp: GIMP's open design and extensible architecture make for a very +gimp: powerful end product for photo and image retouching, web graphics +gimp: design, or digital illustration. +gimp: +gimp: +gimp: diff --git a/patches/source/gegl/gegl.SlackBuild b/patches/source/gegl/gegl.SlackBuild new file mode 100755 index 000000000..2cdf8670a --- /dev/null +++ b/patches/source/gegl/gegl.SlackBuild @@ -0,0 +1,128 @@ +#!/bin/bash + +# Copyright 2008, 2009, 2010, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009 Robby Workman, Northport, Alabama, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=gegl +VERSION=${VERSION:-$(echo gegl-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack15.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} + +TMP=${TMP:-/tmp} +PKG=$TMP/package-gegl + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf gegl-$VERSION +tar xvf $CWD/gegl-$VERSION.tar.?z || exit 1 +cd gegl-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \+ -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \+ + +# GEGL 0.4.28 started checking for "dot" at runtime, breaking GIMP on machines +# that lack it. We'll drop the runtime check for now and revisit this approach +# later if it causes any unwanted side effects. +zcat $CWD/gegl.no.runtime.dot.check.diff.gz | patch -p1 --verbose || exit 1 + +# Configure, build, and install: +export CFLAGS="$SLKCFLAGS" +export CXXFLAGS="$SLKCFLAGS" +mkdir meson-build +cd meson-build +meson setup \ + --prefix=/usr \ + --libdir=lib${LIBDIRSUFFIX} \ + --libexecdir=/usr/libexec \ + --bindir=/usr/bin \ + --sbindir=/usr/sbin \ + --includedir=/usr/include \ + --datadir=/usr/share \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --buildtype=release \ + .. || exit 1 + "${NINJA:=ninja}" $NUMJOBS || exit 1 + DESTDIR=$PKG $NINJA install || exit 1 +cd .. + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/gegl-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL NEWS README* TODO \ + $PKG/usr/doc/gegl-$VERSION +#( cd $PKG/usr/doc/gegl-$VERSION ; ln -s /usr/share/gtk-doc/html/gegl/ html ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/gegl-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/gegl/gegl.no.runtime.dot.check.diff b/patches/source/gegl/gegl.no.runtime.dot.check.diff new file mode 100644 index 000000000..f6dd7f6fe --- /dev/null +++ b/patches/source/gegl/gegl.no.runtime.dot.check.diff @@ -0,0 +1,26 @@ +--- ./operations/common/introspect.c.orig 2020-12-20 06:16:48.799965900 -0600 ++++ ./operations/common/introspect.c 2020-12-21 15:41:14.459774463 -0600 +@@ -48,7 +48,7 @@ + + dot = g_find_program_in_path ("dot"); + +- if (! dot || op_introspect->user_data || op_introspect->node == NULL) ++ if (op_introspect->user_data || op_introspect->node == NULL) + return; + + /* Construct temp filenames */ +@@ -175,12 +175,9 @@ + gegl_introspect_is_available (void) + { + gchar *dot; +- gboolean found = FALSE; +- +- dot = g_find_program_in_path ("dot"); +- found = (dot != NULL); +- g_free (dot); ++ gboolean found = TRUE; + ++ /* always return TRUE to avoid a runtime check on dot */ + return found; + } + diff --git a/patches/source/gegl/gegl.url b/patches/source/gegl/gegl.url new file mode 100644 index 000000000..e049b17b1 --- /dev/null +++ b/patches/source/gegl/gegl.url @@ -0,0 +1 @@ +https://download.gimp.org/pub/gegl/ diff --git a/patches/source/gegl/slack-desc b/patches/source/gegl/slack-desc new file mode 100644 index 000000000..7ef1cb733 --- /dev/null +++ b/patches/source/gegl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler--------------------------------------------------------| +gegl: gegl (Generic Graphics Library) +gegl: +gegl: GEGL (Generic Graphics Library) is a graph based image processing +gegl: framework. +gegl: +gegl: GEGL provides infrastructure to do demand based cached non destructive +gegl: image editing on larger than RAM buffers. Through babl it provides +gegl: support for a wide range of color models and pixel storage formats for +gegl: input and output. +gegl: +gegl: diff --git a/patches/source/gimp/gimp.SlackBuild b/patches/source/gimp/gimp.SlackBuild new file mode 100755 index 000000000..e42478f40 --- /dev/null +++ b/patches/source/gimp/gimp.SlackBuild @@ -0,0 +1,148 @@ +#!/bin/bash + +# Copyright 2008, 2009, 2010, 2011, 2015, 2018, 2020 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=gimp +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack15.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} + +TMP=${TMP:-/tmp} +PKG=$TMP/package-gimp +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +cd $TMP +rm -rf gimp-$VERSION +tar xvf $CWD/gimp-$VERSION.tar.?z || exit 1 +cd gimp-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \+ -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \+ + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var/lib \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --docdir=/usr/doc/gimp-$VERSION \ + --disable-static \ + --disable-check-update \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +mkdir -p $PKG/usr/share/applications $PKG/usr/share/application-registry +make install DESTDIR=$PKG || exit 1 + +# Don't ship .la files: +rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la + +# Add a manpage symlink for POLA-compliance +if [ -r $PKG/usr/man/man1/gimptool-2.?.1 -a ! -r $PKG/usr/man/man1/gimptool.1 ]; then + ( cd $PKG/usr/man/man1 ; ln -sf gimptool-2.?.1 gimptool.1 ) +fi + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/gimp-$VERSION +cp -a \ + AUTHORS COPYING* HACKING INSTALL LICENSE NEWS README* docs/Wilber* \ + $PKG/usr/doc/gimp-$VERSION +( cd $PKG/usr/doc/gimp-$VERSION + for i in \ + libgimp libgimpbase libgimpcolor libgimpconfig libgimpmath \ + libgimpmodule libgimpthumb libgimpwidgets ; do \ + ln -s /usr/share/gtk-doc/html/$i $i-html ; + done +) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/gimp-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/gimp/slack-desc b/patches/source/gimp/slack-desc new file mode 100644 index 000000000..04a027cce --- /dev/null +++ b/patches/source/gimp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gimp: gimp (The GNU Image Manipulation Program) +gimp: +gimp: The GIMP is a powerful tool for the preparation and manipulation of +gimp: digital images. The GIMP provides the user with a wide variety of +gimp: image manipulation, painting, processing, and rendering tools. The +gimp: GIMP's open design and extensible architecture make for a very +gimp: powerful end product for photo and image retouching, web graphics +gimp: design, or digital illustration. +gimp: +gimp: +gimp: |