diff options
Diffstat (limited to '')
-rw-r--r-- | patches/source/gdk-pixbuf2/doinst.sh | 1 | ||||
-rw-r--r-- | patches/source/gdk-pixbuf2/gdk-pixbuf.CVE-2015-4491.diff | 64 | ||||
-rw-r--r-- | patches/source/gdk-pixbuf2/gdk-pixbuf.pnglz.diff | 12 | ||||
-rwxr-xr-x | patches/source/gdk-pixbuf2/gdk-pixbuf2.SlackBuild | 153 | ||||
-rw-r--r-- | patches/source/gdk-pixbuf2/slack-desc | 19 | ||||
-rw-r--r-- | patches/source/gdk-pixbuf2/update-gdk-pixbuf-loaders | 60 |
6 files changed, 309 insertions, 0 deletions
diff --git a/patches/source/gdk-pixbuf2/doinst.sh b/patches/source/gdk-pixbuf2/doinst.sh new file mode 100644 index 000000000..57c9b7f0d --- /dev/null +++ b/patches/source/gdk-pixbuf2/doinst.sh @@ -0,0 +1 @@ +chroot . /usr/bin/update-gdk-pixbuf-loaders 1> /dev/null 2> /dev/null diff --git a/patches/source/gdk-pixbuf2/gdk-pixbuf.CVE-2015-4491.diff b/patches/source/gdk-pixbuf2/gdk-pixbuf.CVE-2015-4491.diff new file mode 100644 index 000000000..8d1b680e5 --- /dev/null +++ b/patches/source/gdk-pixbuf2/gdk-pixbuf.CVE-2015-4491.diff @@ -0,0 +1,64 @@ +@@ -, +, @@ + gdk-pixbuf/pixops/pixops.c | 22 +++++++++++++++++----- + 1 file changed, 17 insertions(+), 5 deletions(-) +--- a/gdk-pixbuf/pixops/pixops.c ++++ a/gdk-pixbuf/pixops/pixops.c +@@ -1272,7 +1272,16 @@ make_filter_table (PixopsFilter *filter) + int i_offset, j_offset; + int n_x = filter->x.n; + int n_y = filter->y.n; +- int *weights = g_new (int, SUBSAMPLE * SUBSAMPLE * n_x * n_y); ++ gsize n_weights; ++ int *weights; ++ ++ n_weights = SUBSAMPLE * SUBSAMPLE * n_x * n_y; ++ if (n_weights / (SUBSAMPLE * SUBSAMPLE) != n_x * n_y) ++ return NULL; /* overflow, bail */ ++ ++ weights = g_new (int, n_weights); ++ if (!weights) ++ return NULL; /* overflow, bail */ + + for (i_offset=0; i_offset < SUBSAMPLE; i_offset++) + for (j_offset=0; j_offset < SUBSAMPLE; j_offset++) +@@ -1347,8 +1356,11 @@ pixops_process (guchar *dest_buf, + if (x_step == 0 || y_step == 0) + return; /* overflow, bail out */ + +- line_bufs = g_new (guchar *, filter->y.n); + filter_weights = make_filter_table (filter); ++ if (!filter_weights) ++ return; /* overflow, bail out */ ++ ++ line_bufs = g_new (guchar *, filter->y.n); + + check_shift = check_size ? get_check_shift (check_size) : 0; + +@@ -1468,7 +1480,7 @@ tile_make_weights (PixopsFilterDimension *dim, + double scale) + { + int n = ceil (1 / scale + 1); +- double *pixel_weights = g_new (double, SUBSAMPLE * n); ++ double *pixel_weights = g_malloc_n (sizeof (double) * SUBSAMPLE, n); + int offset; + int i; + +@@ -1526,7 +1538,7 @@ bilinear_magnify_make_weights (PixopsFilterDimension *dim, + } + + dim->n = n; +- dim->weights = g_new (double, SUBSAMPLE * n); ++ dim->weights = g_malloc_n (sizeof (double) * SUBSAMPLE, n); + + pixel_weights = dim->weights; + +@@ -1617,7 +1629,7 @@ bilinear_box_make_weights (PixopsFilterDimension *dim, + double scale) + { + int n = ceil (1/scale + 3.0); +- double *pixel_weights = g_new (double, SUBSAMPLE * n); ++ double *pixel_weights = g_malloc_n (sizeof (double) * SUBSAMPLE, n); + double w; + int offset, i; + + diff --git a/patches/source/gdk-pixbuf2/gdk-pixbuf.pnglz.diff b/patches/source/gdk-pixbuf2/gdk-pixbuf.pnglz.diff new file mode 100644 index 000000000..b8ca9928f --- /dev/null +++ b/patches/source/gdk-pixbuf2/gdk-pixbuf.pnglz.diff @@ -0,0 +1,12 @@ +diff -Nur gdk-pixbuf-2.22.0.orig/gdk-pixbuf/Makefile.in gdk-pixbuf-2.22.0/gdk-pixbuf/Makefile.in +--- gdk-pixbuf-2.22.0.orig/gdk-pixbuf/Makefile.in 2010-09-21 13:28:57.000000000 -0500 ++++ gdk-pixbuf-2.22.0/gdk-pixbuf/Makefile.in 2010-10-09 10:24:16.917235308 -0500 +@@ -795,7 +795,7 @@ + LIBJASPER = @LIBJASPER@ + LIBJPEG = @LIBJPEG@ + LIBOBJS = @LIBOBJS@ +-LIBPNG = @LIBPNG@ ++LIBPNG = @LIBPNG@ -lz + LIBS = @LIBS@ + LIBTIFF = @LIBTIFF@ + LIBTOOL = @LIBTOOL@ diff --git a/patches/source/gdk-pixbuf2/gdk-pixbuf2.SlackBuild b/patches/source/gdk-pixbuf2/gdk-pixbuf2.SlackBuild new file mode 100755 index 000000000..16de2f6a2 --- /dev/null +++ b/patches/source/gdk-pixbuf2/gdk-pixbuf2.SlackBuild @@ -0,0 +1,153 @@ +#!/bin/sh + +# Copyright 2010, 2011 Robby Workman, Northport, Alabama, USA +# Copyright 2010, 2011 Patrick Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=gdk-pixbuf +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack14.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# There's been this long standing debate about PNG and -lz +# and this patch is the workaround. ;-) +zcat $CWD/gdk-pixbuf.pnglz.diff.gz | patch -p1 || exit 1 + +zcat $CWD/gdk-pixbuf.CVE-2015-4491.diff.gz | patch -p1 || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-introspection \ + --with-x11 \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We need to have separate 32-bit and 64-bit binaries +# for places where we have two copies of the GTK+ package installed. +# (we might have x86_64 and i486 packages on the same system, for example.) +host="$ARCH-slackware-linux" +case "$host" in + s390x*|x86_64*) + mv $PKG/usr/bin/gdk-pixbuf-query-loaders{,-64} + ( cd $PKG/usr/bin + ln -sf gdk-pixbuf-query-loaders-64 gdk-pixbuf-query-loaders + ) + ;; + *) + mv $PKG/usr/bin/gdk-pixbuf-query-loaders{,-32} + ( cd $PKG/usr/bin + ln -sf gdk-pixbuf-query-loaders-32 gdk-pixbuf-query-loaders + ) + ;; +esac + +# Install wrappers for the binaries: +cp $CWD/update-gdk-pixbuf-loaders $PKG/usr/bin/update-gdk-pixbuf-loaders +chmod 0755 $PKG/usr/bin/update-gdk-pixbuf-loaders + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL NEWS README* \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}2-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/gdk-pixbuf2/slack-desc b/patches/source/gdk-pixbuf2/slack-desc new file mode 100644 index 000000000..2fed0a6af --- /dev/null +++ b/patches/source/gdk-pixbuf2/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gdk-pixbuf2: gdk-pixbuf2 (image library used by GTK+ v2) +gdk-pixbuf2: +gdk-pixbuf2: The gdk-pixbuf library provides a number of features: +gdk-pixbuf2: - GdkPixbuf structure for representing images. +gdk-pixbuf2: - Image loading facilities, both synchronous and progressive. +gdk-pixbuf2: - Rendering of a GdkPixbuf into various formats: +gdk-pixbuf2: drawables (windows, pixmaps), GdkRGB buffers. +gdk-pixbuf2: - Fast scaling and compositing of pixbufs. +gdk-pixbuf2: - Simple animation loading (ie. animated gifs). +gdk-pixbuf2: +gdk-pixbuf2: diff --git a/patches/source/gdk-pixbuf2/update-gdk-pixbuf-loaders b/patches/source/gdk-pixbuf2/update-gdk-pixbuf-loaders new file mode 100644 index 000000000..5848db838 --- /dev/null +++ b/patches/source/gdk-pixbuf2/update-gdk-pixbuf-loaders @@ -0,0 +1,60 @@ +#! /bin/sh +# Updates $(libdir)/gdk-pixbuf-2.0/2.10.0/loaders + +umask 022 + +# Get the machine type from uname: +host=$(uname -m)-slackware-linux + +# Fix $host for arm arch: +case "$host" in + arm*) host=arm-slackware-linux-gnueabi ;; +esac + +case "$host" in + s390x*|x86_64*) + if [ -x /usr/bin/gdk-pixbuf-query-loaders-64 ]; then + if [ "$1" = "--verbose" ]; then + echo "Updating gdk-pixbuf.loaders for ${host}:" + echo " /usr/bin/gdk-pixbuf-query-loaders-64 --update-cache" + fi + /usr/bin/gdk-pixbuf-query-loaders-64 --update-cache + # Check for x86_64 multilib: + if ls -d /etc/gtk-2.0/i?86* 1> /dev/null 2> /dev/null ; then + for d in $(ls -d /etc/pango/i?86*); do + mlhost=$(basename $d) + break + done + if [ -x /usr/bin/gdk-pixbuf-query-loaders-32 ]; then + if [ "$1" = "--verbose" ]; then + echo "Updating gdk-pixbuf.loaders for ${mlhost}:" + echo " /usr/bin/gdk-pixbuf-query-loaders-32 --update-cache" + fi + /usr/bin/gdk-pixbuf-query-loaders-32 --update-cache + fi + fi + else + if [ "$1" = "--verbose" ]; then + echo "Updating gdk-pixbuf.loaders for ${host}:" + echo " /usr/bin/gdk-pixbuf-query-loaders --update-cache" + fi + /usr/bin/gdk-pixbuf-query-loaders --update-cache + fi + ;; + *) + if [ -x /usr/bin/gdk-pixbuf-query-loaders-32 ]; then + if [ "$1" = "--verbose" ]; then + echo "Updating gdk-pixbuf.loaders for ${host}:" + echo " /usr/bin/gdk-pixbuf-query-loaders-32 --update-cache" + fi + /usr/bin/gdk-pixbuf-query-loaders-32 --update-cache + else + if [ "$1" = "--verbose" ]; then + echo "Updating gdk-pixbuf.loaders for ${host}:" + echo " /usr/bin/gdk-pixbuf-query-loaders --update-cache" + fi + /usr/bin/gdk-pixbuf-query-loaders --update-cache + fi + ;; +esac + |