diff options
Diffstat (limited to 'media-gfx/optipng')
-rw-r--r-- | media-gfx/optipng/Manifest | 12 | ||||
-rw-r--r-- | media-gfx/optipng/files/optipng-0.7.6-cve-2017-1000229.patch | 25 | ||||
-rw-r--r-- | media-gfx/optipng/optipng-0.7.6-r1.ebuild | 56 |
3 files changed, 87 insertions, 6 deletions
diff --git a/media-gfx/optipng/Manifest b/media-gfx/optipng/Manifest index 5930b797b70c..3bbcc4f0e880 100644 --- a/media-gfx/optipng/Manifest +++ b/media-gfx/optipng/Manifest @@ -1,6 +1,6 @@ -AUX optipng-0.7.5-estonian.patch 1014 SHA256 b0794fda40086c1e0443351477c487f04103f7c571c082d93130b398cbcae014 SHA512 535e869c42df6181f0bd30287adb9175c18e8a9730c997a6466e64870b968d9575e6952889353be5ac4232b2087b004cde953e151da4c75b8048b3cdccb8f27d WHIRLPOOL b69f09ddecc477eeef4eeeef82bc2c825bf8950b155c55a0836de2e532ff3d0a7ab148d7e7283091cfb55cb3af3b41b5a8a9b54b8a5c2e36371dfefa6be7afa0 -DIST optipng-0.7.6.tar.gz 2202237 SHA256 4870631fcbd3825605f00a168b8debf44ea1cda8ef98a73e5411eee97199be80 SHA512 d31d7494c23413d87b601a706cc2faf82923156a818da66e0bfad11741aed065db8f1b0c088d2abd66899ac192408c05f594295ded2684c4549c5f03b140a184 WHIRLPOOL c2708d111d0e57e35658d540a1bb0bbdea8fa35501be359222970e81159a6691db02053a446c250e3dd393f17918cc748de80e9cf19a355dcd5da867716fb359 -EBUILD optipng-0.7.6.ebuild 1264 SHA256 c796916ae8d8484f756de2053130834ffc74d0c5605cd98e06b0fafd362a620d SHA512 acfe88a65ae266104b41044ccbd6961326a711e67797ebf176af972d08471b1e958bad2a1b46243e59ddb0f6eb10a95dcada7a76a6235970902f7ea277cf1429 WHIRLPOOL 3d8f8769c945c483e234a626425176e1761222d409308563d0acfc7d4b94c54934c3dc950b0a96d78c0cbf4f7f0a8ab951852ccbc85c8d39677a785d16e2198f -MISC ChangeLog 4815 SHA256 168bf847edf590eaaeed3564c143a8ada3e56c512ea8c67e333d110eda957c75 SHA512 7270e8d96669b9c5b9a89dce7ebc236d0366aeba3b00d12a00d03fe148213b4a7f999f182bf41e4c485a33327fb217f457cf1f43714ccf5c6136ee06da9b0624 WHIRLPOOL f76d478e69f5da42203751241718f707b50ccdeee4b08fba47606a02ed36d62ae2382ec382d4d2c8f76d9b685ca72f101476b0ef1e9de14a8a90b4859ef3a979 -MISC ChangeLog-2015 11858 SHA256 b66893e52b6cab2a88692b801cc5922e70a996964ea984f104a9043d0908a0ad SHA512 4582d5944c12335dd3b92668c83cb5f7694d4086ecd01d72ab4198cadca8765fe6486cf7bda067915ba906220370faf948ea9ef052cae3884c796145a3f02b1e WHIRLPOOL e3296ea4f32499ac91ac6b6b8fd3fcf7f1ab0208aae2150c3f1114e07f7db0a9c97cc59b7b1c4ae806835a1499e6e33891f148f8e68b44427d3ecd870602a1fa -MISC metadata.xml 326 SHA256 8bb649aedd41191bf8b9dbfcc37069da0e6a379cbc39893c00b25d2708866297 SHA512 57810d8957812cf02573aff451fb8248944bd100beaa06412deb4b5622161fca2ee466ad80050d68e94acf5e2e7963c6fa657416996c0503da6ac88f1f00efdb WHIRLPOOL ca572a0cc843aa70dda752b67ca2e29318bfc2b771d82cdfee9330c6a7bf7f9c6e4c3617a17c5fce9ae6d3bab8cb112763100ec0cd94585beaa92ef2d08f6e2c +AUX optipng-0.7.5-estonian.patch 1014 BLAKE2B 3c973120185be858a89c02b1f452e47da5f51866ec9ad59653d2f27cea9ea2b7d318d33b00c3eb14b6e87e629f63062d63f2ffd523e62b9927b0b75e4d781af1 SHA512 535e869c42df6181f0bd30287adb9175c18e8a9730c997a6466e64870b968d9575e6952889353be5ac4232b2087b004cde953e151da4c75b8048b3cdccb8f27d +AUX optipng-0.7.6-cve-2017-1000229.patch 903 BLAKE2B d193e4c62813e40b653699d17b478838633e43536caa6bca54a7b48ad4290af3aa452b37d3bacbb194bec11aeed47e84b60cab4fd71281d554e72309e376ceb4 SHA512 2bf259c59121e735a6c65137d5819c07057b3b1e43e14793cc4f739b607f6ea4e4788ddf1dee521bd8b623796c901f974e7c925f36ff13adec669dfc6fbf449e +DIST optipng-0.7.6.tar.gz 2202237 BLAKE2B f113027ff12f2fc97bd4dc43b8e62f5af8f86e251b43c0f86ffbd59366b329d1fc2a58103aa349cb18fb0c9d2e5f051517439c02aeb44ee435c6fff0c75efb7a SHA512 d31d7494c23413d87b601a706cc2faf82923156a818da66e0bfad11741aed065db8f1b0c088d2abd66899ac192408c05f594295ded2684c4549c5f03b140a184 +EBUILD optipng-0.7.6-r1.ebuild 1336 BLAKE2B a54e08e74534f32e4f768593b9330275b5ca013790338ebf1a56b62b1ae7889d865051d83a61e077b0bd570adbd27dc39a8a57c08f7e8727048da11115659703 SHA512 8a169fe7d8e12bc8dc351a049e1a4d4a50ff9d53433b737c91ed0e26cd9b24ba59ea611002df6c38018572d69a177920ab6b8b1abcc22f9ef5b2d5ef36d15a7f +EBUILD optipng-0.7.6.ebuild 1264 BLAKE2B 7300c5845c1e78740781546ff0f7389af8f76e373d690c82270bd0d391d80f9b690cc4f59b16fe380c4ce47ac6c2c04eaf6f28c1bd32eb2bb242a8fe785bef66 SHA512 acfe88a65ae266104b41044ccbd6961326a711e67797ebf176af972d08471b1e958bad2a1b46243e59ddb0f6eb10a95dcada7a76a6235970902f7ea277cf1429 +MISC metadata.xml 326 BLAKE2B aa1da3dfcfd0faa4d1bcc901659c15b3ce974eace4d7b1317c7fcfdac13939ca4e0ed9d58eb46e7921caefe63475fcffe3193ad138506c9e16b0d8d9abb73bb8 SHA512 57810d8957812cf02573aff451fb8248944bd100beaa06412deb4b5622161fca2ee466ad80050d68e94acf5e2e7963c6fa657416996c0503da6ac88f1f00efdb diff --git a/media-gfx/optipng/files/optipng-0.7.6-cve-2017-1000229.patch b/media-gfx/optipng/files/optipng-0.7.6-cve-2017-1000229.patch new file mode 100644 index 000000000000..19dc3ad0c57b --- /dev/null +++ b/media-gfx/optipng/files/optipng-0.7.6-cve-2017-1000229.patch @@ -0,0 +1,25 @@ +From 77ac8e9fd9b2c1aeec3951e2bb50f7cc2c1e92d2 Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping <sebastian@pipping.org> +Date: Sun, 19 Nov 2017 16:04:26 +0100 +Subject: [PATCH] Prevent integer overflow (bug #65, CVE-2017-1000229) + +--- + src/minitiff/tiffread.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/minitiff/tiffread.c b/src/minitiff/tiffread.c +index b4910ec..5f9b376 100644 +--- a/src/minitiff/tiffread.c ++++ b/src/minitiff/tiffread.c +@@ -350,6 +350,8 @@ minitiff_read_info(struct minitiff_info *tiff_ptr, FILE *fp) + count = tiff_ptr->strip_offsets_count; + if (count == 0 || count > tiff_ptr->height) + goto err_invalid; ++ if (count > (size_t)-1 / sizeof(long)) ++ goto err_memory; + tiff_ptr->strip_offsets = (long *)malloc(count * sizeof(long)); + if (tiff_ptr->strip_offsets == NULL) + goto err_memory; +-- +2.14.2 + diff --git a/media-gfx/optipng/optipng-0.7.6-r1.ebuild b/media-gfx/optipng/optipng-0.7.6-r1.ebuild new file mode 100644 index 000000000000..7cc031c42aab --- /dev/null +++ b/media-gfx/optipng/optipng-0.7.6-r1.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=4 + +inherit eutils toolchain-funcs + +DESCRIPTION="Compress PNG files without affecting image quality" +HOMEPAGE="http://optipng.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="ZLIB" +SLOT="0" +KEYWORDS="~alpha amd64 ~arm ppc ppc64 ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos ~x86-solaris" +IUSE="" + +RDEPEND="sys-libs/zlib + media-libs/libpng:0" +DEPEND="${RDEPEND} + sys-apps/findutils" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.7.5-estonian.patch + epatch "${FILESDIR}"/${PN}-0.7.6-cve-2017-1000229.patch # bug 637936 + + rm -R src/{libpng,zlib} || die + find . -type d -name build -exec rm -R {} + || die + + # next release is almost a complete rewrite, so plug this compilation + # problem in anticipation of the much (c)leaner(?) rewrite + sed -i \ + -e 's/^#ifdef AT_FDCWD/#if defined(AT_FDCWD) \&\& !(defined (__SVR4) \&\& defined (__sun))/' \ + src/optipng/osys.c || die + + tc-export CC AR RANLIB + export LD=$(tc-getCC) +} + +src_configure() { + ./configure \ + -with-system-libpng \ + -with-system-zlib \ + || die "configure failed" +} + +src_compile() { + emake -C src/optipng +} + +src_install() { + dodoc README.txt doc/*.txt + dohtml doc/*.html + doman src/${PN}/man/${PN}.1 + + dobin src/${PN}/${PN} +} |