From ad6182343997a405079870a2fe91c4e0c6b94595 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Wed, 25 Sep 2019 19:33:39 +0100
Subject: gentoo resync : 25.09.2019

---
 media-gfx/ufraw/Manifest                           |  6 +-
 .../ufraw/files/ufraw-0.22-CVE-2015-8366.patch     | 17 ++++
 .../ufraw/files/ufraw-0.22-CVE-2018-19655.patch    | 44 ++++++++++
 media-gfx/ufraw/files/ufraw-0.22-exiv2-0.27.patch  |  9 +-
 media-gfx/ufraw/files/ufraw-0.22-gcc9.patch        | 97 +++++++++++++++++++++
 media-gfx/ufraw/ufraw-0.22-r3.ebuild               | 98 ++++++++++++++++++++++
 6 files changed, 266 insertions(+), 5 deletions(-)
 create mode 100644 media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch
 create mode 100644 media-gfx/ufraw/files/ufraw-0.22-CVE-2018-19655.patch
 create mode 100644 media-gfx/ufraw/files/ufraw-0.22-gcc9.patch
 create mode 100644 media-gfx/ufraw/ufraw-0.22-r3.ebuild

(limited to 'media-gfx/ufraw')

diff --git a/media-gfx/ufraw/Manifest b/media-gfx/ufraw/Manifest
index 0a237843410c..9d0401086fe7 100644
--- a/media-gfx/ufraw/Manifest
+++ b/media-gfx/ufraw/Manifest
@@ -1,10 +1,14 @@
 AUX ufraw-0.17-cfitsio-automagic.patch 933 BLAKE2B 06de9b807a9a491af2db83bfc07e3727409494a0925f01c0493e7cc5ce7b4a326f9c041d11dc30a38c6c71b42cc07e83017ffb01873a2d4f44d78a65a5c7c3ed SHA512 84aadb7dc41927a26ac37a801e136628380e79f032f87a925e737ec76c349c96c410750234f4870fe2fa61680085472a028e47c13cf01b2bd7fc7a55dad6de1b
+AUX ufraw-0.22-CVE-2015-8366.patch 498 BLAKE2B 98ff63a7ea66579877a7b1733111633df53241761cb4b56b745a9f34290fe72e6f802f602dfc1b69fc5210fc5007966bd7070aecaadc71ea5ddde15c849cd7ec SHA512 de55e5e2050ee648a889537d56410adb16adffb51d2ea03614932e0cb76d9a82c625ee2429493d89c389121ca30d8133ab4347602e55625f533611519d15db43
+AUX ufraw-0.22-CVE-2018-19655.patch 1292 BLAKE2B f4d89eff3392191cc1ac196b97e67d0df4e2710a15e2e08859b7c0b6fd2b8ab38173d2268b3e919965257e58d7341de4150ae690c1d864d3f90fcec4d8689a34 SHA512 a6b9e1b669f3aef9af98a57b04d0a225e24556a7ea4d19fb973d94fca209fdff1e2a9045743f2ceae8f6d608f42ccfc8a2041bdd7106f7bb21de263ff4b70d9c
 AUX ufraw-0.22-crashfix.patch 563 BLAKE2B 98dfd70be0cb7ec82b9f87c946a0638d7c0d444e0eb09a169609eb82f6d192cf3c0a9c4efd58a185bd83ca14a1fb795b47130c8491fb71cff372136d27c00fad SHA512 e02e71ef5660e83f49f7787c1819b6f86ed0de939db1bcd0e988f1c432ead9bd7f9e180e6974964305ab0ea65ba679b3363994213f8ffa04715176cfe45173cf
 AUX ufraw-0.22-drop_superfluous_abs.patch 448 BLAKE2B eae5b9f2dd6d12922b5fcd483447bc88a3ba4af249724f7c2dce5110d008934ce6e1601970ad7a42a952c8197b49605c3534c458e87ff804ccb1be861442d029 SHA512 847c5081225236d3728400d2d4f19f25fc971d9ee7b8a87395400f04d4ca82403d6fc10876f4884a3dcee7d1b2ac9a418132fa839d35f370484cc47fb6381a60
-AUX ufraw-0.22-exiv2-0.27.patch 736 BLAKE2B f8529ff60d93cc2333f9c083c780ad8892ccfb79f5290b9b594c7aa7d9ce3330af4966bc7dc2e5dc1358c5c31b85c26db475083ed49809409c89d23ef08668d0 SHA512 0dabac819a8bbe4a51d3b6a523aee7b80807343c28e9d03a1dc9bc378a7d353f61a592187f1e7c6067833e7fe0354fbd643bca74c0fac3c58b3c92a4b48d74af
+AUX ufraw-0.22-exiv2-0.27.patch 738 BLAKE2B 5392f37396074b1188b4c9f3bac06eb4168d68f53d367cc5107dbf71a66d5aab56a62489a826ac8fc0a4add74666bf232fde96f41f0ffc9604f5e6fd09d5d4fd SHA512 d37a132dc06ce186f177d6720ad23bc5f1e8ce84743b6e506242efee20cf628a4192d2bdaf1718260dba7bdef82d78bae2eb366df44e3dd3de13e318f812b76d
 AUX ufraw-0.22-fix-unsigned-char.patch 748 BLAKE2B 30a8dfcfb71f78449838ade5f77074d667fc1e71ca079f8042869a9e82ff8b9422ddbdc892c7458e05ad411d552352b5f530ae2da4a629d449857a1e62be0c78 SHA512 0ea99fe69adeeae1e6c07bcf9d583f6b8247ad0f01ddf3435edb605618b0c24d80c5662442250020b92352ebba12757bb69ad7b107ab8a8f464d5cf2b642664b
+AUX ufraw-0.22-gcc9.patch 3569 BLAKE2B ce417eb79994190666b842f6017f18eadead284bb763f1248ab4c0dd6132977fc56c79c11e3782a33d507aceec193e9ab2be423bea4335521e4308cb617b04d7 SHA512 aaf902c4a96ba1d9f21ff31e5499fd9d9216ff17812b41276e15a7150a4a90aa8a7a9e4aec70a006e68930e0e05c4a1da38abc78175de521752f1c6152e77b5a
 AUX ufraw-0.22-jasper-automagic.patch 613 BLAKE2B 100e6b31540030a20c8cff8e99329a738378788b2ab11665c0c8ab2f3246c821a176dba8b26cea354e8b0d127d2c601c21b0ac94f5264327916d0f8779618165 SHA512 855337bf109ebc0ea7b9bd429bcc429bd9caa561e2a815352c51e860a6e405d500913b70414ded7f47e053332c89b964d1817c8f22627504cf157f1565f3c7a4
 AUX ufraw-0.22-jpeg9.patch 1076 BLAKE2B 84448c537706d7b29f54d4735a75bf9501eac7927529c6d8e43d6cd746763ab753715d54cf943bb8bb5ddd8a29891f7522a680426acd2eb52af450492656ae3e SHA512 520e9351d7b8aa84f79a7c2841c2f56eaca849e67e448dc9503d248e31c1aa9fecaa64a332c0a155b6ba1ab7debec8734f3f2ef710bcb534a5fca34e9b5c8f7c
 DIST ufraw-0.22.tar.gz 1103554 BLAKE2B 5ffa4c660602553853221d7b31bfb78b02644bfeb4461cf752186d83ed8087b7905e414c7d741916ca9460c05849ab679b2f3098c99e5246f54a49b6a915268f SHA512 a42eff5052c18afec90245cf97ceeade78e3f288186cf697ac4abf2e8290d4081db8ac4de3ae47b3774f30a6cb4cbda392099e6fd2125fe751abb40d9b065ad2
 EBUILD ufraw-0.22-r2.ebuild 1951 BLAKE2B bedb97bbc87eb73770146b8fa6f27689cf000aa3b29611222e2f73ae1bd5de6b3dbedcb807c683c26f1c1aff52abf160ad78ff2d45e280b8e64ca5de771ae6bf SHA512 8f720c4a740dfa8b3df0f0868f5d2a03a22ac08765308eb2ca79f9e70686e800ef636062c277eef21bf21d34ade891037a8c5879739183dfe2d7aa66646d3d6a
+EBUILD ufraw-0.22-r3.ebuild 2094 BLAKE2B 413c318609901fa6eacdf7c239da47f9aedb32e5d973667588f8d50e1bf9dda9570c787752764d51cf4575afddb48c15ac47106e003539b0ec160e6d81c4d0dc SHA512 4547d4b12fb3b66891870122254680ba6f71fb0a3cbfa75d1ca59b96da52e2b0d34234a52ee1fbdf4ba4450b9fbfb3b185b05dacc5f13743dc0a0c2b80f2654f
 MISC metadata.xml 588 BLAKE2B 3e6ec0c8b11a3c30d1b20b5df4303fc1bc10b4e6459a24358ac50bcfaa414b307efe6d392d23fd7ce1443917865deae0dfa89cc7a068567f227cdc387f99d1cb SHA512 3d161ddfe0da5620312603d66acbc24244317da4dcb905558eddda9d54bf96024881ffbdcaa49f9daf73d779d5e7dbb47a523e05cc6c614756b468f14ef66ab9
diff --git a/media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch b/media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch
new file mode 100644
index 000000000000..9d59ca413fbe
--- /dev/null
+++ b/media-gfx/ufraw/files/ufraw-0.22-CVE-2015-8366.patch
@@ -0,0 +1,17 @@
+Fix a buffer overflow bug.  See
+https://github.com/LibRaw/LibRaw/commit/89d065424f09b788f443734d44857289489ca9e2
+
+--- a/dcraw.cc
++++ b/dcraw.cc
+@@ -3013,7 +3013,10 @@
+       diff = diff ? -diff : 0x80;
+     if (ftell(ifp) + 12 >= (int) seg[1][1])
+       diff = 0;
+-    raw_image[pix] = pred[pix & 1] += diff;
++    if(pix>=raw_width*raw_height)
++      derror();
++    else
++      raw_image[pix] = pred[pix & 1] += diff;
+     if (!(pix & 1) && HOLE(pix / raw_width)) pix += 2;
+   }
+   maximum = 0xff;
diff --git a/media-gfx/ufraw/files/ufraw-0.22-CVE-2018-19655.patch b/media-gfx/ufraw/files/ufraw-0.22-CVE-2018-19655.patch
new file mode 100644
index 000000000000..78b46b4452e0
--- /dev/null
+++ b/media-gfx/ufraw/files/ufraw-0.22-CVE-2018-19655.patch
@@ -0,0 +1,44 @@
+Description: stack-based buffer overflow bug
+Bug-Debian: https://bugs.debian.org/890086
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-19655
+Author: Filip Hroch <hroch@physics.muni.cz>
+Reviewed-by: Salvatore Bonaccorso <carnil@debian.org>
+Last-Update: 2018-12-02
+
+--- a/dcraw.cc
++++ b/dcraw.cc
+@@ -8505,9 +8505,15 @@ float CLASS find_green (int bps, int bit
+ {
+   UINT64 bitbuf=0;
+   int vbits, col, i, c;
+-  ushort img[2][2064];
++  ushort *img;
+   double sum[]={0,0};
+ 
++#define IMG2D(row,col) \
++  img[(row)*width+(col)]
++
++  img = (ushort *) malloc(2*width*sizeof(ushort));
++  merror (img, "find_green()");
++
+   FORC(2) {
+     fseek (ifp, c ? off1:off0, SEEK_SET);
+     for (vbits=col=0; col < width; col++) {
+@@ -8516,13 +8522,14 @@ float CLASS find_green (int bps, int bit
+ 	for (i=0; i < bite; i+=8)
+ 	  bitbuf |= (unsigned) (fgetc(ifp) << i);
+       }
+-      img[c][col] = bitbuf << (64-bps-vbits) >> (64-bps);
++      IMG2D(c,col) = bitbuf << (64-bps-vbits) >> (64-bps);
+     }
+   }
+   FORC(width-1) {
+-    sum[ c & 1] += ABS(img[0][c]-img[1][c+1]);
+-    sum[~c & 1] += ABS(img[1][c]-img[0][c+1]);
++    sum[ c & 1] += ABS(IMG2D(0,c)-IMG2D(1,c+1));
++    sum[~c & 1] += ABS(IMG2D(1,c)-IMG2D(0,c+1));
+   }
++  free(img);
+   return 100 * log(sum[0]/sum[1]);
+ }
+ 
diff --git a/media-gfx/ufraw/files/ufraw-0.22-exiv2-0.27.patch b/media-gfx/ufraw/files/ufraw-0.22-exiv2-0.27.patch
index b5b4140fff8e..2cd888ebc096 100644
--- a/media-gfx/ufraw/files/ufraw-0.22-exiv2-0.27.patch
+++ b/media-gfx/ufraw/files/ufraw-0.22-exiv2-0.27.patch
@@ -1,6 +1,6 @@
---- a/ufraw_exiv2.cc	2015-06-16 05:58:38.000000000 +0200
-+++ b/ufraw_exiv2.cc	2018-12-29 22:51:23.291894430 +0100
-@@ -15,9 +15,7 @@
+--- a/ufraw_exiv2.cc
++++ b/ufraw_exiv2.cc
+@@ -15,9 +15,8 @@
  #include "ufraw.h"
  
  #ifdef HAVE_EXIV2
@@ -8,10 +8,11 @@
 -#include <exiv2/easyaccess.hpp>
 -#include <exiv2/exif.hpp>
 +#include <exiv2/exiv2.hpp>
++#include <iostream>
  #include <sstream>
  #include <cassert>
  
-@@ -67,7 +65,11 @@
+@@ -67,7 +66,11 @@ extern "C" int ufraw_exif_read_input(ufraw_data *uf)
          if (exifData.empty()) {
              std::string error(uf->filename);
              error += ": No Exif data found in the file";
diff --git a/media-gfx/ufraw/files/ufraw-0.22-gcc9.patch b/media-gfx/ufraw/files/ufraw-0.22-gcc9.patch
new file mode 100644
index 000000000000..f2cf1dc88a86
--- /dev/null
+++ b/media-gfx/ufraw/files/ufraw-0.22-gcc9.patch
@@ -0,0 +1,97 @@
+From ac8c74699cba65d65f918b3f4cba2de64e039ada Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= <sergio@serjux.com>
+Date: Thu, 14 Feb 2019 03:26:02 +0000
+Subject: [PATCH] Fix GCC 9 OpenMP issues by drop default(none)
+
+---
+ dcraw_api.cc  | 4 ++--
+ dcraw_indi.c  | 4 ----
+ ufraw_ufraw.c | 6 +++---
+ 3 files changed, 5 insertions(+), 9 deletions(-)
+
+diff --git a/dcraw_api.cc b/dcraw_api.cc
+index c3d2902..6096cb7 100644
+--- a/dcraw_api.cc
++++ b/dcraw_api.cc
+@@ -686,7 +686,7 @@ extern "C" {
+             rgbWB[3] = rgbWB[1];
+         if (dark) {
+ #ifdef _OPENMP
+-            #pragma omp parallel for schedule(static) default(none) \
++            #pragma omp parallel for schedule(static) \
+             shared(h,dark,rgbWB)
+ #endif
+             for (int i = 0; i < pixels; i++) {
+@@ -699,7 +699,7 @@ extern "C" {
+             }
+         } else {
+ #ifdef _OPENMP
+-            #pragma omp parallel for schedule(static) default(none) \
++            #pragma omp parallel for schedule(static) \
+             shared(h,dark,rgbWB)
+ #endif
+             for (int i = 0; i < pixels; i++) {
+diff --git a/dcraw_indi.c b/dcraw_indi.c
+index a291af2..777ce39 100644
+--- a/dcraw_indi.c
++++ b/dcraw_indi.c
+@@ -137,12 +137,10 @@ void CLASS wavelet_denoise_INDI(ushort(*image)[4], const int black,
+ #ifdef _OPENMP
+ #if defined(__sun) && !defined(__GNUC__)	/* Fix bug #3205673 - NKBJ */
+     #pragma omp parallel for				\
+-    default(none)					\
+     shared(nc,image,size,noise)				\
+     private(c,i,hpass,lev,lpass,row,col,thold,fimg,temp)
+ #else
+     #pragma omp parallel for				\
+-    default(none)					\
+     shared(nc,image,size)				\
+     private(c,i,hpass,lev,lpass,row,col,thold,fimg,temp)
+ #endif
+@@ -413,7 +411,6 @@ void CLASS vng_interpolate_INDI(ushort(*image)[4], const unsigned filters,
+     progress(PROGRESS_INTERPOLATE, -height);
+ #ifdef _OPENMP
+     #pragma omp parallel				\
+-    default(none)					\
+     shared(image,code,prow,pcol,h)			\
+     private(row,col,g,brow,rowtmp,pix,ip,gval,diff,gmin,gmax,thold,sum,color,num,c,t)
+ #endif
+@@ -496,7 +493,6 @@ void CLASS ppg_interpolate_INDI(ushort(*image)[4], const unsigned filters,
+ 
+ #ifdef _OPENMP
+     #pragma omp parallel				\
+-    default(none)					\
+     shared(image,dir,diff)				\
+     private(row,col,i,d,c,pix,guess)
+ #endif
+diff --git a/ufraw_ufraw.c b/ufraw_ufraw.c
+index ce9d262..48a0d91 100644
+--- a/ufraw_ufraw.c
++++ b/ufraw_ufraw.c
+@@ -1043,7 +1043,7 @@ static void ufraw_shave_hotpixels(ufraw_data *uf, dcraw_image_type *img,
+     delta = rgbMax / (uf->conf->hotpixel + 1.0);
+     count = 0;
+ #ifdef _OPENMP
+-    #pragma omp parallel for schedule(static) default(none) \
++    #pragma omp parallel for schedule(static) \
+     shared(uf,img,width,height,colors,rgbMax,delta) \
+     reduction(+:count) \
+     private(h,p,w,c,t,v,hi,i)
+@@ -1365,7 +1365,7 @@ static void ufraw_convert_reverse_wb(ufraw_data *uf, UFRawPhase phase)
+         mul[i] = (guint64)0x10000 * 0x10000 / uf->developer->rgbWB[i];
+     size = img->height * img->width;
+ #ifdef _OPENMP
+-    #pragma omp parallel for schedule(static) default(none) \
++    #pragma omp parallel for schedule(static) \
+     shared(uf,phase,img,mul,size) \
+     private(i,p16,c,px)
+ #endif
+@@ -1390,7 +1390,7 @@ static void ufraw_convert_image_tca(ufraw_data *uf, ufraw_image_data *img,
+         return;
+     int y;
+ #ifdef _OPENMP
+-    #pragma omp parallel for schedule(static) default(none) \
++    #pragma omp parallel for schedule(static) \
+     shared(uf,img,outimg,area)
+ #endif
+     for (y = area->y; y < area->y + area->height; y++) {
diff --git a/media-gfx/ufraw/ufraw-0.22-r3.ebuild b/media-gfx/ufraw/ufraw-0.22-r3.ebuild
new file mode 100644
index 000000000000..f31268404678
--- /dev/null
+++ b/media-gfx/ufraw/ufraw-0.22-r3.ebuild
@@ -0,0 +1,98 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools gnome2-utils toolchain-funcs xdg-utils
+
+DESCRIPTION="RAW Image format viewer and GIMP plugin"
+HOMEPAGE="http://ufraw.sourceforge.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~amd64-linux ~x86-linux ~x64-solaris ~x86-solaris"
+IUSE="contrast fits gimp gnome gtk openmp timezone"
+
+REQUIRED_USE="gimp? ( gtk )"
+
+BDEPEND="virtual/pkgconfig"
+RDEPEND="
+	dev-libs/glib:2
+	media-gfx/exiv2:=
+	media-libs/lcms:2=
+	>=media-libs/lensfun-0.2.5:=
+	media-libs/libpng:0=
+	media-libs/tiff
+	virtual/jpeg:0=
+	fits? ( sci-libs/cfitsio:= )
+	gimp? ( >=media-gfx/gimp-2 )
+	gnome? ( >=gnome-base/gconf-2 )
+	gtk? (
+		>=media-gfx/gtkimageview-1.5
+		>=x11-libs/gtk+-2.6:2
+	)
+"
+DEPEND="${RDEPEND}"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.17-cfitsio-automagic.patch
+	"${FILESDIR}"/${P}-jasper-automagic.patch
+	"${FILESDIR}"/${P}-crashfix.patch
+	"${FILESDIR}"/${P}-drop_superfluous_abs.patch
+	"${FILESDIR}"/${P}-fix-unsigned-char.patch
+	"${FILESDIR}"/${P}-jpeg9.patch
+	"${FILESDIR}"/${P}-exiv2-0.27.patch
+	"${FILESDIR}"/${P}-gcc9.patch
+	"${FILESDIR}"/${P}-CVE-2015-8366.patch
+	"${FILESDIR}"/${P}-CVE-2018-19655.patch
+)
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		--disable-jasper
+		$(use_enable contrast)
+		$(use_with fits cfitsio)
+		$(use_with gimp)
+		$(use_enable gnome mime)
+		$(use_with gtk)
+		$(use_enable openmp)
+		$(use_enable timezone dst-correction)
+	)
+	econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+	emake AR="$(tc-getAR)"
+}
+
+src_install() {
+	emake DESTDIR="${D}" schemasdir=/etc/gconf/schemas install
+	einstalldocs
+}
+
+pkg_preinst() {
+	if use gnome; then
+		gnome2_gconf_savelist
+	fi
+}
+
+pkg_postinst() {
+	if use gnome; then
+		xdg_mimeinfo_database_update
+		xdg_desktop_database_update
+		gnome2_gconf_install
+	fi
+}
+
+pkg_postrm() {
+	if use gnome; then
+		xdg_desktop_database_update
+		xdg_mimeinfo_database_update
+	fi
+}
-- 
cgit v1.2.3