aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-01-25 12:42:39 -0500
committerLeo Famulari <leo@famulari.name>2017-01-25 12:42:39 -0500
commitd123f2f991e0bf6f51e5f207d291fb4c1ceb1245 (patch)
tree8ca3cbeff8a08ab9e11a0324fd9ec0bae7614f4c /gnu/packages/patches
parenta282d7ff174ccc13b3645359449af6052451c2a1 (diff)
parent864042c5c5f845fd3c1ae37c64dc1a672fedef28 (diff)
downloadguix-d123f2f991e0bf6f51e5f207d291fb4c1ceb1245.tar
guix-d123f2f991e0bf6f51e5f207d291fb4c1ceb1245.tar.gz
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/gnupg-test-segfault-on-32bit-arch.patch40
-rw-r--r--gnu/packages/patches/khal-disable-failing-tests.patch33
-rw-r--r--gnu/packages/patches/libupnp-CVE-2016-6255.patch50
-rw-r--r--gnu/packages/patches/libupnp-CVE-2016-8863.patch72
-rw-r--r--gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch233
5 files changed, 233 insertions, 195 deletions
diff --git a/gnu/packages/patches/gnupg-test-segfault-on-32bit-arch.patch b/gnu/packages/patches/gnupg-test-segfault-on-32bit-arch.patch
deleted file mode 100644
index 79bb41caaa..0000000000
--- a/gnu/packages/patches/gnupg-test-segfault-on-32bit-arch.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-This fixes a segfault on 32-bit architectures. Upstream discussion:
-
-https://lists.gnupg.org/pipermail/gnupg-devel/2016-December/032364.html
-
-Guix thread: https://lists.gnu.org/archive/html/guix-devel/2016-12/msg00631.html
-
-Patch copied from upstream source repository:
-
-https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=6e96cdd41a0e55b672309431062f37c4a4a9f485
-
-From 6e96cdd41a0e55b672309431062f37c4a4a9f485 Mon Sep 17 00:00:00 2001
-From: Justus Winter <justus@g10code.com>
-Date: Wed, 21 Dec 2016 16:14:45 +0100
-Subject: [PATCH] gpgscm: Guard use of union member.
-
-* tests/gpgscm/scheme.c (opexe_5): Check that we have a file port
-before accessing filename. Fixes a crash on 32-bit architectures.
-
-Fixes-commit: e7429b1ced0c69fa7901f888f8dc25f00fc346a4
-Signed-off-by: Justus Winter <justus@g10code.com>
----
- tests/gpgscm/scheme.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c
-index a5b7691..2844545 100644
---- a/tests/gpgscm/scheme.c
-+++ b/tests/gpgscm/scheme.c
-@@ -4838,7 +4838,7 @@ static pointer opexe_5(scheme *sc, enum scheme_opcodes op) {
- } else {
- sc->nesting_stack[sc->file_i]++;
- #if USE_TAGS && SHOW_ERROR_LINE
-- {
-+ if (sc->load_stack[sc->file_i].kind & port_file) {
- const char *filename =
- sc->load_stack[sc->file_i].rep.stdio.filename;
- int lineno =
---
-2.8.0.rc3
-
diff --git a/gnu/packages/patches/khal-disable-failing-tests.patch b/gnu/packages/patches/khal-disable-failing-tests.patch
deleted file mode 100644
index e2c65df8ce..0000000000
--- a/gnu/packages/patches/khal-disable-failing-tests.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-Disable some tests that are known to fail:
-
-https://github.com/pimutils/khal/issues/546
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844081
-
-diff --git a/tests/khalendar_test.py b/tests/khalendar_test.py
-index fd8dcc6..17732bf 100644
---- a/tests/khalendar_test.py
-+++ b/tests/khalendar_test.py
-@@ -65,6 +65,7 @@ class TestCalendar(object):
- else:
- mtimes[cal] = mtime
-
-+ @pytest.mark.xfail
- def test_db_needs_update(self, coll_vdirs):
- coll, vdirs = coll_vdirs
-
-@@ -321,6 +322,7 @@ class TestDbCreation(object):
- CalendarCollection(calendars, dbpath=dbpath, locale=aux.locale)
-
-
-+@pytest.mark.xfail
- def test_default_calendar(coll_vdirs):
- """test if an update to the vdir is detected by the CalendarCollection"""
- coll, vdirs = coll_vdirs
-@@ -341,6 +343,7 @@ def test_default_calendar(coll_vdirs):
- assert len(list(coll.get_events_on(today))) == 0
-
-
-+@pytest.mark.xfail
- def test_only_update_old_event(coll_vdirs, monkeypatch):
- coll, vdirs = coll_vdirs
-
diff --git a/gnu/packages/patches/libupnp-CVE-2016-6255.patch b/gnu/packages/patches/libupnp-CVE-2016-6255.patch
deleted file mode 100644
index c9a3fa284c..0000000000
--- a/gnu/packages/patches/libupnp-CVE-2016-6255.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Fix CVE-2016-6255:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6255
-http://www.openwall.com/lists/oss-security/2016/07/18/13
-
-Patch adapted from upstream commit:
-
-https://github.com/mrjimenez/pupnp/commit/d64d6a44906b5aa5306bdf1708531d698654dda5
-
-The upstream change is simplified to unconditionally disable the HTTP
-POST feature.
-
-From d64d6a44906b5aa5306bdf1708531d698654dda5 Mon Sep 17 00:00:00 2001
-From: Matthew Garrett <mjg59@srcf.ucam.org>
-Date: Tue, 23 Feb 2016 13:53:20 -0800
-Subject: [PATCH] Don't allow unhandled POSTs to write to the filesystem by
- default
-
-If there's no registered handler for a POST request, the default behaviour
-is to write it to the filesystem. Several million deployed devices appear
-to have this behaviour, making it possible to (at least) store arbitrary
-data on them. Add a configure option that enables this behaviour, and change
-the default to just drop POSTs that aren't directly handled.
-
-Signed-off-by: Marcelo Roberto Jimenez <mroberto@users.sourceforge.net>
-(cherry picked from commit c91a8a3903367e1163765b73eb4d43be7d7927fa)
----
- configure.ac | 9 +++++++++
- upnp/inc/upnpconfig.h.in | 9 +++++++++
- upnp/src/genlib/net/http/webserver.c | 4 ++++
- 3 files changed, 22 insertions(+)
-
-diff --git a/upnp/src/genlib/net/http/webserver.c b/upnp/src/genlib/net/http/webserver.c
-index 26bf0f7..7ae8c1e 100644
---- a/upnp/src/genlib/net/http/webserver.c
-+++ b/upnp/src/genlib/net/http/webserver.c
-@@ -1367,9 +1367,13 @@ static int http_RecvPostMessage(
- if (Fp == NULL)
- return HTTP_INTERNAL_SERVER_ERROR;
- } else {
-+#if 0
- Fp = fopen(filename, "wb");
- if (Fp == NULL)
- return HTTP_UNAUTHORIZED;
-+#else
-+ return HTTP_NOT_FOUND;
-+#endif
- }
- parser->position = POS_ENTITY;
- do {
diff --git a/gnu/packages/patches/libupnp-CVE-2016-8863.patch b/gnu/packages/patches/libupnp-CVE-2016-8863.patch
deleted file mode 100644
index 9978b39487..0000000000
--- a/gnu/packages/patches/libupnp-CVE-2016-8863.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-Fix CVE-2016-8863:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863
-https://sourceforge.net/p/pupnp/bugs/133/
-
-Patch copied from upstream source repository:
-
-https://sourceforge.net/p/pupnp/code/ci/9c099c2923ab4d98530ab5204af1738be5bddba7/
-
-From 9c099c2923ab4d98530ab5204af1738be5bddba7 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Uwe=20Kleine-K=C3=B6nig?= <ukleinek@debian.org>
-Date: Thu, 8 Dec 2016 17:11:53 +0100
-Subject: [PATCH] Fix out-of-bound access in create_url_list() (CVE-2016-8863)
-
-If there is an invalid URL in URLS->buf after a valid one, uri_parse is
-called with out pointing after the allocated memory. As uri_parse writes
-to *out before returning an error the loop in create_url_list must be
-stopped early to prevent an out-of-bound access
-
-Bug: https://sourceforge.net/p/pupnp/bugs/133/
-Bug-CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8863
-Bug-Debian: https://bugs.debian.org/842093
-Bug-Redhat: https://bugzilla.redhat.com/show_bug.cgi?id=1388771
-(cherry picked from commit a0f6e719bc03c4d2fe6a4a42ef6b8761446f520b)
----
- upnp/src/gena/gena_device.c | 17 ++++++++++++-----
- 1 file changed, 12 insertions(+), 5 deletions(-)
-
-diff --git a/upnp/src/gena/gena_device.c b/upnp/src/gena/gena_device.c
-index fb04a29..245c56b 100644
---- a/upnp/src/gena/gena_device.c
-+++ b/upnp/src/gena/gena_device.c
-@@ -1113,7 +1113,7 @@ static int create_url_list(
- /*! [out] . */
- URL_list *out)
- {
-- size_t URLcount = 0;
-+ size_t URLcount = 0, URLcount2 = 0;
- size_t i;
- int return_code = 0;
- uri_type temp;
-@@ -1155,16 +1155,23 @@ static int create_url_list(
- }
- memcpy( out->URLs, URLS->buff, URLS->size );
- out->URLs[URLS->size] = 0;
-- URLcount = 0;
- for( i = 0; i < URLS->size; i++ ) {
- if( ( URLS->buff[i] == '<' ) && ( i + 1 < URLS->size ) ) {
- if( ( ( return_code =
- parse_uri( &out->URLs[i + 1], URLS->size - i + 1,
-- &out->parsedURLs[URLcount] ) ) ==
-+ &out->parsedURLs[URLcount2] ) ) ==
- HTTP_SUCCESS )
-- && ( out->parsedURLs[URLcount].hostport.text.size !=
-+ && ( out->parsedURLs[URLcount2].hostport.text.size !=
- 0 ) ) {
-- URLcount++;
-+ URLcount2++;
-+ if (URLcount2 >= URLcount)
-+ /*
-+ * break early here in case there is a bogus URL that
-+ * was skipped above. This prevents to access
-+ * out->parsedURLs[URLcount] which is beyond the
-+ * allocation.
-+ */
-+ break;
- } else {
- if( return_code == UPNP_E_OUTOF_MEMORY ) {
- free( out->URLs );
---
-2.11.0
-
diff --git a/gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch b/gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch
new file mode 100644
index 0000000000..545b5d0a71
--- /dev/null
+++ b/gnu/packages/patches/openjpeg-CVE-2016-9572-CVE-2016-9573.patch
@@ -0,0 +1,233 @@
+Fix CVE-2016-9572 and CVE-2016-9573:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9572
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9573
+https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9572
+https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9573
+
+Patch copied from 3rd-party repository:
+
+https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d
+
+From 7b28bd2b723df6be09fe7791eba33147c1c47d0d Mon Sep 17 00:00:00 2001
+From: szukw000 <szukw000@arcor.de>
+Date: Mon, 28 Nov 2016 21:57:20 +0100
+Subject: [PATCH] Changes for issues #863 and #862
+
+---
+ src/bin/jp2/convert.c | 59 +++++++++++++++++++++++++++++++++++++++-----
+ src/bin/jp2/convertbmp.c | 29 +++++++++++++++++++++-
+ src/bin/jp2/opj_decompress.c | 2 +-
+ src/lib/openjp2/j2k.c | 11 ++++++---
+ 4 files changed, 90 insertions(+), 11 deletions(-)
+
+diff --git a/src/bin/jp2/convert.c b/src/bin/jp2/convert.c
+index deee4f6..6a3f65b 100644
+--- a/src/bin/jp2/convert.c
++++ b/src/bin/jp2/convert.c
+@@ -906,7 +906,8 @@ int imagetotga(opj_image_t * image, const char *outfile) {
+ for (i = 0; i < image->numcomps-1; i++) {
+ if ((image->comps[0].dx != image->comps[i+1].dx)
+ ||(image->comps[0].dy != image->comps[i+1].dy)
+- ||(image->comps[0].prec != image->comps[i+1].prec)) {
++ ||(image->comps[0].prec != image->comps[i+1].prec)
++ ||(image->comps[0].sgnd != image->comps[i+1].sgnd)) {
+ fclose(fdest);
+ fprintf(stderr, "Unable to create a tga file with such J2K image charateristics.");
+ return 1;
+@@ -1743,7 +1744,7 @@ int imagetopnm(opj_image_t * image, const char *outfile, int force_split)
+ int *red, *green, *blue, *alpha;
+ int wr, hr, max;
+ int i;
+- unsigned int compno, ncomp;
++ unsigned int compno, ncomp, ui;
+ int adjustR, adjustG, adjustB, adjustA;
+ int fails, two, want_gray, has_alpha, triple;
+ int prec, v;
+@@ -1768,6 +1769,27 @@ int imagetopnm(opj_image_t * image, const char *outfile, int force_split)
+
+ if(want_gray) ncomp = 1;
+
++ for (ui = 1; ui < ncomp; ++ui) {
++ if (image->comps[0].dx != image->comps[ui].dx) {
++ break;
++ }
++ if (image->comps[0].dy != image->comps[ui].dy) {
++ break;
++ }
++ if (image->comps[0].prec != image->comps[ui].prec) {
++ break;
++ }
++ if (image->comps[0].sgnd != image->comps[ui].sgnd) {
++ break;
++ }
++ }
++ if (ui != ncomp) {
++ fprintf(stderr,"imagetopnm: All components\n shall have "
++ "the same subsampling, same bit depth, same sign.\n"
++ " Aborting\n");
++ return 1;
++ }
++
+ if ((force_split == 0) &&
+ (ncomp == 2 /* GRAYA */
+ || (ncomp > 2 /* RGB, RGBA */
+@@ -2126,7 +2148,7 @@ static int imagetoraw_common(opj_image_t * image, const char *outfile, OPJ_BOOL
+ {
+ FILE *rawFile = NULL;
+ size_t res;
+- unsigned int compno;
++ unsigned int compno, numcomps;
+ int w, h, fails;
+ int line, row, curr, mask;
+ int *ptr;
+@@ -2139,6 +2161,31 @@ static int imagetoraw_common(opj_image_t * image, const char *outfile, OPJ_BOOL
+ return 1;
+ }
+
++ numcomps = image->numcomps;
++
++ if (numcomps > 4) {
++ numcomps = 4;
++ }
++ for (compno = 1; compno < numcomps; ++compno) {
++ if (image->comps[0].dx != image->comps[compno].dx) {
++ break;
++ }
++ if (image->comps[0].dy != image->comps[compno].dy) {
++ break;
++ }
++ if (image->comps[0].prec != image->comps[compno].prec) {
++ break;
++ }
++ if (image->comps[0].sgnd != image->comps[compno].sgnd) {
++ break;
++ }
++ }
++ if (compno != numcomps) {
++ fprintf(stderr,"imagetoraw_common: All components shall have the same subsampling, same bit depth, same sign.\n");
++ fprintf(stderr,"\tAborting\n");
++ return 1;
++ }
++
+ rawFile = fopen(outfile, "wb");
+ if (!rawFile) {
+ fprintf(stderr, "Failed to open %s for writing !!\n", outfile);
+@@ -2146,9 +2193,9 @@ static int imagetoraw_common(opj_image_t * image, const char *outfile, OPJ_BOOL
+ }
+
+ fails = 1;
+- fprintf(stdout,"Raw image characteristics: %d components\n", image->numcomps);
++ fprintf(stdout,"Raw image characteristics: %d components\n", numcomps);
+
+- for(compno = 0; compno < image->numcomps; compno++)
++ for(compno = 0; compno < numcomps; compno++)
+ {
+ fprintf(stdout,"Component %u characteristics: %dx%dx%d %s\n", compno, image->comps[compno].w,
+ image->comps[compno].h, image->comps[compno].prec, image->comps[compno].sgnd==1 ? "signed": "unsigned");
+@@ -2238,7 +2285,7 @@ static int imagetoraw_common(opj_image_t * image, const char *outfile, OPJ_BOOL
+ }
+ else if (image->comps[compno].prec <= 32)
+ {
+- fprintf(stderr,"More than 16 bits per component no handled yet\n");
++ fprintf(stderr,"More than 16 bits per component not handled yet\n");
+ goto fin;
+ }
+ else
+diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
+index ae83077..8017ba8 100644
+--- a/src/bin/jp2/convertbmp.c
++++ b/src/bin/jp2/convertbmp.c
+@@ -806,8 +806,35 @@ int imagetobmp(opj_image_t * image, const char *outfile) {
+ FILE *fdest = NULL;
+ int adjustR, adjustG, adjustB;
+
++ {
++ unsigned int ui, ncomp = image->numcomps;
++
++ if (ncomp > 4) { /* RGBA in bmpmask32toimage */
++ ncomp = 4;
++ }
++ for (ui = 1; ui < ncomp; ++ui) {
++ if (image->comps[0].dx != image->comps[ui].dx) {
++ break;
++ }
++ if (image->comps[0].dy != image->comps[ui].dy) {
++ break;
++ }
++ if (image->comps[0].prec != image->comps[ui].prec) {
++ break;
++ }
++ if (image->comps[0].sgnd != image->comps[ui].sgnd) {
++ break;
++ }
++ }
++ if (ui != ncomp) {
++ fprintf(stderr,"imagetobmp: All components shall have the same subsampling, same bit depth, same sign.\n");
++ fprintf(stderr,"\tAborting\n");
++ return 1;
++ }
++
++ }
+ if (image->comps[0].prec < 8) {
+- fprintf(stderr, "Unsupported number of components: %d\n", image->comps[0].prec);
++ fprintf(stderr, "imagetobmp: Unsupported precision: %d\n", image->comps[0].prec);
+ return 1;
+ }
+ if (image->numcomps >= 3 && image->comps[0].dx == image->comps[1].dx
+diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
+index 83160c3..c30079b 100644
+--- a/src/bin/jp2/opj_decompress.c
++++ b/src/bin/jp2/opj_decompress.c
+@@ -1607,7 +1607,7 @@ int main(int argc, char **argv)
+ if(dirptr->filename_buf) free(dirptr->filename_buf);
+ free(dirptr);
+ }
+- if (numDecompressedImages) {
++ if (numDecompressedImages && !failed) {
+ fprintf(stdout, "decode time: %d ms\n", (int)( (tCumulative * 1000.0) / (OPJ_FLOAT64)numDecompressedImages));
+ }
+ return failed ? EXIT_FAILURE : EXIT_SUCCESS;
+diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
+index 66802bb..b6daa32 100644
+--- a/src/lib/openjp2/j2k.c
++++ b/src/lib/openjp2/j2k.c
+@@ -2158,7 +2158,7 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k,
+ i, l_img_comp->dx, l_img_comp->dy);
+ return OPJ_FALSE;
+ }
+- if( l_img_comp->prec > 38) { /* TODO openjpeg won't handle more than ? */
++ if( l_img_comp->prec < 1 || l_img_comp->prec > 38) { /* TODO openjpeg won't handle more than ? */
+ opj_event_msg(p_manager, EVT_ERROR,
+ "Invalid values for comp = %d : prec=%u (should be between 1 and 38 according to the JPEG2000 norm)\n",
+ i, l_img_comp->prec);
+@@ -10029,7 +10029,11 @@ OPJ_BOOL opj_j2k_decode(opj_j2k_t * p_j2k,
+ /* Move data and copy one information from codec to output image*/
+ for (compno = 0; compno < p_image->numcomps; compno++) {
+ p_image->comps[compno].resno_decoded = p_j2k->m_output_image->comps[compno].resno_decoded;
+- p_image->comps[compno].data = p_j2k->m_output_image->comps[compno].data;
++ p_image->comps[compno].data = p_j2k->m_output_image->comps[compno].data;
++
++ if(p_image->comps[compno].data == NULL) return OPJ_FALSE;
++
++ p_j2k->m_output_image->comps[compno].data = NULL;
+ #if 0
+ char fn[256];
+ sprintf( fn, "/tmp/%d.raw", compno );
+@@ -10037,7 +10041,6 @@ OPJ_BOOL opj_j2k_decode(opj_j2k_t * p_j2k,
+ fwrite( p_image->comps[compno].data, sizeof(OPJ_INT32), p_image->comps[compno].w * p_image->comps[compno].h, debug );
+ fclose( debug );
+ #endif
+- p_j2k->m_output_image->comps[compno].data = NULL;
+ }
+
+ return OPJ_TRUE;
+@@ -10131,6 +10134,8 @@ OPJ_BOOL opj_j2k_get_tile( opj_j2k_t *p_j2k,
+
+ p_image->comps[compno].data = p_j2k->m_output_image->comps[compno].data;
+
++ if (p_image->comps[compno].data == NULL) return OPJ_FALSE;
++
+ p_j2k->m_output_image->comps[compno].data = NULL;
+ }
+