aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/dtc-add-missing-symbols-to-lds.patch59
-rw-r--r--gnu/packages/patches/fossil-test-fixes.patch189
-rw-r--r--gnu/packages/patches/icedtea-remove-overrides.patch291
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-3623.patch30
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-3945.patch94
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-3990.patch31
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-3991.patch123
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-5314.patch45
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-5321.patch25
-rw-r--r--gnu/packages/patches/libtiff-CVE-2016-5323.patch88
-rw-r--r--gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch15
11 files changed, 495 insertions, 495 deletions
diff --git a/gnu/packages/patches/dtc-add-missing-symbols-to-lds.patch b/gnu/packages/patches/dtc-add-missing-symbols-to-lds.patch
new file mode 100644
index 0000000000..ccece0f466
--- /dev/null
+++ b/gnu/packages/patches/dtc-add-missing-symbols-to-lds.patch
@@ -0,0 +1,59 @@
+From a4b093f7366fdb429ca1781144d3985fa50d0fbb Mon Sep 17 00:00:00 2001
+From: Julien Grall <julien.grall@linaro.org>
+Date: Tue, 17 Mar 2015 16:00:34 +0000
+Subject: [PATCH] libfdt: Add missing functions to shared library
+
+The commit 4e76ec7 "libfdt: Add fdt_next_subnode() to permit easy
+subnode iteration" adds new functions (fdt_{first,next}_subnode) but
+forgot to mark them as 'global' in the shared library.
+
+Signed-off-by: Julien Grall <julien.grall@linaro.org>
+---
+ libfdt/version.lds | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libfdt/version.lds b/libfdt/version.lds
+index 80b322b..941208e 100644
+--- a/libfdt/version.lds
++++ b/libfdt/version.lds
+@@ -54,6 +54,8 @@ LIBFDT_1.2 {
+ fdt_get_property_by_offset;
+ fdt_getprop_by_offset;
+ fdt_next_property_offset;
++ fdt_first_subnode;
++ fdt_next_subnode;
+
+ local:
+ *;
+From f58799be130e27cc729cb2d45566daa0bb3b8605 Mon Sep 17 00:00:00 2001
+From: David Gibson <david@gibson.dropbear.id.au>
+Date: Tue, 1 Dec 2015 12:55:21 +1100
+Subject: [PATCH] libfdt: Add some missing symbols to version.lds
+
+Several functions in the header file were missing from the version.lds
+script, meaning that they couldn't be used from a libfdt shared library.
+
+Reported by Ken Aaker, via github issue tracker.
+
+Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
+---
+ libfdt/version.lds | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/libfdt/version.lds b/libfdt/version.lds
+index f19f157..1f4e1ea 100644
+--- a/libfdt/version.lds
++++ b/libfdt/version.lds
+@@ -57,6 +57,10 @@ LIBFDT_1.2 {
+ fdt_next_property_offset;
+ fdt_first_subnode;
+ fdt_next_subnode;
++ fdt_address_cells;
++ fdt_size_cells;
++ fdt_stringlist_contains;
++ fdt_resize;
+
+ local:
+ *;
+--
+2.8.1
diff --git a/gnu/packages/patches/fossil-test-fixes.patch b/gnu/packages/patches/fossil-test-fixes.patch
deleted file mode 100644
index e6c9f3dd74..0000000000
--- a/gnu/packages/patches/fossil-test-fixes.patch
+++ /dev/null
@@ -1,189 +0,0 @@
-From upstream commit https://www.fossil-scm.org/fossil/info/19c216391a0ad79e
-
---- fossil-src-1.34/test/file1.test
-+++ fossil-src-1.34/test/file1.test
-@@ -15,10 +15,12 @@
- #
- ############################################################################
- #
- # File utilities
- #
-+
-+repo_init
-
- proc simplify-name {testname args} {
- set i 1
- foreach {path result} $args {
- fossil test-simplify-name $path
-@@ -65,10 +67,13 @@
-
- if {$::tcl_platform(os)=="Windows NT"} {
- simplify-name 108 //?/a:/a/b a:/a/b //?/UNC/a/b //a/b //?/ {}
- simplify-name 109 \\\\?\\a:\\a\\b a:/a/b \\\\?\\UNC\\a\\b //a/b \\\\?\\ {}
- }
-+
-+# This is needed because we are now running outside of the Fossil checkout.
-+file mkdir file1; cd file1
-
- # Those directories are only needed for the testcase being able to "--chdir" to it.
- file mkdir test1
- file mkdir test1/test2
-
-From upstream commit https://www.fossil-scm.org/fossil/info/ad6de6383391bd4d
-
---- fossil-src-1.34/test/utf.test
-+++ fossil-src-1.34/test/utf.test
-@@ -39,26 +39,29 @@
- test utf-check-$testname.$i {$::RESULT eq $result}
- incr i
- }
- }
-
-+unset -nocomplain enc
- array set enc [list \
- 0 binary \
- 1 binary \
- 2 unicode \
- 3 unicode-reverse \
- ]
-
-+unset -nocomplain bom
- array set bom [list \
- 0 "" \
- 1 \xEF\xBB\xBF \
- 2 [expr {$tcl_platform(byteOrder) eq "littleEndian" ? \
- "\xFF\xFE" : "\xFE\xFF"}] \
- 3 [expr {$tcl_platform(byteOrder) eq "littleEndian" ? \
- "\xFE\xFF" : "\xFF\xFE"}] \
- ]
-
-+unset -nocomplain data
- array set data [list \
- 0 "" \
- 1 \r \
- 2 \n \
- 3 \r\n \
-@@ -239,10 +242,11 @@
- 178 \xF4\x90\x80\x80\r \
- 179 \xF4\x90\x80\x80\n \
- 180 \xF4\x90\x80\x80\r\n \
- ]
-
-+unset -nocomplain extraData
- array set extraData [list \
- 0 "" \
- 1 Z \
- ]
-
-Backport from upstream https://www.fossil-scm.org/fossil/info/60285f5876512817
-with additional non-zero exit in case of failures.
-
---- fossil-src-1.34/test/merge6.test
-+++ fossil-src-1.34/test/merge6.test
-@@ -62,6 +62,6 @@
- fossil ls
-
- test merge_multi-4 {[normalize_result] eq {f1
- f2
- f3
--f4}}
-+f4}} knownBug
-
---- fossil-src-1.34/test/merge_renames.test
-+++ fossil-src-1.34/test/merge_renames.test
-@@ -156,13 +156,13 @@
- }
-
- if {$deletes!=0} {
- # failed
- protOut "Error, the merge should not delete any file"
-- test merge_renames-2 0
-+ test merge_renames-3 0
- } else {
-- test merge_renames-2 1
-+ test merge_renames-3 1
- }
-
- ######################################
- # Test 4 #
- # Reported: Ticket [67176c3aa4] #
-@@ -198,14 +198,14 @@
-
- fossil ls
-
- test merge_renames-5 {[normalize_result] eq {f1
- f2
--f3}}
-+f3}} knownBug
-
- ######################################
- #
- # Tests for troubles not specifically linked with renames but that I'd like to
- # write:
- # [c26c63eb1b] - 'merge --backout' does not handle conflicts properly
- # [953031915f] - Lack of warning when overwriting extra files
- # [4df5f38f1e] - Troubles merging a file delete with a file change
-
---- fossil-src-1.34/test/tester.tcl
-+++ fossil-src-1.34/test/tester.tcl
-@@ -58,10 +58,18 @@
- set VERBOSE 1
- set argv [lreplace $argv $i $i]
- } else {
- set VERBOSE 0
- }
-+
-+set i [lsearch $argv -strict]
-+if {$i>=0} {
-+ set STRICT 1
-+ set argv [lreplace $argv $i $i]
-+} else {
-+ set STRICT 0
-+}
-
- if {[llength $argv]==0} {
- foreach f [lsort [glob $testdir/*.test]] {
- set base [file root [file tail $f]]
- lappend argv $base
-@@ -327,20 +335,30 @@
- }
-
- # Perform a test
- #
- set test_count 0
--proc test {name expr} {
-+proc test {name expr {constraints ""}} {
- global bad_test test_count
- incr test_count
-+ set knownBug [expr {"knownBug" in $constraints}]
- set r [uplevel 1 [list expr $expr]]
- if {$r} {
-- protOut "test $name OK"
-+ if {$knownBug && !$::STRICT} {
-+ protOut "test $name OK (knownBug)?"
-+ } else {
-+ protOut "test $name OK"
-+ }
- } else {
-- protOut "test $name FAILED!"
-- lappend bad_test $name
-- if {$::HALT} exit
-+ if {$knownBug && !$::STRICT} {
-+ protOut "test $name FAILED (knownBug)!"
-+ } else {
-+ protOut "test $name FAILED!"
-+ if {$::VERBOSE} {protOut "RESULT: $RESULT"}
-+ lappend bad_test $name
-+ if {$::HALT} exit
-+ }
- }
- }
- set bad_test {}
-
- # Return a random string N characters long.
-@@ -445,4 +455,5 @@
- protOut "***** Final result: $nErr errors out of $test_count tests"
- if {$nErr>0} {
- protOut "***** Failures: $bad_test"
-+ exit 1
- }
diff --git a/gnu/packages/patches/icedtea-remove-overrides.patch b/gnu/packages/patches/icedtea-remove-overrides.patch
deleted file mode 100644
index e4d68a9e58..0000000000
--- a/gnu/packages/patches/icedtea-remove-overrides.patch
+++ /dev/null
@@ -1,291 +0,0 @@
-Upstream patch:
-http://icedtea.classpath.org/hg/icedtea6/rev/60be25a84f2d
-
-Fixes build failure:
-http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2954
-
-Changes to the files 'NEWS' and 'ChangeLog' are omitted here.
-
-# HG changeset patch
-# User Andrew John Hughes <gnu.andrew@redhat.com>
-# Date 1463144538 -3600
-# Node ID 60be25a84f2dd2bce8ff277cc3854cca1b3f7931
-# Parent c23ceebb80a19a33316f1e743eb93bdf79aac220
-PR2954: ecj/override.patch is missing new @Overrides in RMIJRMPServerImpl.java
-
-2016-05-13 Andrew John Hughes <gnu.andrew@redhat.com>
-
- PR2954: ecj/override.patch is missing new
- @Overrides in RMIJRMPServerImpl.java
- * patches/ecj/override.patch:
- Add cases in RMIJRMPServerImpl and others
- which show up when source/target 5 is
- used in the rt-class-files pre-build.
- * patches/openjdk/8014205-blank_swing_dialogs_windows.patch:
- Remove addition of @Override.
-
-diff -r c23ceebb80a1 -r 60be25a84f2d patches/ecj/override.patch
---- a/patches/ecj/override.patch Sun May 08 21:28:21 2016 +0100
-+++ b/patches/ecj/override.patch Fri May 13 14:02:18 2016 +0100
-@@ -362,3 +362,240 @@
- public Class<?> run() {
- try {
- ReflectUtil.checkPackageAccess(className);
-+diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java
-+--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/interceptor/DefaultMBeanServerInterceptor.java Thu May 12 01:30:54 2016 +0100
-+@@ -1870,7 +1870,6 @@
-+
-+ private ModifiableClassLoaderRepository getInstantiatorCLR() {
-+ return AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
-+- @Override
-+ public ModifiableClassLoaderRepository run() {
-+ return instantiator != null ? instantiator.getClassLoaderRepository() : null;
-+ }
-+diff -r 545db1dd8c2a src/share/classes/com/sun/media/sound/Platform.java
-+--- openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/com/sun/media/sound/Platform.java Thu May 12 01:30:54 2016 +0100
-+@@ -160,7 +160,6 @@
-+ try {
-+ // load the main library
-+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
-+- @Override
-+ public Void run() {
-+ System.loadLibrary(libNameMain);
-+ return null;
-+@@ -182,7 +181,6 @@
-+ final String lib = st.nextToken();
-+ try {
-+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
-+- @Override
-+ public Void run() {
-+ System.loadLibrary(lib);
-+ return null;
-+diff -r 545db1dd8c2a src/share/classes/java/awt/EventQueue.java
-+--- openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/java/awt/EventQueue.java Thu May 12 01:30:54 2016 +0100
-+@@ -190,7 +190,6 @@
-+ EventQueue.invokeAndWait(source, r);
-+ }
-+
-+- @Override
-+ public long getMostRecentEventTime(EventQueue eventQueue) {
-+ return eventQueue.getMostRecentEventTimeImpl();
-+ }
-+diff -r 545db1dd8c2a src/share/classes/java/io/ObjectInputStream.java
-+--- openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/java/io/ObjectInputStream.java Thu May 12 01:30:54 2016 +0100
-+@@ -3571,7 +3571,6 @@
-+ }
-+ static {
-+ SharedSecrets.setJavaObjectInputStreamAccess(new JavaObjectInputStreamAccess() {
-+- @Override
-+ public void setValidator(ObjectInputStream ois, ObjectStreamClassValidator validator) {
-+ ObjectInputStream.setValidator(ois, validator);
-+ }
-+diff -r 545db1dd8c2a src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java
-+--- openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/java/rmi/server/RemoteObjectInvocationHandler.java Thu May 12 01:30:54 2016 +0100
-+@@ -64,7 +64,6 @@
-+ final String propName = "sun.rmi.server.invocationhandler.allowFinalizeInvocation";
-+ String allowProp = java.security.AccessController.doPrivileged(
-+ new PrivilegedAction<String>() {
-+- @Override
-+ public String run() {
-+ return System.getProperty(propName);
-+ }
-+diff -r 545db1dd8c2a src/share/classes/sun/awt/image/SunVolatileImage.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/awt/image/SunVolatileImage.java Thu May 12 01:30:54 2016 +0100
-+@@ -262,7 +262,6 @@
-+ *
-+ * @see sun.java2d.DestSurfaceProvider#getDestSurface
-+ */
-+- @Override
-+ public Surface getDestSurface() {
-+ return volSurfaceManager.getPrimarySurfaceData();
-+ }
-+diff -r 545db1dd8c2a src/share/classes/sun/java2d/SunGraphics2D.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/java2d/SunGraphics2D.java Thu May 12 01:30:54 2016 +0100
-+@@ -3294,7 +3294,6 @@
-+ *
-+ * @see sun.java2d.DestSurfaceProvider#getDestSurface
-+ */
-+- @Override
-+ public Surface getDestSurface() {
-+ return surfaceData;
-+ }
-+diff -r 545db1dd8c2a src/share/classes/sun/rmi/server/UnicastServerRef.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/server/UnicastServerRef.java Thu May 12 01:30:54 2016 +0100
-+@@ -630,12 +630,10 @@
-+ this.callID = callID;
-+ }
-+
-+- @Override
-+ public void validateDescriptor(ObjectStreamClass descriptor) {
-+ descriptorCheck.check(method, descriptor, parameterIndex, callID);
-+ }
-+
-+- @Override
-+ public void checkProxyInterfaceNames(String[] ifaces) {
-+ descriptorCheck.checkProxyClass(method, ifaces, parameterIndex, callID);
-+ }
-+diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/Transport.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/Transport.java Thu May 12 01:30:54 2016 +0100
-+@@ -133,7 +133,6 @@
-+ */
-+ private static void setContextClassLoader(final ClassLoader ccl) {
-+ AccessController.doPrivileged(new PrivilegedAction<Void> () {
-+- @Override
-+ public Void run() {
-+ Thread.currentThread().setContextClassLoader(ccl);
-+ return null;
-+diff -r 545db1dd8c2a src/share/classes/sun/rmi/transport/tcp/TCPTransport.java
-+--- openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/sun/rmi/transport/tcp/TCPTransport.java Thu May 12 01:30:54 2016 +0100
-+@@ -676,7 +676,6 @@
-+ connectionCount.incrementAndGet() +
-+ ")-" + remoteHost);
-+ AccessController.doPrivileged(new PrivilegedAction<Void>() {
-+- @Override
-+ public Void run() {
-+ run0();
-+ return null;
-+diff -r 545db1dd8c2a src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java
-+--- openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/solaris/classes/sun/java2d/opengl/GLXGraphicsConfig.java Thu May 12 01:30:54 2016 +0100
-+@@ -92,7 +92,6 @@
-+ return this;
-+ }
-+
-+- @Override
-+ public SurfaceData createManagedSurface(int w, int h, int transparency) {
-+ return GLXSurfaceData.createData(this, w, h,
-+ getColorModel(transparency),
-+@@ -165,12 +164,10 @@
-+ * Returns true if the provided capability bit is present for this config.
-+ * See OGLContext.java for a list of supported capabilities.
-+ */
-+- @Override
-+ public final boolean isCapPresent(int cap) {
-+ return ((oglCaps.getCaps() & cap) != 0);
-+ }
-+
-+- @Override
-+ public final long getNativeConfigInfo() {
-+ return pConfigInfo;
-+ }
-+@@ -180,7 +177,6 @@
-+ *
-+ * @see sun.java2d.pipe.hw.BufferedContextProvider#getContext
-+ */
-+- @Override
-+ public final OGLContext getContext() {
-+ return context;
-+ }
-+@@ -394,7 +390,6 @@
-+ *
-+ * @see sun.java2d.pipe.hw.AccelGraphicsConfig#createCompatibleVolatileImage
-+ */
-+- @Override
-+ public VolatileImage
-+ createCompatibleVolatileImage(int width, int height,
-+ int transparency, int type)
-+@@ -434,17 +429,14 @@
-+ *
-+ * @see sun.java2d.pipe.hw.AccelGraphicsConfig#getContextCapabilities
-+ */
-+- @Override
-+ public ContextCapabilities getContextCapabilities() {
-+ return oglCaps;
-+ }
-+
-+- @Override
-+ public void addDeviceEventListener(AccelDeviceEventListener l) {
-+ AccelDeviceEventNotifier.addListener(l, screen.getScreen());
-+ }
-+
-+- @Override
-+ public void removeDeviceEventListener(AccelDeviceEventListener l) {
-+ AccelDeviceEventNotifier.removeListener(l);
-+ }
-+diff -r 545db1dd8c2a src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java
-+--- openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java Wed May 04 23:23:55 2016 +0100
-++++ openjdk-ecj/jdk/src/share/classes/com/sun/jmx/mbeanserver/JmxMBeanServer.java Thu May 12 01:51:42 2016 +0100
-+@@ -236,7 +236,6 @@
-+ final MBeanInstantiator fInstantiator = instantiator;
-+ this.secureClr = new
-+ SecureClassLoaderRepository(AccessController.doPrivileged(new PrivilegedAction<ClassLoaderRepository>() {
-+- @Override
-+ public ClassLoaderRepository run() {
-+ return fInstantiator.getClassLoaderRepository();
-+ }
-+@@ -1257,7 +1256,6 @@
-+ ClassLoader myLoader = outerShell.getClass().getClassLoader();
-+ final ModifiableClassLoaderRepository loaders = AccessController.doPrivileged(new PrivilegedAction<ModifiableClassLoaderRepository>() {
-+
-+- @Override
-+ public ModifiableClassLoaderRepository run() {
-+ return instantiator.getClassLoaderRepository();
-+ }
-+diff -r b72e7b89dda9 src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java
-+--- openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java Thu Sep 08 11:00:33 2011 -0700
-++++ openjdk-ecj/jdk/src/share/classes/javax/management/remote/rmi/RMIJRMPServerImpl.java Thu May 12 16:39:37 2016 +0100
-+@@ -227,17 +227,14 @@
-+ allowedTypes = credentialsTypes;
-+ }
-+
-+- @Override
-+ public String getVersion() throws RemoteException {
-+ return impl.getVersion();
-+ }
-+
-+- @Override
-+ public RMIConnection newClient(Object credentials) throws IOException {
-+ return impl.newClient(credentials);
-+ }
-+
-+- @Override
-+ public void check(Method method, ObjectStreamClass descriptor,
-+ int paramIndex, int callID) {
-+
-+@@ -247,7 +244,6 @@
-+ }
-+ }
-+
-+- @Override
-+ public void checkProxyClass(Method method, String[] ifaces,
-+ int paramIndex, int callID) {
-+ if (ifaces != null && ifaces.length > 0) {
-+@@ -259,7 +255,6 @@
-+ }
-+ }
-+
-+- @Override
-+ public void end(int callID) {
-+ /* Do nothing */
-+ }
-diff -r c23ceebb80a1 -r 60be25a84f2d patches/openjdk/8014205-blank_swing_dialogs_windows.patch
---- a/patches/openjdk/8014205-blank_swing_dialogs_windows.patch Sun May 08 21:28:21 2016 +0100
-+++ b/patches/openjdk/8014205-blank_swing_dialogs_windows.patch Fri May 13 14:02:18 2016 +0100
-@@ -116,7 +116,7 @@
- {
- if (numBands == 3 && !ccm.hasAlpha()) {
- imageType = TYPE_3BYTE_BGR;
--@@ -804,6 +801,27 @@
-+@@ -804,6 +801,26 @@
- } // else if ((raster instanceof ByteComponentRaster) &&
- }
-
-@@ -129,7 +129,6 @@
- + new PrivilegedAction<Boolean>()
- + {
- +
--+ @Override
- + public Boolean run() {
- + final ClassLoader std = System.class.getClassLoader();
- +
-
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3623.patch b/gnu/packages/patches/libtiff-CVE-2016-3623.patch
new file mode 100644
index 0000000000..08705861e3
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-3623.patch
@@ -0,0 +1,30 @@
+Fix CVE-2016-3623.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623
+http://bugzilla.maptools.org/show_bug.cgi?id=2569
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.16 -r1.17 tools/rgb2ycbcr.c
+
+Index: tools/rgb2ycbcr.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/rgb2ycbcr.c,v
+retrieving revision 1.16
+retrieving revision 1.17
+diff -u -r1.16 -r1.17
+--- libtiff/tools/rgb2ycbcr.c 21 Jun 2015 01:09:10 -0000 1.16
++++ libtiff/tools/rgb2ycbcr.c 15 Aug 2016 21:26:56 -0000 1.17
+@@ -95,9 +95,13 @@
+ break;
+ case 'h':
+ horizSubSampling = atoi(optarg);
++ if( horizSubSampling != 1 && horizSubSampling != 2 && horizSubSampling != 4 )
++ usage(-1);
+ break;
+ case 'v':
+ vertSubSampling = atoi(optarg);
++ if( vertSubSampling != 1 && vertSubSampling != 2 && vertSubSampling != 4 )
++ usage(-1);
+ break;
+ case 'r':
+ rowsperstrip = atoi(optarg);
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3945.patch b/gnu/packages/patches/libtiff-CVE-2016-3945.patch
new file mode 100644
index 0000000000..8ec62bab99
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-3945.patch
@@ -0,0 +1,94 @@
+Fix CVE-2016-3945 (integer overflow in size of allocated
+buffer, when -b mode is enabled, that could result in out-of-bounds
+write).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945
+http://bugzilla.maptools.org/show_bug.cgi?id=2545
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.21 -r1.22 tools/tiff2rgba.c
+
+Index: tools/tiff2rgba.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2rgba.c,v
+retrieving revision 1.21
+retrieving revision 1.22
+diff -u -r1.21 -r1.22
+--- libtiff/tools/tiff2rgba.c 21 Jun 2015 01:09:10 -0000 1.21
++++ libtiff/tools/tiff2rgba.c 15 Aug 2016 20:06:41 -0000 1.22
+@@ -147,6 +147,7 @@
+ uint32 row, col;
+ uint32 *wrk_line;
+ int ok = 1;
++ uint32 rastersize, wrk_linesize;
+
+ TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
+ TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height);
+@@ -163,7 +164,13 @@
+ /*
+ * Allocate tile buffer
+ */
+- raster = (uint32*)_TIFFmalloc(tile_width * tile_height * sizeof (uint32));
++ rastersize = tile_width * tile_height * sizeof (uint32);
++ if (tile_width != (rastersize / tile_height) / sizeof( uint32))
++ {
++ TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
++ exit(-1);
++ }
++ raster = (uint32*)_TIFFmalloc(rastersize);
+ if (raster == 0) {
+ TIFFError(TIFFFileName(in), "No space for raster buffer");
+ return (0);
+@@ -173,7 +180,13 @@
+ * Allocate a scanline buffer for swapping during the vertical
+ * mirroring pass.
+ */
+- wrk_line = (uint32*)_TIFFmalloc(tile_width * sizeof (uint32));
++ wrk_linesize = tile_width * sizeof (uint32);
++ if (tile_width != wrk_linesize / sizeof (uint32))
++ {
++ TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
++ exit(-1);
++ }
++ wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
+ if (!wrk_line) {
+ TIFFError(TIFFFileName(in), "No space for raster scanline buffer");
+ ok = 0;
+@@ -249,6 +262,7 @@
+ uint32 row;
+ uint32 *wrk_line;
+ int ok = 1;
++ uint32 rastersize, wrk_linesize;
+
+ TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
+ TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height);
+@@ -263,7 +277,13 @@
+ /*
+ * Allocate strip buffer
+ */
+- raster = (uint32*)_TIFFmalloc(width * rowsperstrip * sizeof (uint32));
++ rastersize = width * rowsperstrip * sizeof (uint32);
++ if (width != (rastersize / rowsperstrip) / sizeof( uint32))
++ {
++ TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
++ exit(-1);
++ }
++ raster = (uint32*)_TIFFmalloc(rastersize);
+ if (raster == 0) {
+ TIFFError(TIFFFileName(in), "No space for raster buffer");
+ return (0);
+@@ -273,7 +293,13 @@
+ * Allocate a scanline buffer for swapping during the vertical
+ * mirroring pass.
+ */
+- wrk_line = (uint32*)_TIFFmalloc(width * sizeof (uint32));
++ wrk_linesize = width * sizeof (uint32);
++ if (width != wrk_linesize / sizeof (uint32))
++ {
++ TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
++ exit(-1);
++ }
++ wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
+ if (!wrk_line) {
+ TIFFError(TIFFFileName(in), "No space for raster scanline buffer");
+ ok = 0;
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3990.patch b/gnu/packages/patches/libtiff-CVE-2016-3990.patch
new file mode 100644
index 0000000000..7641c3073b
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-3990.patch
@@ -0,0 +1,31 @@
+Fix CVE-2016-3990 (write buffer overflow in PixarLogEncode if more input
+samples are provided than expected by PixarLogSetupEncode).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990
+http://bugzilla.maptools.org/show_bug.cgi?id=2544
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.45 -r1.46 libtiff/tif_pixarlog.c
+
+Index: libtiff/tif_pixarlog.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v
+retrieving revision 1.45
+retrieving revision 1.46
+diff -u -r1.45 -r1.46
+--- libtiff/libtiff/tif_pixarlog.c 28 Jun 2016 15:37:33 -0000 1.45
++++ libtiff/libtiff/tif_pixarlog.c 15 Aug 2016 20:49:48 -0000 1.46
+@@ -1141,6 +1141,13 @@
+ }
+
+ llen = sp->stride * td->td_imagewidth;
++ /* Check against the number of elements (of size uint16) of sp->tbuf */
++ if( n > td->td_rowsperstrip * llen )
++ {
++ TIFFErrorExt(tif->tif_clientdata, module,
++ "Too many input bytes provided");
++ return 0;
++ }
+
+ for (i = 0, up = sp->tbuf; i < n; i += llen, up += llen) {
+ switch (sp->user_datafmt) {
diff --git a/gnu/packages/patches/libtiff-CVE-2016-3991.patch b/gnu/packages/patches/libtiff-CVE-2016-3991.patch
new file mode 100644
index 0000000000..cb05f0007f
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-3991.patch
@@ -0,0 +1,123 @@
+Fix CVE-2016-3991 (out-of-bounds write in loadImage()).
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991
+http://bugzilla.maptools.org/show_bug.cgi?id=2543
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.37 -r1.38 tools/tiffcrop.c
+
+Index: tools/tiffcrop.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
+retrieving revision 1.37
+retrieving revision 1.38
+diff -u -r1.37 -r1.38
+--- libtiff/tools/tiffcrop.c 11 Jul 2016 21:38:31 -0000 1.37
++++ libtiff/tools/tiffcrop.c 15 Aug 2016 21:05:40 -0000 1.38
+@@ -798,6 +798,11 @@
+ }
+
+ tile_buffsize = tilesize;
++ if (tilesize == 0 || tile_rowsize == 0)
++ {
++ TIFFError("readContigTilesIntoBuffer", "Tile size or tile rowsize is zero");
++ exit(-1);
++ }
+
+ if (tilesize < (tsize_t)(tl * tile_rowsize))
+ {
+@@ -807,7 +812,12 @@
+ tilesize, tl * tile_rowsize);
+ #endif
+ tile_buffsize = tl * tile_rowsize;
+- }
++ if (tl != (tile_buffsize / tile_rowsize))
++ {
++ TIFFError("readContigTilesIntoBuffer", "Integer overflow when calculating buffer size.");
++ exit(-1);
++ }
++ }
+
+ tilebuf = _TIFFmalloc(tile_buffsize);
+ if (tilebuf == 0)
+@@ -1210,6 +1220,12 @@
+ !TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps) )
+ return 1;
+
++ if (tilesize == 0 || tile_rowsize == 0 || tl == 0 || tw == 0)
++ {
++ TIFFError("writeBufferToContigTiles", "Tile size, tile row size, tile width, or tile length is zero");
++ exit(-1);
++ }
++
+ tile_buffsize = tilesize;
+ if (tilesize < (tsize_t)(tl * tile_rowsize))
+ {
+@@ -1219,6 +1235,11 @@
+ tilesize, tl * tile_rowsize);
+ #endif
+ tile_buffsize = tl * tile_rowsize;
++ if (tl != tile_buffsize / tile_rowsize)
++ {
++ TIFFError("writeBufferToContigTiles", "Integer overflow when calculating buffer size");
++ exit(-1);
++ }
+ }
+
+ tilebuf = _TIFFmalloc(tile_buffsize);
+@@ -5945,12 +5966,27 @@
+ TIFFGetField(in, TIFFTAG_TILELENGTH, &tl);
+
+ tile_rowsize = TIFFTileRowSize(in);
++ if (ntiles == 0 || tlsize == 0 || tile_rowsize == 0)
++ {
++ TIFFError("loadImage", "File appears to be tiled, but the number of tiles, tile size, or tile rowsize is zero.");
++ exit(-1);
++ }
+ buffsize = tlsize * ntiles;
++ if (tlsize != (buffsize / ntiles))
++ {
++ TIFFError("loadImage", "Integer overflow when calculating buffer size");
++ exit(-1);
++ }
+
+-
+ if (buffsize < (uint32)(ntiles * tl * tile_rowsize))
+ {
+ buffsize = ntiles * tl * tile_rowsize;
++ if (ntiles != (buffsize / tl / tile_rowsize))
++ {
++ TIFFError("loadImage", "Integer overflow when calculating buffer size");
++ exit(-1);
++ }
++
+ #ifdef DEBUG2
+ TIFFError("loadImage",
+ "Tilesize %u is too small, using ntiles * tilelength * tilerowsize %lu",
+@@ -5969,8 +6005,25 @@
+ TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rowsperstrip);
+ stsize = TIFFStripSize(in);
+ nstrips = TIFFNumberOfStrips(in);
++ if (nstrips == 0 || stsize == 0)
++ {
++ TIFFError("loadImage", "File appears to be striped, but the number of stipes or stripe size is zero.");
++ exit(-1);
++ }
++
+ buffsize = stsize * nstrips;
+-
++ if (stsize != (buffsize / nstrips))
++ {
++ TIFFError("loadImage", "Integer overflow when calculating buffer size");
++ exit(-1);
++ }
++ uint32 buffsize_check;
++ buffsize_check = ((length * width * spp * bps) + 7);
++ if (length != ((buffsize_check - 7) / width / spp / bps))
++ {
++ TIFFError("loadImage", "Integer overflow detected.");
++ exit(-1);
++ }
+ if (buffsize < (uint32) (((length * width * spp * bps) + 7) / 8))
+ {
+ buffsize = ((length * width * spp * bps) + 7) / 8;
diff --git a/gnu/packages/patches/libtiff-CVE-2016-5314.patch b/gnu/packages/patches/libtiff-CVE-2016-5314.patch
new file mode 100644
index 0000000000..e5380f8639
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-5314.patch
@@ -0,0 +1,45 @@
+Fix CVE-2016-5314.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314
+bugzilla.maptools.org/show_bug.cgi?id=2554
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.43 -r1.44 libtiff/tif_pixarlog.c
+
+Index: libtiff/tif_pixarlog.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v
+retrieving revision 1.43
+retrieving revision 1.44
+diff -u -r1.43 -r1.44
+--- libtiff/libtiff/tif_pixarlog.c 27 Dec 2015 20:14:11 -0000 1.43
++++ libtiff/libtiff/tif_pixarlog.c 28 Jun 2016 15:12:19 -0000 1.44
+@@ -459,6 +459,7 @@
+ typedef struct {
+ TIFFPredictorState predict;
+ z_stream stream;
++ tmsize_t tbuf_size; /* only set/used on reading for now */
+ uint16 *tbuf;
+ uint16 stride;
+ int state;
+@@ -694,6 +695,7 @@
+ sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size);
+ if (sp->tbuf == NULL)
+ return (0);
++ sp->tbuf_size = tbuf_size;
+ if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN)
+ sp->user_datafmt = PixarLogGuessDataFmt(td);
+ if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN) {
+@@ -783,6 +785,12 @@
+ TIFFErrorExt(tif->tif_clientdata, module, "ZLib cannot deal with buffers this size");
+ return (0);
+ }
++ /* Check that we will not fill more than what was allocated */
++ if (sp->stream.avail_out > sp->tbuf_size)
++ {
++ TIFFErrorExt(tif->tif_clientdata, module, "sp->stream.avail_out > sp->tbuf_size");
++ return (0);
++ }
+ do {
+ int state = inflate(&sp->stream, Z_PARTIAL_FLUSH);
+ if (state == Z_STREAM_END) {
diff --git a/gnu/packages/patches/libtiff-CVE-2016-5321.patch b/gnu/packages/patches/libtiff-CVE-2016-5321.patch
new file mode 100644
index 0000000000..2afca18e1d
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-5321.patch
@@ -0,0 +1,25 @@
+Fix CVE-2016-5321.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321
+http://bugzilla.maptools.org/show_bug.cgi?id=2558
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.35 -r1.36 tools/tiffcrop.c
+
+Index: tools/tiffcrop.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
+retrieving revision 1.35
+retrieving revision 1.36
+diff -u -r1.35 -r1.36
+--- libtiff/tools/tiffcrop.c 19 Aug 2015 02:31:04 -0000 1.35
++++ libtiff/tools/tiffcrop.c 11 Jul 2016 21:26:03 -0000 1.36
+@@ -989,7 +989,7 @@
+ nrow = (row + tl > imagelength) ? imagelength - row : tl;
+ for (col = 0; col < imagewidth; col += tw)
+ {
+- for (s = 0; s < spp; s++)
++ for (s = 0; s < spp && s < MAX_SAMPLES; s++)
+ { /* Read each plane of a tile set into srcbuffs[s] */
+ tbytes = TIFFReadTile(in, srcbuffs[s], col, row, 0, s);
+ if (tbytes < 0 && !ignore)
diff --git a/gnu/packages/patches/libtiff-CVE-2016-5323.patch b/gnu/packages/patches/libtiff-CVE-2016-5323.patch
new file mode 100644
index 0000000000..8b2a043d29
--- /dev/null
+++ b/gnu/packages/patches/libtiff-CVE-2016-5323.patch
@@ -0,0 +1,88 @@
+Fix CVE-2016-5323.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323
+http://bugzilla.maptools.org/show_bug.cgi?id=2559
+
+Patch extracted from upstream CVS repo with:
+$ cvs diff -u -r1.36 -r1.37 tools/tiffcrop.c
+
+Index: tools/tiffcrop.c
+===================================================================
+RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
+retrieving revision 1.36
+retrieving revision 1.37
+diff -u -r1.36 -r1.37
+--- libtiff/tools/tiffcrop.c 11 Jul 2016 21:26:03 -0000 1.36
++++ libtiff/tools/tiffcrop.c 11 Jul 2016 21:38:31 -0000 1.37
+@@ -3738,7 +3738,7 @@
+
+ matchbits = maskbits << (8 - src_bit - bps);
+ /* load up next sample from each plane */
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ buff1 = ((*src) & matchbits) << (src_bit);
+@@ -3837,7 +3837,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (16 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -3947,7 +3947,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (32 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -4073,7 +4073,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (64 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -4263,7 +4263,7 @@
+
+ matchbits = maskbits << (8 - src_bit - bps);
+ /* load up next sample from each plane */
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ buff1 = ((*src) & matchbits) << (src_bit);
+@@ -4362,7 +4362,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (16 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -4471,7 +4471,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (32 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
+@@ -4597,7 +4597,7 @@
+ src_bit = bit_offset % 8;
+
+ matchbits = maskbits << (64 - src_bit - bps);
+- for (s = 0; s < spp; s++)
++ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
+ {
+ src = in[s] + src_offset + src_byte;
+ if (little_endian)
diff --git a/gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch b/gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch
deleted file mode 100644
index 4ed7ab00bf..0000000000
--- a/gnu/packages/patches/xf86-video-openchrome-glibc-2.20.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Allow builds with glibc 2.20.
-Based on a patch by Peter Hutterer <peter.hutterer@who-t.net>.
-See <https://raw.githubusercontent.com/openembedded/oe-core/master/meta/recipes-graphics/xorg-driver/xf86-input-synaptics/always_include_xorg_server.h.patch>.
-
---- xf86-video-openchrome-0.3.3/src/via_3d.h.~1~ 2013-05-23 11:11:28.000000000 -0400
-+++ xf86-video-openchrome-0.3.3/src/via_3d.h 2014-12-19 01:17:04.000953259 -0500
-@@ -24,6 +24,8 @@
- #ifndef VIA_3D_H
- #define VIA_3D_H
-
-+#include <xorg-server.h>
-+
- #include "xf86.h"
- #include "via_dmabuffer.h"
-
generated by cgit v1.2.3 (git 2.45.0) at 2024-12-26 16:26:29 +0000