aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2018-04-27 22:37:00 -0400
committerLeo Famulari <leo@famulari.name>2018-04-30 21:07:58 -0400
commitf62633ca2d4c6b3f3e54b56797dd07135571f372 (patch)
treeb109957ccb7554fa42562bb624969228203f87b7
parent6d161406659fd9166da81162db8b2f42de1cd50b (diff)
downloadpatches-f62633ca2d4c6b3f3e54b56797dd07135571f372.tar
patches-f62633ca2d4c6b3f3e54b56797dd07135571f372.tar.gz
gnu: gegl: Update to 0.4.
* gnu/packages/gimp.scm (gegl): Update to 0.4. [inputs]: Move babl and glib to propagated-inputs. [propagated-inputs]: Add json-glib. [arguments]: Re-enable the tests and remove the obsolete 'pre-build' phase. [source]: Use HTTPS URL. * gnu/packages/patches/gegl-CVE-2012-4433.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/gimp.scm36
-rw-r--r--gnu/packages/patches/gegl-CVE-2012-4433.patch117
3 files changed, 9 insertions, 145 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index a9a7e69aea..c7faab466a 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -697,7 +697,6 @@ dist_patch_DATA = \
%D%/packages/patches/gd-CVE-2018-5711.patch \
%D%/packages/patches/gd-fix-tests-on-i686.patch \
%D%/packages/patches/gd-freetype-test-failure.patch \
- %D%/packages/patches/gegl-CVE-2012-4433.patch \
%D%/packages/patches/gemma-intel-compat.patch \
%D%/packages/patches/geoclue-config.patch \
%D%/packages/patches/ghc-8.0-fall-back-to-madv_dontneed.patch \
diff --git a/gnu/packages/gimp.scm b/gnu/packages/gimp.scm
index 0f27ceb44e..64fe04b4f9 100644
--- a/gnu/packages/gimp.scm
+++ b/gnu/packages/gimp.scm
@@ -77,43 +77,25 @@ provided, as well as a framework to add new color models and data types.")
(define-public gegl
(package
(name "gegl")
- (version "0.2.0")
+ (version "0.4.0")
(source (origin
(method url-fetch)
- (uri (list (string-append "http://download.gimp.org/pub/gegl/"
+ (uri (list (string-append "https://download.gimp.org/pub/gegl/"
(string-take version 3)
"/" name "-" version ".tar.bz2")))
(sha256
(base32
- "09nlv06li9nrn74ifpm7223mxpg0s7cii702z72cpbwrjh6nlbnz"))
- (patches (search-patches "gegl-CVE-2012-4433.patch"))))
+ "1ighk4z8nlqrzyj8w97s140hzj59564l3xv6fpzbr97m1zx2nkfh"))))
(build-system gnu-build-system)
(arguments
- '(;; More than just the one test disabled below now fails; disable them
- ;; all according to the rationale given below.
- #:tests? #f
- #:configure-flags '("LDFLAGS=-lm")
- #:phases
- (modify-phases %standard-phases
- (add-before 'build 'pre-build
- (lambda _
- ;; This test program seems to crash on exit. Specifically, whilst
- ;; g_object_unreffing bufferA and bufferB - This seems to be a bug
- ;; in the destructor. This is just a test program so will not have
- ;; any wider effect, although might be hiding another problem.
- ;; According to advice received on irc.gimp.org#gegl although 0.2.0
- ;; is the latest released version, any bug reports against it will
- ;; be ignored. So we are on our own.
- (substitute* "tools/img_cmp.c"
- (("g_object_unref \\(buffer.\\);") ""))
-
- (substitute* "tests/compositions/Makefile"
- (("/bin/sh") (which "sh")))
- #t)))))
- (inputs
+ '(#:configure-flags '("LDFLAGS=-lm")))
+ ;; These are propagated to satisfy 'gegl-0.4.pc'.
+ (propagated-inputs
`(("babl" ,babl)
("glib" ,glib)
- ("cairo" ,cairo)
+ ("json-glib" ,json-glib)))
+ (inputs
+ `(("cairo" ,cairo)
("pango" ,pango)
("libpng" ,libpng)
("libjpeg" ,libjpeg-8)))
diff --git a/gnu/packages/patches/gegl-CVE-2012-4433.patch b/gnu/packages/patches/gegl-CVE-2012-4433.patch
deleted file mode 100644
index 7352b78dba..0000000000
--- a/gnu/packages/patches/gegl-CVE-2012-4433.patch
+++ /dev/null
@@ -1,117 +0,0 @@
-From: Michael Gilbert <mgilbert@debian.org>
-Date: Mon, 9 Sep 2013 17:34:32 +0200
-Subject: Fix_CVE-2012-4433
-
-Multiple buffer overflow issues.
-
-Closes: #692435
----
- operations/external/ppm-load.c | 62 ++++++++++++++++++++++++++++++++++++------
- 1 file changed, 53 insertions(+), 9 deletions(-)
-
-diff --git a/operations/external/ppm-load.c b/operations/external/ppm-load.c
-index efe6d56..465096d 100644
---- a/operations/external/ppm-load.c
-+++ b/operations/external/ppm-load.c
-@@ -36,6 +36,7 @@ gegl_chant_file_path (path, _("File"), "", _("Path of file to load."))
- #include "gegl-chant.h"
- #include <stdio.h>
- #include <stdlib.h>
-+#include <errno.h>
-
- typedef enum {
- PIXMAP_ASCII = 51,
-@@ -44,8 +45,8 @@ typedef enum {
-
- typedef struct {
- map_type type;
-- gint width;
-- gint height;
-+ glong width;
-+ glong height;
- gsize numsamples; /* width * height * channels */
- gsize bpc; /* bytes per channel */
- guchar *data;
-@@ -82,12 +83,33 @@ ppm_load_read_header(FILE *fp,
- }
-
- /* Get Width and Height */
-- img->width = strtol (header,&ptr,0);
-- img->height = atoi (ptr);
-- img->numsamples = img->width * img->height * CHANNEL_COUNT;
-+ errno = 0;
-+ img->width = strtol (header,&ptr,10);
-+ if (errno)
-+ {
-+ g_warning ("Error reading width: %s", strerror(errno));
-+ return FALSE;
-+ }
-+ else if (img->width < 0)
-+ {
-+ g_warning ("Error: width is negative");
-+ return FALSE;
-+ }
-+
-+ img->height = strtol (ptr,&ptr,10);
-+ if (errno)
-+ {
-+ g_warning ("Error reading height: %s", strerror(errno));
-+ return FALSE;
-+ }
-+ else if (img->width < 0)
-+ {
-+ g_warning ("Error: height is negative");
-+ return FALSE;
-+ }
-
- fgets (header,MAX_CHARS_IN_ROW,fp);
-- maxval = strtol (header,&ptr,0);
-+ maxval = strtol (header,&ptr,10);
-
- if ((maxval != 255) && (maxval != 65535))
- {
-@@ -109,6 +131,16 @@ ppm_load_read_header(FILE *fp,
- g_warning ("%s: Programmer stupidity error", G_STRLOC);
- }
-
-+ /* Later on, img->numsamples is multiplied with img->bpc to allocate
-+ * memory. Ensure it doesn't overflow. */
-+ if (!img->width || !img->height ||
-+ G_MAXSIZE / img->width / img->height / CHANNEL_COUNT < img->bpc)
-+ {
-+ g_warning ("Illegal width/height: %ld/%ld", img->width, img->height);
-+ return FALSE;
-+ }
-+ img->numsamples = img->width * img->height * CHANNEL_COUNT;
-+
- return TRUE;
- }
-
-@@ -229,12 +261,24 @@ process (GeglOperation *operation,
- if (!ppm_load_read_header (fp, &img))
- goto out;
-
-- rect.height = img.height;
-- rect.width = img.width;
--
- /* Allocating Array Size */
-+
-+ /* Should use g_try_malloc(), but this causes crashes elsewhere because the
-+ * error signalled by returning FALSE isn't properly acted upon. Therefore
-+ * g_malloc() is used here which aborts if the requested memory size can't be
-+ * allocated causing a controlled crash. */
- img.data = (guchar*) g_malloc (img.numsamples * img.bpc);
-
-+ /* No-op without g_try_malloc(), see above. */
-+ if (! img.data)
-+ {
-+ g_warning ("Couldn't allocate %" G_GSIZE_FORMAT " bytes, giving up.", ((gsize)img.numsamples * img.bpc));
-+ goto out;
-+ }
-+
-+ rect.height = img.height;
-+ rect.width = img.width;
-+
- switch (img.bpc)
- {
- case 1: