From: "Andreas Sturmlechner" <asturm@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: app-text/poppler/files/, app-text/poppler/
Date: Fri, 24 Nov 2017 23:08:03 +0000 (UTC) [thread overview]
Message-ID: <1511564781.2822a0cd48e39c110535322754120681a3cfe8f1.asturm@gentoo> (raw)
commit: 2822a0cd48e39c110535322754120681a3cfe8f1
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
AuthorDate: Fri Nov 24 21:12:10 2017 +0000
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Fri Nov 24 23:06:21 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2822a0cd
app-text/poppler: Fix CVE-2017-14517
Bug: https://bugs.gentoo.org/631290
Package-Manager: Portage-2.3.16, Repoman-2.3.6
.../files/poppler-0.57.0-CVE-2017-14517.patch | 27 ++++
app-text/poppler/poppler-0.57.0-r1.ebuild | 148 +++++++++++++++++++++
2 files changed, 175 insertions(+)
diff --git a/app-text/poppler/files/poppler-0.57.0-CVE-2017-14517.patch b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14517.patch
new file mode 100644
index 00000000000..6a0812cdbe8
--- /dev/null
+++ b/app-text/poppler/files/poppler-0.57.0-CVE-2017-14517.patch
@@ -0,0 +1,27 @@
+From b524efeffa8d192c2597f4612ca961adc30286f6 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Wed, 13 Sep 2017 22:58:14 +0200
+Subject: [PATCH 1/4] XRef::parseEntry: Fix crash in broken file
+
+Bug #102687
+---
+ poppler/XRef.cc | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/poppler/XRef.cc b/poppler/XRef.cc
+index 6ea0fbb6..c74f2f60 100644
+--- a/poppler/XRef.cc
++++ b/poppler/XRef.cc
+@@ -1603,6 +1603,9 @@ GBool XRef::parseEntry(Goffset offset, XRefEntry *entry)
+ {
+ GBool r;
+
++ if (unlikely(entry == nullptr))
++ return gFalse;
++
+ Object obj;
+ obj.initNull();
+ Parser parser = Parser(NULL, new Lexer(NULL,
+--
+2.14.1
+
diff --git a/app-text/poppler/poppler-0.57.0-r1.ebuild b/app-text/poppler/poppler-0.57.0-r1.ebuild
new file mode 100644
index 00000000000..7cf2072c3af
--- /dev/null
+++ b/app-text/poppler/poppler-0.57.0-r1.ebuild
@@ -0,0 +1,148 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit cmake-utils toolchain-funcs xdg-utils
+
+if [[ "${PV}" == "9999" ]] ; then
+ inherit git-r3
+ EGIT_REPO_URI="git://git.freedesktop.org/git/${PN}/${PN}"
+ SLOT="0/9999"
+else
+ SRC_URI="https://poppler.freedesktop.org/${P}.tar.xz"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+ SLOT="0/68" # CHECK THIS WHEN BUMPING!!! SUBSLOT IS libpoppler.so SOVERSION
+fi
+
+DESCRIPTION="PDF rendering library based on the xpdf-3.0 code base"
+HOMEPAGE="https://poppler.freedesktop.org/"
+
+LICENSE="GPL-2"
+IUSE="cairo cjk curl cxx debug doc +introspection +jpeg +jpeg2k +lcms nss png qt4 qt5 tiff +utils"
+
+# No test data provided
+RESTRICT="test"
+
+COMMON_DEPEND="
+ >=media-libs/fontconfig-2.6.0
+ >=media-libs/freetype-2.3.9
+ sys-libs/zlib
+ cairo? (
+ dev-libs/glib:2
+ >=x11-libs/cairo-1.10.0
+ introspection? ( >=dev-libs/gobject-introspection-1.32.1:= )
+ )
+ curl? ( net-misc/curl )
+ jpeg? ( virtual/jpeg:0 )
+ jpeg2k? ( media-libs/openjpeg:2= )
+ lcms? ( media-libs/lcms:2 )
+ nss? ( >=dev-libs/nss-3.19:0 )
+ png? ( media-libs/libpng:0= )
+ qt4? (
+ dev-qt/qtcore:4
+ dev-qt/qtgui:4
+ )
+ qt5? (
+ dev-qt/qtcore:5
+ dev-qt/qtgui:5
+ dev-qt/qtxml:5
+ )
+ tiff? ( media-libs/tiff:0 )
+"
+DEPEND="${COMMON_DEPEND}
+ virtual/pkgconfig
+"
+RDEPEND="${COMMON_DEPEND}
+ cjk? ( >=app-text/poppler-data-0.4.7 )
+"
+
+DOCS=(AUTHORS NEWS README README-XPDF TODO)
+
+PATCHES=(
+ "${FILESDIR}/${PN}-0.26.0-qt5-dependencies.patch"
+ "${FILESDIR}/${PN}-0.28.1-fix-multilib-configuration.patch"
+ "${FILESDIR}/${PN}-0.53.0-respect-cflags.patch"
+ "${FILESDIR}/${PN}-0.33.0-openjpeg2.patch"
+ "${FILESDIR}/${PN}-0.40-FindQt4.patch"
+ # Fedora backports from upstream
+ "${FILESDIR}/${P}-CVE-2017-14517.patch"
+)
+
+src_prepare() {
+ cmake-utils_src_prepare
+
+ # Clang doesn't grok this flag, the configure nicely tests that, but
+ # cmake just uses it, so remove it if we use clang
+ if [[ ${CC} == clang ]] ; then
+ sed -i -e 's/-fno-check-new//' cmake/modules/PopplerMacros.cmake || die
+ fi
+
+ if ! grep -Fq 'cmake_policy(SET CMP0002 OLD)' CMakeLists.txt ; then
+ sed '/^cmake_minimum_required/acmake_policy(SET CMP0002 OLD)' \
+ -i CMakeLists.txt || die
+ else
+ einfo "policy(SET CMP0002 OLD) - workaround can be removed"
+ fi
+
+ if tc-is-clang && [[ ${CHOST} == *-darwin* ]] ; then
+ # we need to up the C++ version, bug #622526
+ export CXX="$(tc-getCXX) -std=c++11"
+ fi
+}
+
+src_configure() {
+ xdg_environment_reset
+ local mycmakeargs=(
+ -DBUILD_GTK_TESTS=OFF
+ -DBUILD_QT4_TESTS=OFF
+ -DBUILD_QT5_TESTS=OFF
+ -DBUILD_CPP_TESTS=OFF
+ -DENABLE_SPLASH=ON
+ -DENABLE_ZLIB=ON
+ -DENABLE_ZLIB_UNCOMPRESS=OFF
+ -DENABLE_XPDF_HEADERS=ON
+ -DENABLE_LIBCURL="$(usex curl)"
+ -DENABLE_CPP="$(usex cxx)"
+ -DENABLE_UTILS="$(usex utils)"
+ -DSPLASH_CMYK=OFF
+ -DUSE_FIXEDPOINT=OFF
+ -DUSE_FLOAT=OFF
+ -DWITH_Cairo="$(usex cairo)"
+ -DWITH_GObjectIntrospection="$(usex introspection)"
+ -DWITH_JPEG="$(usex jpeg)"
+ -DWITH_NSS3="$(usex nss)"
+ -DWITH_PNG="$(usex png)"
+ -DWITH_Qt4="$(usex qt4)"
+ $(cmake-utils_use_find_package qt5 Qt5Core)
+ -DWITH_TIFF="$(usex tiff)"
+ )
+ if use jpeg; then
+ mycmakeargs+=(-DENABLE_DCTDECODER=libjpeg)
+ else
+ mycmakeargs+=(-DENABLE_DCTDECODER=none)
+ fi
+ if use jpeg2k; then
+ mycmakeargs+=(-DENABLE_LIBOPENJPEG=openjpeg2)
+ else
+ mycmakeargs+=(-DENABLE_LIBOPENJPEG=none)
+ fi
+ if use lcms; then
+ mycmakeargs+=(-DENABLE_CMS=lcms2)
+ else
+ mycmakeargs+=(-DENABLE_CMS=)
+ fi
+
+ cmake-utils_src_configure
+}
+
+src_install() {
+ cmake-utils_src_install
+
+ # live version doesn't provide html documentation
+ if use cairo && use doc && [[ ${PV} != 9999 ]]; then
+ # For now install gtk-doc there
+ insinto /usr/share/gtk-doc/html/poppler
+ doins -r "${S}"/glib/reference/html/*
+ fi
+}
next reply other threads:[~2017-11-24 23:08 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-24 23:08 Andreas Sturmlechner [this message]
-- strict thread matches above, loose matches on Subject: below --
2024-11-13 22:45 [gentoo-commits] repo/gentoo:master commit in: app-text/poppler/files/, app-text/poppler/ Andreas Sturmlechner
2024-01-18 16:45 Andreas Sturmlechner
2023-06-18 14:35 Andreas Sturmlechner
2022-02-05 20:46 Andreas Sturmlechner
2021-12-12 18:48 Sam James
2021-09-01 21:26 Sam James
2021-04-21 13:10 Lars Wendler
2021-04-06 11:06 Andreas Sturmlechner
2020-12-02 10:02 Lars Wendler
2020-05-14 17:21 Andreas Sturmlechner
2019-09-01 20:43 Andreas Sturmlechner
2018-11-03 21:46 Andreas Sturmlechner
2018-01-09 10:15 Andreas Sturmlechner
2017-12-27 23:26 Andreas Sturmlechner
2017-12-04 14:29 Lars Wendler
2017-11-24 23:08 Andreas Sturmlechner
2017-11-24 23:08 Andreas Sturmlechner
2017-11-13 10:23 Lars Wendler
2017-11-07 15:07 Lars Wendler
2017-11-06 15:29 Lars Wendler
2017-05-30 19:47 Andreas Hüttel
2017-05-10 15:12 Lars Wendler
2016-12-21 17:11 Johannes Huber
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1511564781.2822a0cd48e39c110535322754120681a3cfe8f1.asturm@gentoo \
--to=asturm@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox