Merge branch 'master' into core-updates
This commit is contained in:
commit
4b4fc92fe5
15 changed files with 566 additions and 54 deletions
|
@ -626,6 +626,13 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/libtar-CVE-2013-4420.patch \
|
||||
%D%/packages/patches/libtheora-config-guess.patch \
|
||||
%D%/packages/patches/libtiff-CVE-2015-8665+CVE-2015-8683.patch \
|
||||
%D%/packages/patches/libtiff-CVE-2016-3623.patch \
|
||||
%D%/packages/patches/libtiff-CVE-2016-3945.patch \
|
||||
%D%/packages/patches/libtiff-CVE-2016-3990.patch \
|
||||
%D%/packages/patches/libtiff-CVE-2016-3991.patch \
|
||||
%D%/packages/patches/libtiff-CVE-2016-5314.patch \
|
||||
%D%/packages/patches/libtiff-CVE-2016-5321.patch \
|
||||
%D%/packages/patches/libtiff-CVE-2016-5323.patch \
|
||||
%D%/packages/patches/libtiff-oob-accesses-in-decode.patch \
|
||||
%D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \
|
||||
%D%/packages/patches/libtool-skip-tests2.patch \
|
||||
|
|
|
@ -1903,7 +1903,7 @@ (define-public deeptools
|
|||
(define-public diamond
|
||||
(package
|
||||
(name "diamond")
|
||||
(version "0.8.18")
|
||||
(version "0.8.20")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
|
@ -1912,7 +1912,7 @@ (define-public diamond
|
|||
(file-name (string-append name "-" version ".tar.gz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1r8klhbzn5cfzg9g69dd0sk4c0bd8cg1g5id8blsqi273bymm4jl"))))
|
||||
"16bhwpxqzq2nfkh9522rwcc1p97ygszjmhphz69x2jk501jf9wkg"))))
|
||||
(build-system cmake-build-system)
|
||||
(arguments
|
||||
'(#:tests? #f ; no "check" target
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
;;; Copyright © 2015, 2016 Leo Famulari <leo@famulari.name>
|
||||
;;; Copyright © 2016 Kei Kebreau <kei@openmailbox.org>
|
||||
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016 Troy Sankey <sankeytms@gmail.com>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -80,42 +81,16 @@ (define-public libical
|
|||
(define-public khal
|
||||
(package
|
||||
(name "khal")
|
||||
(version "0.7.0")
|
||||
(version "0.8.3")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "khal" version))
|
||||
(sha256
|
||||
(base32
|
||||
"00llxj7cv31mjsx0j6zxmyi9s1q20yvfkn025xcy8cv1ylfwic66"))
|
||||
(modules '((guix build utils)))
|
||||
;; Patch broken path in 'doc' Makefile.
|
||||
;; Patch sent upstream: https://github.com/geier/khal/pull/307
|
||||
(snippet
|
||||
'(substitute* "doc/source/Makefile"
|
||||
(("../../../khal/khal/settings/khal.spec")
|
||||
"../../khal/settings/khal.spec" )))))
|
||||
"1qryqs5d8jsl7j22pjjfkfdi4m8m3nn3n44b890pq85xkw599ihy"))))
|
||||
(build-system python-build-system)
|
||||
(arguments
|
||||
`(#:phases (modify-phases %standard-phases
|
||||
(add-after 'unpack 'disable-tests
|
||||
(lambda _
|
||||
;; Bug reported for test_only_update_old_event:
|
||||
;; https://github.com/geier/khal/issues/309
|
||||
(substitute* "tests/khalendar_test.py"
|
||||
(("test_only_update_old_event")
|
||||
"disabled_only_update_old_event"))
|
||||
|
||||
;; Bug reported for test_dt_two_tz:
|
||||
;; https://github.com/pimutils/khal/issues/382
|
||||
(substitute* "tests/event_test.py"
|
||||
(("test_dt_two_tz")
|
||||
"disabled_dt_two_tz"))
|
||||
;; Another timezone / DST issue:
|
||||
;; https://github.com/pimutils/khal/issues/146
|
||||
(substitute* "tests/event_test.py"
|
||||
(("test_raw_dt")
|
||||
"disabled_raw_dt"))))
|
||||
|
||||
;; Building the manpage requires khal to be installed.
|
||||
(add-after 'install 'manpage
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
|
@ -136,9 +111,11 @@ (define-public khal
|
|||
(zero? (system* "py.test" "tests")))))))
|
||||
(native-inputs
|
||||
`(("python-pytest" ,python-pytest)
|
||||
("python-pytest-cov" ,python-pytest-cov)
|
||||
("python-setuptools-scm" ,python-setuptools-scm)
|
||||
;; Required for tests
|
||||
("tzdata" ,tzdata)
|
||||
("python-freezegun" ,python-freezegun)
|
||||
;; Required to build manpage
|
||||
("python-sphinxcontrib-newsfeed" ,python-sphinxcontrib-newsfeed)
|
||||
("python-sphinx" ,python-sphinx)))
|
||||
|
|
|
@ -150,6 +150,7 @@ (define-public jpegoptim
|
|||
(define-public libtiff
|
||||
(package
|
||||
(name "libtiff")
|
||||
(replacement libtiff/fixed)
|
||||
(version "4.0.6")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
|
@ -182,6 +183,23 @@ (define-public libtiff
|
|||
"See COPYRIGHT in the distribution."))
|
||||
(home-page "http://www.remotesensing.org/libtiff/")))
|
||||
|
||||
(define libtiff/fixed
|
||||
(package
|
||||
(inherit libtiff)
|
||||
(source (origin
|
||||
(inherit (package-source libtiff))
|
||||
(patches (search-patches
|
||||
"libtiff-oob-accesses-in-decode.patch"
|
||||
"libtiff-oob-write-in-nextdecode.patch"
|
||||
"libtiff-CVE-2015-8665+CVE-2015-8683.patch"
|
||||
"libtiff-CVE-2016-3623.patch"
|
||||
"libtiff-CVE-2016-3945.patch"
|
||||
"libtiff-CVE-2016-3990.patch"
|
||||
"libtiff-CVE-2016-3991.patch"
|
||||
"libtiff-CVE-2016-5314.patch"
|
||||
"libtiff-CVE-2016-5321.patch"
|
||||
"libtiff-CVE-2016-5323.patch"))))))
|
||||
|
||||
(define-public libwmf
|
||||
(package
|
||||
(name "libwmf")
|
||||
|
|
|
@ -41,14 +41,14 @@ (define-module (gnu packages imagemagick)
|
|||
(define-public imagemagick
|
||||
(package
|
||||
(name "imagemagick")
|
||||
(version "6.9.5-7")
|
||||
(version "6.9.5-8")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append "mirror://imagemagick/ImageMagick-"
|
||||
version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"00arcvyhsy9i5gp3b0lhfvs04qwhxpmq0bfsv4ipllinb6mjgxf5"))))
|
||||
"0ds21sk1pczf2cwi62rqp6b8x2m24sb6xn82ivzh13m42phzigav"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
`(#:configure-flags '("--with-frozenpaths" "--without-gcc-arch")
|
||||
|
|
30
gnu/packages/patches/libtiff-CVE-2016-3623.patch
Normal file
30
gnu/packages/patches/libtiff-CVE-2016-3623.patch
Normal file
|
@ -0,0 +1,30 @@
|
|||
Fix CVE-2016-3623.
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2569
|
||||
|
||||
Patch extracted from upstream CVS repo with:
|
||||
$ cvs diff -u -r1.16 -r1.17 tools/rgb2ycbcr.c
|
||||
|
||||
Index: tools/rgb2ycbcr.c
|
||||
===================================================================
|
||||
RCS file: /cvs/maptools/cvsroot/libtiff/tools/rgb2ycbcr.c,v
|
||||
retrieving revision 1.16
|
||||
retrieving revision 1.17
|
||||
diff -u -r1.16 -r1.17
|
||||
--- libtiff/tools/rgb2ycbcr.c 21 Jun 2015 01:09:10 -0000 1.16
|
||||
+++ libtiff/tools/rgb2ycbcr.c 15 Aug 2016 21:26:56 -0000 1.17
|
||||
@@ -95,9 +95,13 @@
|
||||
break;
|
||||
case 'h':
|
||||
horizSubSampling = atoi(optarg);
|
||||
+ if( horizSubSampling != 1 && horizSubSampling != 2 && horizSubSampling != 4 )
|
||||
+ usage(-1);
|
||||
break;
|
||||
case 'v':
|
||||
vertSubSampling = atoi(optarg);
|
||||
+ if( vertSubSampling != 1 && vertSubSampling != 2 && vertSubSampling != 4 )
|
||||
+ usage(-1);
|
||||
break;
|
||||
case 'r':
|
||||
rowsperstrip = atoi(optarg);
|
94
gnu/packages/patches/libtiff-CVE-2016-3945.patch
Normal file
94
gnu/packages/patches/libtiff-CVE-2016-3945.patch
Normal file
|
@ -0,0 +1,94 @@
|
|||
Fix CVE-2016-3945 (integer overflow in size of allocated
|
||||
buffer, when -b mode is enabled, that could result in out-of-bounds
|
||||
write).
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2545
|
||||
|
||||
Patch extracted from upstream CVS repo with:
|
||||
$ cvs diff -u -r1.21 -r1.22 tools/tiff2rgba.c
|
||||
|
||||
Index: tools/tiff2rgba.c
|
||||
===================================================================
|
||||
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2rgba.c,v
|
||||
retrieving revision 1.21
|
||||
retrieving revision 1.22
|
||||
diff -u -r1.21 -r1.22
|
||||
--- libtiff/tools/tiff2rgba.c 21 Jun 2015 01:09:10 -0000 1.21
|
||||
+++ libtiff/tools/tiff2rgba.c 15 Aug 2016 20:06:41 -0000 1.22
|
||||
@@ -147,6 +147,7 @@
|
||||
uint32 row, col;
|
||||
uint32 *wrk_line;
|
||||
int ok = 1;
|
||||
+ uint32 rastersize, wrk_linesize;
|
||||
|
||||
TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
|
||||
TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height);
|
||||
@@ -163,7 +164,13 @@
|
||||
/*
|
||||
* Allocate tile buffer
|
||||
*/
|
||||
- raster = (uint32*)_TIFFmalloc(tile_width * tile_height * sizeof (uint32));
|
||||
+ rastersize = tile_width * tile_height * sizeof (uint32);
|
||||
+ if (tile_width != (rastersize / tile_height) / sizeof( uint32))
|
||||
+ {
|
||||
+ TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+ raster = (uint32*)_TIFFmalloc(rastersize);
|
||||
if (raster == 0) {
|
||||
TIFFError(TIFFFileName(in), "No space for raster buffer");
|
||||
return (0);
|
||||
@@ -173,7 +180,13 @@
|
||||
* Allocate a scanline buffer for swapping during the vertical
|
||||
* mirroring pass.
|
||||
*/
|
||||
- wrk_line = (uint32*)_TIFFmalloc(tile_width * sizeof (uint32));
|
||||
+ wrk_linesize = tile_width * sizeof (uint32);
|
||||
+ if (tile_width != wrk_linesize / sizeof (uint32))
|
||||
+ {
|
||||
+ TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+ wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
|
||||
if (!wrk_line) {
|
||||
TIFFError(TIFFFileName(in), "No space for raster scanline buffer");
|
||||
ok = 0;
|
||||
@@ -249,6 +262,7 @@
|
||||
uint32 row;
|
||||
uint32 *wrk_line;
|
||||
int ok = 1;
|
||||
+ uint32 rastersize, wrk_linesize;
|
||||
|
||||
TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &width);
|
||||
TIFFGetField(in, TIFFTAG_IMAGELENGTH, &height);
|
||||
@@ -263,7 +277,13 @@
|
||||
/*
|
||||
* Allocate strip buffer
|
||||
*/
|
||||
- raster = (uint32*)_TIFFmalloc(width * rowsperstrip * sizeof (uint32));
|
||||
+ rastersize = width * rowsperstrip * sizeof (uint32);
|
||||
+ if (width != (rastersize / rowsperstrip) / sizeof( uint32))
|
||||
+ {
|
||||
+ TIFFError(TIFFFileName(in), "Integer overflow when calculating raster buffer");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+ raster = (uint32*)_TIFFmalloc(rastersize);
|
||||
if (raster == 0) {
|
||||
TIFFError(TIFFFileName(in), "No space for raster buffer");
|
||||
return (0);
|
||||
@@ -273,7 +293,13 @@
|
||||
* Allocate a scanline buffer for swapping during the vertical
|
||||
* mirroring pass.
|
||||
*/
|
||||
- wrk_line = (uint32*)_TIFFmalloc(width * sizeof (uint32));
|
||||
+ wrk_linesize = width * sizeof (uint32);
|
||||
+ if (width != wrk_linesize / sizeof (uint32))
|
||||
+ {
|
||||
+ TIFFError(TIFFFileName(in), "Integer overflow when calculating wrk_line buffer");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+ wrk_line = (uint32*)_TIFFmalloc(wrk_linesize);
|
||||
if (!wrk_line) {
|
||||
TIFFError(TIFFFileName(in), "No space for raster scanline buffer");
|
||||
ok = 0;
|
31
gnu/packages/patches/libtiff-CVE-2016-3990.patch
Normal file
31
gnu/packages/patches/libtiff-CVE-2016-3990.patch
Normal file
|
@ -0,0 +1,31 @@
|
|||
Fix CVE-2016-3990 (write buffer overflow in PixarLogEncode if more input
|
||||
samples are provided than expected by PixarLogSetupEncode).
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2544
|
||||
|
||||
Patch extracted from upstream CVS repo with:
|
||||
$ cvs diff -u -r1.45 -r1.46 libtiff/tif_pixarlog.c
|
||||
|
||||
Index: libtiff/tif_pixarlog.c
|
||||
===================================================================
|
||||
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v
|
||||
retrieving revision 1.45
|
||||
retrieving revision 1.46
|
||||
diff -u -r1.45 -r1.46
|
||||
--- libtiff/libtiff/tif_pixarlog.c 28 Jun 2016 15:37:33 -0000 1.45
|
||||
+++ libtiff/libtiff/tif_pixarlog.c 15 Aug 2016 20:49:48 -0000 1.46
|
||||
@@ -1141,6 +1141,13 @@
|
||||
}
|
||||
|
||||
llen = sp->stride * td->td_imagewidth;
|
||||
+ /* Check against the number of elements (of size uint16) of sp->tbuf */
|
||||
+ if( n > td->td_rowsperstrip * llen )
|
||||
+ {
|
||||
+ TIFFErrorExt(tif->tif_clientdata, module,
|
||||
+ "Too many input bytes provided");
|
||||
+ return 0;
|
||||
+ }
|
||||
|
||||
for (i = 0, up = sp->tbuf; i < n; i += llen, up += llen) {
|
||||
switch (sp->user_datafmt) {
|
123
gnu/packages/patches/libtiff-CVE-2016-3991.patch
Normal file
123
gnu/packages/patches/libtiff-CVE-2016-3991.patch
Normal file
|
@ -0,0 +1,123 @@
|
|||
Fix CVE-2016-3991 (out-of-bounds write in loadImage()).
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2543
|
||||
|
||||
Patch extracted from upstream CVS repo with:
|
||||
$ cvs diff -u -r1.37 -r1.38 tools/tiffcrop.c
|
||||
|
||||
Index: tools/tiffcrop.c
|
||||
===================================================================
|
||||
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
|
||||
retrieving revision 1.37
|
||||
retrieving revision 1.38
|
||||
diff -u -r1.37 -r1.38
|
||||
--- libtiff/tools/tiffcrop.c 11 Jul 2016 21:38:31 -0000 1.37
|
||||
+++ libtiff/tools/tiffcrop.c 15 Aug 2016 21:05:40 -0000 1.38
|
||||
@@ -798,6 +798,11 @@
|
||||
}
|
||||
|
||||
tile_buffsize = tilesize;
|
||||
+ if (tilesize == 0 || tile_rowsize == 0)
|
||||
+ {
|
||||
+ TIFFError("readContigTilesIntoBuffer", "Tile size or tile rowsize is zero");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
|
||||
if (tilesize < (tsize_t)(tl * tile_rowsize))
|
||||
{
|
||||
@@ -807,7 +812,12 @@
|
||||
tilesize, tl * tile_rowsize);
|
||||
#endif
|
||||
tile_buffsize = tl * tile_rowsize;
|
||||
- }
|
||||
+ if (tl != (tile_buffsize / tile_rowsize))
|
||||
+ {
|
||||
+ TIFFError("readContigTilesIntoBuffer", "Integer overflow when calculating buffer size.");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+ }
|
||||
|
||||
tilebuf = _TIFFmalloc(tile_buffsize);
|
||||
if (tilebuf == 0)
|
||||
@@ -1210,6 +1220,12 @@
|
||||
!TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps) )
|
||||
return 1;
|
||||
|
||||
+ if (tilesize == 0 || tile_rowsize == 0 || tl == 0 || tw == 0)
|
||||
+ {
|
||||
+ TIFFError("writeBufferToContigTiles", "Tile size, tile row size, tile width, or tile length is zero");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+
|
||||
tile_buffsize = tilesize;
|
||||
if (tilesize < (tsize_t)(tl * tile_rowsize))
|
||||
{
|
||||
@@ -1219,6 +1235,11 @@
|
||||
tilesize, tl * tile_rowsize);
|
||||
#endif
|
||||
tile_buffsize = tl * tile_rowsize;
|
||||
+ if (tl != tile_buffsize / tile_rowsize)
|
||||
+ {
|
||||
+ TIFFError("writeBufferToContigTiles", "Integer overflow when calculating buffer size");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
}
|
||||
|
||||
tilebuf = _TIFFmalloc(tile_buffsize);
|
||||
@@ -5945,12 +5966,27 @@
|
||||
TIFFGetField(in, TIFFTAG_TILELENGTH, &tl);
|
||||
|
||||
tile_rowsize = TIFFTileRowSize(in);
|
||||
+ if (ntiles == 0 || tlsize == 0 || tile_rowsize == 0)
|
||||
+ {
|
||||
+ TIFFError("loadImage", "File appears to be tiled, but the number of tiles, tile size, or tile rowsize is zero.");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
buffsize = tlsize * ntiles;
|
||||
+ if (tlsize != (buffsize / ntiles))
|
||||
+ {
|
||||
+ TIFFError("loadImage", "Integer overflow when calculating buffer size");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
|
||||
-
|
||||
if (buffsize < (uint32)(ntiles * tl * tile_rowsize))
|
||||
{
|
||||
buffsize = ntiles * tl * tile_rowsize;
|
||||
+ if (ntiles != (buffsize / tl / tile_rowsize))
|
||||
+ {
|
||||
+ TIFFError("loadImage", "Integer overflow when calculating buffer size");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+
|
||||
#ifdef DEBUG2
|
||||
TIFFError("loadImage",
|
||||
"Tilesize %u is too small, using ntiles * tilelength * tilerowsize %lu",
|
||||
@@ -5969,8 +6005,25 @@
|
||||
TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rowsperstrip);
|
||||
stsize = TIFFStripSize(in);
|
||||
nstrips = TIFFNumberOfStrips(in);
|
||||
+ if (nstrips == 0 || stsize == 0)
|
||||
+ {
|
||||
+ TIFFError("loadImage", "File appears to be striped, but the number of stipes or stripe size is zero.");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+
|
||||
buffsize = stsize * nstrips;
|
||||
-
|
||||
+ if (stsize != (buffsize / nstrips))
|
||||
+ {
|
||||
+ TIFFError("loadImage", "Integer overflow when calculating buffer size");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
+ uint32 buffsize_check;
|
||||
+ buffsize_check = ((length * width * spp * bps) + 7);
|
||||
+ if (length != ((buffsize_check - 7) / width / spp / bps))
|
||||
+ {
|
||||
+ TIFFError("loadImage", "Integer overflow detected.");
|
||||
+ exit(-1);
|
||||
+ }
|
||||
if (buffsize < (uint32) (((length * width * spp * bps) + 7) / 8))
|
||||
{
|
||||
buffsize = ((length * width * spp * bps) + 7) / 8;
|
45
gnu/packages/patches/libtiff-CVE-2016-5314.patch
Normal file
45
gnu/packages/patches/libtiff-CVE-2016-5314.patch
Normal file
|
@ -0,0 +1,45 @@
|
|||
Fix CVE-2016-5314.
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314
|
||||
bugzilla.maptools.org/show_bug.cgi?id=2554
|
||||
|
||||
Patch extracted from upstream CVS repo with:
|
||||
$ cvs diff -u -r1.43 -r1.44 libtiff/tif_pixarlog.c
|
||||
|
||||
Index: libtiff/tif_pixarlog.c
|
||||
===================================================================
|
||||
RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v
|
||||
retrieving revision 1.43
|
||||
retrieving revision 1.44
|
||||
diff -u -r1.43 -r1.44
|
||||
--- libtiff/libtiff/tif_pixarlog.c 27 Dec 2015 20:14:11 -0000 1.43
|
||||
+++ libtiff/libtiff/tif_pixarlog.c 28 Jun 2016 15:12:19 -0000 1.44
|
||||
@@ -459,6 +459,7 @@
|
||||
typedef struct {
|
||||
TIFFPredictorState predict;
|
||||
z_stream stream;
|
||||
+ tmsize_t tbuf_size; /* only set/used on reading for now */
|
||||
uint16 *tbuf;
|
||||
uint16 stride;
|
||||
int state;
|
||||
@@ -694,6 +695,7 @@
|
||||
sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size);
|
||||
if (sp->tbuf == NULL)
|
||||
return (0);
|
||||
+ sp->tbuf_size = tbuf_size;
|
||||
if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN)
|
||||
sp->user_datafmt = PixarLogGuessDataFmt(td);
|
||||
if (sp->user_datafmt == PIXARLOGDATAFMT_UNKNOWN) {
|
||||
@@ -783,6 +785,12 @@
|
||||
TIFFErrorExt(tif->tif_clientdata, module, "ZLib cannot deal with buffers this size");
|
||||
return (0);
|
||||
}
|
||||
+ /* Check that we will not fill more than what was allocated */
|
||||
+ if (sp->stream.avail_out > sp->tbuf_size)
|
||||
+ {
|
||||
+ TIFFErrorExt(tif->tif_clientdata, module, "sp->stream.avail_out > sp->tbuf_size");
|
||||
+ return (0);
|
||||
+ }
|
||||
do {
|
||||
int state = inflate(&sp->stream, Z_PARTIAL_FLUSH);
|
||||
if (state == Z_STREAM_END) {
|
25
gnu/packages/patches/libtiff-CVE-2016-5321.patch
Normal file
25
gnu/packages/patches/libtiff-CVE-2016-5321.patch
Normal file
|
@ -0,0 +1,25 @@
|
|||
Fix CVE-2016-5321.
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2558
|
||||
|
||||
Patch extracted from upstream CVS repo with:
|
||||
$ cvs diff -u -r1.35 -r1.36 tools/tiffcrop.c
|
||||
|
||||
Index: tools/tiffcrop.c
|
||||
===================================================================
|
||||
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
|
||||
retrieving revision 1.35
|
||||
retrieving revision 1.36
|
||||
diff -u -r1.35 -r1.36
|
||||
--- libtiff/tools/tiffcrop.c 19 Aug 2015 02:31:04 -0000 1.35
|
||||
+++ libtiff/tools/tiffcrop.c 11 Jul 2016 21:26:03 -0000 1.36
|
||||
@@ -989,7 +989,7 @@
|
||||
nrow = (row + tl > imagelength) ? imagelength - row : tl;
|
||||
for (col = 0; col < imagewidth; col += tw)
|
||||
{
|
||||
- for (s = 0; s < spp; s++)
|
||||
+ for (s = 0; s < spp && s < MAX_SAMPLES; s++)
|
||||
{ /* Read each plane of a tile set into srcbuffs[s] */
|
||||
tbytes = TIFFReadTile(in, srcbuffs[s], col, row, 0, s);
|
||||
if (tbytes < 0 && !ignore)
|
88
gnu/packages/patches/libtiff-CVE-2016-5323.patch
Normal file
88
gnu/packages/patches/libtiff-CVE-2016-5323.patch
Normal file
|
@ -0,0 +1,88 @@
|
|||
Fix CVE-2016-5323.
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323
|
||||
http://bugzilla.maptools.org/show_bug.cgi?id=2559
|
||||
|
||||
Patch extracted from upstream CVS repo with:
|
||||
$ cvs diff -u -r1.36 -r1.37 tools/tiffcrop.c
|
||||
|
||||
Index: tools/tiffcrop.c
|
||||
===================================================================
|
||||
RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v
|
||||
retrieving revision 1.36
|
||||
retrieving revision 1.37
|
||||
diff -u -r1.36 -r1.37
|
||||
--- libtiff/tools/tiffcrop.c 11 Jul 2016 21:26:03 -0000 1.36
|
||||
+++ libtiff/tools/tiffcrop.c 11 Jul 2016 21:38:31 -0000 1.37
|
||||
@@ -3738,7 +3738,7 @@
|
||||
|
||||
matchbits = maskbits << (8 - src_bit - bps);
|
||||
/* load up next sample from each plane */
|
||||
- for (s = 0; s < spp; s++)
|
||||
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
|
||||
{
|
||||
src = in[s] + src_offset + src_byte;
|
||||
buff1 = ((*src) & matchbits) << (src_bit);
|
||||
@@ -3837,7 +3837,7 @@
|
||||
src_bit = bit_offset % 8;
|
||||
|
||||
matchbits = maskbits << (16 - src_bit - bps);
|
||||
- for (s = 0; s < spp; s++)
|
||||
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
|
||||
{
|
||||
src = in[s] + src_offset + src_byte;
|
||||
if (little_endian)
|
||||
@@ -3947,7 +3947,7 @@
|
||||
src_bit = bit_offset % 8;
|
||||
|
||||
matchbits = maskbits << (32 - src_bit - bps);
|
||||
- for (s = 0; s < spp; s++)
|
||||
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
|
||||
{
|
||||
src = in[s] + src_offset + src_byte;
|
||||
if (little_endian)
|
||||
@@ -4073,7 +4073,7 @@
|
||||
src_bit = bit_offset % 8;
|
||||
|
||||
matchbits = maskbits << (64 - src_bit - bps);
|
||||
- for (s = 0; s < spp; s++)
|
||||
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
|
||||
{
|
||||
src = in[s] + src_offset + src_byte;
|
||||
if (little_endian)
|
||||
@@ -4263,7 +4263,7 @@
|
||||
|
||||
matchbits = maskbits << (8 - src_bit - bps);
|
||||
/* load up next sample from each plane */
|
||||
- for (s = 0; s < spp; s++)
|
||||
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
|
||||
{
|
||||
src = in[s] + src_offset + src_byte;
|
||||
buff1 = ((*src) & matchbits) << (src_bit);
|
||||
@@ -4362,7 +4362,7 @@
|
||||
src_bit = bit_offset % 8;
|
||||
|
||||
matchbits = maskbits << (16 - src_bit - bps);
|
||||
- for (s = 0; s < spp; s++)
|
||||
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
|
||||
{
|
||||
src = in[s] + src_offset + src_byte;
|
||||
if (little_endian)
|
||||
@@ -4471,7 +4471,7 @@
|
||||
src_bit = bit_offset % 8;
|
||||
|
||||
matchbits = maskbits << (32 - src_bit - bps);
|
||||
- for (s = 0; s < spp; s++)
|
||||
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
|
||||
{
|
||||
src = in[s] + src_offset + src_byte;
|
||||
if (little_endian)
|
||||
@@ -4597,7 +4597,7 @@
|
||||
src_bit = bit_offset % 8;
|
||||
|
||||
matchbits = maskbits << (64 - src_bit - bps);
|
||||
- for (s = 0; s < spp; s++)
|
||||
+ for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++)
|
||||
{
|
||||
src = in[s] + src_offset + src_byte;
|
||||
if (little_endian)
|
|
@ -7216,13 +7216,13 @@ (define-public python-pytest-xprocess
|
|||
(define-public python-icalendar
|
||||
(package
|
||||
(name "python-icalendar")
|
||||
(version "3.9.1")
|
||||
(version "3.10")
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "icalendar" version))
|
||||
(sha256
|
||||
(base32
|
||||
"0fhrczdj3jxy5bvswphp3vys7vwv5c9bpwg7asykqwa3z6253q6q"))))
|
||||
"01amnk3621s7fagfla86npd25knbqirchg7h1jpqxqp103d02bs7"))))
|
||||
(build-system python-build-system)
|
||||
(propagated-inputs
|
||||
`(("python-dateutil-2" ,python-dateutil-2)
|
||||
|
@ -10218,3 +10218,43 @@ (define-public python2-url
|
|||
(native-inputs
|
||||
`(("python2-setuptools" ,python2-setuptools)
|
||||
,@(package-native-inputs base))))))
|
||||
|
||||
(define-public python-freezegun
|
||||
(package
|
||||
(name "python-freezegun")
|
||||
(version "0.3.7")
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri (pypi-uri "freezegun" version))
|
||||
(sha256
|
||||
(base32
|
||||
"14l19x06v5jkq4rdwbmfyw4x9lrjb2300afrk21r1ash7y1y9a0w"))))
|
||||
(build-system python-build-system)
|
||||
(native-inputs
|
||||
`(("python-mock" ,python-mock)
|
||||
("python-nose" ,python-nose)
|
||||
("python-coverage" ,python-coverage)
|
||||
("python-dateutil-2" ,python-dateutil-2)))
|
||||
(inputs
|
||||
`(("python-six" ,python-six)))
|
||||
(arguments
|
||||
`(#:phases (modify-phases %standard-phases
|
||||
;; The tests are normally executed via `make test`, but the PyPi
|
||||
;; package does not include the Makefile.
|
||||
(replace 'check
|
||||
(lambda _
|
||||
(zero? (system* "nosetests" "./tests/")))))))
|
||||
(home-page "https://github.com/spulec/freezegun")
|
||||
(synopsis "Test utility for mocking the datetime module")
|
||||
(description
|
||||
"FreezeGun is a library that allows your python tests to travel through
|
||||
time by mocking the datetime module.")
|
||||
(license license:asl2.0)))
|
||||
|
||||
(define-public python2-freezegun
|
||||
(let ((base (package-with-python2 (strip-python2-variant python-freezegun))))
|
||||
(package (inherit base)
|
||||
(native-inputs
|
||||
`(("python2-setuptools" ,python2-setuptools)
|
||||
,@(package-native-inputs base))))))
|
||||
|
|
|
@ -4120,21 +4120,18 @@ (define-public ruby-concurrent
|
|||
`(#:test-target "spec"
|
||||
#:phases
|
||||
(modify-phases %standard-phases
|
||||
(add-before 'build 'remove-git-lsfiles-and-extra-gemspecs
|
||||
(lambda _
|
||||
(for-each (lambda (file)
|
||||
(substitute* file
|
||||
(("git ls-files") "find * |sort")))
|
||||
(list "concurrent-ruby.gemspec"
|
||||
"support/file_map.rb"))
|
||||
#t))
|
||||
(add-before 'build 'remove-extra-gemspecs
|
||||
(add-before 'replace-git-ls-files 'remove-extra-gemspecs
|
||||
(lambda _
|
||||
;; Delete extra gemspec files so 'first-gemspec' chooses the
|
||||
;; correct one.
|
||||
(delete-file "concurrent-ruby-edge.gemspec")
|
||||
(delete-file "concurrent-ruby-ext.gemspec")
|
||||
#t))
|
||||
(add-before 'build 'replace-git-ls-files2
|
||||
(lambda _
|
||||
(substitute* "support/file_map.rb"
|
||||
(("git ls-files") "find * |sort"))
|
||||
#t))
|
||||
(add-before 'check 'rake-compile
|
||||
;; Fix the test error described at
|
||||
;; https://github.com/ruby-concurrency/concurrent-ruby/pull/408
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2015 David Thompson <davet@gnu.org>
|
||||
;;; Copyright © 2015 Pjotr Prins <pjotr.public01@thebird.nl>
|
||||
;;; Copyright © 2015 Ben Woodcroft <donttrustben@gmail.com>
|
||||
;;; Copyright © 2015, 2016 Ben Woodcroft <donttrustben@gmail.com>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
|
@ -69,6 +69,16 @@ (define* (unpack #:key source #:allow-other-keys)
|
|||
(define (first-gemspec)
|
||||
(first-matching-file "\\.gemspec$"))
|
||||
|
||||
(define* (replace-git-ls-files #:key source #:allow-other-keys)
|
||||
"Many gemspec files downloaded from outside rubygems.org use `git ls-files`
|
||||
to list of the files to be included in the built gem. However, since this
|
||||
operation is not deterministic, we replace it with `find`."
|
||||
(when (not (gem-archive? source))
|
||||
(let ((gemspec (first-gemspec)))
|
||||
(substitute* gemspec
|
||||
(("`git ls-files`") "`find . -type f |sort`"))))
|
||||
#t)
|
||||
|
||||
(define* (extract-gemspec #:key source #:allow-other-keys)
|
||||
"Remove the original gemspec, if present, and replace it with a new one.
|
||||
This avoids issues with upstream gemspecs requiring tools such as git to
|
||||
|
@ -120,27 +130,54 @@ (define* (install #:key inputs outputs (gem-flags '())
|
|||
1))
|
||||
(out (assoc-ref outputs "out"))
|
||||
(gem-home (string-append out "/lib/ruby/gems/" ruby-version ".0"))
|
||||
(gem-name (first-matching-file "\\.gem$")))
|
||||
(gem-file (first-matching-file "\\.gem$"))
|
||||
(gem-file-basename (basename gem-file))
|
||||
(gem-name (substring gem-file-basename
|
||||
0
|
||||
(- (string-length gem-file-basename) 4)))
|
||||
(gem-directory (string-append gem-home "/gems/" gem-name)))
|
||||
(setenv "GEM_HOME" gem-home)
|
||||
(mkdir-p gem-home)
|
||||
(and (apply system* "gem" "install" gem-name
|
||||
(and (apply system* "gem" "install" gem-file
|
||||
"--local" "--ignore-dependencies"
|
||||
;; Executables should go into /bin, not /lib/ruby/gems.
|
||||
"--bindir" (string-append out "/bin")
|
||||
gem-flags)
|
||||
;; Remove the cached gem file as this is unnecessary and contains
|
||||
;; timestamped files rendering builds not reproducible.
|
||||
(begin (delete-file (string-append gem-home "/cache/" gem-name))
|
||||
#t))))
|
||||
(begin
|
||||
;; Remove the cached gem file as this is unnecessary and contains
|
||||
;; timestamped files rendering builds not reproducible.
|
||||
(let ((cached-gem (string-append gem-home "/cache/" gem-file)))
|
||||
(log-file-deletion cached-gem)
|
||||
(delete-file cached-gem))
|
||||
;; For gems with native extensions, several Makefile-related files
|
||||
;; are created that contain timestamps or other elements making
|
||||
;; them not reproducible. They are unnecessary so we remove them.
|
||||
(if (file-exists? (string-append gem-directory "/ext"))
|
||||
(begin
|
||||
(for-each (lambda (file)
|
||||
(log-file-deletion file)
|
||||
(delete-file file))
|
||||
(append
|
||||
(find-files (string-append gem-home "/doc")
|
||||
"page-Makefile.ri")
|
||||
(find-files (string-append gem-home "/extensions")
|
||||
"gem_make.out")
|
||||
(find-files (string-append gem-directory "/ext")
|
||||
"Makefile")))))
|
||||
#t))))
|
||||
|
||||
(define (log-file-deletion file)
|
||||
(display (string-append "deleting '" file "' for reproducibility\n")))
|
||||
|
||||
(define %standard-phases
|
||||
(modify-phases gnu:%standard-phases
|
||||
(delete 'configure)
|
||||
(add-before 'build 'extract-gemspec extract-gemspec)
|
||||
(replace 'build build)
|
||||
(replace 'unpack unpack)
|
||||
(replace 'install install)
|
||||
(replace 'check check)))
|
||||
(add-before 'build 'extract-gemspec extract-gemspec)
|
||||
(add-after 'extract-gemspec 'replace-git-ls-files replace-git-ls-files)
|
||||
(replace 'build build)
|
||||
(replace 'check check)
|
||||
(replace 'install install)))
|
||||
|
||||
(define* (ruby-build #:key inputs (phases %standard-phases)
|
||||
#:allow-other-keys #:rest args)
|
||||
|
|
Loading…
Reference in a new issue