diff options
author | Daniel Sabogal <dsabogalcc@gmail.com> | 2016-11-22 11:25:22 -0500 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2016-11-24 06:37:52 +0000 |
commit | 1400aa953619f0e209740206eed25c2f0167d21f (patch) | |
tree | 097c863fb681af918480fe5cc710e239dc3c500a /main/mupdf | |
parent | 5e7b7fecefc250d393a58cba9ac3b889479be651 (diff) | |
download | aports-1400aa953619f0e209740206eed25c2f0167d21f.tar.bz2 aports-1400aa953619f0e209740206eed25c2f0167d21f.tar.xz |
main/mupdf: upgrade to 1.10
Diffstat (limited to 'main/mupdf')
-rw-r--r-- | main/mupdf/APKBUILD | 26 | ||||
-rw-r--r-- | main/mupdf/CVE-2016-6265.patch | 33 | ||||
-rw-r--r-- | main/mupdf/CVE-2016-6525.patch | 23 | ||||
-rw-r--r-- | main/mupdf/openjpeg-2.1.1.patch | 28 | ||||
-rw-r--r-- | main/mupdf/openjpeg-2.1.patch | 17 |
5 files changed, 26 insertions, 101 deletions
diff --git a/main/mupdf/APKBUILD b/main/mupdf/APKBUILD index a7dc678d90..589b6633a1 100644 --- a/main/mupdf/APKBUILD +++ b/main/mupdf/APKBUILD @@ -2,8 +2,8 @@ # Contributor: Michael Zhou <zhoumichaely@gmail.com> # Maintainer: Daniel Sabogal <dsabogalcc@gmail.com> pkgname=mupdf -pkgver=1.9a -pkgrel=8 +pkgver=1.10 +pkgrel=0 pkgdesc="A lightweight PDF and XPS viewer" url="http://mupdf.com" arch="all" @@ -15,9 +15,7 @@ subpackages="$pkgname-doc $pkgname-dev $pkgname-x11:_x11 $pkgname-gl:_gl $pkgname-tools:_tools" source="http://mupdf.com/downloads/archive/$pkgname-$pkgver-source.tar.gz shared-lib.patch - openjpeg-2.1.1.patch - CVE-2016-6265.patch - CVE-2016-6525.patch + openjpeg-2.1.patch " builddir="$srcdir/$pkgname-$pkgver-source" @@ -76,18 +74,12 @@ _tools() { "$subpkgdir"/usr/bin/ || return 1 } -md5sums="658b90788a57d858dcb069cf326e11c3 mupdf-1.9a-source.tar.gz +md5sums="fbe3313cc2e7455aa21cacc64262088b mupdf-1.10-source.tar.gz 8c4c5ec03c3df7e87a672c79302f6df5 shared-lib.patch -ba8b6171c4ae38662632259e1c496da1 openjpeg-2.1.1.patch -57b78ee32e4b341d93b29778c55f4ab6 CVE-2016-6265.patch -52db3b30aa98a5d15599a87038992e80 CVE-2016-6525.patch" -sha256sums="8015c55f4e6dd892d3c50db4f395c1e46660a10b460e2ecd180a497f55bbc4cc mupdf-1.9a-source.tar.gz +a5b85a55be0e958c16f900730ff24ad8 openjpeg-2.1.patch" +sha256sums="1185637a93055cdae8335db14fef3e0fbd2acadae94eabd2ec0111d89a04a667 mupdf-1.10-source.tar.gz 3ff3c9413c4c1005db7e41a085ce8e72ee1e956e8d1538a615f51f86f8bb1d14 shared-lib.patch -46f91311ce2f2972986d6d2f4a57fec5e1a556de494e52226206781942522894 openjpeg-2.1.1.patch -287b9e4764d680a66b04040c24e3f982f5aa5fce263749794df0fa57ef4f18a8 CVE-2016-6265.patch -83ab00f0d6bd5e07c286a97a815fa38e9d98df7b5d9925e6cf6fc12e20f5c31c CVE-2016-6525.patch" -sha512sums="9f804fd65c2dc6b7a3bd73961b1f1a8bf93d52903cccf6302acd6982dfa433125a3b8e77b808984921aee097877280fa21aafb87468cd0a8e4cfa900284a262b mupdf-1.9a-source.tar.gz +12ea2a295b62ca85298273d54b423ec8e73fb52d712bcee20bab0507a595b7a0 openjpeg-2.1.patch" +sha512sums="91dc77f1f785c960a4f70ee3f617b1ddda32c85015eb053c004ab3a90b899634c7e08e7eaa617a6b7b41910bb5e7e9e725fe636890e94098db1d5b61ed2b3c43 mupdf-1.10-source.tar.gz bc38cc6935ed1c5941773e0671bea25d33897c1018c30f11ff3a1ec1e583276597f521b9e526f9bd38a6f9a1e76aa3e52782995ded72a618d07811abcd7ca734 shared-lib.patch -6eb33da5f05c5e5d8fa2af7223261153769b454d535128056015819c164ff59d068354680ebc135c2221f2ae7a3b6ec99833247bfefa83e9a4bab09f243452f1 openjpeg-2.1.1.patch -a69d1db475c25f3a298c3cf3ab4858ca9298087bc9839caacc65e3bc7695c0e3dd600e3c7f5c6cd042ceb536a2cf90404c4f13a90ad0e266791cbcf329873992 CVE-2016-6265.patch -2d8300f93bfe4cf11d817b38e3879ca7eaa704e58274930ee1368f5f1e13cc9baac786421feec0d5a720dd0cbe6cd8b0d94f4a91f2dd762e6e3923fea9deb4bf CVE-2016-6525.patch" +bfb509c529e26c3d2dc827298ce3a6083640fbe3fd7491560ffb1e8f86d62bbd4a5d52721079caef8a38d6f332132b581859276000b397f9512673eedb0315a7 openjpeg-2.1.patch" diff --git a/main/mupdf/CVE-2016-6265.patch b/main/mupdf/CVE-2016-6265.patch deleted file mode 100644 index 5053aa3ef1..0000000000 --- a/main/mupdf/CVE-2016-6265.patch +++ /dev/null @@ -1,33 +0,0 @@ -From: Robin Watts <robin.watts@artifex.com> -Date: Thu, 21 Jul 2016 14:39:11 +0000 (+0100) -Subject: Bug 696941: Fix use after free. -X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff_plain;h=fa1936405b6a84e5c9bb440912c23d532772f958;hp=e98091d56afdf1cf6c9a017fa0bd35dd0b8968f0 - -Bug 696941: Fix use after free. - -The file is HORRIBLY corrupt, and triggers Sophos to think it's -PDF malware (which it isn't). It does however trigger a use -after free, worked around here. ---- - -diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c -index 576c315..3222599 100644 ---- a/source/pdf/pdf-xref.c -+++ b/source/pdf/pdf-xref.c -@@ -1184,8 +1184,14 @@ pdf_load_xref(fz_context *ctx, pdf_document *doc, pdf_lexbuf *buf) - fz_throw(ctx, FZ_ERROR_GENERIC, "object offset out of range: %d (%d 0 R)", (int)entry->ofs, i); - } - if (entry->type == 'o') -- if (entry->ofs <= 0 || entry->ofs >= xref_len || pdf_get_xref_entry(ctx, doc, entry->ofs)->type != 'n') -- fz_throw(ctx, FZ_ERROR_GENERIC, "invalid reference to an objstm that does not exist: %d (%d 0 R)", (int)entry->ofs, i); -+ { -+ /* Read this into a local variable here, because pdf_get_xref_entry -+ * may solidify the xref, hence invalidating "entry", meaning we -+ * need a stashed value for the throw. */ -+ fz_off_t ofs = entry->ofs; -+ if (ofs <= 0 || ofs >= xref_len || pdf_get_xref_entry(ctx, doc, ofs)->type != 'n') -+ fz_throw(ctx, FZ_ERROR_GENERIC, "invalid reference to an objstm that does not exist: %d (%d 0 R)", (int)ofs, i); -+ } - } - } - diff --git a/main/mupdf/CVE-2016-6525.patch b/main/mupdf/CVE-2016-6525.patch deleted file mode 100644 index 003d86bfc4..0000000000 --- a/main/mupdf/CVE-2016-6525.patch +++ /dev/null @@ -1,23 +0,0 @@ -From: Sebastian Rasmussen <sebras@gmail.com> -Date: Wed, 27 Jul 2016 14:19:39 +0000 (+0800) -Subject: Make sure that number of colors in mesh params is valid. -X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=commitdiff_plain;h=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e;hp=fa1936405b6a84e5c9bb440912c23d532772f958 - -Make sure that number of colors in mesh params is valid. - -Fixes bug 696954. ---- - -diff --git a/source/pdf/pdf-shade.c b/source/pdf/pdf-shade.c -index 7815b3c..6e25efa 100644 ---- a/source/pdf/pdf-shade.c -+++ b/source/pdf/pdf-shade.c -@@ -206,7 +206,7 @@ pdf_load_mesh_params(fz_context *ctx, pdf_document *doc, fz_shade *shade, pdf_ob - obj = pdf_dict_get(ctx, dict, PDF_NAME_Decode); - if (pdf_array_len(ctx, obj) >= 6) - { -- n = (pdf_array_len(ctx, obj) - 4) / 2; -+ n = fz_mini(FZ_MAX_COLORS, (pdf_array_len(ctx, obj) - 4) / 2); - shade->u.m.x0 = pdf_to_real(ctx, pdf_array_get(ctx, obj, 0)); - shade->u.m.x1 = pdf_to_real(ctx, pdf_array_get(ctx, obj, 1)); - shade->u.m.y0 = pdf_to_real(ctx, pdf_array_get(ctx, obj, 2)); diff --git a/main/mupdf/openjpeg-2.1.1.patch b/main/mupdf/openjpeg-2.1.1.patch deleted file mode 100644 index 80288f5378..0000000000 --- a/main/mupdf/openjpeg-2.1.1.patch +++ /dev/null @@ -1,28 +0,0 @@ ---- mupdf-1.9a-source/source/fitz/load-jpx.c.orig -+++ mupdf-1.9a-source/source/fitz/load-jpx.c -@@ -1,15 +1,7 @@ - #include "mupdf/fitz.h" - --/* Without the definition of OPJ_STATIC, compilation fails on windows -- * due to the use of __stdcall. We believe it is required on some -- * linux toolchains too. */ --#define OPJ_STATIC --#ifndef _MSC_VER --#define OPJ_HAVE_STDINT_H --#endif -+#include <openjpeg-2.1/openjpeg.h> - --#include <openjpeg.h> -- - static void fz_opj_error_callback(const char *msg, void *client_data) - { - fz_context *ctx = (fz_context *)client_data; -@@ -117,7 +109,7 @@ - opj_stream_set_read_function(stream, fz_opj_stream_read); - opj_stream_set_skip_function(stream, fz_opj_stream_skip); - opj_stream_set_seek_function(stream, fz_opj_stream_seek); -- opj_stream_set_user_data(stream, &sb); -+ opj_stream_set_user_data(stream, &sb, NULL); - /* Set the length to avoid an assert */ - opj_stream_set_user_data_length(stream, size); - diff --git a/main/mupdf/openjpeg-2.1.patch b/main/mupdf/openjpeg-2.1.patch new file mode 100644 index 0000000000..2e14db0f44 --- /dev/null +++ b/main/mupdf/openjpeg-2.1.patch @@ -0,0 +1,17 @@ +--- mupdf-1.10-source/source/fitz/load-jpx.c.orig ++++ mupdf-1.10-source/source/fitz/load-jpx.c +@@ -481,14 +481,6 @@ + + #else /* HAVE_LURATECH */ + +-/* Without the definition of OPJ_STATIC, compilation fails on windows +- * due to the use of __stdcall. We believe it is required on some +- * linux toolchains too. */ +-#define OPJ_STATIC +-#ifndef _MSC_VER +-#define OPJ_HAVE_STDINT_H +-#endif +- + #include <openjpeg.h> + + /* OpenJPEG does not provide a safe mechanism to intercept |