diff options
Diffstat (limited to 'user')
51 files changed, 1301 insertions, 271 deletions
diff --git a/user/atril/APKBUILD b/user/atril/APKBUILD index d9f1127a9..52f26e4a0 100644 --- a/user/atril/APKBUILD +++ b/user/atril/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com> pkgname=atril pkgver=1.22.1 -pkgrel=1 +pkgrel=2 pkgdesc="Document viewer for the MATE desktop environment" url="https://mate-desktop.org" arch="all" @@ -14,10 +14,16 @@ makedepends="caja-dev djvulibre-dev gobject-introspection-dev gtk+3.0-dev libxml2-dev libxml2-utils poppler-dev python3 tiff-dev" subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" source="https://pub.mate-desktop.org/releases/1.22/atril-$pkgver.tar.xz - CVE-2019-1010006.patch" + CVE-2019-1010006.patch + CVE-2019-11459.patch" + +# secfixes: +# 1.22.1-r1: +# - CVE-2019-1010006 +# 1.22.1-r2: +# - CVE-2019-11459 build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -33,14 +39,13 @@ build() { } check() { - cd "$builddir" make check } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } sha512sums="838ae397c868ac417c9266e4a06525d66214650cf8647e91c1472d83d50c8954f6dbb29411384892a98f0929e1fbac9947118bd0db10d50400fc0d5270a3619d atril-1.22.1.tar.xz -ea6db09fe033a8ddf6d90f080858057fad5452a23801e0f41f7a90ec352b71344e8b596a0913deabca333ff24dc5023628eab7c18bc526c0a7f8fb0d680acdf7 CVE-2019-1010006.patch" +38ea99130fba5ce174eb4351a8c5b2c4dd9591a81aff72876fa17581be8960f75592184e18d3653fa3286035d9e4899ca1b53e830328a64fc15d0bb4b8176b39 CVE-2019-1010006.patch +ba4ec4b0e10d87f44f189a16cfe2419906e3776edc9bc14f7da9356a8953683e3f7efc441691df131497b08b892d3b291aab416310f259ee6bc0706cc4f02880 CVE-2019-11459.patch" diff --git a/user/atril/CVE-2019-1010006.patch b/user/atril/CVE-2019-1010006.patch index ce107d193..913e40312 100644 --- a/user/atril/CVE-2019-1010006.patch +++ b/user/atril/CVE-2019-1010006.patch @@ -1,22 +1,18 @@ -From e02fe9170ad0ac2fd46c75329c4f1d4502d4a362 Mon Sep 17 00:00:00 2001 -From: Jason Crain <jcrain@src.gnome.org> -Date: Sat, 2 Dec 2017 20:24:33 -0600 -Subject: [PATCH] Fix overflow checks in tiff backend +From aa8c51c24a3d716986ace9a4104a9632436ccff5 Mon Sep 17 00:00:00 2001 +From: lukefromdc <lukefromdc@hushmail.com> +Date: Sat, 27 Jul 2019 15:07:13 -0400 +Subject: [PATCH] Fix buffer overflow in backend/tiff-document.c -The overflow checks in tiff_document_render and -tiff_document_get_thumbnail don't work when optimizations are enabled. -Change the checks so they don't rely on undefined behavior. - -https://bugzilla.gnome.org/show_bug.cgi?id=788980 + Apply https://gitlab.gnome.org/GNOME/evince/commit/e02fe9170ad0ac2fd46c75329c4f1d4502d4a362 --- - backend/tiff/tiff-document.c | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) + backend/tiff/tiff-document.c | 17 ++++++++++------- + 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/backend/tiff/tiff-document.c b/backend/tiff/tiff-document.c -index 8f40934e..7bf95c2b 100644 +index 0aa31cb6..94adc400 100644 --- a/backend/tiff/tiff-document.c +++ b/backend/tiff/tiff-document.c -@@ -284,12 +284,12 @@ tiff_document_render (EvDocument *document, +@@ -268,13 +268,14 @@ tiff_document_render (EvDocument *document, return NULL; } @@ -27,11 +23,13 @@ index 8f40934e..7bf95c2b 100644 /* overflow */ return NULL; } -+ bytes = height * rowstride; ++ bytes = height * rowstride; ++ pixels = g_try_malloc (bytes); if (!pixels) { -@@ -374,15 +374,15 @@ tiff_document_get_thumbnail (EvDocument *document, + g_warning("Failed to allocate memory for rendering."); +@@ -356,15 +357,17 @@ tiff_document_render_pixbuf (EvDocument *document, if (width <= 0 || height <= 0) return NULL; @@ -40,17 +38,17 @@ index 8f40934e..7bf95c2b 100644 + if (width >= INT_MAX / 4) /* overflow */ return NULL; -+ rowstride = width * 4; - bytes = height * rowstride; - if (bytes / rowstride != height) ++ rowstride = width * 4; ++ + if (height >= INT_MAX / rowstride) /* overflow */ - return NULL; -+ bytes = height * rowstride; +- return NULL; ++ return NULL; ++ ++ bytes = height * rowstride; pixels = g_try_malloc (bytes); if (!pixels) --- -2.21.0 - diff --git a/user/atril/CVE-2019-11459.patch b/user/atril/CVE-2019-11459.patch new file mode 100644 index 000000000..a826cbd29 --- /dev/null +++ b/user/atril/CVE-2019-11459.patch @@ -0,0 +1,69 @@ +Backport of the following, since it did not apply due to whitespace / +formatting + +From bd4ce9171fef52720e74ffeeeeca3b0c5b5d4808 Mon Sep 17 00:00:00 2001 +From: Victor Kareh <vkareh@redhat.com> +Date: Sun, 11 Aug 2019 05:20:09 +0300 +Subject: [PATCH] tiff: Handle failure from TIFFReadRGBAImageOriented + +The TIFFReadRGBAImageOriented function returns zero if it was unable to +read the image. Return NULL in this case instead of displaying +uninitialized memory. + +This addresses CVE-2019-11459 + +upstream commit: +https://gitlab.gnome.org/GNOME/evince/commit/234f034a4 +--- + +--- atril-1.22.1/backend/tiff/tiff-document.c ++++ atril-1.22.1/backend/tiff/tiff-document.c +@@ -282,17 +282,21 @@ tiff_document_render (EvDocument *d + return NULL; + } + ++ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, ++ width, height, ++ (uint32 *)pixels, ++ orientation, 0)) { ++ g_warning ("Failed to read TIFF image."); ++ g_free (pixels); ++ return NULL; ++ } ++ + surface = cairo_image_surface_create_for_data (pixels, + CAIRO_FORMAT_RGB24, + width, height, + rowstride); + cairo_surface_set_user_data (surface, &key, + pixels, (cairo_destroy_func_t)g_free); +- +- TIFFReadRGBAImageOriented (tiff_document->tiff, +- width, height, +- (uint32 *)pixels, +- orientation, 0); + pop_handlers (); + + /* Convert the format returned by libtiff to +@@ -373,13 +377,17 @@ tiff_document_render_pixbuf (EvDocument + if (!pixels) + return NULL; + ++ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, ++ width, height, ++ (uint32 *)pixels, ++ ORIENTATION_TOPLEFT, 0)) { ++ g_free (pixels); ++ return NULL; ++ } ++ + pixbuf = gdk_pixbuf_new_from_data (pixels, GDK_COLORSPACE_RGB, TRUE, 8, + width, height, rowstride, + (GdkPixbufDestroyNotify) g_free, NULL); +- TIFFReadRGBAImageOriented (tiff_document->tiff, +- width, height, +- (uint32 *)pixels, +- ORIENTATION_TOPLEFT, 0); + pop_handlers (); + + scaled_pixbuf = gdk_pixbuf_scale_simple (pixbuf, diff --git a/user/calligra/APKBUILD b/user/calligra/APKBUILD index 306299ae0..fdaf6e4fe 100644 --- a/user/calligra/APKBUILD +++ b/user/calligra/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=calligra pkgver=3.1.0 -pkgrel=2 +pkgrel=3 pkgdesc="KDE Office suite" url="https://www.calligra.org/" arch="all" diff --git a/user/cbindgen/APKBUILD b/user/cbindgen/APKBUILD index 85db9d603..6fffc1af6 100644 --- a/user/cbindgen/APKBUILD +++ b/user/cbindgen/APKBUILD @@ -13,17 +13,16 @@ makedepends="cargo" source="" # dependencies taken from Cargo.lock -cargo_deps="$pkgname-$pkgver ansi_term-0.11.0 atty-0.2.11 autocfg-0.1.4 - bitflags-1.1.0 cfg-if-0.1.9 clap-2.33.0 cloudabi-0.0.3 - fuchsia-cprng-0.1.1 itoa-0.4.4 libc-0.2.58 log-0.4.6 numtoa-0.1.0 - proc-macro2-0.4.30 quote-0.6.12 rand-0.6.5 rand_chacha-0.1.1 - rand_core-0.3.1 rand_core-0.4.0 rand_hc-0.1.0 rand_isaac-0.1.1 - rand_jitter-0.1.4 rand_os-0.1.3 rand_pcg-0.1.2 rand_xorshift-0.1.1 - rdrand-0.4.0 redox_syscall-0.1.54 redox_termios-0.1.1 - remove_dir_all-0.5.2 ryu-0.2.8 serde-1.0.93 serde_derive-1.0.93 - serde_json-1.0.39 strsim-0.8.0 syn-0.15.38 tempfile-3.0.8 termion-1.5.3 - textwrap-0.11.0 toml-0.5.1 unicode-width-0.1.5 unicode-xid-0.1.0 - vec_map-0.8.1 winapi-0.3.7 winapi-i686-pc-windows-gnu-0.4.0 +cargo_deps="$pkgname-$pkgver ansi_term-0.11.0 atty-0.2.13 bitflags-1.1.0 + c2-chacha-0.2.2 cfg-if-0.1.9 clap-2.33.0 getrandom-0.1.12 itoa-0.4.4 + lazy_static-1.4.0 libc-0.2.62 log-0.4.8 ppv-lite86-0.2.5 + proc-macro2-0.4.30 proc-macro2-1.0.3 quote-0.6.13 quote-1.0.2 + rand-0.7.0 rand_chacha-0.2.1 rand_core-0.5.1 rand_hc-0.2.0 + redox_syscall-0.1.56 remove_dir_all-0.5.2 ryu-1.0.0 serde-1.0.100 + serde_derive-1.0.100 serde_json-1.0.40 strsim-0.8.0 syn-0.15.44 + syn-1.0.5 tempfile-3.1.0 textwrap-0.11.0 toml-0.5.3 unicode-width-0.1.6 + unicode-xid-0.1.0 unicode-xid-0.2.0 vec_map-0.8.1 wasi-0.7.0 + winapi-0.3.8 winapi-i686-pc-windows-gnu-0.4.0 winapi-x86_64-pc-windows-gnu-0.4.0" source="$source $(echo $cargo_deps | sed -E 's#([[:graph:]]+)-([0-9.]+(-(alpha|beta|rc)[0-9.]+)?)#&.tar.gz::https://crates.io/api/v1/crates/\1/\2/download#g')" @@ -75,48 +74,45 @@ package() { rm "$pkgdir"/usr/.crates.toml } + sha512sums="134a748ec781dde54d7810d6f5f98a5a84784d4acdd13a4c13eb4ae67fc278ccd2b123eea56461a124e7aa17b99e0a5a20f39f06286ce259e6e3eb24c43f29ae cbindgen-0.9.0.tar.gz a637466a380748f939b3af090b8c0333f35581925bc03f4dda9b3f95d338836403cf5487ae3af9ff68f8245a837f8ab061aabe57a126a6a2c20f2e972c77d1fa ansi_term-0.11.0.tar.gz -9d6417dc1e8abdb4969418525b36c451274fd76769adb57bef9875ef62ef521c50d58626ebc4f96d2bea32cbadb6999fd67653b570293d7253b403b6d0736c79 atty-0.2.11.tar.gz -811b68ea24a836980026abba12598b35359abdff5660e6e9d3cc65e3edbedcd10dffc208900af5d4c21e983e1218b5fb5499117c05ab60b3e4716f0529b231ce autocfg-0.1.4.tar.gz +4554ca7dedb4c2e8693e5847ef1fe66161ed4cb2c19156bb03f41ce7e7ea21838369dabaf447a60d1468de8bfbb7087438c12934c4569dde63df074f168569ad atty-0.2.13.tar.gz e3e611cf35a1ed4930727d530e6c78add895bd96636ca1354f1269b3d0e36e77fbb9ec850fe1f448a10f09ea2b2f89c2b16bb96b7da585851ce4c29a308968e3 bitflags-1.1.0.tar.gz +d8edeff2f4eefb9504160d7f4d3c450661d10905c23cc4950736ab76e73bd1e88127c006bc762d63694847f2cc981ceeb0727ecf18e8fad7c89209d7a9e70f14 c2-chacha-0.2.2.tar.gz 45f7322217d291b3905ffdc45cadd5a7a7baf440f9a82a5b5596192ed0ac54353a3ecae0326d5807aae99bc4d79e0406d71bd65745ec8d9f8815a7c9436d648c cfg-if-0.1.9.tar.gz f1075031414d48e4340bfe308904a95a31b72460724773c52a0bc8c004e625a04c904a39fc5420cb8c26a633321f9b5f4f69019c7aae5ed89900b63ed8c21a91 clap-2.33.0.tar.gz -691ed793e9b35ba382f03897f4c0efc31a528394862a27b814ba8993ad30bbe0ebc9808484baf580e8b69d9c13ad1612776a1efd0f6981545b420139ff83592c cloudabi-0.0.3.tar.gz -ea9f5beb0dfcb023c22cfc2b37ce52dfcf3a2cbbed0f79ffffc332878858386805c65dce8469a431002367562d857a6c064e075688540c27fcb4056a110059d2 fuchsia-cprng-0.1.1.tar.gz +0577f21f0ff01154453da92dd125c3bdea12a2bb2e7f5581add4306e28dfc448a0c084e9e64a0ef1da7baf8415965ea4ee32a5ef38d5af8ce4c6addab3cb0518 getrandom-0.1.12.tar.gz f5e04bd908457e7592243ce64a99c5283428b767f4cc17d77946770411b06fccb0250625263c3e84a02a018ea7e8a0e4216e1929a71988bab8e1dbf603d3801d itoa-0.4.4.tar.gz -9127ad9a94f75655740fc3a2278c7a17d5f03c4cd12c8833c1a1ecb7a860ec8581fbc969f5c2e23b8eecb9131d9d8271131ad6a675b785f18fb55d830bcc0491 libc-0.2.58.tar.gz -3844c771f97531ae7312c6bb0cf74ccaab94925f68bf1172419cc44fa4b5373f3ac6b42fb6d0ba636a970b295ea5d1b5abbe72b4da67a103e8dc4ed48a0cc5cb log-0.4.6.tar.gz -41b5c774048592c5867fba217c85d4ece4540e0f3ab0eea7dd1a6af340ba46dae42bbca62ea7fe3afdb258660f39a3d3082264c99dea67d3d1ae178d00a01354 numtoa-0.1.0.tar.gz +e124c0521ec7c950f3c4a066821918da7a9c6e711115d98009ae7c351928fdddead852e7596fea5937a9c30e4e4ce8eee7099b20248b5d6e3b2494b6a6d88cb8 lazy_static-1.4.0.tar.gz +93c178429a099606d4d61576d74204e87c042c4591b8472eb56eb3ddee883b135e28be09ff48e2718c4cdadbfc641e3a313665fe493d64b1820a7e6018f79d1e libc-0.2.62.tar.gz +0b71f97d5964134b5eea1332347e177806b2f171d0be5c410c0ff1539470b242ba9f0933fafd853e4171a43b5e373a150af18918924be431c7216022553a8a3b log-0.4.8.tar.gz +281ea3479c4a8996aac643b707e75ca0a079681b1f182a074de0d9989ff9f1df6922cb8e4152af76025ebb4c2d00e6889aecc2a4f0fa66531eceb732aef62243 ppv-lite86-0.2.5.tar.gz 73a8de3f1d76a8baf2d45afc1497bba8c0cbf231bf9b6750b9cee2473f492d5f3957ac149998da720acc8287c96d604971b51dcdfa629523bbdd97c297856ac0 proc-macro2-0.4.30.tar.gz -5d58945b0c9b41e368458a1661ae7b2ceed2e3285d377088afe5fde38e1db945ab42326d096cd6d13d82f5f80fe73d204c5fbe3c7abdea149eb6d7ca7c5e6798 quote-0.6.12.tar.gz -2eb84bed29708b8ba109f4329bf6f1cac6caed9d91b2aaf185d68dd2eda73d3fb7be2897d0596fb28352e799ccf92c161ee44599d5cb426ba9c3b8c747831904 rand-0.6.5.tar.gz -200d39362ffd6d91cfe80634e951c7323a5df8a382c91e3afcef1ecb143a16dc47a17db7f1a746b18e4ea8bfd36bc31ceaeff6d0116e166f8b34e4a8530b3c1b rand_chacha-0.1.1.tar.gz -5a7ae601124502bede760fd3179c2b28059ebc3b5983bfcb6b8fa62fb58df95cedc1aeb2734e792d894dfa4620801c13c29702f9cbee64243121575d4b6b9114 rand_core-0.3.1.tar.gz -f80e76dabd3308a12880a9aa8b7be83db39b02778c95bb63f862488789a2a67e2f08d4f2dd1ad803c61df0a9fc7f6620aa753b3bf394542ce27c89189a911845 rand_core-0.4.0.tar.gz -808d8c167daa66a2608884d5d3f1444cdb21f8ca1c61e59fc9bdfb506a634ebb22c0143cfc0574e15313f82559fd2d117a46910eba3b4eb7e0052ec280f5cd2f rand_hc-0.1.0.tar.gz -9e8f6c79abc53352c971f8182dcaa7979904d5649eec9008262bb0aaf0585b4c4817351cd80ffa8d07f172ff4c82d85a09ef2642a08f608fc6be3e246ed7f82e rand_isaac-0.1.1.tar.gz -fe3791612cf82bd0ad1a115c442b4a007141647eecd48f49dff9a5d326c374663d9bd2e511c8d292e1dba44665359b522cd5d57ccd3a18598e88e42ee1670e4a rand_jitter-0.1.4.tar.gz -01e81a692b78df3b2bd65bc285e5052ccaf208c7d0ace414f251db4fcff7f9ae1502ee60ca5745c95e778d3d5efe15fa84153c17c422b6b6bfee829376c14575 rand_os-0.1.3.tar.gz -6bc684778ba60c2e48793d4759b40cb0d35b0bc20ca0fc39fdff7c3f8fe9082dd7b5d5f26a7f17bafc6f3568924eac1bbe45820b1c2b09c91731ea5487d76d9c rand_pcg-0.1.2.tar.gz -3205499ed2584467dedb4641a48f3ca8fedc263b1d9431d36a251af0bc4701d99ce4b5219d515b9b24210dd3ef2faace6efa886aa50f361e07f53dd0fb0841e5 rand_xorshift-0.1.1.tar.gz -6476275d124bee28747191471e8d8f321a3b1c148c1f2a7ece4175f5244a7de90afe5f99d2eba5244d886b92e38232398864bf90e6d434b09494533942c8d894 rdrand-0.4.0.tar.gz -38ee15c2fa470428329b3888fef1f1b5bc57ffae96b6ec505fc051f33a8da86512afddfeb6966cb2342382a5cbccb624a825767d3492b3d6d21d6f8e97e57e9e redox_syscall-0.1.54.tar.gz -201d051900e919e2c6c6769ef252e51979d90133df16b6605e2a2f424cfb2e6e505e21add75ef5854fe5e0cab1ed1f1c1451010f072ae4bc8703c585a4323981 redox_termios-0.1.1.tar.gz +ff4e32e42d206191741880e362e39e33149fec4f94cb38e2693e956e4c0dd680dba4712f436fddbc092a7ebef23b7cd4693345fb93d5b9713a516960c2bfd82e proc-macro2-1.0.3.tar.gz +bafa9ba42ea6ff2d6df652384485c58327de6eaea2832423eedd8ef8b4aace673c23b70f1f22106515ac13d7f625cb8b1a5e8c4388c1701ea3cd86fb9ac3056e quote-0.6.13.tar.gz +67778dff9dc5c4edcdd6454b74ad9353bb6c0c4e51c16cb82f2e393a7d7a0cde084d3c93279b718a8398c40af0a9377ebfae5321e69e635efd8390c125b75ce4 quote-1.0.2.tar.gz +20c82ed8edf0bd203ac6f04f746b80abf5ad5716b307cd76fda399f26519ccc3b757f390058e7d8826508ed8a2b524c49ebad56a79fa77416b386f2b9a854352 rand-0.7.0.tar.gz +30933fdb94ca8d4bf040a7e08a42944a0d7c2f3f6a9a3d547e74bc32f922b0eb79d85afb1f6c85c78dc115170e70bdf96b36f0478d61ba5651876d5350ad18f6 rand_chacha-0.2.1.tar.gz +4f7500b35e165e6c817fdd67a50745d5497d24e554bb554705097e37258751e8755c4d6b8a69fcb5e1977708ba78620bc35d640e4e018fcd4e88d9dbdbebdcbf rand_core-0.5.1.tar.gz +bca185612bed5cee4da76fb68fe854105da276f5bf2da464e596d586b925df798cc692ed881e276ab77c36b4b0551930966c93656be122ad05899d87853533b0 rand_hc-0.2.0.tar.gz +17a3044327aa733c830dd74e210d6bda32622617d1c5af9d70d7647232d8569ad0b04ccb14042cbabb5d97ad98e3f1f5a9968a75387354ffb4d175e9577115a1 redox_syscall-0.1.56.tar.gz d19a45398a93adbcef9f233f6b3eaf4a63ae95f5bbae00c880b40c5edd34449e7f798ebcd4d11843c68ddfa15e11bed21d434b224e4a175dcb64ae011c13c8cd remove_dir_all-0.5.2.tar.gz -15a17fa06cb971847386013b7bc80e0483bb30f62062ac1e3200d588cb52771a7d34cdd74aba51de46341d303bd29065cf1f8cdcc17c23576cfadaefe63384b4 ryu-0.2.8.tar.gz -ec7712ad54bae2d93524e49730e2707b20ef91c8aa05084c6bbbd17e3ca77532cc672b8ae8f3ace25fc72a109cdc06a4b3f74515b7afe35faff6887984ae9309 serde-1.0.93.tar.gz -e9ba64c934eab1c2091697d36338ea6c47d0409b0097c87376fa6b05de21391aeb228e52b1c846894c37aee44550f4059c3ee9f58840d79d4ef5be4c61293f2b serde_derive-1.0.93.tar.gz -7180e5deb60e196f6b1ba3ac2a1bad6cea59d29f65fa7fb9258beb3d7012d6f3ea624e21fbb17868f5a21224f93b3f7b24875a94d50ba0d05e5b8d2aef632036 serde_json-1.0.39.tar.gz +b5dd360611fdf76ff13d377c1c79ce09a4fab90a8b7fc917a4424b8246c8a0da7d3ec515b8c69b695d936b1207072d173b9f40fd5cb218f1eab947862112caf0 ryu-1.0.0.tar.gz +bce506b4d30c9743f69a8c599eeb5bfde8e4951f1700901ce03eb9cd198e3725bcd625121f494f8d12e98200520899917794b5943b355acf8993f00d1ede4282 serde-1.0.100.tar.gz +f47e62d3f30b15acf0e5435c5df939bb6089c060bf91e891a7cc0f9e7bb8243c5500a145ec41e6aba7fd1f5fb571e552dbc95eb78633d7a47ed08ed35f0b0848 serde_derive-1.0.100.tar.gz +d09bc95c963f510686106d9885f3420b9eabba8bf32626597dafd43ffbe91ea72ee4a3fedfca922794a727214d73929970acced8eccaa23616cde33dfde9f842 serde_json-1.0.40.tar.gz 1d55a8d946cd55f5f37d06aea536549ded95739fa58c0f2da285a0041154c181f663682bdcac643aa198b3e762d694a04f058db985c62ebe22b5c16327ba6d34 strsim-0.8.0.tar.gz -e460d6b67e3237e8e88292e2fd170ef16f6b0e30b1c7c11b8177f36c86b083ca1de2727e75f183d2708f6839138aa73865e7944a822c2d85783a79caf3fa2e6c syn-0.15.38.tar.gz -88f5bb3ac88b192b9f106d5902ac7563114b901df8c36cbb7f2eb7dccd631e19093cd1ec6aa82e4b833f35ab265072e81f3205773654c263555bee22a78abc00 tempfile-3.0.8.tar.gz -1cbe60f97d5f8b95e6a57ec9b7cfcf37459bc8dbcf8424b055f04b2ecdaf069e1bb52222364a2f380dc3f63039fe3823d424228af1c212a8b3790b7dd55d5deb termion-1.5.3.tar.gz +c6c9b5887425e1e5fab905e477fcea41bba191693c471cf26922a9dfdd59ed957155a399406cc3723933a869565e7295183dabedfc34e3e2a20874ba94c7ead7 syn-0.15.44.tar.gz +4cc18966040b1f86916876aa5ad8029a126f7ab8db55408b3f4bc343dd82dc357899dd4a7afc514c65fd269245f8850f8f2834b08bc2ee6cf6774282f75feadc syn-1.0.5.tar.gz +a87ee51c36a81a8a8eb8f091eb57926682f38b707f7f641332d8752170e6c139a656ae49c6861f51e07c2fab5c86cc9b2ac158f5d89c6bff15d18934dd4e7ba5 tempfile-3.1.0.tar.gz f5c0fe4f28ff1a3a0931e8e235b5157a45f67967985bcc752418c5ec3481fca44a8ae4800088889b37e8cd0533f53d3c456d5ffd19b767b3f83a87b49a2e209a textwrap-0.11.0.tar.gz -4b8b9212934b8a8bf8f09fc9c63219f3bd8d21a1bc5ec4f4208fa833743951ddb53cb99b5fa27b9b59d2223cc74a7274d6eb196255e44650bb633e24b2529073 toml-0.5.1.tar.gz -bd5ac5f0433953d79408074239edc7c43ce23d56659d467805d81ab01c576a3cf77ccedb3bba41d48bc4ad46a8905ac8a1927b99312053ef6295fd940a6766d2 unicode-width-0.1.5.tar.gz +f3798afe9cbededee2c5d0cc2cd45a9a5b09004bc4d6f0e2863aa56a3aa377e9eb8fc2e4c557fe448afbec77bea5bb6953fe6ff59cb83389351ea207bd912458 toml-0.5.3.tar.gz +d6c2e5a99ea359d866393a6b00e0e21e5d80e4e665e457c0f2f0bbebda53afeab75b1d9b6b79102339ee621bac5050e7d41621703a8fd9ffe1e74a5a4301aa05 unicode-width-0.1.6.tar.gz cc5343e2166938322cfd7c73f1f918f2a9c46846ac0ef55933d1e44cdfaf6f7da2b7ff18b68e356c47b6d8ba5565eda0db42c347dcbde830683f341ac2b1849d unicode-xid-0.1.0.tar.gz +590f727d8d8354023062ae5fe7ac5bed1bcf79d86b883effd7f33b3ea3b1c8922998a63d621ca6962a969e890fa6edd009871f21cd57b1969264f41ba3f78359 unicode-xid-0.2.0.tar.gz 026cf10dc7ba98ae51dd312fc847cbaea41c25f0da5db6e0e22c2ecf75584bbf876d7bd96035fbbcf6696d702d5a3f25977e02a2d77cf519aa21e3ed05710e40 vec_map-0.8.1.tar.gz -6871b93ad8d48e39b90cb7b31b3132f84665f965b4dfe06fcebdfb873e7d099007cf3d7a50e832a941c3425ad2f39c3ab48a77151e60863685b97fc05c71d134 winapi-0.3.7.tar.gz +1950e78df7f0ba21b917680633d092704f1fb906bd973de4ddc43cedb7bf449f6e881d50e3aa0d5595e8d58796915d582b69c116ef536f819b6f035affea18f0 wasi-0.7.0.tar.gz +5a899ee5f09f30d742b8b8eba78da05cd9f4c664408fdeb9370373f8756a962a23e3f1c07619e745b3270138606c9a369076c02c3f5353f657df09d203d9a736 winapi-0.3.8.tar.gz a672ccefd0730a8166fef1d4e39f9034d9ae426a3f5e28d1f4169fa5c5790767693f281d890e7804773b34acdb0ae1febac33cde8c50c0044a5a6152c7209ec2 winapi-i686-pc-windows-gnu-0.4.0.tar.gz 4a654af6a5d649dc87e00497245096b35a2894ae66f155cb62389902c3b93ddcc5cf7d0d8b9dd97b291d2d80bc686af2298e80abef6ac69883f4a54e79712513 winapi-x86_64-pc-windows-gnu-0.4.0.tar.gz" diff --git a/user/cups-filters/APKBUILD b/user/cups-filters/APKBUILD index dcb700b90..d46268780 100644 --- a/user/cups-filters/APKBUILD +++ b/user/cups-filters/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Max Rees <maxcrees@me.com> pkgname=cups-filters -pkgver=1.25.2 +pkgver=1.25.5 pkgrel=0 pkgdesc="OpenPrinting CUPS filters and backends" url="https://wiki.linuxfoundation.org/openprinting/cups-filters" @@ -59,4 +59,4 @@ libs() { mv "$pkgdir"/usr/lib/lib*.so.* "$subpkgdir"/usr/lib/ } -sha512sums="e616a3a356ea7ad7d61e50242c1c0fd899911a8a293e721a89b425fb6a5d6d98388bbd4c02df407d9b66219b99f7c41a457b1436af6b9d8e979f0fd4e392ef3e cups-filters-1.25.2.tar.xz" +sha512sums="4e7126f4c439cb7392484dd3531023da5a1c885c7a6c7377260e7cccc2f3f51e3d0aa879965ecdb2625217d6f9ee1ca9c860c4fc05a7959697cd269696f10f59 cups-filters-1.25.5.tar.xz" diff --git a/user/dejagnu/APKBUILD b/user/dejagnu/APKBUILD deleted file mode 100644 index 53018f36f..000000000 --- a/user/dejagnu/APKBUILD +++ /dev/null @@ -1,37 +0,0 @@ -# Contributor: A. Wilcox <awilfox@adelielinux.org> -# Maintainer: A. Wilcox <awilfox@adelielinux.org> -pkgname=dejagnu -pkgver=1.6.2 -pkgrel=0 -pkgdesc="Framework for testing other programs" -url="https://www.gnu.org/software/dejagnu/" -arch="noarch" -license="GPL-3.0+" -depends="expect" -makedepends="$depends tcl>=8.5" -subpackages="$pkgname-dev $pkgname-doc" -source="https://ftp.gnu.org/pub/gnu/$pkgname/$pkgname-$pkgver.tar.gz" - -build() { - cd "$builddir" - ./configure \ - --build=$CBUILD \ - --host=$CHOST \ - --prefix=/usr \ - --sysconfdir=/etc \ - --mandir=/usr/share/man \ - --localstatedir=/var - make -} - -check() { - cd "$builddir" - make check -} - -package() { - cd "$builddir" - make DESTDIR="$pkgdir" install -} - -sha512sums="ae527ce245871d49b84773d0d14b1ea6b2316c88097eeb84091a3aa885ff007eeaa1cd9c5b002d94a956d218451079b5e170561ffa43a291d9d82283aa834042 dejagnu-1.6.2.tar.gz" diff --git a/user/djvulibre/APKBUILD b/user/djvulibre/APKBUILD index a90485e6a..2b4a3ed0e 100644 --- a/user/djvulibre/APKBUILD +++ b/user/djvulibre/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=djvulibre pkgver=3.5.27 -pkgrel=0 +pkgrel=1 pkgdesc="Format for distributing documents and images" url="http://djvu.sourceforge.net/" arch="all" @@ -11,10 +11,20 @@ depends="" depends_dev="" makedepends="$depends_dev imagemagick libjpeg-turbo-dev tiff-dev" subpackages="$pkgname-dev $pkgname-doc" -source="https://downloads.sourceforge.net/djvu/djvulibre-$pkgver.tar.gz" +source="https://downloads.sourceforge.net/djvu/djvulibre-$pkgver.tar.gz + CVE-2019-15142.patch + CVE-2019-15143.patch + CVE-2019-15144.patch + CVE-2019-15145.patch" + +# secfixes: +# 3.5.27-r1: +# - CVE-2019-15142 +# - CVE-2019-15143 +# - CVE-2019-15144 +# - CVE-2019-15145 build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -26,13 +36,16 @@ build() { } check() { - cd "$builddir" + # This doesn't actually do anything yet make check } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } -sha512sums="62abcaa2fe7edab536477929ba38b882453dab1a06e119a3f838b38d5c61f5d8c252e4769e6534582b826e49bcfb490513179580fab9c3afa84aa92053ccebee djvulibre-3.5.27.tar.gz" +sha512sums="62abcaa2fe7edab536477929ba38b882453dab1a06e119a3f838b38d5c61f5d8c252e4769e6534582b826e49bcfb490513179580fab9c3afa84aa92053ccebee djvulibre-3.5.27.tar.gz +d9e4301fb98a35b8c2f1854eb4be53611f98b3fc9fdd357dd5502b5b189bdf61957a48b220f3ab7465bbf1df8606ce04513e10df74643a9e289c349f94721561 CVE-2019-15142.patch +3527e1c84f7c7d36f902cb3d7e9ddb6866acbdd4b47675ce3ffd164accf2e2931a4c6bbaae2ea775b4710d88ae34dd4dcd39a5846fce13bef2c82a99d608b8c1 CVE-2019-15143.patch +f8f1abf328a97d69514b2626e4c6449c0c7b7e2b5518d56bba6a61a944aaf4b7fffd1371c26396353728f6a1399c6d87492af5c17e6b623dae7751b81eac11f9 CVE-2019-15144.patch +790ef1e05874635c762600c990ecbd3e29e2eb01c59e25a0f8b2a15dbadbd3673d9dbb651d9dcb53fd3e5f4cb6bded47c3eefaaef8b4ccac39bd28f8bbec2068 CVE-2019-15145.patch" diff --git a/user/djvulibre/CVE-2019-15142.patch b/user/djvulibre/CVE-2019-15142.patch new file mode 100644 index 000000000..84ed64e24 --- /dev/null +++ b/user/djvulibre/CVE-2019-15142.patch @@ -0,0 +1,94 @@ +Lifted from SUSE: backport of two upstream commits + +https://sourceforge.net/p/djvu/djvulibre-git/ci/970fb11a296b5bbdc5e8425851253d2c5913c45e +https://sourceforge.net/p/djvu/djvulibre-git/ci/89d71b01d606e57ecec2c2930c145bb20ba5bbe3 +https://bugzilla.suse.com/show_bug.cgi?id=1146702#c3 +https://build.opensuse.org/package/view_file/graphics/djvulibre/djvulibre-CVE-2019-15142.patch + +Index: djvulibre-3.5.27/libdjvu/DjVmDir.cpp +=================================================================== +--- djvulibre-3.5.27.orig/libdjvu/DjVmDir.cpp 2014-07-08 23:15:07.000000000 +0200 ++++ djvulibre-3.5.27/libdjvu/DjVmDir.cpp 2019-09-02 13:46:28.076374501 +0200 +@@ -300,36 +300,44 @@ DjVmDir::decode(const GP<ByteStream> &gs + memcpy((char*) strings+strings_size, buffer, length); + } + DEBUG_MSG("size of decompressed names block=" << strings.size() << "\n"); +- +- // Copy names into the files ++ int strings_size=strings.size(); ++ strings.resize(strings_size+3); ++ memset((char*) strings+strings_size, 0, 4); ++ ++ // Copy names into the files + const char * ptr=strings; + for(pos=files_list;pos;++pos) + { + GP<File> file=files_list[pos]; +- ++ if (ptr >= (const char*)strings + strings_size) ++ G_THROW( "DjVu document is corrupted (DjVmDir)" ); + file->id=ptr; + ptr+=file->id.length()+1; + if (file->flags & File::HAS_NAME) + { +- file->name=ptr; +- ptr+=file->name.length()+1; +- } else ++ file->name=ptr; ++ ptr+=file->name.length()+1; ++ } ++ else + { + file->name=file->id; + } + if (file->flags & File::HAS_TITLE) + { +- file->title=ptr; +- ptr+=file->title.length()+1; +- } else +- file->title=file->id; +- /* msr debug: multipage file, file->title is null. ++ file->title=ptr; ++ ptr+=file->title.length()+1; ++ } ++ else ++ { ++ file->title=file->id; ++ } ++ /* msr debug: multipage file, file->title is null. + DEBUG_MSG(file->name << ", " << file->id << ", " << file->title << ", " << + file->offset << ", " << file->size << ", " << + file->is_page() << "\n"); */ + } + +- // Check that there is only one file with SHARED_ANNO flag on ++ // Check that there is only one file with SHARED_ANNO flag on + int shared_anno_cnt=0; + for(pos=files_list;pos;++pos) + { +Index: djvulibre-3.5.27/libdjvu/miniexp.cpp +=================================================================== +--- djvulibre-3.5.27.orig/libdjvu/miniexp.cpp 2015-02-11 05:35:37.000000000 +0100 ++++ djvulibre-3.5.27/libdjvu/miniexp.cpp 2019-09-02 13:46:28.072374476 +0200 +@@ -1028,7 +1028,7 @@ print_c_string(const char *s, char *d, i + { + if (char_quoted(c, flags)) + { +- char buffer[10]; ++ char buffer[16]; /* 10+1 */ + static const char *tr1 = "\"\\tnrbf"; + static const char *tr2 = "\"\\\t\n\r\b\f"; + buffer[0] = buffer[1] = 0; +Index: djvulibre-3.5.27/tools/csepdjvu.cpp +=================================================================== +--- djvulibre-3.5.27.orig/tools/csepdjvu.cpp 2014-07-24 23:12:05.000000000 +0200 ++++ djvulibre-3.5.27/tools/csepdjvu.cpp 2019-09-02 13:46:28.072374476 +0200 +@@ -1814,7 +1814,7 @@ main(int argc, const char **argv) + ByteStream::create(GURL::Filename::UTF8(arg),"rb"); + BufferByteStream ibs(*fbs); + do { +- char pagename[16]; ++ char pagename[20]; + sprintf(pagename, "p%04d.djvu", ++pageno); + if (opts.verbose > 1) + DjVuPrintErrorUTF8("%s","--------------------\n"); diff --git a/user/djvulibre/CVE-2019-15143.patch b/user/djvulibre/CVE-2019-15143.patch new file mode 100644 index 000000000..db04087e1 --- /dev/null +++ b/user/djvulibre/CVE-2019-15143.patch @@ -0,0 +1,46 @@ +From b1f4e1b2187d9e5010cd01ceccf20b4a11ce723f Mon Sep 17 00:00:00 2001 +From: Leon Bottou <leon@bottou.org> +Date: Tue, 26 Mar 2019 20:45:46 -0400 +Subject: [PATCH] fix for bug #297 + +--- + libdjvu/DjVmDir.cpp | 2 +- + libdjvu/GBitmap.cpp | 6 ++++-- + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/libdjvu/DjVmDir.cpp b/libdjvu/DjVmDir.cpp +index 0a0fac6..5a49015 100644 +--- a/libdjvu/DjVmDir.cpp ++++ b/libdjvu/DjVmDir.cpp +@@ -309,7 +309,7 @@ DjVmDir::decode(const GP<ByteStream> &gstr) + { + GP<File> file=files_list[pos]; + if (ptr >= (const char*)strings + strings_size) +- G_THROW( "DjVu document is corrupted (DjVmDir)" ); ++ G_THROW( ByteStream::EndOfFile ); + file->id=ptr; + ptr+=file->id.length()+1; + if (file->flags & File::HAS_NAME) +diff --git a/libdjvu/GBitmap.cpp b/libdjvu/GBitmap.cpp +index 0e487f0..c2fdbe4 100644 +--- a/libdjvu/GBitmap.cpp ++++ b/libdjvu/GBitmap.cpp +@@ -890,11 +890,13 @@ GBitmap::read_rle_raw(ByteStream &bs) + int c = 0; + while (n >= 0) + { +- bs.read(&h, 1); ++ if (bs.read(&h, 1) <= 0) ++ G_THROW( ByteStream::EndOfFile ); + int x = h; + if (x >= (int)RUNOVERFLOWVALUE) + { +- bs.read(&h, 1); ++ if (bs.read(&h, 1) <= 0) ++ G_THROW( ByteStream::EndOfFile ); + x = h + ((x - (int)RUNOVERFLOWVALUE) << 8); + } + if (c+x > ncolumns) +-- +2.22.1 + diff --git a/user/djvulibre/CVE-2019-15144.patch b/user/djvulibre/CVE-2019-15144.patch new file mode 100644 index 000000000..1b0c71c5f --- /dev/null +++ b/user/djvulibre/CVE-2019-15144.patch @@ -0,0 +1,117 @@ +From e15d51510048927f172f1bf1f27ede65907d940d Mon Sep 17 00:00:00 2001 +From: Leon Bottou <leon@bottou.org> +Date: Mon, 8 Apr 2019 22:25:55 -0400 +Subject: [PATCH] bug 299 fixed + +--- + libdjvu/GContainer.h | 87 ++++++++++++++++++++++++-------------------- + 1 file changed, 48 insertions(+), 39 deletions(-) + +diff --git a/libdjvu/GContainer.h b/libdjvu/GContainer.h +index 96b067c..0140211 100644 +--- a/libdjvu/GContainer.h ++++ b/libdjvu/GContainer.h +@@ -550,52 +550,61 @@ public: + template <class TYPE> void + GArrayTemplate<TYPE>::sort(int lo, int hi) + { +- if (hi <= lo) +- return; +- if (hi > hibound || lo<lobound) +- G_THROW( ERR_MSG("GContainer.illegal_subscript") ); + TYPE *data = (TYPE*)(*this); +- // Test for insertion sort +- if (hi <= lo + 50) ++ while(true) + { +- for (int i=lo+1; i<=hi; i++) ++ if (hi <= lo) ++ return; ++ if (hi > hibound || lo<lobound) ++ G_THROW( ERR_MSG("GContainer.illegal_subscript") ); ++ // Test for insertion sort ++ if (hi <= lo + 50) + { +- int j = i; +- TYPE tmp = data[i]; +- while ((--j>=lo) && !(data[j]<=tmp)) +- data[j+1] = data[j]; +- data[j+1] = tmp; ++ for (int i=lo+1; i<=hi; i++) ++ { ++ int j = i; ++ TYPE tmp = data[i]; ++ while ((--j>=lo) && !(data[j]<=tmp)) ++ data[j+1] = data[j]; ++ data[j+1] = tmp; ++ } ++ return; + } +- return; +- } +- // -- determine suitable quick-sort pivot +- TYPE tmp = data[lo]; +- TYPE pivot = data[(lo+hi)/2]; +- if (pivot <= tmp) +- { tmp = pivot; pivot=data[lo]; } +- if (data[hi] <= tmp) +- { pivot = tmp; } +- else if (data[hi] <= pivot) +- { pivot = data[hi]; } +- // -- partition set +- int h = hi; +- int l = lo; +- while (l < h) +- { +- while (! (pivot <= data[l])) l++; +- while (! (data[h] <= pivot)) h--; +- if (l < h) ++ // -- determine median-of-three pivot ++ TYPE tmp = data[lo]; ++ TYPE pivot = data[(lo+hi)/2]; ++ if (pivot <= tmp) ++ { tmp = pivot; pivot=data[lo]; } ++ if (data[hi] <= tmp) ++ { pivot = tmp; } ++ else if (data[hi] <= pivot) ++ { pivot = data[hi]; } ++ // -- partition set ++ int h = hi; ++ int l = lo; ++ while (l < h) + { +- tmp = data[l]; +- data[l] = data[h]; +- data[h] = tmp; +- l = l+1; +- h = h-1; ++ while (! (pivot <= data[l])) l++; ++ while (! (data[h] <= pivot)) h--; ++ if (l < h) ++ { ++ tmp = data[l]; ++ data[l] = data[h]; ++ data[h] = tmp; ++ l = l+1; ++ h = h-1; ++ } ++ } ++ // -- recurse, small partition first ++ // tail-recursion elimination ++ if (h - lo <= hi - l) { ++ sort(lo,h); ++ lo = l; // sort(l,hi) ++ } else { ++ sort(l,hi); ++ hi = h; // sort(lo,h) + } + } +- // -- recursively restart +- sort(lo, h); +- sort(l, hi); + } + + template<class TYPE> inline TYPE& +-- +2.22.1 + diff --git a/user/djvulibre/CVE-2019-15145.patch b/user/djvulibre/CVE-2019-15145.patch new file mode 100644 index 000000000..2a545cee2 --- /dev/null +++ b/user/djvulibre/CVE-2019-15145.patch @@ -0,0 +1,34 @@ +From 9658b01431cd7ff6344d7787f855179e73fe81a7 Mon Sep 17 00:00:00 2001 +From: Leon Bottou <leon@bottou.org> +Date: Mon, 8 Apr 2019 22:55:38 -0400 +Subject: [PATCH] fix bug #298 + +--- + libdjvu/GBitmap.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libdjvu/GBitmap.h b/libdjvu/GBitmap.h +index e8e0c9b..ca89a19 100644 +--- a/libdjvu/GBitmap.h ++++ b/libdjvu/GBitmap.h +@@ -566,7 +566,7 @@ GBitmap::operator[](int row) + { + if (!bytes) + uncompress(); +- if (row<0 || row>=nrows) { ++ if (row<0 || row>=nrows || !bytes) { + #ifndef NDEBUG + if (zerosize < bytes_per_row + border) + G_THROW( ERR_MSG("GBitmap.zero_small") ); +@@ -581,7 +581,7 @@ GBitmap::operator[](int row) const + { + if (!bytes) + ((GBitmap*)this)->uncompress(); +- if (row<0 || row>=nrows) { ++ if (row<0 || row>=nrows || !bytes) { + #ifndef NDEBUG + if (zerosize < bytes_per_row + border) + G_THROW( ERR_MSG("GBitmap.zero_small") ); +-- +2.22.1 + diff --git a/user/evince/APKBUILD b/user/evince/APKBUILD index a98bf2cf9..ea6b66231 100644 --- a/user/evince/APKBUILD +++ b/user/evince/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=evince pkgver=3.32.0 -pkgrel=1 +pkgrel=2 pkgdesc="GNOME document viewer" url="https://wiki.gnome.org/Apps/Evince" arch="all" @@ -14,10 +14,14 @@ makedepends="djvulibre-dev glib-dev gobject-introspection-dev libsecret-dev libspectre-dev libxml2-dev libxml2-utils poppler-dev tiff-dev zlib-dev" subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" -source="https://ftp.gnome.org/pub/gnome/sources/evince/3.32/evince-$pkgver.tar.xz" +source="https://ftp.gnome.org/pub/gnome/sources/evince/3.32/evince-$pkgver.tar.xz + CVE-2019-11459.patch" + +# secfixes: +# 3.32.0-r2: +# - CVE-2019-11459 build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -65,13 +69,12 @@ build() { } check() { - cd "$builddir" make check } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } -sha512sums="565298a200d9ae2f6b4cb53c3cba0d0d0e4cfbef60e4145bfb9c82a5682947ceb2371e52c27179cd69a238cd387bcfd744d3c55df814b6347f07781aec3ea658 evince-3.32.0.tar.xz" +sha512sums="565298a200d9ae2f6b4cb53c3cba0d0d0e4cfbef60e4145bfb9c82a5682947ceb2371e52c27179cd69a238cd387bcfd744d3c55df814b6347f07781aec3ea658 evince-3.32.0.tar.xz +ebb8e2e0b2754d4634c99fda7669171e97b583dfbcd383682b70eb36ce816f1bcf1c2cb81b4ffbfac86db891d9f63bd0c2d90ff9ca3838c64a258b6a0002f7c4 CVE-2019-11459.patch" diff --git a/user/evince/CVE-2019-11459.patch b/user/evince/CVE-2019-11459.patch new file mode 100644 index 000000000..b331a0c30 --- /dev/null +++ b/user/evince/CVE-2019-11459.patch @@ -0,0 +1,72 @@ +From 234f034a4d15cd46dd556f4945f99fbd57ef5f15 Mon Sep 17 00:00:00 2001 +From: Jason Crain <jcrain@src.gnome.org> +Date: Mon, 15 Apr 2019 23:06:36 -0600 +Subject: [PATCH] tiff: Handle failure from TIFFReadRGBAImageOriented + +The TIFFReadRGBAImageOriented function returns zero if it was unable to +read the image. Return NULL in this case instead of displaying +uninitialized memory. + +Fixes #1129 +--- + backend/tiff/tiff-document.c | 28 ++++++++++++++++++---------- + 1 file changed, 18 insertions(+), 10 deletions(-) + +diff --git a/backend/tiff/tiff-document.c b/backend/tiff/tiff-document.c +index 7715031b..38bb3bd8 100644 +--- a/backend/tiff/tiff-document.c ++++ b/backend/tiff/tiff-document.c +@@ -292,18 +292,22 @@ tiff_document_render (EvDocument *document, + g_warning("Failed to allocate memory for rendering."); + return NULL; + } +- ++ ++ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, ++ width, height, ++ (uint32 *)pixels, ++ orientation, 0)) { ++ g_warning ("Failed to read TIFF image."); ++ g_free (pixels); ++ return NULL; ++ } ++ + surface = cairo_image_surface_create_for_data (pixels, + CAIRO_FORMAT_RGB24, + width, height, + rowstride); + cairo_surface_set_user_data (surface, &key, + pixels, (cairo_destroy_func_t)g_free); +- +- TIFFReadRGBAImageOriented (tiff_document->tiff, +- width, height, +- (uint32 *)pixels, +- orientation, 0); + pop_handlers (); + + /* Convert the format returned by libtiff to +@@ -384,13 +388,17 @@ tiff_document_get_thumbnail (EvDocument *document, + if (!pixels) + return NULL; + ++ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, ++ width, height, ++ (uint32 *)pixels, ++ ORIENTATION_TOPLEFT, 0)) { ++ g_free (pixels); ++ return NULL; ++ } ++ + pixbuf = gdk_pixbuf_new_from_data (pixels, GDK_COLORSPACE_RGB, TRUE, 8, + width, height, rowstride, + (GdkPixbufDestroyNotify) g_free, NULL); +- TIFFReadRGBAImageOriented (tiff_document->tiff, +- width, height, +- (uint32 *)pixels, +- ORIENTATION_TOPLEFT, 0); + pop_handlers (); + + ev_render_context_compute_scaled_size (rc, width, height * (x_res / y_res), +-- +2.21.0 + diff --git a/user/faad2/APKBUILD b/user/faad2/APKBUILD index 3794942b9..970d16f7e 100644 --- a/user/faad2/APKBUILD +++ b/user/faad2/APKBUILD @@ -1,7 +1,8 @@ # Maintainer: pkgname=faad2 -pkgver=2.8.8 -pkgrel=1 +pkgver=2.9.0 +_pkgver="$(printf '%s' "$pkgver" | tr . _)" +pkgrel=0 pkgdesc="ISO AAC audio decoder" url="https://www.audiocoding.com/" arch="all" @@ -10,23 +11,48 @@ license="GPL-2.0+" subpackages="$pkgname-dev $pkgname-doc" depends="" makedepends="autoconf automake libtool" -source="https://downloads.sourceforge.net/sourceforge/faac/$pkgname-$pkgver.tar.gz - overflow.patch - " +source="$pkgname-$pkgver.tar.gz::https://github.com/knik0/faad2/archive/$_pkgver.tar.gz" +builddir="$srcdir/$pkgname-$_pkgver" + +# secfixes: +# 2.8.8-r1: +# - CVE-2018-19502 +# - CVE-2019-15296 +# 2.9.0-r0: +# - CVE-2019-6956 +# - CVE-2018-19503 +# - CVE-2018-19504 +# - CVE-2018-20194 +# - CVE-2018-20195 +# - CVE-2018-20196 +# - CVE-2018-20197 +# - CVE-2018-20198 +# - CVE-2018-20199 +# - CVE-2018-20357 +# - CVE-2018-20358 +# - CVE-2018-20359 +# - CVE-2018-20360 +# - CVE-2018-20361 +# - CVE-2018-20362 + +prepare() { + default_prepare + ./bootstrap +} build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ - --prefix=/usr + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --localstatedir=/var make } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } -sha512sums="3275d292b2a9fe984842962f4d81202894bddd17033f7cd6df95466554cc968dfcbf2890ae8b1df37da0cd25d645cca0a687f07e39b9fc37dd004fd5956a82af faad2-2.8.8.tar.gz -f9266ca424d1e4f5b46c2f6b4b1568caee86849d2b6edc3b6c1fb7cf08fd736c0a8fe2c096c3bc64674e4fa40619c24d45d6d6125f11360517feb09a5c996a34 overflow.patch" +sha512sums="1756b2672f9e438a56b11160ddc77fc721d85860eaa325a3ff01b51a2524baf4c1c61068a97cbc4e99d47e7643f10e1d6afb997eede3295b44551fe4661fb5dc faad2-2.9.0.tar.gz" diff --git a/user/faad2/automake.patch b/user/faad2/automake.patch deleted file mode 100644 index 809031eb0..000000000 --- a/user/faad2/automake.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- ./configure.in.orig 2012-12-31 10:42:26.394219312 +0000 -+++ ./configure.in 2012-12-31 10:42:43.294360781 +0000 -@@ -25,7 +25,7 @@ - AC_PROG_MAKE_SET - AC_CHECK_PROGS(RPMBUILD, rpmbuild, rpm) - --AM_CONFIG_HEADER(config.h) -+AC_CONFIG_HEADER(config.h) - - AC_ARG_WITH(xmms,[ --with-xmms compile XMMS-1 plugin], - WITHXMMS=$withval, WITHXMMS=no) diff --git a/user/faad2/overflow.patch b/user/faad2/overflow.patch deleted file mode 100644 index 5a198f8d8..000000000 --- a/user/faad2/overflow.patch +++ /dev/null @@ -1,25 +0,0 @@ ---- faad2/libfaad/bits.c 2007-11-01 13:33:29.000000000 +0100 -+++ faad2.new/libfaad/bits.c 2019-03-25 17:29:26.134199188 +0100 -@@ -167,7 +167,10 @@ - int words = bits >> 5; - int remainder = bits & 0x1F; - -- ld->bytes_left = ld->buffer_size - words*4; -+ if (ld->buffer_size < words * 4) -+ ld->bytes_left = 0; -+ else -+ ld->bytes_left = ld->buffer_size - words*4; - - if (ld->bytes_left >= 4) - { ---- faad2/libfaad/syntax.c 2019-03-25 17:57:36.930937066 +0100 -+++ faad2.new/libfaad/syntax.c 2019-03-25 17:49:26.135368525 +0100 -@@ -2292,6 +2292,8 @@ - while ((drc->additional_excluded_chns[n-1] = faad_get1bit(ld - DEBUGVAR(1,104,"excluded_channels(): additional_excluded_chns"))) == 1) - { -+ if (i >= MAX_CHANNELS - num_excl_chan - 7) -+ return n; - for (i = num_excl_chan; i < num_excl_chan+7; i++) - { - drc->exclude_mask[i] = faad_get1bit(ld diff --git a/user/grub/APKBUILD b/user/grub/APKBUILD index 9d6ada6fd..d571310e7 100644 --- a/user/grub/APKBUILD +++ b/user/grub/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=grub pkgver=2.02 -pkgrel=7 +pkgrel=8 pkgdesc="Bootloader with support for Linux, Multiboot and more" url="https://www.gnu.org/software/grub/" arch="all !s390x" @@ -12,6 +12,8 @@ license="GPL-3.0+" depends="" makedepends="bison flex freetype-dev linux-headers lvm2-dev python3 xz unifont automake autoconf libtool" +# [22:02] <@awilfox> [[sroracle]]: grub breaks without its locale files present +# [22:02] <@awilfox> it cannot be split subpackages="$pkgname-dev $pkgname-doc" # currently grub only builds on x86*, aarch64 and ppc* systems @@ -27,6 +29,9 @@ for f in $flavors; do subpackages="$subpackages $pkgname-$f" done +install="$pkgname.post-upgrade" +triggers="$pkgname.trigger=/boot" + source="https://ftp.gnu.org/gnu/grub/grub-$pkgver.tar.xz fix-gcc-no-pie-specs.patch grub2-accept-empty-module.patch @@ -34,6 +39,8 @@ source="https://ftp.gnu.org/gnu/grub/grub-$pkgver.tar.xz the-arch-everyone-uses-and-nobody-loves.patch x86_64_asm.patch default-grub + update-grub + quirk-01_radeon_agpmode " prepare() { @@ -119,8 +126,14 @@ package() { rm -f "$pkgdir"/usr/lib/charset.alias install -D -m644 "$srcdir"/default-grub "$pkgdir"/etc/default/grub + install -D -m755 "$srcdir"/update-grub "$pkgdir"/usr/sbin # remove grub-install warning of missing directory mkdir -p "$pkgdir"/usr/share/locale + + for i in "$srcdir"/quirk-*; do + install -Dm755 "$i" \ + "$pkgdir"/etc/grub-quirks.d/"${i##"$srcdir"/quirk-}" + done } bios() { @@ -163,4 +176,6 @@ f2a7d9ab6c445f4e402e790db56378cecd6631b5c367451aa6ce5c01cd95b95c83c3dd24d6d4b857 4e7394e0fff6772c89683039ccf81099ebbfe4f498e6df408977a1488fd59389b6e19afdbf0860ec271e2b2aea0df7216243dcc8235d1ca3af0e7f4d0a9d60a4 grub-xen-host_grub.cfg 088455205f2f397d60e43eab19ed73994880ea1f442661f7975846cceaf2b112d92fd1341119d7dbfad3af2174dfd4d4721f31dead1ac35f4a3cb7c0d92f8a04 the-arch-everyone-uses-and-nobody-loves.patch 8752b5e689ec3b7e1f438c7207adc517d7acb4f7d15fda2907bc9177883a686f23994c66641bfc0c7620365415972b5d8b74f511c13dd234f5f3461dda4bb445 x86_64_asm.patch -048d061ac0aab0106f59a3d257739ff5de6c7dc08a4dc9b8b12e9bd2b1ec11f9bc6214013f3d1083b11c3ce41185fcbb5615beb2f290380abf392bb4c3f0d509 default-grub" +1e6ae4a3884829864dbd789d3c3a0d43a5aa5f279c3ebb25f71775686e9236bc1c6295e5064ad32b384635987ee0814df95e9ca33bc57bc8e0aeb47bec34270e default-grub +0907a810e9ba5be92d10dae38403d1e50fb9b324799df36d2241ff59f545dace37a65f2b1c8f07367220da4fd341d8f21dd9a4fab8da6c87ae52d7ffbca3dbd7 update-grub +78b7ec141a364994c7de181e47fedca820add9960c56c7adf4c14ee11d5249a0887fd788ecd5d24b9bdd102b7c40395181e2f7c3fe5ab795dd7c0057ba1115c5 quirk-01_radeon_agpmode" diff --git a/user/grub/default-grub b/user/grub/default-grub index 18fc2317d..3fb754c7e 100644 --- a/user/grub/default-grub +++ b/user/grub/default-grub @@ -6,3 +6,12 @@ GRUB_DEFAULT="Adélie" GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="Adélie" GRUB_CMDLINE_LINUX_DEFAULT="ro" + +# Uncomment the following line if you do *not* want /boot/grub/grub.cfg to be +# automatically regenerated when easy-kernel is upgraded. +#ADELIE_MANUAL_CONFIG=1 + +for i in /etc/grub-quirks.d/[0-9][0-9]*; do + [ -x "$i" ] || continue + . "$i" +done diff --git a/user/grub/grub.post-upgrade b/user/grub/grub.post-upgrade new file mode 100644 index 000000000..5b9cbb072 --- /dev/null +++ b/user/grub/grub.post-upgrade @@ -0,0 +1,38 @@ +#!/bin/sh -e +ver_new="$1" +ver_old="$2" + +if [ "$(apk version -t "$ver_old" "2.02-r8")" = "<" ]; then + cat >&2 <<-EOF + * + * Starting with grub=2.02-r8, /boot/grub/grub.cfg is now automatically + * regenerated when easy-kernel is upgraded. + * + EOF + if ! grep -Fqx '# DO NOT EDIT THIS FILE' /boot/grub/grub.cfg; then + cat >&2 <<-EOF + * It appears that you have a manual GRUB configuration. + * If this is incorrect, comment out ADELIE_MANUAL_CONFIG + * in /etc/default/grub. When this option is set, /boot/grub/grub.cfg + * will *not* be automatically regenerated. + * + EOF + + cat >> /etc/default/grub <<-EOF + # Uncomment the following line if you do *not* want /boot/grub/grub.cfg to be + # automatically regenerated when easy-kernel is upgraded. + ADELIE_MANUAL_CONFIG=1 + EOF + else + cat >&2 <<-EOF + * It appears that you have a default GRUB configuration. + * If this is incorrect, uncomment ADELIE_MANUAL_CONFIG=1 + * in /etc/default/grub. When this option is set, /boot/grub/grub.cfg + * will *not* be automatically regenerated. + * + * A copy of the existing configuration will be saved as + * /boot/grub/grub.cfg.update-grub-old. + * + EOF + fi +fi diff --git a/user/grub/grub.trigger b/user/grub/grub.trigger new file mode 100644 index 000000000..eba13a458 --- /dev/null +++ b/user/grub/grub.trigger @@ -0,0 +1,2 @@ +#!/bin/sh -e +exec update-grub diff --git a/user/grub/quirk-01_radeon_agpmode b/user/grub/quirk-01_radeon_agpmode new file mode 100644 index 000000000..879f1619e --- /dev/null +++ b/user/grub/quirk-01_radeon_agpmode @@ -0,0 +1,28 @@ +#!/bin/sh +# vi: noet: +# Horst Burkhardt <horst@adelielinux.org> 2018 +# Max Rees <maxcrees@me.com> 2019 +# +# AGP acceleration in the Radeon KMS driver has been broken on Apple PPC +# since the 2.6 series, and most developers are in agreement that since +# UniNorth is underdocumented, it probably won't ever be fixed. Disable +# it on all Apple machines except ones where it is known not to apply. +# +# https://bts.adelielinux.org/show_bug.cgi?id=49 +set -e + +case "$(uname -m)" in +ppc|ppc64) + if grep -q 'MacRISC[23]' /proc/cpuinfo; then + case "$(awk '$1 == "machine" { print $3 }' /proc/cpuinfo)" in + PowerBook1,1) ;; + PowerMac1,1) ;; + PowerMac1,2) ;; + PowerMac11,2) ;; + PowerMac12,1) ;; + RackMac3,1) ;; + iMac,1) ;; + *) export GRUB_CMDLINE_LINUX="radeon.agpmode=-1 $GRUB_CMDLINE_LINUX";; + esac + fi;; +esac diff --git a/user/grub/update-grub b/user/grub/update-grub new file mode 100644 index 000000000..d22930bd7 --- /dev/null +++ b/user/grub/update-grub @@ -0,0 +1,16 @@ +#!/bin/sh -e +. /etc/default/grub +if [ "$ADELIE_MANUAL_CONFIG" = 1 ]; then + cat >&2 <<-EOF + * + * You have specified that you are using a manual GRUB configuration. + * You must update it yourself. + * + EOF + exit 0 +fi + +if [ -e /boot/grub/grub.cfg ]; then + cp -p /boot/grub/grub.cfg /boot/grub/grub.cfg.update-grub-old +fi +exec grub-mkconfig -o /boot/grub/grub.cfg diff --git a/user/irssi/APKBUILD b/user/irssi/APKBUILD index ffa7267ac..1d63fd4b2 100644 --- a/user/irssi/APKBUILD +++ b/user/irssi/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com> # Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com> pkgname=irssi -pkgver=1.2.1 +pkgver=1.2.2 pkgrel=0 pkgdesc="Text-based IRC client" url="https://irssi.org" @@ -14,9 +14,10 @@ source="https://github.com/irssi/irssi/releases/download/$pkgver/irssi-$pkgver.t # secfixes: irssi # 1.2.1-r0: # - CVE-2019-13045 +# 1.2.2-r0: +# - CVE-2019-15717 build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -31,12 +32,10 @@ build() { } check() { - cd "$builddir" make check } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } @@ -48,4 +47,4 @@ perl() { mv "$pkgdir"/usr/lib "$subpkgdir"/usr mv "$pkgdir"/usr/share/irssi/scripts "$subpkgdir"/usr/share/irssi } -sha512sums="67c4501b5a0055c1b24fa6753305658de809cd66e952e6f9233701a112989fd8721a065b1c681725b82346b40b53a29bd2b6b8b8315ac0ad196235a9e5156d5a irssi-1.2.1.tar.xz" +sha512sums="5444ac102ff9ad3a6399a47c967d138e181330dd226eac68886d35fee4ad455932b9306a367bee3478095158e41ba67fb46deb8f0a33512046b9b83bae37c610 irssi-1.2.2.tar.xz" diff --git a/user/libvorbis/APKBUILD b/user/libvorbis/APKBUILD index 2b5b41f4c..73520bf56 100644 --- a/user/libvorbis/APKBUILD +++ b/user/libvorbis/APKBUILD @@ -10,18 +10,21 @@ license="BSD-3-Clause" subpackages="$pkgname-dev $pkgname-doc" makedepends="libogg-dev" source="https://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.xz - CVE-2017-14160.patch + CVE-2017-14160-and-2018-10393.patch + CVE-2018-10392.patch " # secfixes: +# 1.3.6-r1: +# - CVE-2018-10392 # 1.3.5-r4: -# - CVE-2017-14632 -# - CVE-2017-14633 +# - CVE-2017-14632 +# - CVE-2017-14633 # 1.3.5-r3: -# - CVE-2017-14160 +# - CVE-2017-14160 +# - CVE-2018-10393 build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -33,9 +36,9 @@ build() { } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } sha512sums="a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132 libvorbis-1.3.6.tar.xz -4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch" +332081da5dd8fb28ee70dfbc123e7fcef279317ee977be9da97e97a105e788da452c33097bf597f369fea0e49749f876a93d6af0fa2fa20405acbc57771c89a9 CVE-2017-14160-and-2018-10393.patch +294de5e0c40b64d495df7f53196260be5ffaba11c75fc4a1a54ec0c058eeba4793c1ef685c8cf866195a2972c91a7a896df5f05f478b7f25a564abb3f82f331f CVE-2018-10392.patch" diff --git a/user/libvorbis/CVE-2017-14160-and-2018-10393.patch b/user/libvorbis/CVE-2017-14160-and-2018-10393.patch new file mode 100644 index 000000000..3a7097ec7 --- /dev/null +++ b/user/libvorbis/CVE-2017-14160-and-2018-10393.patch @@ -0,0 +1,27 @@ +From 018ca26dece618457dd13585cad52941193c4a25 Mon Sep 17 00:00:00 2001 +From: Thomas Daede <daede003@umn.edu> +Date: Wed, 9 May 2018 14:56:59 -0700 +Subject: [PATCH] CVE-2017-14160: fix bounds check on very low sample rates. + +--- + lib/psy.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/psy.c b/lib/psy.c +index 422c6f1..1310123 100644 +--- a/lib/psy.c ++++ b/lib/psy.c +@@ -602,8 +602,9 @@ static void bark_noise_hybridmp(int n,const long *b, + for (i = 0, x = 0.f;; i++, x += 1.f) { + + lo = b[i] >> 16; +- if( lo>=0 ) break; + hi = b[i] & 0xffff; ++ if( lo>=0 ) break; ++ if( hi>=n ) break; + + tN = N[hi] + N[-lo]; + tX = X[hi] - X[-lo]; +-- +2.22.0 + diff --git a/user/libvorbis/CVE-2017-14160.patch b/user/libvorbis/CVE-2017-14160.patch deleted file mode 100644 index 9ad9d18f7..000000000 --- a/user/libvorbis/CVE-2017-14160.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 98a60969315dba8c1e8231f561e1551670bc80ae Mon Sep 17 00:00:00 2001 -Message-Id: <98a60969315dba8c1e8231f561e1551670bc80ae.1511192857.git.agx@sigxcpu.org> -From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org> -Date: Wed, 15 Nov 2017 13:12:00 +0100 -Subject: [PATCH] CVE-2017-14160: make sure we don't overflow - ---- - lib/psy.c | 9 ++++----- - 1 file changed, 4 insertions(+), 5 deletions(-) - -diff --git a/lib/psy.c b/lib/psy.c -index 422c6f1e..8bbf6cf3 100644 ---- a/lib/psy.c -+++ b/lib/psy.c -@@ -599,7 +599,7 @@ static void bark_noise_hybridmp(int n,const long *b, - XY[i] = tXY; - } - -- for (i = 0, x = 0.f;; i++, x += 1.f) { -+ for (i = 0, x = 0.f; i < n; i++, x += 1.f) { - - lo = b[i] >> 16; - if( lo>=0 ) break; -@@ -621,12 +621,11 @@ static void bark_noise_hybridmp(int n,const long *b, - noise[i] = R - offset; - } - -- for ( ;; i++, x += 1.f) { -+ for ( ; i < n; i++, x += 1.f) { - - lo = b[i] >> 16; - hi = b[i] & 0xffff; - if(hi>=n)break; -- - tN = N[hi] - N[lo]; - tX = X[hi] - X[lo]; - tXX = XX[hi] - XX[lo]; -@@ -651,7 +650,7 @@ static void bark_noise_hybridmp(int n,const long *b, - - if (fixed <= 0) return; - -- for (i = 0, x = 0.f;; i++, x += 1.f) { -+ for (i = 0, x = 0.f; i < n; i++, x += 1.f) { - hi = i + fixed / 2; - lo = hi - fixed; - if(lo>=0)break; -@@ -670,7 +669,7 @@ static void bark_noise_hybridmp(int n,const long *b, - - if (R - offset < noise[i]) noise[i] = R - offset; - } -- for ( ;; i++, x += 1.f) { -+ for ( ; i < n; i++, x += 1.f) { - - hi = i + fixed / 2; - lo = hi - fixed; --- -2.15.0 - diff --git a/user/libvorbis/CVE-2018-10392.patch b/user/libvorbis/CVE-2018-10392.patch new file mode 100644 index 000000000..a12038a94 --- /dev/null +++ b/user/libvorbis/CVE-2018-10392.patch @@ -0,0 +1,25 @@ +From 112d3bd0aaacad51305e1464d4b381dabad0e88b Mon Sep 17 00:00:00 2001 +From: Thomas Daede <daede003@umn.edu> +Date: Thu, 17 May 2018 16:19:19 -0700 +Subject: [PATCH] Sanity check number of channels in setup. + +Fixes #2335. +--- + lib/vorbisenc.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/vorbisenc.c b/lib/vorbisenc.c +index 4fc7b62..64a51b5 100644 +--- a/lib/vorbisenc.c ++++ b/lib/vorbisenc.c +@@ -684,6 +684,7 @@ int vorbis_encode_setup_init(vorbis_info *vi){ + highlevel_encode_setup *hi=&ci->hi; + + if(ci==NULL)return(OV_EINVAL); ++ if(vi->channels<1||vi->channels>255)return(OV_EINVAL); + if(!hi->impulse_block_p)i0=1; + + /* too low/high an ATH floater is nonsensical, but doesn't break anything */ +-- +2.22.0 + diff --git a/user/links/APKBUILD b/user/links/APKBUILD index b3ade3cb2..5761ea7be 100644 --- a/user/links/APKBUILD +++ b/user/links/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=links -pkgver=2.19 +pkgver=2.20.1 pkgrel=0 pkgdesc="Text Web browser, similar to Lynx" url="http://links.twibright.com/" @@ -28,4 +28,4 @@ package() { make DESTDIR="$pkgdir" install } -sha512sums="8716cea6feb5a02b59d7e2dd5bfd0af9b2ac2a4427c0f98a3c8a8eaabca31e7a96c16888c0de19976749485b3cdbf75cbff88a37cd3b58700c1f090acec328ea links-2.19.tar.bz2" +sha512sums="c7258e303a2012e9016385abd1e8882ffec47dd3baf479a54448742e41b03508d874387af6ea97c7ef9c4d37f2eecbe7bc0121d923df79b0f455f4f466747ca2 links-2.20.1.tar.bz2" diff --git a/user/mosquitto/APKBUILD b/user/mosquitto/APKBUILD new file mode 100644 index 000000000..e7cd25057 --- /dev/null +++ b/user/mosquitto/APKBUILD @@ -0,0 +1,80 @@ +# Contributor: Pedro Filipe <xpecex@outlook.com> +# Contributor: Natanael Copa <ncopa@alpinelinux.org> +# Maintainer: Max Rees <maxcrees@me.com> +pkgname=mosquitto +pkgver=1.6.6 +pkgrel=0 +pkgdesc="An Open Source MQTT Broker" +url="https://mosquitto.org/" +arch="all" +license="EPL-1.0 AND EDL-1.0 AND MIT AND BSD-3-Clause" +depends="" +makedepends="c-ares-dev openssl-dev util-linux-dev" +checkdepends="python3" +subpackages="$pkgname-dev $pkgname-doc $pkgname-libs $pkgname-openrc + $pkgname-clients" +install="$pkgname.pre-install" +source="http://mosquitto.org/files/source/$pkgname-$pkgver.tar.gz + mosquitto.initd + disable-flaky-test.patch + openrc-conf.patch + python3.patch" + +# secfixes: +# 1.6.6-r0: +# - CVE-2019-11779 +# 1.5.6-r0: +# - CVE-2018-12546 +# - CVE-2018-12550 +# - CVE-2018-12551 +# 1.5.3-r0: +# - CVE-2018-12543 +# 1.4.15-r0: +# - CVE-2017-7652 +# - CVE-2017-7651 +# 1.4.13-r0: +# - CVE-2017-9868 +# 1.4.12-r0: +# - CVE-2017-7650 + +build() { + make \ + WITH_ADNS=no \ + WITH_MEMORY_TRACKING=no \ + WITH_SRV=yes \ + prefix=/usr +} + +check() { + # Unit tests require cunit, so skip them. + make -j1 -C test/broker test + make -j1 -C test/lib test +} + +package() { + make prefix=/usr DESTDIR="$pkgdir" install + + # C++ bindings are deprecated, so don't install them. + make -C lib/cpp prefix=/usr DESTDIR="$pkgdir" uninstall + rm "$pkgdir"/usr/lib/pkgconfig/libmosquittopp.pc + + mv "$pkgdir"/usr/sbin/mosquitto "$pkgdir"/usr/bin + mv "$pkgdir"/etc/mosquitto/mosquitto.conf.example \ + "$pkgdir"/etc/mosquitto/mosquitto.conf + + install -Dm755 "$srcdir"/mosquitto.initd \ + "$pkgdir"/etc/init.d/mosquitto +} + +clients() { + pkgdesc="Mosquitto command line MQTT clients" + + mkdir -p "$subpkgdir"/usr/bin + mv "$pkgdir"/usr/bin/mosquitto_[ps]ub "$subpkgdir"/usr/bin/ +} + +sha512sums="ea6ba7b57773c8f4a59e708ae305a0e38ca85df94854410b29cccddbe10bbb91c2ea5e827fefb3f57cb4fce188ab9c3021804f1ae398b7fd5e9e965354b68bc1 mosquitto-1.6.6.tar.gz +681fddc737b3ef3e6c052f0c854a730df290352640a18a63e23ef83d14c425558aff87805d1eb95e44de101b5df48872173af9f5414464ffa8cf727ea2c0491e mosquitto.initd +3886171e36f759a717aa6626d5b8dbd392963c737d5de28b4d52b81359008927b99ff7a0ca82f56a0e5deaed4585571759ba9216336a664fd346845837c2bc18 disable-flaky-test.patch +b07f9bec2751ab32c43f53e74d8fca18dbf2d7ce7f8fab562dbcf75de19609ba6219d735ac504697404e0ed36613a14074e3a19e735297195877798f778d337a openrc-conf.patch +078197e6c3e59b664f5fdd1e4a4f669c9a76ab84fe4a5d8602ac80406b85c4e1cce29d9372e76d995155b74abb438d0dc0cdcdb98251fb904122073c4088d76a python3.patch" diff --git a/user/mosquitto/disable-flaky-test.patch b/user/mosquitto/disable-flaky-test.patch new file mode 100644 index 000000000..8fd51c403 --- /dev/null +++ b/user/mosquitto/disable-flaky-test.patch @@ -0,0 +1,11 @@ +--- mosquitto-1.6.4/test/broker/Makefile 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/Makefile 2019-08-28 00:03:54.430562623 +0000 +@@ -193,7 +193,7 @@ endif + ./10-listener-mount-point.py + + 11 : +- ./11-message-expiry.py ++ #./11-message-expiry.py + ./11-persistent-subscription.py + ./11-persistent-subscription-v5.py + ./11-persistent-subscription-no-local.py diff --git a/user/mosquitto/mosquitto.initd b/user/mosquitto/mosquitto.initd new file mode 100644 index 000000000..818931213 --- /dev/null +++ b/user/mosquitto/mosquitto.initd @@ -0,0 +1,36 @@ +#!/sbin/openrc-run +MOSQUITTO_CFG="${MOSQUITTO_CFG:-/etc/mosquitto/${RC_SVCNAME}.conf}" + +command="/usr/bin/mosquitto" +command_args="-c '${MOSQUITTO_CFG}' $command_args" +command_args_background="--daemon" +pidfile="$(awk '$1 == "pid_file" {print $2}' "${MOSQUITTO_CFG}" || true)" + +extra_started_commands="reload" +description_reload="Reload configuration" + +start_pre() { + if ! [ -e "$MOSQUITTO_CFG" ]; then + eerror "$MOSQUITTO_CFG does not exist" + return 1 + fi + + if [ -z "$pidfile" ]; then + eerror "${MOSQUITTO_CFG} is missing the pid_file option" + return 1 + fi + + MOSQUITTO_LOG="$(awk '$1 " " $2 == "log_dest file" {print $3}' "${MOSQUITTO_CFG}")" + if [ -n "$MOSQUITTO_LOG" ]; then + MOSQUITTO_USER="$(awk '$1 == "user" {print $2}' "${MOSQUITTO_CFG}")" + MOSQUITTO_USER="${MOSQUITTO_USER:-mosquitto}" + checkpath -fm 660 -o "${MOSQUITTO_USER}" \ + "${MOSQUITTO_LOG}" || return 1 + fi +} + +reload() { + ebegin "Reloading ${RC_SVCNAME}" + start-stop-daemon --signal HUP --pidfile "${pidfile}" + eend $? +} diff --git a/user/mosquitto/mosquitto.pre-install b/user/mosquitto/mosquitto.pre-install new file mode 100644 index 000000000..ac36da04c --- /dev/null +++ b/user/mosquitto/mosquitto.pre-install @@ -0,0 +1,7 @@ +#!/bin/sh + +groupadd -r mosquitto 2>/dev/null +useradd -c mosquitto -s /sbin/nologin -g mosquitto \ + -m -d /var/empty -k /etc/skel -r mosquitto 2>/dev/null + +exit 0 diff --git a/user/mosquitto/openrc-conf.patch b/user/mosquitto/openrc-conf.patch new file mode 100644 index 000000000..d1c5ee04b --- /dev/null +++ b/user/mosquitto/openrc-conf.patch @@ -0,0 +1,20 @@ +--- mosquitto-1.6.4/mosquitto.conf 2019-08-01 14:50:01.000000000 -0500 ++++ mosquitto-1.6.4/mosquitto.conf 2019-08-27 18:16:52.290542736 -0500 +@@ -158,7 +158,7 @@ + # This should be set to /var/run/mosquitto.pid if mosquitto is + # being run automatically on boot with an init script and + # start-stop-daemon or similar. +-#pid_file ++pid_file /var/run/mosquitto.pid + + # Set to true to queue messages with QoS 0 when a persistent client is + # disconnected. These messages are included in the limit imposed by +@@ -585,7 +585,7 @@ + # Note that if the broker is running as a Windows service it will default to + # "log_dest none" and neither stdout nor stderr logging is available. + # Use "log_dest none" if you wish to disable logging. +-#log_dest stderr ++log_dest file /var/log/mosquitto.log + + # Types of messages to log. Use multiple log_type lines for logging + # multiple types of messages. diff --git a/user/mosquitto/python3.patch b/user/mosquitto/python3.patch new file mode 100644 index 000000000..f348cbc3e --- /dev/null +++ b/user/mosquitto/python3.patch @@ -0,0 +1,48 @@ +--- mosquitto-1.6.4/test/broker/09-extended-auth-change-username.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-change-username.py 2019-08-27 22:20:08.560518752 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + # Check whether an extended auth plugin can change the username of a client. + +--- mosquitto-1.6.4/test/broker/09-extended-auth-multistep-reauth.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-multistep-reauth.py 2019-08-27 22:22:11.530519618 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + from mosq_test_helper import * + +--- mosquitto-1.6.4/test/broker/09-extended-auth-multistep.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-multistep.py 2019-08-27 22:20:37.030518952 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + from mosq_test_helper import * + +--- mosquitto-1.6.4/test/broker/09-extended-auth-single.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-single.py 2019-08-27 22:21:42.250519412 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + # Multi tests for extended auth with a single step. + # * Error in plugin +--- mosquitto-1.6.4/test/broker/09-extended-auth-single2.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-single2.py 2019-08-27 22:21:02.220519130 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + # Multi tests for extended auth with a single step - multiple plugins at once. + # * Error in plugin +--- mosquitto-1.6.4/test/broker/09-extended-auth-unsupported.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-unsupported.py 2019-08-27 22:21:20.360519257 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + # Test whether an unsupported extended auth is rejected. + diff --git a/user/mpg123/APKBUILD b/user/mpg123/APKBUILD index 6948916b2..e21981859 100644 --- a/user/mpg123/APKBUILD +++ b/user/mpg123/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=mpg123 -pkgver=1.25.11 +pkgver=1.25.12 pkgrel=0 pkgdesc="Real time MPEG Audio player for Layers 1, 2 and 3" url="https://www.mpg123.org/" @@ -32,4 +32,4 @@ package() { make DESTDIR="$pkgdir" install } -sha512sums="986338d0f4829ec9e40990cb384746c7abfa80d3b3d5656b6dda73d03e2441c1f28ffbe7f3f82b0008a1c4ebcfa07aeffb493e95f13f7d04cbc818a09f1008ed mpg123-1.25.11.tar.bz2" +sha512sums="fa3c719c68dbe45b265fd7677d0932b07f6a14e7ffe365ede965ff1637e655c4b57c86f7e4cd60cace7df5fcc93d48e0d44f082931394b7c6ef19f5d11638eff mpg123-1.25.12.tar.bz2" diff --git a/user/opencv/APKBUILD b/user/opencv/APKBUILD index 76403ac60..a8a38c149 100644 --- a/user/opencv/APKBUILD +++ b/user/opencv/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: pkgname=opencv pkgver=4.1.1 -pkgrel=0 +pkgrel=1 pkgdesc="Computer vision and machine learning software library" url="https://opencv.org" arch="all" @@ -15,8 +15,13 @@ makedepends="cmake doxygen ffmpeg-dev gst-plugins-base-dev gtk+2.0-dev subpackages="$pkgname-dev $pkgname-libs" source="opencv-$pkgver.tar.gz::https://github.com/opencv/opencv/archive/$pkgver.tar.gz cmake-license.patch + CVE-2019-16249.patch " +# secfixes: +# 4.1.1-r1: +# - CVE-2019-16249 + prepare() { default_prepare # purge 3rd party except carotene @@ -61,4 +66,5 @@ package() { } sha512sums="80fa48d992ca06a2a4ab6740df6d8c21f4926165486b393969da2c5bbe2f3a0b799fb76dee5e3654e90c743e49bbd2b5b02ad59a4766896bbf4cd5b4e3251e0f opencv-4.1.1.tar.gz -ffa6930086051c545a44d28b8e428de7faaeecf961cdee6eef007b2b01db7e5897c6f184b1059df9763c1bcd90f88b9ead710dc13b51a608f21d683f55f39bd6 cmake-license.patch" +ffa6930086051c545a44d28b8e428de7faaeecf961cdee6eef007b2b01db7e5897c6f184b1059df9763c1bcd90f88b9ead710dc13b51a608f21d683f55f39bd6 cmake-license.patch +39f2f9abb1051220d6b842e9337c3636ee229781c7efcc92e987dae47ac82072dc95568e6a766e01329ee61c0a3be4efdd82aa3b56c011b44e175444d81c134d CVE-2019-16249.patch" diff --git a/user/opencv/CVE-2019-16249.patch b/user/opencv/CVE-2019-16249.patch new file mode 100644 index 000000000..a7f0027ac --- /dev/null +++ b/user/opencv/CVE-2019-16249.patch @@ -0,0 +1,57 @@ +From cd7fa04985b10db5e66de542725d0da57f0d10b6 Mon Sep 17 00:00:00 2001 +From: Vitaly Tuzov <terfendail@mediana.jetos.com> +Date: Tue, 17 Sep 2019 15:53:18 +0300 +Subject: [PATCH] Fixed out of bound reading in DIS optical flow evaluation + implementation + +--- + modules/video/src/dis_flow.cpp | 18 +++++------------- + 1 file changed, 5 insertions(+), 13 deletions(-) + +diff --git a/modules/video/src/dis_flow.cpp b/modules/video/src/dis_flow.cpp +index 85400c71ca7..a260b8726bb 100644 +--- a/modules/video/src/dis_flow.cpp ++++ b/modules/video/src/dis_flow.cpp +@@ -494,7 +494,6 @@ DISOpticalFlowImpl::PatchInverseSearch_ParBody::PatchInverseSearch_ParBody(DISOp + v_float32x4 w10v = v_setall_f32(w10); \ + v_float32x4 w11v = v_setall_f32(w11); \ + \ +- v_uint8x16 I0_row_16, I1_row_16, I1_row_shifted_16, I1_row_next_16, I1_row_next_shifted_16; \ + v_uint16x8 I0_row_8, I1_row_8, I1_row_shifted_8, I1_row_next_8, I1_row_next_shifted_8, tmp; \ + v_uint32x4 I0_row_4_left, I1_row_4_left, I1_row_shifted_4_left, I1_row_next_4_left, I1_row_next_shifted_4_left; \ + v_uint32x4 I0_row_4_right, I1_row_4_right, I1_row_shifted_4_right, I1_row_next_4_right, \ +@@ -502,29 +501,22 @@ DISOpticalFlowImpl::PatchInverseSearch_ParBody::PatchInverseSearch_ParBody(DISOp + v_float32x4 I_diff_left, I_diff_right; \ + \ + /* Preload and expand the first row of I1: */ \ +- I1_row_16 = v_load(I1_ptr); \ +- I1_row_shifted_16 = v_extract<1>(I1_row_16, I1_row_16); \ +- v_expand(I1_row_16, I1_row_8, tmp); \ +- v_expand(I1_row_shifted_16, I1_row_shifted_8, tmp); \ ++ I1_row_8 = v_load_expand(I1_ptr); \ ++ I1_row_shifted_8 = v_load_expand(I1_ptr + 1); \ + v_expand(I1_row_8, I1_row_4_left, I1_row_4_right); \ + v_expand(I1_row_shifted_8, I1_row_shifted_4_left, I1_row_shifted_4_right); \ + I1_ptr += I1_stride; + + #define HAL_PROCESS_BILINEAR_8x8_PATCH_EXTRACTION \ + /* Load the next row of I1: */ \ +- I1_row_next_16 = v_load(I1_ptr); \ +- /* Circular shift left by 1 element: */ \ +- I1_row_next_shifted_16 = v_extract<1>(I1_row_next_16, I1_row_next_16); \ +- /* Expand to 8 ushorts (we only need the first 8 values): */ \ +- v_expand(I1_row_next_16, I1_row_next_8, tmp); \ +- v_expand(I1_row_next_shifted_16, I1_row_next_shifted_8, tmp); \ ++ I1_row_next_8 = v_load_expand(I1_ptr); \ ++ I1_row_next_shifted_8 = v_load_expand(I1_ptr + 1); \ + /* Separate the left and right halves: */ \ + v_expand(I1_row_next_8, I1_row_next_4_left, I1_row_next_4_right); \ + v_expand(I1_row_next_shifted_8, I1_row_next_shifted_4_left, I1_row_next_shifted_4_right); \ + \ + /* Load current row of I0: */ \ +- I0_row_16 = v_load(I0_ptr); \ +- v_expand(I0_row_16, I0_row_8, tmp); \ ++ I0_row_8 = v_load_expand(I0_ptr); \ + v_expand(I0_row_8, I0_row_4_left, I0_row_4_right); \ + \ + /* Compute diffs between I0 and bilinearly interpolated I1: */ \ diff --git a/user/pango/APKBUILD b/user/pango/APKBUILD index aff854dc0..c26726d5d 100644 --- a/user/pango/APKBUILD +++ b/user/pango/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: pkgname=pango pkgver=1.42.4 -pkgrel=0 +pkgrel=1 pkgdesc="Library for laying out and rendering text" url="https://www.pango.org/" arch="all" @@ -12,10 +12,14 @@ makedepends="$depends_dev cairo-dev expat-dev fontconfig-dev freetype-dev fribidi-dev glib-dev gobject-introspection-dev harfbuzz-dev libxft-dev" install="$pkgname.pre-deinstall" triggers="$pkgname.trigger=/usr/lib/pango/*/modules" -source="https://download.gnome.org/sources/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.xz" +source="https://download.gnome.org/sources/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.xz + CVE-2019-1010238.patch" + +# secfixes: +# 1.42.4-r1: +# - CVE-2019-1010238 build () { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -26,9 +30,9 @@ build () { } package() { - cd "$builddir" mkdir -p "$pkgdir"/etc/pango make DESTDIR="$pkgdir" install } -sha512sums="993e97f647eba0c5ed90bcfcb8228bf67fa3f20b1f4331e4e40a30788d7c3ac55eee1209471bf21df125cb8fc6121acc8062a9da2f8a7d6cbe8e9ad13a9320dc pango-1.42.4.tar.xz" +sha512sums="993e97f647eba0c5ed90bcfcb8228bf67fa3f20b1f4331e4e40a30788d7c3ac55eee1209471bf21df125cb8fc6121acc8062a9da2f8a7d6cbe8e9ad13a9320dc pango-1.42.4.tar.xz +d11af8e56c59286f998d136d795d9ed22bea96b7dfaf4e02fe294ab0b147606ecb43ddfbd8caaa0eee1ee27b5a2f5c5a6f6f7a0b3193750649cf6b121cb6de50 CVE-2019-1010238.patch" diff --git a/user/pango/CVE-2019-1010238.patch b/user/pango/CVE-2019-1010238.patch new file mode 100644 index 000000000..cc65b3d53 --- /dev/null +++ b/user/pango/CVE-2019-1010238.patch @@ -0,0 +1,34 @@ +From 490f8979a260c16b1df055eab386345da18a2d54 Mon Sep 17 00:00:00 2001 +From: Matthias Clasen <mclasen@redhat.com> +Date: Wed, 10 Jul 2019 20:26:23 -0400 +Subject: [PATCH] bidi: Be safer against bad input + +Don't run off the end of an array that we +allocated to certain length. + +Closes: https://gitlab.gnome.org/GNOME/pango/issues/342 +--- + pango/pango-bidi-type.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/pango/pango-bidi-type.c b/pango/pango-bidi-type.c +index 3e46b66c..5c02dbbb 100644 +--- a/pango/pango-bidi-type.c ++++ b/pango/pango-bidi-type.c +@@ -181,8 +181,11 @@ pango_log2vis_get_embedding_levels (const gchar *text, + for (i = 0, p = text; p < text + length; p = g_utf8_next_char(p), i++) + { + gunichar ch = g_utf8_get_char (p); +- FriBidiCharType char_type; +- char_type = fribidi_get_bidi_type (ch); ++ FriBidiCharType char_type = fribidi_get_bidi_type (ch); ++ ++ if (i == n_chars) ++ break; ++ + bidi_types[i] = char_type; + ored_types |= char_type; + if (FRIBIDI_IS_STRONG (char_type)) +-- +2.22.0 + diff --git a/user/poppler-qt5/APKBUILD b/user/poppler-qt5/APKBUILD index 5c0bbf4c8..ac680fc9a 100644 --- a/user/poppler-qt5/APKBUILD +++ b/user/poppler-qt5/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=poppler-qt5 _realname=poppler -pkgver=0.77.0 +pkgver=0.80.0 pkgrel=0 _testver=01c92874 pkgdesc="PDF rendering library based on xpdf 3.0 (Qt 5 bindings)" @@ -26,6 +26,9 @@ builddir="$srcdir"/$_realname-$pkgver/build # - CVE-2019-10873 # - CVE-2019-11026 # - CVE-2019-12293 +# 0.80.0-r0: +# - CVE-2019-9959 +# - CVE-2019-14494 prepare() { default_prepare @@ -43,7 +46,7 @@ build() { } check() { - # check_qt5_annotations: fails on ppc64 and x86_64 as of 0.77.0-r0 + # check_qt5_annotations: fails on ppc64 and x86_64 as of 0.80.0-r0 # FAIL! : TestAnnotations::checkFontSizeAndColor() Compared values are not the same # Actual (textAnnot->contents()): "\u00C3\u00BE\u00C3\u00BF\u0000f\u0000o\u0000o\u0000b\u0000a\u0000r" # Expected (contents) : "foobar" @@ -58,5 +61,5 @@ package() { make DESTDIR="$pkgdir" install } -sha512sums="7c82cf584541fcbfa7cecdb06be9c4ba6d03479fc248377b874afeab561eac24015915eee566edc35fafe785b9f381f492c1789c070e67a2c1b344879c156040 poppler-0.77.0.tar.xz +sha512sums="0a0d68168ba4d560941de31cb9e32c6cd7b44025e93cd84ace863ffab5b9ff0356524626cb16fb99c29a897738f2ac5862480fc54d42f8aecd2e3457f11c642f poppler-0.80.0.tar.xz 5275541ffa0fef9c55a0c02411947c610b2e7eb621f0a0fa9529810f8b09e2b0194c1da4b64eb9641b2c3af7b099e6bb7d1212b9087a21cf3af893090a10506b poppler-test-01c92874.tar.gz" diff --git a/user/poppler/APKBUILD b/user/poppler/APKBUILD index 9c3385c8d..462c23333 100644 --- a/user/poppler/APKBUILD +++ b/user/poppler/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: pkgname=poppler -pkgver=0.77.0 +pkgver=0.80.0 pkgrel=0 pkgdesc="PDF rendering library based on xpdf 3.0" url="https://poppler.freedesktop.org/" @@ -25,6 +25,9 @@ builddir="$srcdir"/$pkgname-$pkgver/build # - CVE-2019-10873 # - CVE-2019-11026 # - CVE-2019-12293 +# 0.80.0-r0: +# - CVE-2019-9959 +# - CVE-2019-14494 prepare() { default_prepare @@ -60,4 +63,4 @@ glib() { "$subpkgdir"/usr/lib/ } -sha512sums="7c82cf584541fcbfa7cecdb06be9c4ba6d03479fc248377b874afeab561eac24015915eee566edc35fafe785b9f381f492c1789c070e67a2c1b344879c156040 poppler-0.77.0.tar.xz" +sha512sums="0a0d68168ba4d560941de31cb9e32c6cd7b44025e93cd84ace863ffab5b9ff0356524626cb16fb99c29a897738f2ac5862480fc54d42f8aecd2e3457f11c642f poppler-0.80.0.tar.xz" diff --git a/user/py3-paho-mqtt/APKBUILD b/user/py3-paho-mqtt/APKBUILD new file mode 100644 index 000000000..cda723c76 --- /dev/null +++ b/user/py3-paho-mqtt/APKBUILD @@ -0,0 +1,33 @@ +# Contributor: Fabian Affolter <fabian@affolter-engineering.ch> +# Maintainer: Max Rees <maxcrees@me.com> +pkgname=py3-paho-mqtt +_pkgname=paho.mqtt.python +pkgver=1.4.0 +pkgrel=0 +pkgdesc="MQTT version 3.1.1 client class for Python" +url="https://www.eclipse.org/paho/" +# Certified net clean +arch="noarch" +license="EPL-1.0 AND EDL-1.0" +depends="python3" +makedepends="" +checkdepends="py3-pytest" +# Use GitHub tarball since PyPI doesn't include tests +source="$pkgname-$pkgver.tar.gz::https://github.com/eclipse/paho.mqtt.python/archive/v$pkgver.tar.gz + setup.patch" +builddir="$srcdir/$_pkgname-$pkgver" + +build() { + python3 setup.py build +} + +check() { + PYTHONPATH="$builddir"/src pytest +} + +package() { + python3 setup.py install --prefix=/usr --root="$pkgdir" +} + +sha512sums="2e49f0f146207ab4fbc8c346b10d3e2b50869b2d9db7c999b6645f7213fb635b64cff01c5405e7833a8b25334d24685ce6ed734a6e4b6b0660b48f65cf4a941c py3-paho-mqtt-1.4.0.tar.gz +0cfff826651b36b5062dae8bad3abcab428dc18bfcee6c941a46f5c8900c871bd475d96fa382e06d731ea451ad9159edadf0ee3767f7dea992cb7a7ed7313d80 setup.patch" diff --git a/user/py3-paho-mqtt/setup.patch b/user/py3-paho-mqtt/setup.patch new file mode 100644 index 000000000..70ccc869f --- /dev/null +++ b/user/py3-paho-mqtt/setup.patch @@ -0,0 +1,24 @@ +--- paho.mqtt.python-1.4.0/setup.py 2018-09-02 11:20:42.000000000 +0000 ++++ paho.mqtt.python-1.4.0/setup.py 2019-08-28 02:51:55.690633661 +0000 +@@ -11,9 +11,8 @@ with open('README.rst', 'rb') as readme_ + readme = readme_file.read().decode('utf-8') + + requirements = [] +-test_requirements = ['pytest', 'pylama'] +-needs_pytest = {'pytest', 'test', 'ptr'}.intersection(sys.argv) +-setup_requirements = ['pytest-runner'] if needs_pytest else [] ++test_requirements = ['pytest'] ++setup_requirements = [] + + if sys.version_info < (3, 0): + test_requirements += ['mock'] +--- paho.mqtt.python-1.4.0/setup.cfg 2018-09-02 11:20:42.000000000 +0000 ++++ paho.mqtt.python-1.4.0/setup.cfg 2019-08-28 02:50:19.540632984 +0000 +@@ -1,7 +1,6 @@ + [aliases] + test=pytest + [tool:pytest] +-addopts=-r xs --pylama + strict=True + testpaths=tests src + [pylama] diff --git a/user/qpdfview/APKBUILD b/user/qpdfview/APKBUILD index e4d16e50d..6bafa639b 100644 --- a/user/qpdfview/APKBUILD +++ b/user/qpdfview/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Max Rees <maxcrees@me.com> pkgname=qpdfview pkgver=0.4.18 -pkgrel=0 +pkgrel=1 pkgdesc="A tabbed document viewer" url="https://launchpad.net/qpdfview" arch="all" diff --git a/user/spice-gtk/APKBUILD b/user/spice-gtk/APKBUILD new file mode 100644 index 000000000..c613828bc --- /dev/null +++ b/user/spice-gtk/APKBUILD @@ -0,0 +1,69 @@ +# Contributor: Natanael Copa <ncopa@alpinelinux.org> +# Maintainer: Max Rees <maxcrees@me.com> +pkgname=spice-gtk +pkgver=0.37 +pkgrel=0 +pkgdesc="A GTK+ widget for SPICE clients" +url="https://www.spice-space.org/" +arch="all" +# suid: ACL helper for USB redirection +options="suid" +license="LGPL-2.1+ AND LGPL-2.0+ AND BSD-3-Clause AND MIT AND GPL-3.0+ AND LGPL-2.0-only AND GPL-2.0+" +depends="gst-plugins-good" +depends_dev="gobject-introspection-dev gtk+3.0-dev" +makedepends="$depends_dev acl-dev bash cyrus-sasl-dev eudev-dev + gst-plugins-base-dev gstreamer-dev gstreamer-tools json-glib-dev + libjpeg-turbo-dev libusb-dev libxrandr-dev lz4-dev openssl-dev + opus-dev polkit-dev polkit-dev spice-protocol usbredir-dev + usbutils zlib-dev" +subpackages="$pkgname-dev $pkgname-doc $pkgname-lang spicy + spice-glib:glib" +source="https://www.spice-space.org/download/gtk/$pkgname-$pkgver.tar.bz2" + +build() { + # Note: pulseaudio support is disabled because it's deprecated. + # Audio is still supported through gstreamer. + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --with-gtk=3.0 \ + --with-audio=gstreamer \ + --disable-celt051 \ + --disable-werror \ + --enable-lz4 \ + --enable-opus \ + --enable-smartcard=no \ + --enable-usbredir=yes \ + --enable-polkit=yes \ + --enable-pulse=no + make +} + +check() { + make check +} + +package() { + make -j1 DESTDIR="$pkgdir" install +} + +spicy() { + pkgdesc="SPICE client (remote virtual machine access)" + mkdir -p "$subpkgdir"/usr + mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ +} + +glib() { + pkgdesc="$pkgdesc (GLib libraries)" + mkdir -p "$subpkgdir"/usr/lib \ + "$subpkgdir"/usr/lib/girepository-1.0/ + mv "$pkgdir"/usr/lib/*-glib-*.so* \ + "$subpkgdir"/usr/lib/ + mv "$pkgdir"/usr/lib/girepository-1.0/SpiceClientGLib-*.typelib \ + "$subpkgdir"/usr/lib/girepository-1.0/ +} + +sha512sums="a0a20bc6f25337d86e57fe1fc9586c4cc84457fc8c38cdcc5a728990a69018da0fca3ab5aa63349786b5a7508c82b716c94803eefb3495cffb7df4526db2d029 spice-gtk-0.37.tar.bz2" diff --git a/user/tellico/APKBUILD b/user/tellico/APKBUILD index 3fb5df741..f697dd5b5 100644 --- a/user/tellico/APKBUILD +++ b/user/tellico/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=tellico pkgver=3.2.1 -pkgrel=0 +pkgrel=1 pkgdesc="Collection manager" url="http://tellico-project.org/" arch="all" diff --git a/user/tumbler/APKBUILD b/user/tumbler/APKBUILD index 06612e754..98adfba5d 100644 --- a/user/tumbler/APKBUILD +++ b/user/tumbler/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com> pkgname=tumbler pkgver=0.2.7 -pkgrel=0 +pkgrel=1 pkgdesc="Thumbnail generation service for the XFCE desktop environment" url="https://xfce.org" arch="all" diff --git a/user/vlc/APKBUILD b/user/vlc/APKBUILD index 2dc82dde6..6c9a23c97 100644 --- a/user/vlc/APKBUILD +++ b/user/vlc/APKBUILD @@ -2,8 +2,8 @@ # Contributor: Leonardo Arena <rnalrd@alpinelinux.org> # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=vlc -pkgver=3.0.7.1 -pkgrel=2 +pkgver=3.0.8 +pkgrel=0 pkgdesc="Multi-platform MPEG, VCD/DVD, and DivX player" triggers="vlc-libs.trigger=/usr/lib/vlc/plugins" pkgusers="vlc" @@ -11,7 +11,7 @@ pkggroups="vlc" url="https://www.videolan.org/vlc/" arch="all" license="GPL-2.0+" -options="!checkroot textrel" +options="textrel" subpackages="$pkgname-dev $pkgname-doc $pkgname-qt $pkgname-pulse $pkgname-daemon::noarch $pkgname-libs $pkgname-lang" depends="ttf-dejavu xdg-utils" @@ -43,12 +43,28 @@ source="https://get.videolan.org/vlc/$pkgver/vlc-$pkgver.tar.xz omxil-rpi-codecs.patch tar-compat.patch test-s390x.patch - vlc-libs.trigger + + $pkgname.initd + $pkgname.confd " # secfixes: vlc_media_player # 3.0.4-r2: # - CVE-2018-19857 +# 3.0.8-r0: +# - CVE-2019-13602 +# - CVE-2019-13615 +# - CVE-2019-13962 +# - CVE-2019-14437 +# - CVE-2019-14438 +# - CVE-2019-14498 +# - CVE-2019-14533 +# - CVE-2019-14534 +# - CVE-2019-14535 +# - CVE-2019-14776 +# - CVE-2019-14777 +# - CVE-2019-14778 +# - CVE-2019-14970 prepare() { default_prepare @@ -57,7 +73,6 @@ prepare() { build() { local _arch_opts= - cd "$builddir" export CFLAGS="$CFLAGS -D_GNU_SOURCE" case "$CARCH" in @@ -127,7 +142,6 @@ build() { } package() { - cd "$builddir" make DESTDIR="$pkgdir" install # delete cache as it's autocreated by trigger rm -rf "$pkgdir"/usr/lib/vlc/plugins/plugins.dat @@ -137,7 +151,6 @@ package() { } check() { - cd "$builddir" make check } @@ -150,7 +163,7 @@ _mv() { pulse() { pkgdesc="PulseAudio support for VLC" depends="" - install_if="vlc pulseaudio" + install_if="vlc=$pkgver-r$pkgrel pulseaudio" mkdir -p "$subpkgdir"/usr/lib/vlc mv "$pkgdir"/usr/lib/vlc/libvlc_pulse* "$subpkgdir"/usr/lib/vlc/ } @@ -179,8 +192,8 @@ daemon() { mkdir -p "$subpkgdir" cd "$pkgdir" - install -D -m755 ../../vlc.initd $subpkgdir/etc/init.d/vlc - install -D -m664 ../../vlc.confd $subpkgdir/etc/conf.d/vlc + install -D -m755 "$srcdir"/vlc.initd "$subpkgdir"/etc/init.d/vlc + install -D -m664 "$srcdir"/vlc.confd "$subpkgdir"/etc/conf.d/vlc install -d -o vlc -g vlc "$subpkgdir"/var/log/vlc } @@ -192,7 +205,7 @@ libs() { default_libs } -sha512sums="6b99ae0564630a7a7ca9187c3bb954c601e384522ce93460b73f2dbf31787ce5828daca9f31c781b97db77872d76b6a3e871ff3401d70f1b5829fee7c4e847fd vlc-3.0.7.1.tar.xz +sha512sums="5ade0b350e98fd6fa90035bffabda96f0addb3844a7c0a242b4db1cab6a746e1adb1d713ddcb48ae51a7d1736090f096f5d3b0637a9f958ccf4fcf27e838cf70 vlc-3.0.8.tar.xz 22d80df599b8b65a5439cefbb7140af8e9530f326d54945da3769af65f37518b99ec2cc8647aafd2763324a0698280915afe043cc87e5720c4694881ed35bffa check-headless.patch e214b407235cb3afb8bec93f20c9b42957b57e6fd3960679d3d4235e77762e03e64d03c01f00ef63d589e7c85aaad02ce6abbeeccd66b1867bc92451a5b5e9b0 disable-sub-autodetect-fuzzy-1-test.patch e063c727d952465bbea33f669db49190427521dc8e2291e9a5cbb0f5e8e879bd3ba76855e44bd4630948e30c4329d27bd928f95de20fe1050d5e839778a4d012 endian-fix.patch @@ -201,4 +214,5 @@ e063c727d952465bbea33f669db49190427521dc8e2291e9a5cbb0f5e8e879bd3ba76855e44bd463 e13e398b7bfd977f6e099bcb6cf8dc5cd5bad6dea3eff715881826246dc4329468846084aff2576de2b7fd28d3f06e7c327a6e4511a28d22e5cd198a81146c89 omxil-rpi-codecs.patch a117ca4d7fd66a5f959fdeaddfdce2f8442fe9f2c13995bb7f4792a7745c00813813aa962f76e957e3b0735344a5dc000e0644ce09f23458802a2932231655c3 tar-compat.patch c0107655249687655846a9547ca1a5670b9207443180600e7a149c69ffb96d7226787c19b018d4033db9b284c1a5faa8d7d42188ed40c3b8bb051256febf11c5 test-s390x.patch -34d899b8b88de2058a8d64ce316389bd3437c0bbcd64a925eec4975adf2bc306a3a8d2e322bad5e3a18b5a28cbb5bf6705d8849dee655daf7e5a4bb007fe07e0 vlc-libs.trigger" +55e245190b443dde9c7215ea5210612fcca164900a9a4b025ccf0d1e3fc5206d00b52355b256974421e37c609875627f1db19f0f5a084511aec0daf677ecc9d6 vlc.initd +d89190dca1b8b2c3faca5863dc6c7e6eb24e05178e6f75ed752fd3c6a73cb8a42d2625b6e56453296b7096ea868be642ecd42745dac20e7f13fc67dd3c3c7c49 vlc.confd" diff --git a/user/wpa_supplicant/APKBUILD b/user/wpa_supplicant/APKBUILD index 5d1a35b4e..dbd22b8c7 100644 --- a/user/wpa_supplicant/APKBUILD +++ b/user/wpa_supplicant/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=wpa_supplicant pkgver=2.9 -pkgrel=0 +pkgrel=1 pkgdesc="Utility providing key negotiation for WPA wireless networks" url="https://w1.fi/wpa_supplicant/" arch="all" @@ -17,6 +17,7 @@ source="https://w1.fi/releases/$pkgname-$pkgver.tar.gz wpa_supplicant.conf dbus.patch eloop.patch + CVE-2019-16275.patch config wpa_cli.sh" @@ -32,6 +33,8 @@ source="https://w1.fi/releases/$pkgname-$pkgver.tar.gz # - CVE-2017-13086 # - CVE-2017-13087 # - CVE-2017-13088 +# 2.9-r1: +# - CVE-2019-16275 prepare() { default_prepare @@ -104,5 +107,6 @@ sha512sums="37a33f22cab9d27084fbef29856eaea0f692ff339c5b38bd32402dccf293cb849afd f8b224b6c5a8adf378d8224beb49f2a99817d303f7e6a724943ecb3313ae85ce0fdd8291a20c95563470681ebf5d991ffa31094b9171e470e9690b38bba25738 wpa_supplicant.conf dac56bc505a51167042ebe548f0e81a20a5578f753af9bb7ec3335a542d799c6e8739681ef7c8f7747a9bc954f8aa6f1a147250eacba17fd7fff80c4e53638ed dbus.patch 2be055dd1f7da5a3d8e79c2f2c0220ddd31df309452da18f290144d2112d6dbde0fc633bb2ad02c386a39d7785323acaf5f70e5969995a1e8303a094eb5fe232 eloop.patch +63710cfb0992f2c346a9807d8c97cbeaed032fa376a0e93a2e56f7742ce515e9c4dfadbdb1af03ba272281f639aab832f0178f67634c222a5d99e1d462aa9e38 CVE-2019-16275.patch 221660fa0350442a7d8371686b2118861052a4613fb352b7f80079e3750b82f4e48efc378b9d617455007d1106552b695fdca506a3c338283986641f3848b202 config 45d3e70c47d0f7d6dc6730853af8cbcb40ed0713ee7b1069698f5a635939f273f66e72d4221e064c3c71a92154cf07841c8c0d4fc14d796dbb6fe0d92776ee2b wpa_cli.sh" diff --git a/user/wpa_supplicant/CVE-2019-16275.patch b/user/wpa_supplicant/CVE-2019-16275.patch new file mode 100644 index 000000000..d764a9db0 --- /dev/null +++ b/user/wpa_supplicant/CVE-2019-16275.patch @@ -0,0 +1,73 @@ +From 8c07fa9eda13e835f3f968b2e1c9a8be3a851ff9 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen <j@w1.fi> +Date: Thu, 29 Aug 2019 11:52:04 +0300 +Subject: [PATCH] AP: Silently ignore management frame from unexpected source + address + +Do not process any received Management frames with unexpected/invalid SA +so that we do not add any state for unexpected STA addresses or end up +sending out frames to unexpected destination. This prevents unexpected +sequences where an unprotected frame might end up causing the AP to send +out a response to another device and that other device processing the +unexpected response. + +In particular, this prevents some potential denial of service cases +where the unexpected response frame from the AP might result in a +connected station dropping its association. + +Signed-off-by: Jouni Malinen <j@w1.fi> +--- + src/ap/drv_callbacks.c | 13 +++++++++++++ + src/ap/ieee802_11.c | 12 ++++++++++++ + 2 files changed, 25 insertions(+) + +diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c +index 31587685fe3b..34ca379edc3d 100644 +--- a/src/ap/drv_callbacks.c ++++ b/src/ap/drv_callbacks.c +@@ -131,6 +131,19 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, + "hostapd_notif_assoc: Skip event with no address"); + return -1; + } ++ ++ if (is_multicast_ether_addr(addr) || ++ is_zero_ether_addr(addr) || ++ os_memcmp(addr, hapd->own_addr, ETH_ALEN) == 0) { ++ /* Do not process any frames with unexpected/invalid SA so that ++ * we do not add any state for unexpected STA addresses or end ++ * up sending out frames to unexpected destination. */ ++ wpa_printf(MSG_DEBUG, "%s: Invalid SA=" MACSTR ++ " in received indication - ignore this indication silently", ++ __func__, MAC2STR(addr)); ++ return 0; ++ } ++ + random_add_randomness(addr, ETH_ALEN); + + hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, +diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c +index c85a28db44b7..e7065372e158 100644 +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -4626,6 +4626,18 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, + fc = le_to_host16(mgmt->frame_control); + stype = WLAN_FC_GET_STYPE(fc); + ++ if (is_multicast_ether_addr(mgmt->sa) || ++ is_zero_ether_addr(mgmt->sa) || ++ os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) { ++ /* Do not process any frames with unexpected/invalid SA so that ++ * we do not add any state for unexpected STA addresses or end ++ * up sending out frames to unexpected destination. */ ++ wpa_printf(MSG_DEBUG, "MGMT: Invalid SA=" MACSTR ++ " in received frame - ignore this frame silently", ++ MAC2STR(mgmt->sa)); ++ return 0; ++ } ++ + if (stype == WLAN_FC_STYPE_BEACON) { + handle_beacon(hapd, mgmt, len, fi); + return 1; +-- +2.20.1 + |