diff options
Diffstat (limited to 'user')
29 files changed, 673 insertions, 125 deletions
diff --git a/user/atril/APKBUILD b/user/atril/APKBUILD index d9f1127a9..52f26e4a0 100644 --- a/user/atril/APKBUILD +++ b/user/atril/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com> pkgname=atril pkgver=1.22.1 -pkgrel=1 +pkgrel=2 pkgdesc="Document viewer for the MATE desktop environment" url="https://mate-desktop.org" arch="all" @@ -14,10 +14,16 @@ makedepends="caja-dev djvulibre-dev gobject-introspection-dev gtk+3.0-dev libxml2-dev libxml2-utils poppler-dev python3 tiff-dev" subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" source="https://pub.mate-desktop.org/releases/1.22/atril-$pkgver.tar.xz - CVE-2019-1010006.patch" + CVE-2019-1010006.patch + CVE-2019-11459.patch" + +# secfixes: +# 1.22.1-r1: +# - CVE-2019-1010006 +# 1.22.1-r2: +# - CVE-2019-11459 build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -33,14 +39,13 @@ build() { } check() { - cd "$builddir" make check } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } sha512sums="838ae397c868ac417c9266e4a06525d66214650cf8647e91c1472d83d50c8954f6dbb29411384892a98f0929e1fbac9947118bd0db10d50400fc0d5270a3619d atril-1.22.1.tar.xz -ea6db09fe033a8ddf6d90f080858057fad5452a23801e0f41f7a90ec352b71344e8b596a0913deabca333ff24dc5023628eab7c18bc526c0a7f8fb0d680acdf7 CVE-2019-1010006.patch" +38ea99130fba5ce174eb4351a8c5b2c4dd9591a81aff72876fa17581be8960f75592184e18d3653fa3286035d9e4899ca1b53e830328a64fc15d0bb4b8176b39 CVE-2019-1010006.patch +ba4ec4b0e10d87f44f189a16cfe2419906e3776edc9bc14f7da9356a8953683e3f7efc441691df131497b08b892d3b291aab416310f259ee6bc0706cc4f02880 CVE-2019-11459.patch" diff --git a/user/atril/CVE-2019-1010006.patch b/user/atril/CVE-2019-1010006.patch index ce107d193..913e40312 100644 --- a/user/atril/CVE-2019-1010006.patch +++ b/user/atril/CVE-2019-1010006.patch @@ -1,22 +1,18 @@ -From e02fe9170ad0ac2fd46c75329c4f1d4502d4a362 Mon Sep 17 00:00:00 2001 -From: Jason Crain <jcrain@src.gnome.org> -Date: Sat, 2 Dec 2017 20:24:33 -0600 -Subject: [PATCH] Fix overflow checks in tiff backend +From aa8c51c24a3d716986ace9a4104a9632436ccff5 Mon Sep 17 00:00:00 2001 +From: lukefromdc <lukefromdc@hushmail.com> +Date: Sat, 27 Jul 2019 15:07:13 -0400 +Subject: [PATCH] Fix buffer overflow in backend/tiff-document.c -The overflow checks in tiff_document_render and -tiff_document_get_thumbnail don't work when optimizations are enabled. -Change the checks so they don't rely on undefined behavior. - -https://bugzilla.gnome.org/show_bug.cgi?id=788980 + Apply https://gitlab.gnome.org/GNOME/evince/commit/e02fe9170ad0ac2fd46c75329c4f1d4502d4a362 --- - backend/tiff/tiff-document.c | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) + backend/tiff/tiff-document.c | 17 ++++++++++------- + 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/backend/tiff/tiff-document.c b/backend/tiff/tiff-document.c -index 8f40934e..7bf95c2b 100644 +index 0aa31cb6..94adc400 100644 --- a/backend/tiff/tiff-document.c +++ b/backend/tiff/tiff-document.c -@@ -284,12 +284,12 @@ tiff_document_render (EvDocument *document, +@@ -268,13 +268,14 @@ tiff_document_render (EvDocument *document, return NULL; } @@ -27,11 +23,13 @@ index 8f40934e..7bf95c2b 100644 /* overflow */ return NULL; } -+ bytes = height * rowstride; ++ bytes = height * rowstride; ++ pixels = g_try_malloc (bytes); if (!pixels) { -@@ -374,15 +374,15 @@ tiff_document_get_thumbnail (EvDocument *document, + g_warning("Failed to allocate memory for rendering."); +@@ -356,15 +357,17 @@ tiff_document_render_pixbuf (EvDocument *document, if (width <= 0 || height <= 0) return NULL; @@ -40,17 +38,17 @@ index 8f40934e..7bf95c2b 100644 + if (width >= INT_MAX / 4) /* overflow */ return NULL; -+ rowstride = width * 4; - bytes = height * rowstride; - if (bytes / rowstride != height) ++ rowstride = width * 4; ++ + if (height >= INT_MAX / rowstride) /* overflow */ - return NULL; -+ bytes = height * rowstride; +- return NULL; ++ return NULL; ++ ++ bytes = height * rowstride; pixels = g_try_malloc (bytes); if (!pixels) --- -2.21.0 - diff --git a/user/atril/CVE-2019-11459.patch b/user/atril/CVE-2019-11459.patch new file mode 100644 index 000000000..a826cbd29 --- /dev/null +++ b/user/atril/CVE-2019-11459.patch @@ -0,0 +1,69 @@ +Backport of the following, since it did not apply due to whitespace / +formatting + +From bd4ce9171fef52720e74ffeeeeca3b0c5b5d4808 Mon Sep 17 00:00:00 2001 +From: Victor Kareh <vkareh@redhat.com> +Date: Sun, 11 Aug 2019 05:20:09 +0300 +Subject: [PATCH] tiff: Handle failure from TIFFReadRGBAImageOriented + +The TIFFReadRGBAImageOriented function returns zero if it was unable to +read the image. Return NULL in this case instead of displaying +uninitialized memory. + +This addresses CVE-2019-11459 + +upstream commit: +https://gitlab.gnome.org/GNOME/evince/commit/234f034a4 +--- + +--- atril-1.22.1/backend/tiff/tiff-document.c ++++ atril-1.22.1/backend/tiff/tiff-document.c +@@ -282,17 +282,21 @@ tiff_document_render (EvDocument *d + return NULL; + } + ++ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, ++ width, height, ++ (uint32 *)pixels, ++ orientation, 0)) { ++ g_warning ("Failed to read TIFF image."); ++ g_free (pixels); ++ return NULL; ++ } ++ + surface = cairo_image_surface_create_for_data (pixels, + CAIRO_FORMAT_RGB24, + width, height, + rowstride); + cairo_surface_set_user_data (surface, &key, + pixels, (cairo_destroy_func_t)g_free); +- +- TIFFReadRGBAImageOriented (tiff_document->tiff, +- width, height, +- (uint32 *)pixels, +- orientation, 0); + pop_handlers (); + + /* Convert the format returned by libtiff to +@@ -373,13 +377,17 @@ tiff_document_render_pixbuf (EvDocument + if (!pixels) + return NULL; + ++ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, ++ width, height, ++ (uint32 *)pixels, ++ ORIENTATION_TOPLEFT, 0)) { ++ g_free (pixels); ++ return NULL; ++ } ++ + pixbuf = gdk_pixbuf_new_from_data (pixels, GDK_COLORSPACE_RGB, TRUE, 8, + width, height, rowstride, + (GdkPixbufDestroyNotify) g_free, NULL); +- TIFFReadRGBAImageOriented (tiff_document->tiff, +- width, height, +- (uint32 *)pixels, +- ORIENTATION_TOPLEFT, 0); + pop_handlers (); + + scaled_pixbuf = gdk_pixbuf_scale_simple (pixbuf, diff --git a/user/calligra/APKBUILD b/user/calligra/APKBUILD index 306299ae0..fdaf6e4fe 100644 --- a/user/calligra/APKBUILD +++ b/user/calligra/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=calligra pkgver=3.1.0 -pkgrel=2 +pkgrel=3 pkgdesc="KDE Office suite" url="https://www.calligra.org/" arch="all" diff --git a/user/cbindgen/APKBUILD b/user/cbindgen/APKBUILD index 85db9d603..6fffc1af6 100644 --- a/user/cbindgen/APKBUILD +++ b/user/cbindgen/APKBUILD @@ -13,17 +13,16 @@ makedepends="cargo" source="" # dependencies taken from Cargo.lock -cargo_deps="$pkgname-$pkgver ansi_term-0.11.0 atty-0.2.11 autocfg-0.1.4 - bitflags-1.1.0 cfg-if-0.1.9 clap-2.33.0 cloudabi-0.0.3 - fuchsia-cprng-0.1.1 itoa-0.4.4 libc-0.2.58 log-0.4.6 numtoa-0.1.0 - proc-macro2-0.4.30 quote-0.6.12 rand-0.6.5 rand_chacha-0.1.1 - rand_core-0.3.1 rand_core-0.4.0 rand_hc-0.1.0 rand_isaac-0.1.1 - rand_jitter-0.1.4 rand_os-0.1.3 rand_pcg-0.1.2 rand_xorshift-0.1.1 - rdrand-0.4.0 redox_syscall-0.1.54 redox_termios-0.1.1 - remove_dir_all-0.5.2 ryu-0.2.8 serde-1.0.93 serde_derive-1.0.93 - serde_json-1.0.39 strsim-0.8.0 syn-0.15.38 tempfile-3.0.8 termion-1.5.3 - textwrap-0.11.0 toml-0.5.1 unicode-width-0.1.5 unicode-xid-0.1.0 - vec_map-0.8.1 winapi-0.3.7 winapi-i686-pc-windows-gnu-0.4.0 +cargo_deps="$pkgname-$pkgver ansi_term-0.11.0 atty-0.2.13 bitflags-1.1.0 + c2-chacha-0.2.2 cfg-if-0.1.9 clap-2.33.0 getrandom-0.1.12 itoa-0.4.4 + lazy_static-1.4.0 libc-0.2.62 log-0.4.8 ppv-lite86-0.2.5 + proc-macro2-0.4.30 proc-macro2-1.0.3 quote-0.6.13 quote-1.0.2 + rand-0.7.0 rand_chacha-0.2.1 rand_core-0.5.1 rand_hc-0.2.0 + redox_syscall-0.1.56 remove_dir_all-0.5.2 ryu-1.0.0 serde-1.0.100 + serde_derive-1.0.100 serde_json-1.0.40 strsim-0.8.0 syn-0.15.44 + syn-1.0.5 tempfile-3.1.0 textwrap-0.11.0 toml-0.5.3 unicode-width-0.1.6 + unicode-xid-0.1.0 unicode-xid-0.2.0 vec_map-0.8.1 wasi-0.7.0 + winapi-0.3.8 winapi-i686-pc-windows-gnu-0.4.0 winapi-x86_64-pc-windows-gnu-0.4.0" source="$source $(echo $cargo_deps | sed -E 's#([[:graph:]]+)-([0-9.]+(-(alpha|beta|rc)[0-9.]+)?)#&.tar.gz::https://crates.io/api/v1/crates/\1/\2/download#g')" @@ -75,48 +74,45 @@ package() { rm "$pkgdir"/usr/.crates.toml } + sha512sums="134a748ec781dde54d7810d6f5f98a5a84784d4acdd13a4c13eb4ae67fc278ccd2b123eea56461a124e7aa17b99e0a5a20f39f06286ce259e6e3eb24c43f29ae cbindgen-0.9.0.tar.gz a637466a380748f939b3af090b8c0333f35581925bc03f4dda9b3f95d338836403cf5487ae3af9ff68f8245a837f8ab061aabe57a126a6a2c20f2e972c77d1fa ansi_term-0.11.0.tar.gz -9d6417dc1e8abdb4969418525b36c451274fd76769adb57bef9875ef62ef521c50d58626ebc4f96d2bea32cbadb6999fd67653b570293d7253b403b6d0736c79 atty-0.2.11.tar.gz -811b68ea24a836980026abba12598b35359abdff5660e6e9d3cc65e3edbedcd10dffc208900af5d4c21e983e1218b5fb5499117c05ab60b3e4716f0529b231ce autocfg-0.1.4.tar.gz +4554ca7dedb4c2e8693e5847ef1fe66161ed4cb2c19156bb03f41ce7e7ea21838369dabaf447a60d1468de8bfbb7087438c12934c4569dde63df074f168569ad atty-0.2.13.tar.gz e3e611cf35a1ed4930727d530e6c78add895bd96636ca1354f1269b3d0e36e77fbb9ec850fe1f448a10f09ea2b2f89c2b16bb96b7da585851ce4c29a308968e3 bitflags-1.1.0.tar.gz +d8edeff2f4eefb9504160d7f4d3c450661d10905c23cc4950736ab76e73bd1e88127c006bc762d63694847f2cc981ceeb0727ecf18e8fad7c89209d7a9e70f14 c2-chacha-0.2.2.tar.gz 45f7322217d291b3905ffdc45cadd5a7a7baf440f9a82a5b5596192ed0ac54353a3ecae0326d5807aae99bc4d79e0406d71bd65745ec8d9f8815a7c9436d648c cfg-if-0.1.9.tar.gz f1075031414d48e4340bfe308904a95a31b72460724773c52a0bc8c004e625a04c904a39fc5420cb8c26a633321f9b5f4f69019c7aae5ed89900b63ed8c21a91 clap-2.33.0.tar.gz -691ed793e9b35ba382f03897f4c0efc31a528394862a27b814ba8993ad30bbe0ebc9808484baf580e8b69d9c13ad1612776a1efd0f6981545b420139ff83592c cloudabi-0.0.3.tar.gz -ea9f5beb0dfcb023c22cfc2b37ce52dfcf3a2cbbed0f79ffffc332878858386805c65dce8469a431002367562d857a6c064e075688540c27fcb4056a110059d2 fuchsia-cprng-0.1.1.tar.gz +0577f21f0ff01154453da92dd125c3bdea12a2bb2e7f5581add4306e28dfc448a0c084e9e64a0ef1da7baf8415965ea4ee32a5ef38d5af8ce4c6addab3cb0518 getrandom-0.1.12.tar.gz f5e04bd908457e7592243ce64a99c5283428b767f4cc17d77946770411b06fccb0250625263c3e84a02a018ea7e8a0e4216e1929a71988bab8e1dbf603d3801d itoa-0.4.4.tar.gz -9127ad9a94f75655740fc3a2278c7a17d5f03c4cd12c8833c1a1ecb7a860ec8581fbc969f5c2e23b8eecb9131d9d8271131ad6a675b785f18fb55d830bcc0491 libc-0.2.58.tar.gz -3844c771f97531ae7312c6bb0cf74ccaab94925f68bf1172419cc44fa4b5373f3ac6b42fb6d0ba636a970b295ea5d1b5abbe72b4da67a103e8dc4ed48a0cc5cb log-0.4.6.tar.gz -41b5c774048592c5867fba217c85d4ece4540e0f3ab0eea7dd1a6af340ba46dae42bbca62ea7fe3afdb258660f39a3d3082264c99dea67d3d1ae178d00a01354 numtoa-0.1.0.tar.gz +e124c0521ec7c950f3c4a066821918da7a9c6e711115d98009ae7c351928fdddead852e7596fea5937a9c30e4e4ce8eee7099b20248b5d6e3b2494b6a6d88cb8 lazy_static-1.4.0.tar.gz +93c178429a099606d4d61576d74204e87c042c4591b8472eb56eb3ddee883b135e28be09ff48e2718c4cdadbfc641e3a313665fe493d64b1820a7e6018f79d1e libc-0.2.62.tar.gz +0b71f97d5964134b5eea1332347e177806b2f171d0be5c410c0ff1539470b242ba9f0933fafd853e4171a43b5e373a150af18918924be431c7216022553a8a3b log-0.4.8.tar.gz +281ea3479c4a8996aac643b707e75ca0a079681b1f182a074de0d9989ff9f1df6922cb8e4152af76025ebb4c2d00e6889aecc2a4f0fa66531eceb732aef62243 ppv-lite86-0.2.5.tar.gz 73a8de3f1d76a8baf2d45afc1497bba8c0cbf231bf9b6750b9cee2473f492d5f3957ac149998da720acc8287c96d604971b51dcdfa629523bbdd97c297856ac0 proc-macro2-0.4.30.tar.gz -5d58945b0c9b41e368458a1661ae7b2ceed2e3285d377088afe5fde38e1db945ab42326d096cd6d13d82f5f80fe73d204c5fbe3c7abdea149eb6d7ca7c5e6798 quote-0.6.12.tar.gz -2eb84bed29708b8ba109f4329bf6f1cac6caed9d91b2aaf185d68dd2eda73d3fb7be2897d0596fb28352e799ccf92c161ee44599d5cb426ba9c3b8c747831904 rand-0.6.5.tar.gz -200d39362ffd6d91cfe80634e951c7323a5df8a382c91e3afcef1ecb143a16dc47a17db7f1a746b18e4ea8bfd36bc31ceaeff6d0116e166f8b34e4a8530b3c1b rand_chacha-0.1.1.tar.gz -5a7ae601124502bede760fd3179c2b28059ebc3b5983bfcb6b8fa62fb58df95cedc1aeb2734e792d894dfa4620801c13c29702f9cbee64243121575d4b6b9114 rand_core-0.3.1.tar.gz -f80e76dabd3308a12880a9aa8b7be83db39b02778c95bb63f862488789a2a67e2f08d4f2dd1ad803c61df0a9fc7f6620aa753b3bf394542ce27c89189a911845 rand_core-0.4.0.tar.gz -808d8c167daa66a2608884d5d3f1444cdb21f8ca1c61e59fc9bdfb506a634ebb22c0143cfc0574e15313f82559fd2d117a46910eba3b4eb7e0052ec280f5cd2f rand_hc-0.1.0.tar.gz -9e8f6c79abc53352c971f8182dcaa7979904d5649eec9008262bb0aaf0585b4c4817351cd80ffa8d07f172ff4c82d85a09ef2642a08f608fc6be3e246ed7f82e rand_isaac-0.1.1.tar.gz -fe3791612cf82bd0ad1a115c442b4a007141647eecd48f49dff9a5d326c374663d9bd2e511c8d292e1dba44665359b522cd5d57ccd3a18598e88e42ee1670e4a rand_jitter-0.1.4.tar.gz -01e81a692b78df3b2bd65bc285e5052ccaf208c7d0ace414f251db4fcff7f9ae1502ee60ca5745c95e778d3d5efe15fa84153c17c422b6b6bfee829376c14575 rand_os-0.1.3.tar.gz -6bc684778ba60c2e48793d4759b40cb0d35b0bc20ca0fc39fdff7c3f8fe9082dd7b5d5f26a7f17bafc6f3568924eac1bbe45820b1c2b09c91731ea5487d76d9c rand_pcg-0.1.2.tar.gz -3205499ed2584467dedb4641a48f3ca8fedc263b1d9431d36a251af0bc4701d99ce4b5219d515b9b24210dd3ef2faace6efa886aa50f361e07f53dd0fb0841e5 rand_xorshift-0.1.1.tar.gz -6476275d124bee28747191471e8d8f321a3b1c148c1f2a7ece4175f5244a7de90afe5f99d2eba5244d886b92e38232398864bf90e6d434b09494533942c8d894 rdrand-0.4.0.tar.gz -38ee15c2fa470428329b3888fef1f1b5bc57ffae96b6ec505fc051f33a8da86512afddfeb6966cb2342382a5cbccb624a825767d3492b3d6d21d6f8e97e57e9e redox_syscall-0.1.54.tar.gz -201d051900e919e2c6c6769ef252e51979d90133df16b6605e2a2f424cfb2e6e505e21add75ef5854fe5e0cab1ed1f1c1451010f072ae4bc8703c585a4323981 redox_termios-0.1.1.tar.gz +ff4e32e42d206191741880e362e39e33149fec4f94cb38e2693e956e4c0dd680dba4712f436fddbc092a7ebef23b7cd4693345fb93d5b9713a516960c2bfd82e proc-macro2-1.0.3.tar.gz +bafa9ba42ea6ff2d6df652384485c58327de6eaea2832423eedd8ef8b4aace673c23b70f1f22106515ac13d7f625cb8b1a5e8c4388c1701ea3cd86fb9ac3056e quote-0.6.13.tar.gz +67778dff9dc5c4edcdd6454b74ad9353bb6c0c4e51c16cb82f2e393a7d7a0cde084d3c93279b718a8398c40af0a9377ebfae5321e69e635efd8390c125b75ce4 quote-1.0.2.tar.gz +20c82ed8edf0bd203ac6f04f746b80abf5ad5716b307cd76fda399f26519ccc3b757f390058e7d8826508ed8a2b524c49ebad56a79fa77416b386f2b9a854352 rand-0.7.0.tar.gz +30933fdb94ca8d4bf040a7e08a42944a0d7c2f3f6a9a3d547e74bc32f922b0eb79d85afb1f6c85c78dc115170e70bdf96b36f0478d61ba5651876d5350ad18f6 rand_chacha-0.2.1.tar.gz +4f7500b35e165e6c817fdd67a50745d5497d24e554bb554705097e37258751e8755c4d6b8a69fcb5e1977708ba78620bc35d640e4e018fcd4e88d9dbdbebdcbf rand_core-0.5.1.tar.gz +bca185612bed5cee4da76fb68fe854105da276f5bf2da464e596d586b925df798cc692ed881e276ab77c36b4b0551930966c93656be122ad05899d87853533b0 rand_hc-0.2.0.tar.gz +17a3044327aa733c830dd74e210d6bda32622617d1c5af9d70d7647232d8569ad0b04ccb14042cbabb5d97ad98e3f1f5a9968a75387354ffb4d175e9577115a1 redox_syscall-0.1.56.tar.gz d19a45398a93adbcef9f233f6b3eaf4a63ae95f5bbae00c880b40c5edd34449e7f798ebcd4d11843c68ddfa15e11bed21d434b224e4a175dcb64ae011c13c8cd remove_dir_all-0.5.2.tar.gz -15a17fa06cb971847386013b7bc80e0483bb30f62062ac1e3200d588cb52771a7d34cdd74aba51de46341d303bd29065cf1f8cdcc17c23576cfadaefe63384b4 ryu-0.2.8.tar.gz -ec7712ad54bae2d93524e49730e2707b20ef91c8aa05084c6bbbd17e3ca77532cc672b8ae8f3ace25fc72a109cdc06a4b3f74515b7afe35faff6887984ae9309 serde-1.0.93.tar.gz -e9ba64c934eab1c2091697d36338ea6c47d0409b0097c87376fa6b05de21391aeb228e52b1c846894c37aee44550f4059c3ee9f58840d79d4ef5be4c61293f2b serde_derive-1.0.93.tar.gz -7180e5deb60e196f6b1ba3ac2a1bad6cea59d29f65fa7fb9258beb3d7012d6f3ea624e21fbb17868f5a21224f93b3f7b24875a94d50ba0d05e5b8d2aef632036 serde_json-1.0.39.tar.gz +b5dd360611fdf76ff13d377c1c79ce09a4fab90a8b7fc917a4424b8246c8a0da7d3ec515b8c69b695d936b1207072d173b9f40fd5cb218f1eab947862112caf0 ryu-1.0.0.tar.gz +bce506b4d30c9743f69a8c599eeb5bfde8e4951f1700901ce03eb9cd198e3725bcd625121f494f8d12e98200520899917794b5943b355acf8993f00d1ede4282 serde-1.0.100.tar.gz +f47e62d3f30b15acf0e5435c5df939bb6089c060bf91e891a7cc0f9e7bb8243c5500a145ec41e6aba7fd1f5fb571e552dbc95eb78633d7a47ed08ed35f0b0848 serde_derive-1.0.100.tar.gz +d09bc95c963f510686106d9885f3420b9eabba8bf32626597dafd43ffbe91ea72ee4a3fedfca922794a727214d73929970acced8eccaa23616cde33dfde9f842 serde_json-1.0.40.tar.gz 1d55a8d946cd55f5f37d06aea536549ded95739fa58c0f2da285a0041154c181f663682bdcac643aa198b3e762d694a04f058db985c62ebe22b5c16327ba6d34 strsim-0.8.0.tar.gz -e460d6b67e3237e8e88292e2fd170ef16f6b0e30b1c7c11b8177f36c86b083ca1de2727e75f183d2708f6839138aa73865e7944a822c2d85783a79caf3fa2e6c syn-0.15.38.tar.gz -88f5bb3ac88b192b9f106d5902ac7563114b901df8c36cbb7f2eb7dccd631e19093cd1ec6aa82e4b833f35ab265072e81f3205773654c263555bee22a78abc00 tempfile-3.0.8.tar.gz -1cbe60f97d5f8b95e6a57ec9b7cfcf37459bc8dbcf8424b055f04b2ecdaf069e1bb52222364a2f380dc3f63039fe3823d424228af1c212a8b3790b7dd55d5deb termion-1.5.3.tar.gz +c6c9b5887425e1e5fab905e477fcea41bba191693c471cf26922a9dfdd59ed957155a399406cc3723933a869565e7295183dabedfc34e3e2a20874ba94c7ead7 syn-0.15.44.tar.gz +4cc18966040b1f86916876aa5ad8029a126f7ab8db55408b3f4bc343dd82dc357899dd4a7afc514c65fd269245f8850f8f2834b08bc2ee6cf6774282f75feadc syn-1.0.5.tar.gz +a87ee51c36a81a8a8eb8f091eb57926682f38b707f7f641332d8752170e6c139a656ae49c6861f51e07c2fab5c86cc9b2ac158f5d89c6bff15d18934dd4e7ba5 tempfile-3.1.0.tar.gz f5c0fe4f28ff1a3a0931e8e235b5157a45f67967985bcc752418c5ec3481fca44a8ae4800088889b37e8cd0533f53d3c456d5ffd19b767b3f83a87b49a2e209a textwrap-0.11.0.tar.gz -4b8b9212934b8a8bf8f09fc9c63219f3bd8d21a1bc5ec4f4208fa833743951ddb53cb99b5fa27b9b59d2223cc74a7274d6eb196255e44650bb633e24b2529073 toml-0.5.1.tar.gz -bd5ac5f0433953d79408074239edc7c43ce23d56659d467805d81ab01c576a3cf77ccedb3bba41d48bc4ad46a8905ac8a1927b99312053ef6295fd940a6766d2 unicode-width-0.1.5.tar.gz +f3798afe9cbededee2c5d0cc2cd45a9a5b09004bc4d6f0e2863aa56a3aa377e9eb8fc2e4c557fe448afbec77bea5bb6953fe6ff59cb83389351ea207bd912458 toml-0.5.3.tar.gz +d6c2e5a99ea359d866393a6b00e0e21e5d80e4e665e457c0f2f0bbebda53afeab75b1d9b6b79102339ee621bac5050e7d41621703a8fd9ffe1e74a5a4301aa05 unicode-width-0.1.6.tar.gz cc5343e2166938322cfd7c73f1f918f2a9c46846ac0ef55933d1e44cdfaf6f7da2b7ff18b68e356c47b6d8ba5565eda0db42c347dcbde830683f341ac2b1849d unicode-xid-0.1.0.tar.gz +590f727d8d8354023062ae5fe7ac5bed1bcf79d86b883effd7f33b3ea3b1c8922998a63d621ca6962a969e890fa6edd009871f21cd57b1969264f41ba3f78359 unicode-xid-0.2.0.tar.gz 026cf10dc7ba98ae51dd312fc847cbaea41c25f0da5db6e0e22c2ecf75584bbf876d7bd96035fbbcf6696d702d5a3f25977e02a2d77cf519aa21e3ed05710e40 vec_map-0.8.1.tar.gz -6871b93ad8d48e39b90cb7b31b3132f84665f965b4dfe06fcebdfb873e7d099007cf3d7a50e832a941c3425ad2f39c3ab48a77151e60863685b97fc05c71d134 winapi-0.3.7.tar.gz +1950e78df7f0ba21b917680633d092704f1fb906bd973de4ddc43cedb7bf449f6e881d50e3aa0d5595e8d58796915d582b69c116ef536f819b6f035affea18f0 wasi-0.7.0.tar.gz +5a899ee5f09f30d742b8b8eba78da05cd9f4c664408fdeb9370373f8756a962a23e3f1c07619e745b3270138606c9a369076c02c3f5353f657df09d203d9a736 winapi-0.3.8.tar.gz a672ccefd0730a8166fef1d4e39f9034d9ae426a3f5e28d1f4169fa5c5790767693f281d890e7804773b34acdb0ae1febac33cde8c50c0044a5a6152c7209ec2 winapi-i686-pc-windows-gnu-0.4.0.tar.gz 4a654af6a5d649dc87e00497245096b35a2894ae66f155cb62389902c3b93ddcc5cf7d0d8b9dd97b291d2d80bc686af2298e80abef6ac69883f4a54e79712513 winapi-x86_64-pc-windows-gnu-0.4.0.tar.gz" diff --git a/user/cups-filters/APKBUILD b/user/cups-filters/APKBUILD index dcb700b90..d46268780 100644 --- a/user/cups-filters/APKBUILD +++ b/user/cups-filters/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Max Rees <maxcrees@me.com> pkgname=cups-filters -pkgver=1.25.2 +pkgver=1.25.5 pkgrel=0 pkgdesc="OpenPrinting CUPS filters and backends" url="https://wiki.linuxfoundation.org/openprinting/cups-filters" @@ -59,4 +59,4 @@ libs() { mv "$pkgdir"/usr/lib/lib*.so.* "$subpkgdir"/usr/lib/ } -sha512sums="e616a3a356ea7ad7d61e50242c1c0fd899911a8a293e721a89b425fb6a5d6d98388bbd4c02df407d9b66219b99f7c41a457b1436af6b9d8e979f0fd4e392ef3e cups-filters-1.25.2.tar.xz" +sha512sums="4e7126f4c439cb7392484dd3531023da5a1c885c7a6c7377260e7cccc2f3f51e3d0aa879965ecdb2625217d6f9ee1ca9c860c4fc05a7959697cd269696f10f59 cups-filters-1.25.5.tar.xz" diff --git a/user/dejagnu/APKBUILD b/user/dejagnu/APKBUILD deleted file mode 100644 index 53018f36f..000000000 --- a/user/dejagnu/APKBUILD +++ /dev/null @@ -1,37 +0,0 @@ -# Contributor: A. Wilcox <awilfox@adelielinux.org> -# Maintainer: A. Wilcox <awilfox@adelielinux.org> -pkgname=dejagnu -pkgver=1.6.2 -pkgrel=0 -pkgdesc="Framework for testing other programs" -url="https://www.gnu.org/software/dejagnu/" -arch="noarch" -license="GPL-3.0+" -depends="expect" -makedepends="$depends tcl>=8.5" -subpackages="$pkgname-dev $pkgname-doc" -source="https://ftp.gnu.org/pub/gnu/$pkgname/$pkgname-$pkgver.tar.gz" - -build() { - cd "$builddir" - ./configure \ - --build=$CBUILD \ - --host=$CHOST \ - --prefix=/usr \ - --sysconfdir=/etc \ - --mandir=/usr/share/man \ - --localstatedir=/var - make -} - -check() { - cd "$builddir" - make check -} - -package() { - cd "$builddir" - make DESTDIR="$pkgdir" install -} - -sha512sums="ae527ce245871d49b84773d0d14b1ea6b2316c88097eeb84091a3aa885ff007eeaa1cd9c5b002d94a956d218451079b5e170561ffa43a291d9d82283aa834042 dejagnu-1.6.2.tar.gz" diff --git a/user/evince/APKBUILD b/user/evince/APKBUILD index a98bf2cf9..ea6b66231 100644 --- a/user/evince/APKBUILD +++ b/user/evince/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=evince pkgver=3.32.0 -pkgrel=1 +pkgrel=2 pkgdesc="GNOME document viewer" url="https://wiki.gnome.org/Apps/Evince" arch="all" @@ -14,10 +14,14 @@ makedepends="djvulibre-dev glib-dev gobject-introspection-dev libsecret-dev libspectre-dev libxml2-dev libxml2-utils poppler-dev tiff-dev zlib-dev" subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" -source="https://ftp.gnome.org/pub/gnome/sources/evince/3.32/evince-$pkgver.tar.xz" +source="https://ftp.gnome.org/pub/gnome/sources/evince/3.32/evince-$pkgver.tar.xz + CVE-2019-11459.patch" + +# secfixes: +# 3.32.0-r2: +# - CVE-2019-11459 build() { - cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -65,13 +69,12 @@ build() { } check() { - cd "$builddir" make check } package() { - cd "$builddir" make DESTDIR="$pkgdir" install } -sha512sums="565298a200d9ae2f6b4cb53c3cba0d0d0e4cfbef60e4145bfb9c82a5682947ceb2371e52c27179cd69a238cd387bcfd744d3c55df814b6347f07781aec3ea658 evince-3.32.0.tar.xz" +sha512sums="565298a200d9ae2f6b4cb53c3cba0d0d0e4cfbef60e4145bfb9c82a5682947ceb2371e52c27179cd69a238cd387bcfd744d3c55df814b6347f07781aec3ea658 evince-3.32.0.tar.xz +ebb8e2e0b2754d4634c99fda7669171e97b583dfbcd383682b70eb36ce816f1bcf1c2cb81b4ffbfac86db891d9f63bd0c2d90ff9ca3838c64a258b6a0002f7c4 CVE-2019-11459.patch" diff --git a/user/evince/CVE-2019-11459.patch b/user/evince/CVE-2019-11459.patch new file mode 100644 index 000000000..b331a0c30 --- /dev/null +++ b/user/evince/CVE-2019-11459.patch @@ -0,0 +1,72 @@ +From 234f034a4d15cd46dd556f4945f99fbd57ef5f15 Mon Sep 17 00:00:00 2001 +From: Jason Crain <jcrain@src.gnome.org> +Date: Mon, 15 Apr 2019 23:06:36 -0600 +Subject: [PATCH] tiff: Handle failure from TIFFReadRGBAImageOriented + +The TIFFReadRGBAImageOriented function returns zero if it was unable to +read the image. Return NULL in this case instead of displaying +uninitialized memory. + +Fixes #1129 +--- + backend/tiff/tiff-document.c | 28 ++++++++++++++++++---------- + 1 file changed, 18 insertions(+), 10 deletions(-) + +diff --git a/backend/tiff/tiff-document.c b/backend/tiff/tiff-document.c +index 7715031b..38bb3bd8 100644 +--- a/backend/tiff/tiff-document.c ++++ b/backend/tiff/tiff-document.c +@@ -292,18 +292,22 @@ tiff_document_render (EvDocument *document, + g_warning("Failed to allocate memory for rendering."); + return NULL; + } +- ++ ++ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, ++ width, height, ++ (uint32 *)pixels, ++ orientation, 0)) { ++ g_warning ("Failed to read TIFF image."); ++ g_free (pixels); ++ return NULL; ++ } ++ + surface = cairo_image_surface_create_for_data (pixels, + CAIRO_FORMAT_RGB24, + width, height, + rowstride); + cairo_surface_set_user_data (surface, &key, + pixels, (cairo_destroy_func_t)g_free); +- +- TIFFReadRGBAImageOriented (tiff_document->tiff, +- width, height, +- (uint32 *)pixels, +- orientation, 0); + pop_handlers (); + + /* Convert the format returned by libtiff to +@@ -384,13 +388,17 @@ tiff_document_get_thumbnail (EvDocument *document, + if (!pixels) + return NULL; + ++ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, ++ width, height, ++ (uint32 *)pixels, ++ ORIENTATION_TOPLEFT, 0)) { ++ g_free (pixels); ++ return NULL; ++ } ++ + pixbuf = gdk_pixbuf_new_from_data (pixels, GDK_COLORSPACE_RGB, TRUE, 8, + width, height, rowstride, + (GdkPixbufDestroyNotify) g_free, NULL); +- TIFFReadRGBAImageOriented (tiff_document->tiff, +- width, height, +- (uint32 *)pixels, +- ORIENTATION_TOPLEFT, 0); + pop_handlers (); + + ev_render_context_compute_scaled_size (rc, width, height * (x_res / y_res), +-- +2.21.0 + diff --git a/user/grub/APKBUILD b/user/grub/APKBUILD index 9d6ada6fd..d571310e7 100644 --- a/user/grub/APKBUILD +++ b/user/grub/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=grub pkgver=2.02 -pkgrel=7 +pkgrel=8 pkgdesc="Bootloader with support for Linux, Multiboot and more" url="https://www.gnu.org/software/grub/" arch="all !s390x" @@ -12,6 +12,8 @@ license="GPL-3.0+" depends="" makedepends="bison flex freetype-dev linux-headers lvm2-dev python3 xz unifont automake autoconf libtool" +# [22:02] <@awilfox> [[sroracle]]: grub breaks without its locale files present +# [22:02] <@awilfox> it cannot be split subpackages="$pkgname-dev $pkgname-doc" # currently grub only builds on x86*, aarch64 and ppc* systems @@ -27,6 +29,9 @@ for f in $flavors; do subpackages="$subpackages $pkgname-$f" done +install="$pkgname.post-upgrade" +triggers="$pkgname.trigger=/boot" + source="https://ftp.gnu.org/gnu/grub/grub-$pkgver.tar.xz fix-gcc-no-pie-specs.patch grub2-accept-empty-module.patch @@ -34,6 +39,8 @@ source="https://ftp.gnu.org/gnu/grub/grub-$pkgver.tar.xz the-arch-everyone-uses-and-nobody-loves.patch x86_64_asm.patch default-grub + update-grub + quirk-01_radeon_agpmode " prepare() { @@ -119,8 +126,14 @@ package() { rm -f "$pkgdir"/usr/lib/charset.alias install -D -m644 "$srcdir"/default-grub "$pkgdir"/etc/default/grub + install -D -m755 "$srcdir"/update-grub "$pkgdir"/usr/sbin # remove grub-install warning of missing directory mkdir -p "$pkgdir"/usr/share/locale + + for i in "$srcdir"/quirk-*; do + install -Dm755 "$i" \ + "$pkgdir"/etc/grub-quirks.d/"${i##"$srcdir"/quirk-}" + done } bios() { @@ -163,4 +176,6 @@ f2a7d9ab6c445f4e402e790db56378cecd6631b5c367451aa6ce5c01cd95b95c83c3dd24d6d4b857 4e7394e0fff6772c89683039ccf81099ebbfe4f498e6df408977a1488fd59389b6e19afdbf0860ec271e2b2aea0df7216243dcc8235d1ca3af0e7f4d0a9d60a4 grub-xen-host_grub.cfg 088455205f2f397d60e43eab19ed73994880ea1f442661f7975846cceaf2b112d92fd1341119d7dbfad3af2174dfd4d4721f31dead1ac35f4a3cb7c0d92f8a04 the-arch-everyone-uses-and-nobody-loves.patch 8752b5e689ec3b7e1f438c7207adc517d7acb4f7d15fda2907bc9177883a686f23994c66641bfc0c7620365415972b5d8b74f511c13dd234f5f3461dda4bb445 x86_64_asm.patch -048d061ac0aab0106f59a3d257739ff5de6c7dc08a4dc9b8b12e9bd2b1ec11f9bc6214013f3d1083b11c3ce41185fcbb5615beb2f290380abf392bb4c3f0d509 default-grub" +1e6ae4a3884829864dbd789d3c3a0d43a5aa5f279c3ebb25f71775686e9236bc1c6295e5064ad32b384635987ee0814df95e9ca33bc57bc8e0aeb47bec34270e default-grub +0907a810e9ba5be92d10dae38403d1e50fb9b324799df36d2241ff59f545dace37a65f2b1c8f07367220da4fd341d8f21dd9a4fab8da6c87ae52d7ffbca3dbd7 update-grub +78b7ec141a364994c7de181e47fedca820add9960c56c7adf4c14ee11d5249a0887fd788ecd5d24b9bdd102b7c40395181e2f7c3fe5ab795dd7c0057ba1115c5 quirk-01_radeon_agpmode" diff --git a/user/grub/default-grub b/user/grub/default-grub index 18fc2317d..3fb754c7e 100644 --- a/user/grub/default-grub +++ b/user/grub/default-grub @@ -6,3 +6,12 @@ GRUB_DEFAULT="Adélie" GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="Adélie" GRUB_CMDLINE_LINUX_DEFAULT="ro" + +# Uncomment the following line if you do *not* want /boot/grub/grub.cfg to be +# automatically regenerated when easy-kernel is upgraded. +#ADELIE_MANUAL_CONFIG=1 + +for i in /etc/grub-quirks.d/[0-9][0-9]*; do + [ -x "$i" ] || continue + . "$i" +done diff --git a/user/grub/grub.post-upgrade b/user/grub/grub.post-upgrade new file mode 100644 index 000000000..5b9cbb072 --- /dev/null +++ b/user/grub/grub.post-upgrade @@ -0,0 +1,38 @@ +#!/bin/sh -e +ver_new="$1" +ver_old="$2" + +if [ "$(apk version -t "$ver_old" "2.02-r8")" = "<" ]; then + cat >&2 <<-EOF + * + * Starting with grub=2.02-r8, /boot/grub/grub.cfg is now automatically + * regenerated when easy-kernel is upgraded. + * + EOF + if ! grep -Fqx '# DO NOT EDIT THIS FILE' /boot/grub/grub.cfg; then + cat >&2 <<-EOF + * It appears that you have a manual GRUB configuration. + * If this is incorrect, comment out ADELIE_MANUAL_CONFIG + * in /etc/default/grub. When this option is set, /boot/grub/grub.cfg + * will *not* be automatically regenerated. + * + EOF + + cat >> /etc/default/grub <<-EOF + # Uncomment the following line if you do *not* want /boot/grub/grub.cfg to be + # automatically regenerated when easy-kernel is upgraded. + ADELIE_MANUAL_CONFIG=1 + EOF + else + cat >&2 <<-EOF + * It appears that you have a default GRUB configuration. + * If this is incorrect, uncomment ADELIE_MANUAL_CONFIG=1 + * in /etc/default/grub. When this option is set, /boot/grub/grub.cfg + * will *not* be automatically regenerated. + * + * A copy of the existing configuration will be saved as + * /boot/grub/grub.cfg.update-grub-old. + * + EOF + fi +fi diff --git a/user/grub/grub.trigger b/user/grub/grub.trigger new file mode 100644 index 000000000..eba13a458 --- /dev/null +++ b/user/grub/grub.trigger @@ -0,0 +1,2 @@ +#!/bin/sh -e +exec update-grub diff --git a/user/grub/quirk-01_radeon_agpmode b/user/grub/quirk-01_radeon_agpmode new file mode 100644 index 000000000..879f1619e --- /dev/null +++ b/user/grub/quirk-01_radeon_agpmode @@ -0,0 +1,28 @@ +#!/bin/sh +# vi: noet: +# Horst Burkhardt <horst@adelielinux.org> 2018 +# Max Rees <maxcrees@me.com> 2019 +# +# AGP acceleration in the Radeon KMS driver has been broken on Apple PPC +# since the 2.6 series, and most developers are in agreement that since +# UniNorth is underdocumented, it probably won't ever be fixed. Disable +# it on all Apple machines except ones where it is known not to apply. +# +# https://bts.adelielinux.org/show_bug.cgi?id=49 +set -e + +case "$(uname -m)" in +ppc|ppc64) + if grep -q 'MacRISC[23]' /proc/cpuinfo; then + case "$(awk '$1 == "machine" { print $3 }' /proc/cpuinfo)" in + PowerBook1,1) ;; + PowerMac1,1) ;; + PowerMac1,2) ;; + PowerMac11,2) ;; + PowerMac12,1) ;; + RackMac3,1) ;; + iMac,1) ;; + *) export GRUB_CMDLINE_LINUX="radeon.agpmode=-1 $GRUB_CMDLINE_LINUX";; + esac + fi;; +esac diff --git a/user/grub/update-grub b/user/grub/update-grub new file mode 100644 index 000000000..d22930bd7 --- /dev/null +++ b/user/grub/update-grub @@ -0,0 +1,16 @@ +#!/bin/sh -e +. /etc/default/grub +if [ "$ADELIE_MANUAL_CONFIG" = 1 ]; then + cat >&2 <<-EOF + * + * You have specified that you are using a manual GRUB configuration. + * You must update it yourself. + * + EOF + exit 0 +fi + +if [ -e /boot/grub/grub.cfg ]; then + cp -p /boot/grub/grub.cfg /boot/grub/grub.cfg.update-grub-old +fi +exec grub-mkconfig -o /boot/grub/grub.cfg diff --git a/user/mosquitto/APKBUILD b/user/mosquitto/APKBUILD new file mode 100644 index 000000000..e7cd25057 --- /dev/null +++ b/user/mosquitto/APKBUILD @@ -0,0 +1,80 @@ +# Contributor: Pedro Filipe <xpecex@outlook.com> +# Contributor: Natanael Copa <ncopa@alpinelinux.org> +# Maintainer: Max Rees <maxcrees@me.com> +pkgname=mosquitto +pkgver=1.6.6 +pkgrel=0 +pkgdesc="An Open Source MQTT Broker" +url="https://mosquitto.org/" +arch="all" +license="EPL-1.0 AND EDL-1.0 AND MIT AND BSD-3-Clause" +depends="" +makedepends="c-ares-dev openssl-dev util-linux-dev" +checkdepends="python3" +subpackages="$pkgname-dev $pkgname-doc $pkgname-libs $pkgname-openrc + $pkgname-clients" +install="$pkgname.pre-install" +source="http://mosquitto.org/files/source/$pkgname-$pkgver.tar.gz + mosquitto.initd + disable-flaky-test.patch + openrc-conf.patch + python3.patch" + +# secfixes: +# 1.6.6-r0: +# - CVE-2019-11779 +# 1.5.6-r0: +# - CVE-2018-12546 +# - CVE-2018-12550 +# - CVE-2018-12551 +# 1.5.3-r0: +# - CVE-2018-12543 +# 1.4.15-r0: +# - CVE-2017-7652 +# - CVE-2017-7651 +# 1.4.13-r0: +# - CVE-2017-9868 +# 1.4.12-r0: +# - CVE-2017-7650 + +build() { + make \ + WITH_ADNS=no \ + WITH_MEMORY_TRACKING=no \ + WITH_SRV=yes \ + prefix=/usr +} + +check() { + # Unit tests require cunit, so skip them. + make -j1 -C test/broker test + make -j1 -C test/lib test +} + +package() { + make prefix=/usr DESTDIR="$pkgdir" install + + # C++ bindings are deprecated, so don't install them. + make -C lib/cpp prefix=/usr DESTDIR="$pkgdir" uninstall + rm "$pkgdir"/usr/lib/pkgconfig/libmosquittopp.pc + + mv "$pkgdir"/usr/sbin/mosquitto "$pkgdir"/usr/bin + mv "$pkgdir"/etc/mosquitto/mosquitto.conf.example \ + "$pkgdir"/etc/mosquitto/mosquitto.conf + + install -Dm755 "$srcdir"/mosquitto.initd \ + "$pkgdir"/etc/init.d/mosquitto +} + +clients() { + pkgdesc="Mosquitto command line MQTT clients" + + mkdir -p "$subpkgdir"/usr/bin + mv "$pkgdir"/usr/bin/mosquitto_[ps]ub "$subpkgdir"/usr/bin/ +} + +sha512sums="ea6ba7b57773c8f4a59e708ae305a0e38ca85df94854410b29cccddbe10bbb91c2ea5e827fefb3f57cb4fce188ab9c3021804f1ae398b7fd5e9e965354b68bc1 mosquitto-1.6.6.tar.gz +681fddc737b3ef3e6c052f0c854a730df290352640a18a63e23ef83d14c425558aff87805d1eb95e44de101b5df48872173af9f5414464ffa8cf727ea2c0491e mosquitto.initd +3886171e36f759a717aa6626d5b8dbd392963c737d5de28b4d52b81359008927b99ff7a0ca82f56a0e5deaed4585571759ba9216336a664fd346845837c2bc18 disable-flaky-test.patch +b07f9bec2751ab32c43f53e74d8fca18dbf2d7ce7f8fab562dbcf75de19609ba6219d735ac504697404e0ed36613a14074e3a19e735297195877798f778d337a openrc-conf.patch +078197e6c3e59b664f5fdd1e4a4f669c9a76ab84fe4a5d8602ac80406b85c4e1cce29d9372e76d995155b74abb438d0dc0cdcdb98251fb904122073c4088d76a python3.patch" diff --git a/user/mosquitto/disable-flaky-test.patch b/user/mosquitto/disable-flaky-test.patch new file mode 100644 index 000000000..8fd51c403 --- /dev/null +++ b/user/mosquitto/disable-flaky-test.patch @@ -0,0 +1,11 @@ +--- mosquitto-1.6.4/test/broker/Makefile 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/Makefile 2019-08-28 00:03:54.430562623 +0000 +@@ -193,7 +193,7 @@ endif + ./10-listener-mount-point.py + + 11 : +- ./11-message-expiry.py ++ #./11-message-expiry.py + ./11-persistent-subscription.py + ./11-persistent-subscription-v5.py + ./11-persistent-subscription-no-local.py diff --git a/user/mosquitto/mosquitto.initd b/user/mosquitto/mosquitto.initd new file mode 100644 index 000000000..818931213 --- /dev/null +++ b/user/mosquitto/mosquitto.initd @@ -0,0 +1,36 @@ +#!/sbin/openrc-run +MOSQUITTO_CFG="${MOSQUITTO_CFG:-/etc/mosquitto/${RC_SVCNAME}.conf}" + +command="/usr/bin/mosquitto" +command_args="-c '${MOSQUITTO_CFG}' $command_args" +command_args_background="--daemon" +pidfile="$(awk '$1 == "pid_file" {print $2}' "${MOSQUITTO_CFG}" || true)" + +extra_started_commands="reload" +description_reload="Reload configuration" + +start_pre() { + if ! [ -e "$MOSQUITTO_CFG" ]; then + eerror "$MOSQUITTO_CFG does not exist" + return 1 + fi + + if [ -z "$pidfile" ]; then + eerror "${MOSQUITTO_CFG} is missing the pid_file option" + return 1 + fi + + MOSQUITTO_LOG="$(awk '$1 " " $2 == "log_dest file" {print $3}' "${MOSQUITTO_CFG}")" + if [ -n "$MOSQUITTO_LOG" ]; then + MOSQUITTO_USER="$(awk '$1 == "user" {print $2}' "${MOSQUITTO_CFG}")" + MOSQUITTO_USER="${MOSQUITTO_USER:-mosquitto}" + checkpath -fm 660 -o "${MOSQUITTO_USER}" \ + "${MOSQUITTO_LOG}" || return 1 + fi +} + +reload() { + ebegin "Reloading ${RC_SVCNAME}" + start-stop-daemon --signal HUP --pidfile "${pidfile}" + eend $? +} diff --git a/user/mosquitto/mosquitto.pre-install b/user/mosquitto/mosquitto.pre-install new file mode 100644 index 000000000..ac36da04c --- /dev/null +++ b/user/mosquitto/mosquitto.pre-install @@ -0,0 +1,7 @@ +#!/bin/sh + +groupadd -r mosquitto 2>/dev/null +useradd -c mosquitto -s /sbin/nologin -g mosquitto \ + -m -d /var/empty -k /etc/skel -r mosquitto 2>/dev/null + +exit 0 diff --git a/user/mosquitto/openrc-conf.patch b/user/mosquitto/openrc-conf.patch new file mode 100644 index 000000000..d1c5ee04b --- /dev/null +++ b/user/mosquitto/openrc-conf.patch @@ -0,0 +1,20 @@ +--- mosquitto-1.6.4/mosquitto.conf 2019-08-01 14:50:01.000000000 -0500 ++++ mosquitto-1.6.4/mosquitto.conf 2019-08-27 18:16:52.290542736 -0500 +@@ -158,7 +158,7 @@ + # This should be set to /var/run/mosquitto.pid if mosquitto is + # being run automatically on boot with an init script and + # start-stop-daemon or similar. +-#pid_file ++pid_file /var/run/mosquitto.pid + + # Set to true to queue messages with QoS 0 when a persistent client is + # disconnected. These messages are included in the limit imposed by +@@ -585,7 +585,7 @@ + # Note that if the broker is running as a Windows service it will default to + # "log_dest none" and neither stdout nor stderr logging is available. + # Use "log_dest none" if you wish to disable logging. +-#log_dest stderr ++log_dest file /var/log/mosquitto.log + + # Types of messages to log. Use multiple log_type lines for logging + # multiple types of messages. diff --git a/user/mosquitto/python3.patch b/user/mosquitto/python3.patch new file mode 100644 index 000000000..f348cbc3e --- /dev/null +++ b/user/mosquitto/python3.patch @@ -0,0 +1,48 @@ +--- mosquitto-1.6.4/test/broker/09-extended-auth-change-username.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-change-username.py 2019-08-27 22:20:08.560518752 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + # Check whether an extended auth plugin can change the username of a client. + +--- mosquitto-1.6.4/test/broker/09-extended-auth-multistep-reauth.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-multistep-reauth.py 2019-08-27 22:22:11.530519618 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + from mosq_test_helper import * + +--- mosquitto-1.6.4/test/broker/09-extended-auth-multistep.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-multistep.py 2019-08-27 22:20:37.030518952 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + from mosq_test_helper import * + +--- mosquitto-1.6.4/test/broker/09-extended-auth-single.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-single.py 2019-08-27 22:21:42.250519412 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + # Multi tests for extended auth with a single step. + # * Error in plugin +--- mosquitto-1.6.4/test/broker/09-extended-auth-single2.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-single2.py 2019-08-27 22:21:02.220519130 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + # Multi tests for extended auth with a single step - multiple plugins at once. + # * Error in plugin +--- mosquitto-1.6.4/test/broker/09-extended-auth-unsupported.py.old 2019-08-01 19:50:01.000000000 +0000 ++++ mosquitto-1.6.4/test/broker/09-extended-auth-unsupported.py 2019-08-27 22:21:20.360519257 +0000 +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + + # Test whether an unsupported extended auth is rejected. + diff --git a/user/poppler-qt5/APKBUILD b/user/poppler-qt5/APKBUILD index 5c0bbf4c8..ac680fc9a 100644 --- a/user/poppler-qt5/APKBUILD +++ b/user/poppler-qt5/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=poppler-qt5 _realname=poppler -pkgver=0.77.0 +pkgver=0.80.0 pkgrel=0 _testver=01c92874 pkgdesc="PDF rendering library based on xpdf 3.0 (Qt 5 bindings)" @@ -26,6 +26,9 @@ builddir="$srcdir"/$_realname-$pkgver/build # - CVE-2019-10873 # - CVE-2019-11026 # - CVE-2019-12293 +# 0.80.0-r0: +# - CVE-2019-9959 +# - CVE-2019-14494 prepare() { default_prepare @@ -43,7 +46,7 @@ build() { } check() { - # check_qt5_annotations: fails on ppc64 and x86_64 as of 0.77.0-r0 + # check_qt5_annotations: fails on ppc64 and x86_64 as of 0.80.0-r0 # FAIL! : TestAnnotations::checkFontSizeAndColor() Compared values are not the same # Actual (textAnnot->contents()): "\u00C3\u00BE\u00C3\u00BF\u0000f\u0000o\u0000o\u0000b\u0000a\u0000r" # Expected (contents) : "foobar" @@ -58,5 +61,5 @@ package() { make DESTDIR="$pkgdir" install } -sha512sums="7c82cf584541fcbfa7cecdb06be9c4ba6d03479fc248377b874afeab561eac24015915eee566edc35fafe785b9f381f492c1789c070e67a2c1b344879c156040 poppler-0.77.0.tar.xz +sha512sums="0a0d68168ba4d560941de31cb9e32c6cd7b44025e93cd84ace863ffab5b9ff0356524626cb16fb99c29a897738f2ac5862480fc54d42f8aecd2e3457f11c642f poppler-0.80.0.tar.xz 5275541ffa0fef9c55a0c02411947c610b2e7eb621f0a0fa9529810f8b09e2b0194c1da4b64eb9641b2c3af7b099e6bb7d1212b9087a21cf3af893090a10506b poppler-test-01c92874.tar.gz" diff --git a/user/poppler/APKBUILD b/user/poppler/APKBUILD index 9c3385c8d..462c23333 100644 --- a/user/poppler/APKBUILD +++ b/user/poppler/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: pkgname=poppler -pkgver=0.77.0 +pkgver=0.80.0 pkgrel=0 pkgdesc="PDF rendering library based on xpdf 3.0" url="https://poppler.freedesktop.org/" @@ -25,6 +25,9 @@ builddir="$srcdir"/$pkgname-$pkgver/build # - CVE-2019-10873 # - CVE-2019-11026 # - CVE-2019-12293 +# 0.80.0-r0: +# - CVE-2019-9959 +# - CVE-2019-14494 prepare() { default_prepare @@ -60,4 +63,4 @@ glib() { "$subpkgdir"/usr/lib/ } -sha512sums="7c82cf584541fcbfa7cecdb06be9c4ba6d03479fc248377b874afeab561eac24015915eee566edc35fafe785b9f381f492c1789c070e67a2c1b344879c156040 poppler-0.77.0.tar.xz" +sha512sums="0a0d68168ba4d560941de31cb9e32c6cd7b44025e93cd84ace863ffab5b9ff0356524626cb16fb99c29a897738f2ac5862480fc54d42f8aecd2e3457f11c642f poppler-0.80.0.tar.xz" diff --git a/user/py3-paho-mqtt/APKBUILD b/user/py3-paho-mqtt/APKBUILD new file mode 100644 index 000000000..cda723c76 --- /dev/null +++ b/user/py3-paho-mqtt/APKBUILD @@ -0,0 +1,33 @@ +# Contributor: Fabian Affolter <fabian@affolter-engineering.ch> +# Maintainer: Max Rees <maxcrees@me.com> +pkgname=py3-paho-mqtt +_pkgname=paho.mqtt.python +pkgver=1.4.0 +pkgrel=0 +pkgdesc="MQTT version 3.1.1 client class for Python" +url="https://www.eclipse.org/paho/" +# Certified net clean +arch="noarch" +license="EPL-1.0 AND EDL-1.0" +depends="python3" +makedepends="" +checkdepends="py3-pytest" +# Use GitHub tarball since PyPI doesn't include tests +source="$pkgname-$pkgver.tar.gz::https://github.com/eclipse/paho.mqtt.python/archive/v$pkgver.tar.gz + setup.patch" +builddir="$srcdir/$_pkgname-$pkgver" + +build() { + python3 setup.py build +} + +check() { + PYTHONPATH="$builddir"/src pytest +} + +package() { + python3 setup.py install --prefix=/usr --root="$pkgdir" +} + +sha512sums="2e49f0f146207ab4fbc8c346b10d3e2b50869b2d9db7c999b6645f7213fb635b64cff01c5405e7833a8b25334d24685ce6ed734a6e4b6b0660b48f65cf4a941c py3-paho-mqtt-1.4.0.tar.gz +0cfff826651b36b5062dae8bad3abcab428dc18bfcee6c941a46f5c8900c871bd475d96fa382e06d731ea451ad9159edadf0ee3767f7dea992cb7a7ed7313d80 setup.patch" diff --git a/user/py3-paho-mqtt/setup.patch b/user/py3-paho-mqtt/setup.patch new file mode 100644 index 000000000..70ccc869f --- /dev/null +++ b/user/py3-paho-mqtt/setup.patch @@ -0,0 +1,24 @@ +--- paho.mqtt.python-1.4.0/setup.py 2018-09-02 11:20:42.000000000 +0000 ++++ paho.mqtt.python-1.4.0/setup.py 2019-08-28 02:51:55.690633661 +0000 +@@ -11,9 +11,8 @@ with open('README.rst', 'rb') as readme_ + readme = readme_file.read().decode('utf-8') + + requirements = [] +-test_requirements = ['pytest', 'pylama'] +-needs_pytest = {'pytest', 'test', 'ptr'}.intersection(sys.argv) +-setup_requirements = ['pytest-runner'] if needs_pytest else [] ++test_requirements = ['pytest'] ++setup_requirements = [] + + if sys.version_info < (3, 0): + test_requirements += ['mock'] +--- paho.mqtt.python-1.4.0/setup.cfg 2018-09-02 11:20:42.000000000 +0000 ++++ paho.mqtt.python-1.4.0/setup.cfg 2019-08-28 02:50:19.540632984 +0000 +@@ -1,7 +1,6 @@ + [aliases] + test=pytest + [tool:pytest] +-addopts=-r xs --pylama + strict=True + testpaths=tests src + [pylama] diff --git a/user/qpdfview/APKBUILD b/user/qpdfview/APKBUILD index e4d16e50d..6bafa639b 100644 --- a/user/qpdfview/APKBUILD +++ b/user/qpdfview/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Max Rees <maxcrees@me.com> pkgname=qpdfview pkgver=0.4.18 -pkgrel=0 +pkgrel=1 pkgdesc="A tabbed document viewer" url="https://launchpad.net/qpdfview" arch="all" diff --git a/user/spice-gtk/APKBUILD b/user/spice-gtk/APKBUILD new file mode 100644 index 000000000..c613828bc --- /dev/null +++ b/user/spice-gtk/APKBUILD @@ -0,0 +1,69 @@ +# Contributor: Natanael Copa <ncopa@alpinelinux.org> +# Maintainer: Max Rees <maxcrees@me.com> +pkgname=spice-gtk +pkgver=0.37 +pkgrel=0 +pkgdesc="A GTK+ widget for SPICE clients" +url="https://www.spice-space.org/" +arch="all" +# suid: ACL helper for USB redirection +options="suid" +license="LGPL-2.1+ AND LGPL-2.0+ AND BSD-3-Clause AND MIT AND GPL-3.0+ AND LGPL-2.0-only AND GPL-2.0+" +depends="gst-plugins-good" +depends_dev="gobject-introspection-dev gtk+3.0-dev" +makedepends="$depends_dev acl-dev bash cyrus-sasl-dev eudev-dev + gst-plugins-base-dev gstreamer-dev gstreamer-tools json-glib-dev + libjpeg-turbo-dev libusb-dev libxrandr-dev lz4-dev openssl-dev + opus-dev polkit-dev polkit-dev spice-protocol usbredir-dev + usbutils zlib-dev" +subpackages="$pkgname-dev $pkgname-doc $pkgname-lang spicy + spice-glib:glib" +source="https://www.spice-space.org/download/gtk/$pkgname-$pkgver.tar.bz2" + +build() { + # Note: pulseaudio support is disabled because it's deprecated. + # Audio is still supported through gstreamer. + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --with-gtk=3.0 \ + --with-audio=gstreamer \ + --disable-celt051 \ + --disable-werror \ + --enable-lz4 \ + --enable-opus \ + --enable-smartcard=no \ + --enable-usbredir=yes \ + --enable-polkit=yes \ + --enable-pulse=no + make +} + +check() { + make check +} + +package() { + make -j1 DESTDIR="$pkgdir" install +} + +spicy() { + pkgdesc="SPICE client (remote virtual machine access)" + mkdir -p "$subpkgdir"/usr + mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ +} + +glib() { + pkgdesc="$pkgdesc (GLib libraries)" + mkdir -p "$subpkgdir"/usr/lib \ + "$subpkgdir"/usr/lib/girepository-1.0/ + mv "$pkgdir"/usr/lib/*-glib-*.so* \ + "$subpkgdir"/usr/lib/ + mv "$pkgdir"/usr/lib/girepository-1.0/SpiceClientGLib-*.typelib \ + "$subpkgdir"/usr/lib/girepository-1.0/ +} + +sha512sums="a0a20bc6f25337d86e57fe1fc9586c4cc84457fc8c38cdcc5a728990a69018da0fca3ab5aa63349786b5a7508c82b716c94803eefb3495cffb7df4526db2d029 spice-gtk-0.37.tar.bz2" diff --git a/user/tellico/APKBUILD b/user/tellico/APKBUILD index 3fb5df741..f697dd5b5 100644 --- a/user/tellico/APKBUILD +++ b/user/tellico/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: A. Wilcox <awilfox@adelielinux.org> pkgname=tellico pkgver=3.2.1 -pkgrel=0 +pkgrel=1 pkgdesc="Collection manager" url="http://tellico-project.org/" arch="all" diff --git a/user/tumbler/APKBUILD b/user/tumbler/APKBUILD index 06612e754..98adfba5d 100644 --- a/user/tumbler/APKBUILD +++ b/user/tumbler/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com> pkgname=tumbler pkgver=0.2.7 -pkgrel=0 +pkgrel=1 pkgdesc="Thumbnail generation service for the XFCE desktop environment" url="https://xfce.org" arch="all" |