From 00075f842380bff25a1b88a27056973d0341fb31 Mon Sep 17 00:00:00 2001 From: Max Rees Date: Thu, 27 Jun 2019 01:49:03 -0400 Subject: user/libreoffice: [CVE] bump to 6.4.0.3 (#151) * GTK+2 VCL plugin has been dropped upstream; move to GTK+3 * When porting 6.3.x.x, the Serbian and Serbian (Latin) translations did not build correctly, so they have been disabled for the time being. * Pin subpackage versions to eachother * Remove paxmark * makedepends changelog: + autoconf + automake + libqrcodegen ~ mdds~1.5 - paxmark - gtk+2.0-dev - gdk-pixbuf-dev + gtk+3.0-dev + mesa-dev ~ liborcus-dev~0.15 --- user/libreoffice/APKBUILD | 129 ++++++++++++++++++++++++---------------------- 1 file changed, 68 insertions(+), 61 deletions(-) (limited to 'user/libreoffice/APKBUILD') diff --git a/user/libreoffice/APKBUILD b/user/libreoffice/APKBUILD index b6968e4ab..29ec4c2d3 100644 --- a/user/libreoffice/APKBUILD +++ b/user/libreoffice/APKBUILD @@ -6,19 +6,17 @@ # and you definitely don't want "deps" in ERROR_CLEANUP. # Just "abuild clean undeps" once you're completely done. # -# Build requirements: -# * RAM: -# 8 GB with Hulu in Chromium in the background is enough. +# Even with JOBS=4 you're gonna want at least 8 GB of RAM. # # * Disk space: -# * Dependencies: 1131 MiB -# * Downloads: 398 MiB -# * Subtotal: 1529 MiB = 1.5 GiB -# * Complete src: 33970 MiB -# * Complete pkg: 9637 MiB -# * All APKs: 2362 MiB = 2.3 GiB -# * Subtotal: 45969 MiB = 44.9 GiB -# * Grand total: 47498 MiB = 46.4 GiB +# * Dependencies: 1557 MiB = 1.5 GiB +# * Downloads: 515 MiB +# * Subtotal: 2072 MiB = 2.0 GiB +# * Complete src: 34134 MiB +# * Complete pkg: 9399 MiB +# * All APKs: 2282 MiB = 2.2 GiB +# * Subtotal: 45815 MiB = 44.7 GiB +# * Grand total: 47887 MiB = 46.8 GiB # # Build stats: # * Run "abuild deps fetch" first. @@ -29,7 +27,7 @@ # abuild -r 29590.16s user 1077.69s system 340% cpu 2:30:13.12 total pkgname=libreoffice -pkgver=6.2.1.2 +pkgver=6.4.0.3 pkgrel=0 case "$pkgver" in *.*.*.*) _ver="${pkgver%.*}";; @@ -46,30 +44,38 @@ arch="all" options="" license="MPL-2.0 AND Apache-2.0 AND MIT AND X11 AND (MPL-1.1 OR GPL-2.0+ OR LGPL-2.1+) AND GPL-2.0+ AND GPL-3.0 AND GPL-3.0+ AND LGPL-2.1 AND LGPL-3.0+ AND BSD-3-Clause AND SISSL AND IJG AND CC-BY-SA-3.0" -depends="$pkgname-base $pkgname-calc $pkgname-common $pkgname-draw - $pkgname-impress $pkgname-math $pkgname-connector-postgres $pkgname-writer" +depends="$pkgname-base=$pkgver-r$pkgrel + $pkgname-calc=$pkgver-r$pkgrel + $pkgname-common=$pkgver-r$pkgrel + $pkgname-draw=$pkgver-r$pkgrel + $pkgname-impress=$pkgver-r$pkgrel + $pkgname-math=$pkgver-r$pkgrel + $pkgname-connector-postgres=$pkgver-r$pkgrel + $pkgname-writer=$pkgver-r$pkgrel + " # 1. Base dependencies # 2. GUIs - gen # 3. GUIs - gtk+2.0 # 4. File formats -makedepends="apr-dev bash bison boost-dev cairo-dev clucene-dev cmd:which - coreutils cppunit-dev cups-dev dbus-glib-dev findutils flex fontconfig-dev - fontforge-dev freetype-dev glm gperf gpgme-dev gst-plugins-base-dev - gstreamer-dev harfbuzz-dev hunspell-dev hyphen-dev icu icu-dev lcms2-dev - libcmis-dev libexttextcat-dev libjpeg-turbo-dev libnumbertext-dev libpng-dev - libxml2-utils libxslt-dev mdds>=1.4.1 mythes-dev neon-dev nss-dev - openldap-dev openssl-dev paxmark perl poppler-dev postgresql-dev python3-dev - py3-lxml redland-dev sane-dev sed ucpp unixodbc-dev util-linux xmlsec-dev zip +makedepends="apr-dev autoconf automake bash bison boost-dev cairo-dev + clucene-dev cmd:which coreutils cppunit-dev cups-dev dbus-glib-dev findutils + flex fontconfig-dev fontforge-dev freetype-dev glm gperf gpgme-dev + gst-plugins-base-dev gstreamer-dev harfbuzz-dev hunspell-dev hyphen-dev icu + icu-dev lcms2-dev libcmis-dev libexttextcat-dev libjpeg-turbo-dev + libnumbertext-dev libpng-dev libqrcodegen libxml2-utils libxslt-dev mdds~1.5 + mythes-dev neon-dev nss-dev openldap-dev openssl-dev perl poppler-dev + postgresql-dev python3-dev py3-lxml redland-dev sane-dev sed ucpp + unixodbc-dev util-linux xmlsec-dev zip libepoxy-dev libxinerama-dev libxrandr-dev libxrender-dev libxext-dev - gtk+2.0-dev gdk-pixbuf-dev glib-dev + gtk+3.0-dev glib-dev mesa-dev libabw-dev libcdr-dev libe-book-dev libepubgen-dev libetonyek-dev - libfreehand-dev libmspub-dev libmwaw-dev libodfgen-dev liborcus-dev>=0.14 + libfreehand-dev libmspub-dev libmwaw-dev libodfgen-dev liborcus-dev~0.15 libpagemaker-dev libqxp-dev libstaroffice-dev libvisio-dev libwpd-dev libwpg-dev libwps-dev libzmf-dev -" + " # -common also depends on these fonts _fonts="ttf-liberation ttf-dejavu ttf-carlito" @@ -79,7 +85,7 @@ checkdepends="$_fonts" # -doc comes first since it redirects manpages from the other subpackages # -lang-* comes before -common since it redirects miscellaneous # language-specific files from -common -subpackages="$pkgname-doc $pkgname-base $pkgname-gtk2 +subpackages="$pkgname-doc $pkgname-base $pkgname-gtk3 $pkgname-calc $pkgname-draw $pkgname-impress $pkgname-math $pkgname-connector-postgres $pkgname-writer" source="https://download.documentfoundation.org/$pkgname/src/$_ver/$pkgname-$pkgver.tar.xz @@ -88,14 +94,13 @@ source="https://download.documentfoundation.org/$pkgname/src/$_ver/$pkgname-$pkg https://download.documentfoundation.org/$pkgname/src/$_ver/$pkgname-help-$pkgver.tar.xz linux-musl.patch fix-execinfo.patch - fix-includes.patch gettext-tiny.patch disable-crc-test.patch disable-outdated-font-test.patch disable-mariadbc.patch - disable-mysqlc.patch - boost.patch -" + mso-lockfile-utf16le.patch + poppler-0.83.patch + " ldpath="/usr/lib/$pkgname/program" _languages="af:Afrikaans:MPL-2.0 AND Public-Domain AND LGPL-3.0 AND LGPL-2.1+ AND Apache-2.0 @@ -188,8 +193,6 @@ _languages="af:Afrikaans:MPL-2.0 AND Public-Domain AND LGPL-3.0 AND LGPL-2.1+ AN sk:Slovak:MPL-2.0 AND (GPL-2.0 OR LGPL-2.1 OR MPL-1.1) AND LPPL-1.3c AND MIT AND Apache-2.0 sl:Slovenian:MPL-2.0 AND (GPL-2.0 OR LGPL-2.1) AND LGPL-2.1 AND Apache-2.0 sq:Albanian:MPL-2.0 AND Apache-2.0 - sr:Serbian:MPL-2.0 AND (LGPL-2.1+ OR MPL-1.1+ OR GPL-2.0+ OR CC-BY-SA-3.0) AND LGPL-2.1+ AND Apache-2.0 - sr_latn:Serbian (Latin):MPL-2.0 AND Apache-2.0 ss:Swati:MPL-2.0 AND Apache-2.0 st:Southern Sotho:MPL-2.0 AND Apache-2.0 sv:Swedish:MPL-2.0 AND LGPL-3.0 AND Custom AND Apache-2.0 @@ -211,7 +214,7 @@ _languages="af:Afrikaans:MPL-2.0 AND Public-Domain AND LGPL-3.0 AND LGPL-2.1+ AN zh_cn:Simplified Chinese (People's Republic of China):MPL-2.0 AND Apache-2.0 zh_tw:Traditional Chinese (Taiwan):MPL-2.0 AND Apache-2.0 zu:Zulu:MPL-2.0 AND LGPL-2.1 AND Apache-2.0 -" + " _lo_lang() { local lang="$1" case "$lang" in @@ -237,6 +240,16 @@ for _lang in $(printf '%s' "$_languages" | cut -d : -f 1); do done subpackages="$subpackages $pkgname-common" +# secfixes: +# 6.4.0.3-r0: +# - CVE-2019-9848 +# - CVE-2019-9849 +# - CVE-2019-9850 +# - CVE-2019-9851 +# - CVE-2019-9852 +# - CVE-2019-9853 +# - CVE-2019-9854 + prepare() { default_prepare NOCONFIGURE=1 ./autogen.sh @@ -276,8 +289,7 @@ build() { --disable-firebird-sdbc \ --disable-coinmp \ --disable-lpsolve \ - --disable-gtk3 \ - --enable-gtk \ + --enable-gtk3 \ --disable-qt5 \ --disable-odk \ --disable-avahi \ @@ -400,14 +412,10 @@ _split_lang() { common() { pkgdesc="LibreOffice - common files" - depends="$pkgname-lang-en_us $_fonts" + depends="$pkgname-lang-en_us=$pkgver-r$pkgrel $_fonts !$pkgname-gtk2" _split common - paxmark -m \ - "$subpkgdir"/usr/lib/libreoffice/program/soffice.bin \ - "$subpkgdir"/usr/lib/libreoffice/program/unopkg.bin - mkdir -p "$subpkgdir/usr/share/appdata" mv "$pkgdir"/usr/share/appdata/*.xml "$subpkgdir/usr/share/appdata" @@ -424,65 +432,64 @@ common() { fi } -gtk2() { - pkgdesc="LibreOffice - GTK+2.0 GUI" - depends="libreoffice-common" - install_if="$pkgname-common=$pkgver-r$pkgrel gtk+2.0" +gtk3() { + pkgdesc="LibreOffice - GTK+3.0 GUI" + depends="libreoffice-common=$pkgver-r$pkgrel" + install_if="$pkgname-common=$pkgver-r$pkgrel gtk+3.0" _split gnome } base() { pkgdesc="LibreOffice - database frontend" - depends="libreoffice-common" + depends="libreoffice-common=$pkgver-r$pkgrel" _split base } calc() { pkgdesc="LibreOffice - spreadsheet editor" - depends="libreoffice-common" + depends="libreoffice-common=$pkgver-r$pkgrel" _split calc } draw() { pkgdesc="LibreOffice - drawing application" - depends="libreoffice-common" + depends="libreoffice-common=$pkgver-r$pkgrel" _split draw } impress() { pkgdesc="LibreOffice - presentation application" - depends="libreoffice-common" + depends="libreoffice-common=$pkgver-r$pkgrel" _split impress } math() { pkgdesc="LibreOffice - equation editor" - depends="libreoffice-common" + depends="libreoffice-common=$pkgver-r$pkgrel" _split math } postgres() { pkgdesc="LibreOffice - connector for PostgreSQL database" - depends="libreoffice-base" + depends="libreoffice-base=$pkgver-r$pkgrel" _split postgresql } writer() { pkgdesc="LibreOffice - word processor" - depends="libreoffice-common" + depends="libreoffice-common=$pkgver-r$pkgrel" _split writer } -sha512sums="0d18e5f470b3e8a70d1679c7acdc91887cbbbb2032e1eb452308d257a6bc02d42e93fec66709c84838f7565e42217ac1d2b121e3356f7c754fc7ee33b7c6f0ef libreoffice-6.2.1.2.tar.xz -e9acd76b783a7a0b3344f267a8105ede52b2da92d6c1ae2b54237ffc30d4f87a8e126bb597ab3c4d993bb1e89f1b5d16921ea3d83419c1b5b69cb83aae007bd3 libreoffice-dictionaries-6.2.1.2.tar.xz -4dafc81179fbb8a0b10c774ec072d0abdcdfebbcd5eb8341802bd7d515bd0ea5fb117729ae66b5666da5927a567b54a23c870bcd16ba64478016a4ab84f7f3a5 libreoffice-translations-6.2.1.2.tar.xz -c8bd2765b46162203d0b0acc06dc76108bd0093020981e1030d26d5a8771fb9494337c16cc99c10b7de7a906e713dd27555b0af8754d142387c3a968fa663a2f libreoffice-help-6.2.1.2.tar.xz -600e4eb772b1e24e06b906682fc4d4114d62ede3adcde3639482edafef56e970ac09925fcd910dccee8a14f5ca049ac3de3f279ebcc2be3a611e3883f3a7efb8 linux-musl.patch +sha512sums="1ea4b5865b7ad7d7400a775e153b00aa01d188844b580b26adb0d513db5f29a880cac145a746f139d236fff8fb5e8ed316943551de2e2eea218ab96bf177ca42 libreoffice-6.4.0.3.tar.xz +6e6bd33c86b6fe0744b9db70982aca8032011ceda55db30a8214b822dd77ad4760518f58aa42fed10996081ce91bf791fc332a8273664d5dd2141cc88eaaba97 libreoffice-dictionaries-6.4.0.3.tar.xz +168800ec5526f69febf6f37df4d04c0c42d26595587339721141c40c9812d9398bef7618732244759d65b4ccf46072b65536504c37c95f73e1ab91e6582ee75d libreoffice-translations-6.4.0.3.tar.xz +f3f0b5e9f09e55c49a74439e4355dfebc3fe0b6ec809eee44d58fa8493454828ea6af9aab6f336c74394aab0a71fa7d0aa3485d4f662f9917bfb798ad3164e13 libreoffice-help-6.4.0.3.tar.xz +91e3659232a6427234d483289892e1c66673ad2abef792cec9bf905f35797893faba59f10d775cdd0bad23d2be7b77578747dfa707d55bef62a2fbdc95ba3d2c linux-musl.patch ed18d6bc6e03369e17b50e6b969ac0804984c1416fdfe7120251d11c59a791bb0fc8956f848ee8697fce3c074f2943b03d4441aa531ff9504be2f497a8e7e412 fix-execinfo.patch -a1d704c78e3decb83eb45b0f180e7b352d58b4005a7e43dd8fddcb4829c932da4f0dd3d4dfeaa2313c1520273e9e1c64979a0ecbe5d72737926c54d5658bd2ff fix-includes.patch bac06a1f0f6ef3e5860ec340470583b2a7ff079efa9efee9119ae1ac320b97ecbfdb7eba63975d4f7a4e2476d3b01a9508a53a84b49df0a8febe12e17b685529 gettext-tiny.patch -6a039ba592a23b8db1dd5c8d5dffbc9562270de691d2eb1e1c420f8632532c0fce14a0f3844dc2e6f6b6b04655c40230bd69fd81d1ae6f0bd16f0e88ce0a2783 disable-crc-test.patch +ebfc1276a14354bb6b7274bd7850b7fe2b1653c379b1e04023c9fce65eaace4214b2e79d302a075b848297f454b3d340cf5e7db3565a69a2dfaecd4c98d6e669 disable-crc-test.patch 4ffc389a3c545d37d152bb52390c3abd06a32eb9fee03110c07e8b57f9b9d1be68fdc5092ad0be76f6540367a1f1d2e9e32d519021d8205847594edb811da428 disable-outdated-font-test.patch -c1925fe5833410c6a4b47a1723e67ce3898fc01ebded766023855cd93f290a6788638a86a8595e112ab788628c0ea7642c41d7ff987ba9117c2e079a99a3b29f disable-mariadbc.patch -01ef207d0b3ab1ded5edadd2d05cefe65d7c2dc4285abee12d7fbb61c92b2a3e37d5cfe5bb8f5ea9a40fd2918396ec25b473a916012e04732ebbe79ee6768a21 disable-mysqlc.patch -431f55b4ec96caa94b0f55d3691931ad65320ecacbd8f9c9f477107136866ba614683eb77458006960240918392e995a567f5b5436d75003ac036f6d24a77e0a boost.patch" +a4b63e741cd0aa295440a79142f221f2526ae7ba4f2fd28f37366871970c539332de70d89dfe8682d917aa70131b7c3a703e592e88085b58d024659105f8066a disable-mariadbc.patch +52f2e36b77fd952293d5bcd75d58aaee52faa846764d39c9f066778dfb7c7dcd3a6ab7ff6aeb8bd4a5671cec450888638f7c628c0302c7603e07b582c84ca556 mso-lockfile-utf16le.patch +38b09913075219e6d9bc34e94f995653941909118e96f89f7cf45798682758c541ff182b6643e45c7f20dfbb1c4c03e51ea4d8cdd15a997718f297c3c78245b5 poppler-0.83.patch" -- cgit v1.2.3-60-g2f50