media-libs/gd: Security bump to 2.3.0
authorSam James (sam_c) <sam@cmpct.info>
Tue, 5 May 2020 18:11:14 +0000 (18:11 +0000)
committerThomas Deutschmann <whissi@gentoo.org>
Sun, 10 May 2020 22:35:49 +0000 (00:35 +0200)
Bug: https://bugs.gentoo.org/719464
Bug: https://bugs.gentoo.org/632076
Bug: https://bugs.gentoo.org/608730
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Sam James (sam_c) <sam@cmpct.info>
Closes: https://github.com/gentoo/gentoo/pull/15657
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
media-libs/gd/Manifest
media-libs/gd/files/gd-2.3.0-disable-flaky-tests.patch [new file with mode: 0644]
media-libs/gd/files/gd-2.3.0-getlib.patch [new file with mode: 0644]
media-libs/gd/gd-2.3.0.ebuild [new file with mode: 0644]

index 986a6d405243ebf654549f309d9d8326a7f2c4ba..8c9c7e108d4f3009ee59d74c9a9aba3d10520337 100644 (file)
@@ -1,3 +1,4 @@
 DIST libgd-2.2.5-ossfuzz5700.dat 30 BLAKE2B 5ddd3d2be2adf05e1e2eb1852cc689be57d4d77c57b471e8b6021877f2fb137d15b4c73445fbb23a9ed585974a96dd154759a48712c1e7b5bdc5750d534aee4a SHA512 2394e92ff7a42c818e13a1ac9ad15bc81aa401adc917366ec8c440bb7f27a63777ab059aa03c501dafef0ac16b462dd23c7fb9f8086ce558203384a98a235fff
 DIST libgd-2.2.5-php_bug_75571.dat 1731 BLAKE2B 4b5d3f258b73e8089ede1b2c9f538855f410965a9e01e1f3f151ae52f072036172b184bd1a4d07b8355bb974bf088bebb0e812175a277bb67926274272bd80a0 SHA512 b3048640ce7828cca7901fadc989e867cfc6d31b44c0f5a1bda54d7428f317c8c8fc6403fef301e193869a95eb46eb7195d47710ec7f8c507ba049cb6cdcb281
 DIST libgd-2.2.5.tar.xz 2594092 BLAKE2B 222a7e012fbf9924ac391ee96c7cd3dec96afd78c6d43dfb680b33e7143e7df87fe6be75bbfe8fb93e916302d7daf08271214c84da28712e93a36465566cb2bd SHA512 e4598e17a277a75e02255402182cab139cb3f2cffcd68ec05cc10bbeaf6bc7aa39162c3445cd4a7efc1a26b72b9152bbedb187351e3ed099ea51767319997a6b
+DIST libgd-2.3.0.tar.xz 2539188 BLAKE2B a90f48be959d1bb6774ec44960e191b8be134ff3e74401eba4cbf9b165c72665f3dffe3beaaf92fa6069e0ef79533be5d57a5946a1839f55446072fa322ed808 SHA512 5b201d22560e147a3d5471010b898ad0268c3a2453b870d1267b6ba92e540cf9f75099336c1ab08217e41827ac86fe04525726bf29ad117e5dcbaef9a8d0622a
diff --git a/media-libs/gd/files/gd-2.3.0-disable-flaky-tests.patch b/media-libs/gd/files/gd-2.3.0-disable-flaky-tests.patch
new file mode 100644 (file)
index 0000000..245b3aa
--- /dev/null
@@ -0,0 +1,25 @@
+diff --git a/tests/gdimagecopyresampled/Makemodule.am b/tests/gdimagecopyresampled/Makemodule.am
+index d42eab5..3644213 100644
+--- a/tests/gdimagecopyresampled/Makemodule.am
++++ b/tests/gdimagecopyresampled/Makemodule.am
+@@ -4,8 +4,7 @@ libgd_test_programs += \
+ if HAVE_LIBPNG
+ libgd_test_programs += \
+       gdimagecopyresampled/basic \
+-      gdimagecopyresampled/basic_alpha \
+-      gdimagecopyresampled/bug00201
++      gdimagecopyresampled/basic_alpha
+ endif
+ EXTRA_DIST += \
+diff --git a/tests/gdimagegrayscale/Makemodule.am b/tests/gdimagegrayscale/Makemodule.am
+index c6fec00..2d81a4a 100644
+--- a/tests/gdimagegrayscale/Makemodule.am
++++ b/tests/gdimagegrayscale/Makemodule.am
+@@ -1,6 +1,5 @@
+ if HAVE_LIBPNG
+ libgd_test_programs += \
+-      gdimagegrayscale/basic \
+       gdimagegrayscale/bug00386
+ endif
diff --git a/media-libs/gd/files/gd-2.3.0-getlib.patch b/media-libs/gd/files/gd-2.3.0-getlib.patch
new file mode 100644 (file)
index 0000000..91884e9
--- /dev/null
@@ -0,0 +1,81 @@
+From 635dd9a3065ed88e1741e6b963044b80e913f96a Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi@remirepo.net>
+Date: Tue, 24 Mar 2020 08:01:01 +0100
+Subject: [PATCH] distribute getlib.sh
+
+---
+ config/Makefile.am | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config/Makefile.am b/config/Makefile.am
+index 122287ee..6416dda4 100644
+--- a/config/Makefile.am
++++ b/config/Makefile.am
+@@ -1,5 +1,5 @@
+ ## Process this file with automake to produce Makefile.in -*-Makefile-*-
+-EXTRA_DIST = gdlib.pc.cmake gdlib.pc.in getver.pl
++EXTRA_DIST = gdlib.pc.cmake gdlib.pc.in getlib.sh getver.pl
+ pkgconfigdir = $(libdir)/pkgconfig
+ pkgconfig_DATA = gdlib.pc
+
+diff -ruN a/config/getlib.sh b/config/getlib.sh
+--- a/config/getlib.sh 1970-01-01 00:00:00.000000000 -0000
++++ b/config/getlib.sh 2020-05-05 17:37:31.638896089 -0000
+@@ -0,0 +1,43 @@
++#!/bin/sh
++
++GETVER="${0%/*}/getver.pl"
++GDLIB_MAJOR=$("${GETVER}" MAJOR)
++GDLIB_MINOR=$("${GETVER}" MINOR)
++GDLIB_REVISION=$("${GETVER}" RELEASE)
++
++# Dynamic library version information
++# See http://www.gnu.org/software/libtool/manual/libtool.html#Updating-version-info
++
++GDLIB_LT_CURRENT=3
++# This is the version where the soname (current above) changes.  We use it
++# to reset the revision base back to zero.  It's a bit of a pain, but some
++# systems restrict the revision range below to [0..255] (like OS X).
++GDLIB_PREV_MAJOR=2
++GDLIB_PREV_MINOR=2
++# This isn't 100% correct, but it tends to be a close enough approximation
++# for how we manage the codebase.  It's rare to do a release that doesn't
++# modify the library since this project is centered around the library.
++GDLIB_LT_REVISION=$(( ((GDLIB_MAJOR - GDLIB_PREV_MAJOR) << 6) | ((GDLIB_MINOR - GDLIB_PREV_MINOR) << 3) | GDLIB_REVISION ))
++GDLIB_LT_AGE=0
++
++# The first three fields we feed into libtool and the OS target determines how
++# they get used.  The last two fields we feed into cmake.  We use the same rules
++# as Linux SONAME versioning in libtool, but cmake should handle it for us.
++case $1 in
++CURRENT)
++      printf '%s' "${GDLIB_LT_CURRENT}"
++      ;;
++REVISION)
++      printf '%s' "${GDLIB_LT_REVISION}"
++      ;;
++AGE)
++      printf '%s' "${GDLIB_LT_AGE}"
++      ;;
++VERSION)
++      printf '%s' "$(( GDLIB_LT_CURRENT - GDLIB_LT_AGE )).${GDLIB_LT_AGE}.${GDLIB_LT_REVISION}"
++      ;;
++SONAME)
++      printf '%s' "$(( GDLIB_LT_CURRENT - GDLIB_LT_AGE ))"
++      ;;
++esac
++
+diff --git a/configure.ac b/configure.ac
+index 8996053..86d0bc9 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -20,7 +20,7 @@ AC_CANONICAL_HOST
+ dnl Keep the libtool version details in an external script so cmake can
+ dnl access the values too.
+-define([lt_gv], [config/getlib.sh ]$1)
++define([lt_gv], [${SHELL} config/getlib.sh ]$1)
+ m4_define([gd_LT_CURRENT], esyscmd(lt_gv(CURRENT)))
+ m4_define([gd_LT_REVISION], esyscmd(lt_gv(REVISION)))
+ m4_define([gd_LT_AGE], esyscmd(lt_gv(AGE)))
diff --git a/media-libs/gd/gd-2.3.0.ebuild b/media-libs/gd/gd-2.3.0.ebuild
new file mode 100644 (file)
index 0000000..d9d3160
--- /dev/null
@@ -0,0 +1,80 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit autotools flag-o-matic multilib-minimal
+
+DESCRIPTION="Graphics library for fast image creation"
+HOMEPAGE="https://libgd.org/ https://www.boutell.com/gd/"
+SRC_URI="https://github.com/libgd/libgd/releases/download/${P}/lib${P}.tar.xz"
+
+LICENSE="gd IJG HPND BSD"
+SLOT="2/3"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~ppc-aix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
+IUSE="cpu_flags_x86_sse fontconfig jpeg png static-libs test tiff truetype webp xpm zlib"
+RESTRICT="!test? ( test )"
+
+# fontconfig has prefixed font paths, details see bug #518970
+REQUIRED_USE="prefix? ( fontconfig )"
+
+RDEPEND="fontconfig? ( >=media-libs/fontconfig-2.10.92[${MULTILIB_USEDEP}] )
+       jpeg? ( >=virtual/jpeg-0-r2:0=[${MULTILIB_USEDEP}] )
+       png? ( >=media-libs/libpng-1.6.10:0=[${MULTILIB_USEDEP}] )
+       tiff? ( media-libs/tiff:0[${MULTILIB_USEDEP}] )
+       truetype? ( >=media-libs/freetype-2.5.0.1[${MULTILIB_USEDEP}] )
+       webp? ( media-libs/libwebp:=[${MULTILIB_USEDEP}] )
+       xpm? ( >=x11-libs/libXpm-3.5.10-r1[${MULTILIB_USEDEP}] >=x11-libs/libXt-1.1.4[${MULTILIB_USEDEP}] )
+       zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )"
+DEPEND="${RDEPEND}
+       >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}]"
+
+S="${WORKDIR}/lib${P}"
+
+PATCHES=(
+       "${FILESDIR}/${PN}-2.3.0-disable-flaky-tests.patch"
+       "${FILESDIR}/${PN}-2.3.0-getlib.patch"
+)
+
+src_prepare() {
+       default
+       eautoreconf
+}
+
+multilib_src_configure() {
+       # bug 603360, https://github.com/libgd/libgd/blob/fd06f7f83c5e78bf5b7f5397746b4e5ee4366250/docs/README.TESTING#L65
+       if use cpu_flags_x86_sse ; then
+               append-cflags -msse -mfpmath=sse
+       else
+               append-cflags -ffloat-store
+       fi
+
+       # bug 632076, https://github.com/libgd/libgd/issues/278
+       if use arm64 || use ppc64 || use s390 ; then
+               append-cflags -ffp-contract=off
+       fi
+
+       # we aren't actually {en,dis}abling X here ... the configure
+       # script uses it just to add explicit -I/-L paths which we
+       # don't care about on Gentoo systems.
+       local myeconfargs=(
+               --disable-werror
+               --without-x
+               --without-liq
+               $(use_enable static-libs static)
+               $(use_with fontconfig)
+               $(use_with png)
+               $(use_with tiff)
+               $(use_with truetype freetype)
+               $(use_with jpeg)
+               $(use_with webp)
+               $(use_with xpm)
+               $(use_with zlib)
+       )
+       ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+}
+
+multilib_src_install_all() {
+       dodoc README.md
+       find "${ED}" -name '*.la' -delete || die
+}