From 67a6cae5ebf1f6854bb663fbd60823cd3dfb6a5a Mon Sep 17 00:00:00 2001 From: Peter Volkov Date: Tue, 18 Oct 2011 12:56:28 +0000 Subject: [PATCH] Version bump, fixes vulnerability vulnerabilities in handling Type 1, security bug #387535. Package-Manager: portage-2.1.10.27/cvs/Linux x86_64 --- media-libs/freetype/ChangeLog | 8 +- media-libs/freetype/Manifest | 16 ++- media-libs/freetype/freetype-2.4.7.ebuild | 138 ++++++++++++++++++++++ 3 files changed, 155 insertions(+), 7 deletions(-) create mode 100644 media-libs/freetype/freetype-2.4.7.ebuild diff --git a/media-libs/freetype/ChangeLog b/media-libs/freetype/ChangeLog index 60507fadcb33..dd8e2d733924 100644 --- a/media-libs/freetype/ChangeLog +++ b/media-libs/freetype/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for media-libs/freetype # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.307 2011/09/01 08:35:41 grobian Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.308 2011/10/18 12:56:28 pva Exp $ + +*freetype-2.4.7 (18 Oct 2011) + + 18 Oct 2011; Peter Volkov +freetype-2.4.7.ebuild: + Version bump, fixes vulnerability vulnerabilities in handling Type 1, + security bug #387535. 01 Sep 2011; Fabian Groffen freetype-1.4_pre20080316-r2.ebuild: diff --git a/media-libs/freetype/Manifest b/media-libs/freetype/Manifest index 161b1ead67fc..2c2e2656c2c5 100644 --- a/media-libs/freetype/Manifest +++ b/media-libs/freetype/Manifest @@ -1,5 +1,5 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 +Hash: SHA256 AUX freetype-1.4-glibc-2.10.patch 2377 RMD160 d975058636f69cf061704a866fc83d5068f8aa79 SHA1 7644c03725bc248d49cfa43ac6d362227b1b79e1 SHA256 60d41048bd11a024c041a24a424c9663b4debe3ab188db400928925b71039d4a AUX freetype-1.4_pre-contrib-destdir.patch 3679 RMD160 96f79dbd53bc0b2d24739e87481b27b6247d6d2c SHA1 c9cb6dc45f25d419f3ee0155e564deb1e203cf5b SHA256 8d99ce9264a83033d6df455488e80e763f3774b74a97b27c321b5c018076cad2 @@ -15,16 +15,20 @@ AUX freetype-1.4_pre20080316-kpathsea_version.patch 1215 RMD160 b6c5fdc3e5c19038 AUX freetype-2.3.2-enable-valid.patch 624 RMD160 88bc4de26daa91a09dda2ca1308319c0cf7dff4d SHA1 212c5c9e3362b3a058803bb5031358b5b92a1d29 SHA256 3c26cd8b92510490b4bdbdd12b078e33a4f8607eaee64a800c3ea23097d5d43b DIST freetype-1.4_pre20080316.tar.bz2 1199805 RMD160 5fb5b0737de968602008991c80dac827ea6fdca0 SHA1 73d4289f509213361b040dc9b649e27f810b133a SHA256 b88e8827dfeebcd0c663cac19c798acbd2f1129eaf89172eb26c3594700316a2 DIST freetype-2.4.6.tar.bz2 1487579 RMD160 9b01c88a53549af59c40d9dd5846cc5a34cbc181 SHA1 9d874398118c805478e81d80449dc4aa5a40b6f2 SHA256 24a4a57f3a6859887e91f90f93f754cfc7bf9ab9246a3a696435a0c6a7a1e92a +DIST freetype-2.4.7.tar.bz2 1490543 RMD160 48abfcd4546cbd6626796ab121252e804ddcc6d8 SHA1 e1b2356ebbc6d39d813797572b1e5d8a2635e969 SHA256 ba22620479954582371286268ef75e6e932c0270ee67d6797bbf3ed9d31a5d77 DIST freetype-doc-2.4.6.tar.bz2 106666 RMD160 7075c46a21877549f3b4a1c85a6c0cce6a78e7f5 SHA1 6a067385da60857d89ae96760a750c78a8756afd SHA256 e34420cd7706b7b2357a3250ef685cdfbfad1d5284584127148c87ec40ba9524 +DIST freetype-doc-2.4.7.tar.bz2 106740 RMD160 22de3be42148b4d35dc4452859abaa13ec14eae2 SHA1 6e177eef7636c10ec01e895f1a4ddb3ce5caf276 SHA256 61eebfcdf7d8864d97025184ada8b7d022f9fecfa26d6d163df34fc3829c7e2b DIST ft2demos-2.4.6.tar.bz2 163000 RMD160 11057b0199c77cee2525f8166d12a3b11cf88458 SHA1 367e7904654671f1dcdb6efaf1e18ff7e3bd0d2c SHA256 5e1caebc0e95a610011a6c928533c36d09d1b4811c401988c3b3f50b3d06f381 +DIST ft2demos-2.4.7.tar.bz2 163200 RMD160 b0e7abc8efefcb550e56154a9fc6b5d888ed8c2e SHA1 7bc6b6ada3fa7fbf68f92a952392e8ad88776c9e SHA256 694694203072349cccfa8807e6fe024256051a43faa9946edba85f59092e440d EBUILD freetype-1.4_pre20080316-r2.ebuild 3938 RMD160 b5ef37affbbac946e29a9c636114f680d68f918f SHA1 86cbeb6af89b0cb6f9af2e9c02d85bd9d3cda431 SHA256 d988cb518156b9b672e6a97d480909a3a2fda1b0cd542dee3309f26655217d6c EBUILD freetype-2.4.6.ebuild 3944 RMD160 ea40270be9ce127457f3d7847e19a7c7032011bd SHA1 61f2c14ed785b19306bd8e27fc6dfe2b5e1c876f SHA256 d11626d2edb241fc8991bd2d9ab0e69d7697994e81aea1319082268068cb3944 -MISC ChangeLog 46367 RMD160 4e9e67af83e64813ad8d352e08c09c0c5cd49eff SHA1 4cd27be49a750e9087b62c13666307bf43de2c75 SHA256 8a0749822cc2da097a5592f2ba425103cfcc5d3e27fe0c618fb91217a9110353 +EBUILD freetype-2.4.7.ebuild 3953 RMD160 778a9a12072e092e43a4713f277e4a09e6ddbc73 SHA1 348265ca4fc3c0f81abb67e56d35e66d03409264 SHA256 b4e927682cae8870898cb8cb2a2a96ff07728b3079993a21b9d672ef085c1c29 +MISC ChangeLog 46560 RMD160 3fa40586b427688727243b1c48256412d1381d6c SHA1 4c916fb50a3e60de347723acd29f82c9a72e78d9 SHA256 36c1af97b2f2891ff1121dfe2c85c6424db23f73c168f656d76993bd8a0a21c0 MISC metadata.xml 670 RMD160 00400b78ad55a3e482260adfbbadffb5ba31f798 SHA1 9bbe2110c782cb2c559b07f0fb9d72720142a737 SHA256 a2a2d457514a52a3f36a68c87fd757dfe6af2d368d1c3287783e30cb22b33398 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.18 (SunOS) +Version: GnuPG v2.0.17 (GNU/Linux) -iEYEARECAAYFAk5fQ+MACgkQX3X2B8XHTonSMACfbsuPw7tstnycj70jql5w9X3f -cSkAmwdWixHNZIosBlYR3SEgw787nflW -=itLX +iF4EAREIAAYFAk6ddxEACgkQGrk+8vGYmwfdgQD+PzpQxdJCpD5ymSdQq7HcNd4y +kgoeTJ+wRMUfjRX5E2IBAKbvNFLn58chiG+k6kcBZa+visJlnWhsYTKjwKPC6SJw +=Ii8w -----END PGP SIGNATURE----- diff --git a/media-libs/freetype/freetype-2.4.7.ebuild b/media-libs/freetype/freetype-2.4.7.ebuild new file mode 100644 index 000000000000..c3775df32a74 --- /dev/null +++ b/media-libs/freetype/freetype-2.4.7.ebuild @@ -0,0 +1,138 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/freetype-2.4.7.ebuild,v 1.1 2011/10/18 12:56:28 pva Exp $ + +EAPI="4" + +inherit autotools autotools-utils eutils flag-o-matic libtool multilib + +DESCRIPTION="A high-quality and portable font engine" +HOMEPAGE="http://www.freetype.org/" +SRC_URI="mirror://sourceforge/freetype/${P/_/}.tar.bz2 + utils? ( mirror://sourceforge/freetype/ft2demos-${PV}.tar.bz2 ) + doc? ( mirror://sourceforge/freetype/${PN}-doc-${PV}.tar.bz2 )" + +LICENSE="FTL GPL-2" +SLOT="2" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" +IUSE="X auto-hinter bindist bzip2 debug doc fontforge static-libs utils" + +DEPEND="sys-libs/zlib + bzip2? ( app-arch/bzip2 ) + X? ( x11-libs/libX11 + x11-libs/libXau + x11-libs/libXdmcp )" + +RDEPEND="${DEPEND}" + +src_prepare() { + enable_option() { + sed -i -e "/#define $1/a #define $1" \ + include/freetype/config/ftoption.h \ + || die "unable to enable option $1" + } + + disable_option() { + sed -i -e "/#define $1/ { s:^:/*:; s:$:*/: }" \ + include/freetype/config/ftoption.h \ + || die "unable to disable option $1" + } + + if ! use bindist; then + # See http://freetype.org/patents.html + # ClearType is covered by several Microsoft patents in the US + enable_option FT_CONFIG_OPTION_SUBPIXEL_RENDERING + fi + + if use auto-hinter; then + disable_option TT_CONFIG_OPTION_BYTECODE_INTERPRETER + enable_option TT_CONFIG_OPTION_UNPATENTED_HINTING + fi + + if use debug; then + enable_option FT_DEBUG_LEVEL_TRACE + enable_option FT_DEBUG_MEMORY + fi + + disable_option FT_CONFIG_OPTION_OLD_INTERNALS + + epatch "${FILESDIR}"/${PN}-2.3.2-enable-valid.patch + + if use utils; then + cd "${WORKDIR}/ft2demos-${PV}" + sed -i -e "s:\.\.\/freetype2$:../freetype-${PV}:" Makefile || die + # Disable tests needing X11 when USE="-X". (bug #177597) + if ! use X; then + sed -i -e "/EXES\ +=\ ftdiff/ s:^:#:" Makefile || die + fi + fi + + if use prefix; then + cd "${S}"/builds/unix + eautoreconf + else + elibtoolize + fi + epunt_cxx +} + +src_configure() { + append-flags -fno-strict-aliasing + type -P gmake &> /dev/null && export GNUMAKE=gmake + + # we need non-/bin/sh to run configure + [[ -n ${CONFIG_SHELL} ]] && \ + sed -i -e "1s:^#![[:space:]]*/bin/sh:#!$CONFIG_SHELL:" \ + "${S}"/builds/unix/configure + + econf \ + $(use_enable static-libs static) \ + $(use_with bzip2) +} + +src_compile() { + emake + + if use utils; then + cd "${WORKDIR}/ft2demos-${PV}" + # fix for Prefix, bug #339334 + emake X11_PATH="${EPREFIX}/usr/$(get_libdir)" + fi +} + +src_install() { + emake DESTDIR="${D}" install + + dodoc ChangeLog README + dodoc docs/{CHANGES,CUSTOMIZE,DEBUG,*.txt,PROBLEMS,TODO} + + use doc && dohtml -r docs/* + + if use utils; then + rm "${WORKDIR}"/ft2demos-${PV}/bin/README + for ft2demo in ../ft2demos-${PV}/bin/*; do + ./builds/unix/libtool --mode=install $(type -P install) -m 755 "$ft2demo" \ + "${ED}"/usr/bin + done + fi + + if use fontforge; then + # Probably fontforge needs less but this way makes things simplier... + einfo "Installing internal headers required for fontforge" + find src/truetype include/freetype/internal -name '*.h' | \ + while read header; do + mkdir -p "${ED}/usr/include/freetype2/internal4fontforge/$(dirname ${header})" + cp ${header} "${ED}/usr/include/freetype2/internal4fontforge/$(dirname ${header})" + done + fi + + if ! use static-libs; then + remove_libtool_files || die "failed removing libtool files" + fi +} + +pkg_postinst() { + elog "The TrueType bytecode interpreter is no longer patented and thus no" + elog "longer controlled by the bindist USE flag. Enable the auto-hinter" + elog "USE flag if you want the old USE="bindist" hinting behavior." +} -- 2.26.2