We welcome the 2.2.3 release around a month after 2.2.2 (we are getting consistent). Another important milestone in the GD 2.2 series. Security related fixes: This flaw is caused by loading data from external sources (file, custom ctx, etc) and are hard to validate before calling libgd APIs: * fix php bug 72339, Integer Overflow in _gd2GetHeader (CVE-2016-5766) * bug 247, A read out-of-bands was found in the parsing of TGA files (CVE-2016-6132) * also bug 247, Buffer over-read issue when parsing crafted TGA file (CVE-2016-6214) * bug 248, fix Out-Of-Bounds Read in read_image_tga Using application provided parameters, in these cases invalid data causes the issues: * Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207) * fix php bug 72494, invalid color index not handled, can lead to crash ( CVE-2016-6128) * improve color check for CropThreshold Important update: * gdImageCopyResampled has been improved. Better handling of images with alpha channel, also brings libgd in sync with php's bundled gd.diff -r1.110 -r1.111 pkgsrc/graphics/gd/Makefile
(adam)
| @@ -1,38 +1,41 @@ | @@ -1,38 +1,41 @@ | |||
| 1 | # $NetBSD: Makefile,v 1.110 2016/07/09 06:38:20 wiz Exp $ | 1 | # $NetBSD: Makefile,v 1.111 2016/08/02 18:29:21 adam Exp $ | |
| 2 | 2 | |||
| 3 | DISTNAME= libgd-2.1.1 | 3 | DISTNAME= libgd-2.2.3 | |
| 4 | PKGNAME= ${DISTNAME:S/libgd/gd/} | 4 | PKGNAME= ${DISTNAME:S/libgd/gd/} | |
| 5 | PKGREVISION= 4 | |||
| 6 | CATEGORIES= graphics | 5 | CATEGORIES= graphics | |
| 7 | MASTER_SITES= https://bitbucket.org/libgd/gd-libgd/downloads/ | 6 | MASTER_SITES= ${MASTER_SITE_GITHUB:=libgd/} | |
| 8 | EXTRACT_SUFX= .tar.xz | 7 | EXTRACT_SUFX= .tar.xz | |
| 9 | 8 | |||
| 10 | MAINTAINER= adam@NetBSD.org | 9 | MAINTAINER= adam@NetBSD.org | |
| 11 | HOMEPAGE= http://libgd.bitbucket.org/ | 10 | HOMEPAGE= http://libgd.bitbucket.org/ | |
| 12 | COMMENT= Graphics library for the dynamic creation of images | 11 | COMMENT= Graphics library for the dynamic creation of images | |
| 13 | 12 | |||
| 14 | #WRKSRC= ${WRKDIR}/${DISTNAME:S/libgd-/libgd-gd-/} | 13 | GITHUB_PROJECT= libgd | |
| 14 | GITHUB_RELEASE= gd-${PKGVERSION_NOREV} | |||
| 15 | 15 | |||
| 16 | .include "options.mk" | 16 | .include "options.mk" | |
| 17 | 17 | |||
| 18 | USE_LIBTOOL= yes | 18 | USE_LIBTOOL= yes | |
| 19 | USE_TOOLS+= perl:run | 19 | USE_TOOLS+= perl:run | |
| 20 | GNU_CONFIGURE= yes | 20 | GNU_CONFIGURE= yes | |
| 21 | CONFIGURE_ARGS+= --disable-werror | |||
| 21 | CONFIGURE_ARGS+= --with-fontconfig=${BUILDLINK_PREFIX.fontconfig} | 22 | CONFIGURE_ARGS+= --with-fontconfig=${BUILDLINK_PREFIX.fontconfig} | |
| 22 | CONFIGURE_ARGS+= --with-freetype=${BUILDLINK_PREFIX.freetype2} | 23 | CONFIGURE_ARGS+= --with-freetype=${BUILDLINK_PREFIX.freetype2} | |
| 23 | CONFIGURE_ARGS+= --with-jpeg=${BUILDLINK_PREFIX.jpeg} | 24 | CONFIGURE_ARGS+= --with-jpeg=${BUILDLINK_PREFIX.jpeg} | |
| 24 | CONFIGURE_ARGS+= --with-png=${BUILDLINK_PREFIX.png} | 25 | CONFIGURE_ARGS+= --with-png=${BUILDLINK_PREFIX.png} | |
| 25 | CONFIGURE_ARGS+= --with-tiff=${BUILDLINK_PREFIX.tiff} | 26 | CONFIGURE_ARGS+= --with-tiff=${BUILDLINK_PREFIX.tiff} | |
| 27 | CONFIGURE_ARGS+= --with-webp=${BUILDLINK_PREFIX.libwebp} | |||
| 26 | CONFIGURE_ARGS+= --with-zlib=${BUILDLINK_PREFIX.zlib} | 28 | CONFIGURE_ARGS+= --with-zlib=${BUILDLINK_PREFIX.zlib} | |
| 27 | REPLACE_PERL+= src/bdftogd | 29 | REPLACE_PERL+= src/bdftogd | |
| 28 | PTHREAD_AUTO_VARS= yes | 30 | PTHREAD_AUTO_VARS= yes | |
| 29 | 31 | |||
| 30 | .include "../../converters/libiconv/buildlink3.mk" | 32 | .include "../../converters/libiconv/buildlink3.mk" | |
| 31 | .include "../../devel/zlib/buildlink3.mk" | 33 | .include "../../devel/zlib/buildlink3.mk" | |
| 32 | .include "../../fonts/fontconfig/buildlink3.mk" | 34 | .include "../../fonts/fontconfig/buildlink3.mk" | |
| 33 | .include "../../graphics/freetype2/buildlink3.mk" | 35 | .include "../../graphics/freetype2/buildlink3.mk" | |
| 36 | .include "../../graphics/libwebp/buildlink3.mk" | |||
| 34 | .include "../../graphics/png/buildlink3.mk" | 37 | .include "../../graphics/png/buildlink3.mk" | |
| 35 | .include "../../graphics/tiff/buildlink3.mk" | 38 | .include "../../graphics/tiff/buildlink3.mk" | |
| 36 | .include "../../mk/jpeg.buildlink3.mk" | 39 | .include "../../mk/jpeg.buildlink3.mk" | |
| 37 | .include "../../mk/pthread.buildlink3.mk" | 40 | .include "../../mk/pthread.buildlink3.mk" | |
| 38 | .include "../../mk/bsd.pkg.mk" | 41 | .include "../../mk/bsd.pkg.mk" |
| @@ -1,40 +1,31 @@ | @@ -1,40 +1,31 @@ | |||
| 1 | # $NetBSD: buildlink3.mk,v 1.36 2015/11/18 14:19:46 ryoon Exp $ | 1 | # $NetBSD: buildlink3.mk,v 1.37 2016/08/02 18:29:21 adam Exp $ | |
| 2 | 2 | |||
| 3 | BUILDLINK_TREE+= gd | 3 | BUILDLINK_TREE+= gd | |
| 4 | 4 | |||
| 5 | .if !defined(GD_BUILDLINK3_MK) | 5 | .if !defined(GD_BUILDLINK3_MK) | |
| 6 | GD_BUILDLINK3_MK:= | 6 | GD_BUILDLINK3_MK:= | |
| 7 | 7 | |||
| 8 | BUILDLINK_API_DEPENDS.gd+= gd>=2.0.15nb1 | 8 | BUILDLINK_API_DEPENDS.gd+= gd>=2.0.15nb1 | |
| 9 | BUILDLINK_ABI_DEPENDS.gd+= gd>=2.1.1nb2 | 9 | BUILDLINK_ABI_DEPENDS.gd+= gd>=2.2.3 | |
| 10 | BUILDLINK_PKGSRCDIR.gd?= ../../graphics/gd | 10 | BUILDLINK_PKGSRCDIR.gd?= ../../graphics/gd | |
| 11 | 11 | |||
| 12 | .include "../../mk/bsd.fast.prefs.mk" | 12 | .include "../../mk/bsd.fast.prefs.mk" | |
| 13 | 13 | |||
| 14 | _GD_PRE_LIBVPX_OPTION!= \ | |||
| 15 | if ${PKG_INFO} -qe 'gd<2.1.0nb1'; then \ | |||
| 16 | ${ECHO} yes; \ | |||
| 17 | else \ | |||
| 18 | ${ECHO} no; \ | |||
| 19 | fi | |||
| 20 | ||||
| 21 | pkgbase := gd | 14 | pkgbase := gd | |
| 22 | .include "../../mk/pkg-build-options.mk" | 15 | .include "../../mk/pkg-build-options.mk" | |
| 23 | 16 | |||
| 24 | .if !empty(PKG_BUILD_OPTIONS.gd:Mx11) | 17 | .if !empty(PKG_BUILD_OPTIONS.gd:Mx11) | |
| 25 | .include "../../x11/libXpm/buildlink3.mk" | 18 | .include "../../x11/libXpm/buildlink3.mk" | |
| 26 | .endif | 19 | .endif | |
| 27 | 20 | |||
| 28 | .include "../../devel/zlib/buildlink3.mk" | 21 | .include "../../devel/zlib/buildlink3.mk" | |
| 29 | .include "../../fonts/fontconfig/buildlink3.mk" | 22 | .include "../../fonts/fontconfig/buildlink3.mk" | |
| 30 | .include "../../graphics/freetype2/buildlink3.mk" | 23 | .include "../../graphics/freetype2/buildlink3.mk" | |
| 24 | .include "../../graphics/libwebp/buildlink3.mk" | |||
| 31 | .include "../../graphics/png/buildlink3.mk" | 25 | .include "../../graphics/png/buildlink3.mk" | |
| 32 | .include "../../graphics/tiff/buildlink3.mk" | 26 | .include "../../graphics/tiff/buildlink3.mk" | |
| 33 | .if ${_GD_PRE_LIBVPX_OPTION} == "yes" || !empty(PKG_BUILD_OPTIONS.gd:Mlibvpx) | |||
| 34 | .include "../../multimedia/libvpx/buildlink3.mk" | |||
| 35 | .endif | |||
| 36 | .include "../../mk/jpeg.buildlink3.mk" | 27 | .include "../../mk/jpeg.buildlink3.mk" | |
| 37 | .include "../../mk/pthread.buildlink3.mk" | 28 | .include "../../mk/pthread.buildlink3.mk" | |
| 38 | .endif # GD_BUILDLINK3_MK | 29 | .endif # GD_BUILDLINK3_MK | |
| 39 | 30 | |||
| 40 | BUILDLINK_TREE+= -gd | 31 | BUILDLINK_TREE+= -gd |
| @@ -1,13 +1,6 @@ | @@ -1,13 +1,6 @@ | |||
| 1 | $NetBSD: distinfo,v 1.40 2016/06/30 09:00:18 taca Exp $ | 1 | $NetBSD: distinfo,v 1.41 2016/08/02 18:29:21 adam Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (libgd-2.1.1.tar.xz) = 9038ed488b577d16aa8c32b6c10b4a70b10f7fa1 | 3 | SHA1 (libgd-2.2.3.tar.xz) = 2f8cebec5afd6c83a3d5cb92f40ea4926b4daa98 | |
| 4 | RMD160 (libgd-2.1.1.tar.xz) = 8d564caf9a953d344fb9a5e169d241510a2c71f1 | 4 | RMD160 (libgd-2.2.3.tar.xz) = e6c29133c2ea33c8ba16571892d2798ef0f5afea | |
| 5 | SHA512 (libgd-2.1.1.tar.xz) = 48f444402a4b89e412870f9091b92eb26136c5c0d795722262ad973c7d4103476204a2de36133a2634b8f410d6bccdcf60afb829a74ac2fddfb96aff2cd2567b | 5 | SHA512 (libgd-2.2.3.tar.xz) = bdc6d086bc054beda6574ec46baa4cd94048a5f2f357f875ba05983e92d247f1b731434b9e438c6aef09d46fa96f1a7e1f330a25a77ffd2dd78aa8a32d652557 | |
| 6 | Size (libgd-2.1.1.tar.xz) = 2039132 bytes | 6 | Size (libgd-2.2.3.tar.xz) = 2164152 bytes | |
| 7 | SHA1 (patch-aa) = 00198349dd9cff60f1f5738524096a251057eb16 | |||
| 8 | SHA1 (patch-ab) = 300ffacf47d7421fc9efb7b3fd9e93f011de1b4b | |||
| 9 | SHA1 (patch-configure) = 53769c3daffa38c88d82093f59cb97b4bd38008f | |||
| 10 | SHA1 (patch-configure.ac) = 72092d5a0ee7944249286edc0d3505176f15303f | |||
| 11 | SHA1 (patch-src_gd__bmp.c) = 4db300a26cebae6fb6f14564c5648608d7ed6cc5 | |||
| 12 | SHA1 (patch-src_gd__crop.c) = 34c9716fe40e8f80cc126893dbafa0151bbf3b5a | |||
| 13 | SHA1 (patch-src_webpimg.c) = 2717cbcfdbbddfc8cd96de2d4f6a07a0485ba086 |
| @@ -1,22 +1,14 @@ | @@ -1,22 +1,14 @@ | |||
| 1 | # $NetBSD: options.mk,v 1.4 2015/07/04 16:18:35 joerg Exp $ | 1 | # $NetBSD: options.mk,v 1.5 2016/08/02 18:29:21 adam Exp $ | |
| 2 | 2 | |||
| 3 | PKG_OPTIONS_VAR= PKG_OPTIONS.gd | 3 | PKG_OPTIONS_VAR= PKG_OPTIONS.gd | |
| 4 | PKG_SUPPORTED_OPTIONS= libvpx x11 | 4 | PKG_SUPPORTED_OPTIONS= x11 | |
| 5 | PKG_SUGGESTED_OPTIONS= libvpx | |||
| 6 | 5 | |||
| 7 | .include "../../mk/bsd.options.mk" | 6 | .include "../../mk/bsd.options.mk" | |
| 8 | 7 | |||
| 9 | .if !empty(PKG_OPTIONS:Mx11) | 8 | .if !empty(PKG_OPTIONS:Mx11) | |
| 10 | .include "../../x11/libXpm/buildlink3.mk" | 9 | .include "../../x11/libXpm/buildlink3.mk" | |
| 11 | CONFIGURE_ENV+= X11BASE=${X11BASE} | 10 | CONFIGURE_ENV+= X11BASE=${X11BASE} | |
| 12 | CONFIGURE_ARGS+= --with-xpm=${BUILDLINK_PREFIX.libXpm} | 11 | CONFIGURE_ARGS+= --with-xpm=${BUILDLINK_PREFIX.libXpm} | |
| 13 | .else | 12 | .else | |
| 14 | CONFIGURE_ARGS+= --without-xpm | 13 | CONFIGURE_ARGS+= --without-xpm | |
| 15 | .endif | 14 | .endif | |
| 16 | ||||
| 17 | .if !empty(PKG_OPTIONS:Mlibvpx) | |||
| 18 | .include "../../multimedia/libvpx/buildlink3.mk" | |||
| 19 | CONFIGURE_ARGS+= --with-vpx=${BUILDLINK_PREFIX.libvpx} | |||
| 20 | .else | |||
| 21 | CONFIGURE_ARGS+= --without-vpx | |||
| 22 | .endif |