Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--media-libs/openexr/files/openexr-2.2.0-CVE-2017-9110-to-9116-security-fixes.patch98
-rw-r--r--media-libs/openexr/files/openexr-2.2.0-Fix-typo-in-C-bindings.patch26
-rw-r--r--media-libs/openexr/files/openexr-2.2.0-Install-missing-header-files.patch60
-rw-r--r--media-libs/openexr/files/openexr-2.2.0-fix-build-system.patch4
-rw-r--r--media-libs/openexr/metadata.xml9
-rw-r--r--media-libs/openexr/openexr-2.2.0-r2.ebuild64
6 files changed, 256 insertions, 5 deletions
diff --git a/media-libs/openexr/files/openexr-2.2.0-CVE-2017-9110-to-9116-security-fixes.patch b/media-libs/openexr/files/openexr-2.2.0-CVE-2017-9110-to-9116-security-fixes.patch
new file mode 100644
index 000000000000..0a37ee9c2d99
--- /dev/null
+++ b/media-libs/openexr/files/openexr-2.2.0-CVE-2017-9110-to-9116-security-fixes.patch
@@ -0,0 +1,98 @@
+From c2b32f21cbe2db7c7ef485d62ffe9bec8eaa5165 Mon Sep 17 00:00:00 2001
+From: Shawn Walker-Salas <shawn.walker@oracle.com>
+Date: Tue, 30 May 2017 19:07:52 -0700
+Subject: [PATCH] CVE-2017-{9110,9111,9112,9113,9114,9115,9116} fixes
+
+---
+ OpenEXR/IlmImf/ImfDwaCompressor.cpp | 7 ++++++-
+ OpenEXR/IlmImf/ImfHuf.cpp | 10 ++++++----
+ OpenEXR/IlmImf/ImfPizCompressor.cpp | 6 ++++++
+ 3 files changed, 18 insertions(+), 5 deletions(-)
+
+diff --git a/IlmImf/ImfDwaCompressor.cpp b/IlmImf/ImfDwaCompressor.cpp
+index 1c1bd45..2ef8878 100644
+--- a/IlmImf/ImfDwaCompressor.cpp
++++ b/IlmImf/ImfDwaCompressor.cpp
+@@ -2377,7 +2377,12 @@ DwaCompressor::uncompress
+
+ const char *dataPtr = inPtr + NUM_SIZES_SINGLE * sizeof(Int64);
+
+- if (inSize < headerSize + compressedSize)
++ /* Both the sum and individual sizes are checked in case of overflow. */
++ if (inSize < (headerSize + compressedSize) ||
++ inSize < unknownCompressedSize ||
++ inSize < acCompressedSize ||
++ inSize < dcCompressedSize ||
++ inSize < rleCompressedSize)
+ {
+ throw Iex::InputExc("Error uncompressing DWA data"
+ "(truncated file).");
+diff --git a/IlmImf/ImfHuf.cpp b/IlmImf/ImfHuf.cpp
+index a375d05..97909a5 100644
+--- a/IlmImf/ImfHuf.cpp
++++ b/IlmImf/ImfHuf.cpp
+@@ -822,7 +822,7 @@ hufEncode // return: output size (in bits)
+ }
+
+
+-#define getCode(po, rlc, c, lc, in, out, oe) \
++#define getCode(po, rlc, c, lc, in, out, ob, oe)\
+ { \
+ if (po == rlc) \
+ { \
+@@ -835,6 +835,8 @@ hufEncode // return: output size (in bits)
+ \
+ if (out + cs > oe) \
+ tooMuchData(); \
++ else if (out - 1 < ob) \
++ notEnoughData(); \
+ \
+ unsigned short s = out[-1]; \
+ \
+@@ -895,7 +897,7 @@ hufDecode
+ //
+
+ lc -= pl.len;
+- getCode (pl.lit, rlc, c, lc, in, out, oe);
++ getCode (pl.lit, rlc, c, lc, in, out, outb, oe);
+ }
+ else
+ {
+@@ -925,7 +927,7 @@ hufDecode
+ //
+
+ lc -= l;
+- getCode (pl.p[j], rlc, c, lc, in, out, oe);
++ getCode (pl.p[j], rlc, c, lc, in, out, outb, oe);
+ break;
+ }
+ }
+@@ -952,7 +954,7 @@ hufDecode
+ if (pl.len)
+ {
+ lc -= pl.len;
+- getCode (pl.lit, rlc, c, lc, in, out, oe);
++ getCode (pl.lit, rlc, c, lc, in, out, outb, oe);
+ }
+ else
+ {
+diff --git a/IlmImf/ImfPizCompressor.cpp b/IlmImf/ImfPizCompressor.cpp
+index 46c6fba..8b3ee38 100644
+--- a/IlmImf/ImfPizCompressor.cpp
++++ b/IlmImf/ImfPizCompressor.cpp
+@@ -573,6 +573,12 @@ PizCompressor::uncompress (const char *inPtr,
+ int length;
+ Xdr::read <CharPtrIO> (inPtr, length);
+
++ if (length > inSize)
++ {
++ throw InputExc ("Error in header for PIZ-compressed data "
++ "(invalid array length).");
++ }
++
+ hufUncompress (inPtr, length, _tmpBuffer, tmpBufferEnd - _tmpBuffer);
+
+ //
+--
+2.14.1
+
diff --git a/media-libs/openexr/files/openexr-2.2.0-Fix-typo-in-C-bindings.patch b/media-libs/openexr/files/openexr-2.2.0-Fix-typo-in-C-bindings.patch
new file mode 100644
index 000000000000..966e95e72c3c
--- /dev/null
+++ b/media-libs/openexr/files/openexr-2.2.0-Fix-typo-in-C-bindings.patch
@@ -0,0 +1,26 @@
+From c229dfe63380f41dfae1e977b10dfc7c49c7efc7 Mon Sep 17 00:00:00 2001
+From: Edward Kmett <ekmett@gmail.com>
+Date: Wed, 9 Dec 2015 12:15:48 -0500
+Subject: [PATCH] Fix typo in C bindings (Close #140)
+
+IMF_RAMDOM_Y should be IMF_RANDOM_Y
+---
+ OpenEXR/IlmImf/ImfCRgbaFile.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/IlmImf/ImfCRgbaFile.h b/IlmImf/ImfCRgbaFile.h
+index 5ac2bf8..db58247 100644
+--- a/IlmImf/ImfCRgbaFile.h
++++ b/IlmImf/ImfCRgbaFile.h
+@@ -98,7 +98,7 @@ typedef struct ImfRgba ImfRgba;
+
+ #define IMF_INCREASING_Y 0
+ #define IMF_DECREASING_Y 1
+-#define IMF_RAMDOM_Y 2
++#define IMF_RANDOM_Y 2
+
+
+ /*
+--
+2.14.1
+
diff --git a/media-libs/openexr/files/openexr-2.2.0-Install-missing-header-files.patch b/media-libs/openexr/files/openexr-2.2.0-Install-missing-header-files.patch
new file mode 100644
index 000000000000..1075cd9a30fa
--- /dev/null
+++ b/media-libs/openexr/files/openexr-2.2.0-Install-missing-header-files.patch
@@ -0,0 +1,60 @@
+From a018f82655402421a995565dd4a5192259cbc207 Mon Sep 17 00:00:00 2001
+From: Jonathan Scruggs <j.scruggs@gmail.com>
+Date: Sat, 23 Sep 2017 10:36:40 +0100
+Subject: [PATCH] OpenEXR: Install missing header files
+
+Some header files are not installed via Autotools, but are with
+CMake which breaks compatibility with certain programs. This patch
+enables Autotools to install these header files.
+
+Signed-off by: Jonathan Scruggs <j.scruggs@gmail.com>
+---
+ OpenEXR/IlmImf/Makefile.am | 3 ++-
+ OpenEXR/IlmImfUtil/Makefile.am | 17 +++++++++++++++++
+ 2 files changed, 19 insertions(+), 1 deletion(-)
+
+diff --git a/IlmImf/Makefile.am b/IlmImf/Makefile.am
+index a7c219c..b7b96ac 100644
+--- a/IlmImf/Makefile.am
++++ b/IlmImf/Makefile.am
+@@ -162,7 +162,8 @@ libIlmImfinclude_HEADERS = ImfForward.h ImfAttribute.h ImfBoxAttribute.h \
+ ImfMisc.h \
+ ImfPartHelper.h \
+ ImfDeepImageState.h \
+- ImfDeepImageStateAttribute.h
++ ImfDeepImageStateAttribute.h \
++ ImfFloatVectorAttribute.h
+
+ noinst_HEADERS = ImfCompressor.h \
+ ImfRleCompressor.h \
+diff --git a/IlmImfUtil/Makefile.am b/IlmImfUtil/Makefile.am
+index 8005ee1..e1d3674 100644
+--- a/IlmImfUtil/Makefile.am
++++ b/IlmImfUtil/Makefile.am
+@@ -33,6 +33,23 @@ libIlmImfUtil_la_LIBADD = -L$(top_builddir)/IlmImf $(ILMBASE_LIBS) -lIlmImf
+
+ libIlmImfUtilincludedir = $(includedir)/OpenEXR
+
++libIlmImfUtilinclude_HEADERS = ImfFlatImage.h \
++ ImfDeepImage.h \
++ ImfDeepImageChannel.h \
++ ImfImageLevel.h \
++ ImfDeepImageLevel.h \
++ ImfDeepImageIO.h \
++ ImfImageChannelRenaming.h \
++ ImfImageIO.h \
++ ImfFlatImageChannel.h \
++ ImfImage.h \
++ ImfFlatImageLevel.h \
++ ImfImageDataWindow.h \
++ ImfSampleCountChannel.h \
++ ImfFlatImageIO.h \
++ ImfImageChannel.h
++
++
+ EXTRA_DIST = CMakeLists.txt
+
+ INCLUDES = \
+--
+2.14.1
+
diff --git a/media-libs/openexr/files/openexr-2.2.0-fix-build-system.patch b/media-libs/openexr/files/openexr-2.2.0-fix-build-system.patch
index 446e4e53c872..3ccfb1da7ac5 100644
--- a/media-libs/openexr/files/openexr-2.2.0-fix-build-system.patch
+++ b/media-libs/openexr/files/openexr-2.2.0-fix-build-system.patch
@@ -69,8 +69,8 @@
-AC_DEFINE_UNQUOTED(OPENEXR_VERSION_MAJOR, ${OPENEXR_VERSION_MAJOR})
-AC_DEFINE_UNQUOTED(OPENEXR_VERSION_MINOR, ${OPENEXR_VERSION_MINOR})
-AC_DEFINE_UNQUOTED(OPENEXR_VERSION_PATCH, ${OPENEXR_VERSION_PATCH})
-+AC_DEFINE_UNQUOTED([OPENEXR_VERSION_STRING], [${VERSION}], [OpenEXR version string])
-+AC_DEFINE_UNQUOTED([OPENEXR_PACKAGE_STRING], [${PACKAGE_STRING}], [OpenEXR version string])
++AC_DEFINE_UNQUOTED([OPENEXR_VERSION_STRING], ["${VERSION}"], [OpenEXR version string])
++AC_DEFINE_UNQUOTED([OPENEXR_PACKAGE_STRING], ["${PACKAGE_STRING}"], [OpenEXR version string])
+AC_DEFINE_UNQUOTED([OPENEXR_VERSION_MAJOR], [${OPENEXR_VERSION_MAJOR}], [OpenEXR version string])
+AC_DEFINE_UNQUOTED([OPENEXR_VERSION_MINOR], [${OPENEXR_VERSION_MINOR}], [OpenEXR version string])
+AC_DEFINE_UNQUOTED([OPENEXR_VERSION_PATCH], [${OPENEXR_VERSION_PATCH}], [OpenEXR version string])
diff --git a/media-libs/openexr/metadata.xml b/media-libs/openexr/metadata.xml
index 0427ec20bfd4..fc9e500d69e1 100644
--- a/media-libs/openexr/metadata.xml
+++ b/media-libs/openexr/metadata.xml
@@ -1,7 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
-<maintainer type="project">
-<email>media-video@gentoo.org</email>
-</maintainer>
+ <maintainer type="project">
+ <email>media-video@gentoo.org</email>
+ </maintainer>
+ <upstream>
+ <remote-id type="github">openexr/openexr</remote-id>
+ </upstream>
</pkgmetadata>
diff --git a/media-libs/openexr/openexr-2.2.0-r2.ebuild b/media-libs/openexr/openexr-2.2.0-r2.ebuild
new file mode 100644
index 000000000000..91e85f36c2b7
--- /dev/null
+++ b/media-libs/openexr/openexr-2.2.0-r2.ebuild
@@ -0,0 +1,64 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools multilib-minimal
+
+DESCRIPTION="ILM's OpenEXR high dynamic-range image file format libraries"
+HOMEPAGE="http://openexr.com/"
+SRC_URI="http://download.savannah.gnu.org/releases/openexr/${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0/22" # based on SONAME
+KEYWORDS="~amd64 -arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~x86-solaris"
+IUSE="cpu_flags_x86_avx examples static-libs"
+
+RDEPEND="
+ sys-libs/zlib[${MULTILIB_USEDEP}]
+ >=media-libs/ilmbase-${PV}:=[${MULTILIB_USEDEP}]"
+DEPEND="${RDEPEND}
+ virtual/pkgconfig[${MULTILIB_USEDEP}]
+ >=sys-devel/autoconf-archive-2016.09.16"
+
+PATCHES=(
+ "${FILESDIR}/${P}-fix-cpuid-on-abi_x86_32.patch"
+ "${FILESDIR}/${P}-use-ull-for-64-bit-literals.patch"
+ "${FILESDIR}/${P}-fix-build-system.patch"
+ "${FILESDIR}/${P}-fix-config.h-collision.patch"
+ "${FILESDIR}/${P}-Fix-typo-in-C-bindings.patch"
+ "${FILESDIR}/${P}-Install-missing-header-files.patch"
+ "${FILESDIR}/${P}-CVE-2017-9110-to-9116-security-fixes.patch"
+)
+
+src_prepare() {
+ default
+ # Fix path for testsuite
+ sed -i -e "s:/var/tmp/:${T}:" IlmImfTest/tmpDir.h || die
+
+ # delete stray config files causing havoc
+ rm -f config*/OpenEXRConfig.h* || die
+
+ eautoreconf
+}
+
+multilib_src_configure() {
+ ECONF_SOURCE="${S}" econf \
+ --enable-threading \
+ $(use_enable cpu_flags_x86_avx avx) \
+ $(use_enable static-libs static) \
+ $(use_enable examples imfexamples)
+}
+
+multilib_src_install_all() {
+ einstalldocs
+
+ if use examples; then
+ docompress -x /usr/share/doc/${PF}/examples
+ else
+ rm -rf "${ED%/}"/usr/share/doc/${PF}/examples || die
+ fi
+
+ # package provides .pc files
+ find "${D}" -name '*.la' -delete || die
+}