limwmf: upgrade 0.2.8.4 -> 0.2.13

$ git log --oneline | grep CVE f58c813 merge in fixes for libgd CVE-2019-6978 407a58b CVE-2017-6362 dabcb8c CVE-2016-10168 b691e47 CVE-2016-10167 16919b4 CVE-2016-9317 2208b48 CVE-2016-9011 f47cbdf CVE-2015-4696 b5ae5d1 CVE-2015-4695 879d6bf CVE-2015-0848+CVE-2015-4588 44f37ac CVE-2009-3546 7bd8ce0 CVE-2007-2756 cfc0916 CVE-2007-3477 5ec7547 CVE-2007-3473 fdd21b1 CVE-2007-3472 5588450 CVE-2007-0455 2c84480 CVE-2009-1364, Use-after-free vulnerability b9cc022 CVE-2006-3376 Integer overflow in player.c Adaptations: * removed patches included in new version. * extended buildpaths fix to pc file * changed paths from libdir/gtk-2 to libdir/gdk-pixbuf-2.0 Test - built imagemagick (only recipe in meta-openembedded depending on libwmf) with wmf PACKAGECONFIG. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2026-04-20 11:38:34 +00:00 · 2024-12-27 11:56:10 +01:00
parent 1ed73b79de
commit 74cda1df0e
4 changed files with 7 additions and 127 deletions
--- a/meta-oe/recipes-extended/libwmf/libwmf/0001-configure-use-pkg-config-for-freetype.patch
+++ b/meta-oe/recipes-extended/libwmf/libwmf/0001-configure-use-pkg-config-for-freetype.patch
@@ -1,67 +0,0 @@
-From 61655f82224cadb261e81f8bae111eaaa7bdf531 Mon Sep 17 00:00:00 2001
-From: Koen Kooi <koen@dominion.thruhere.net>
-Date: Wed, 6 Aug 2014 14:53:03 +0200
-Subject: [PATCH] configure: use pkg-config for freetype
-
-Upstream-Status: Pending
-Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
---
- configure.ac | 37 ++++++++-----------------------------
- 1 file changed, 8 insertions(+), 29 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 3cfe974..0055a8c 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -399,40 +399,19 @@ AC_ARG_WITH(freetype,[  --with-freetype=DIR     use freetype2 in DIR],[
- 	fi
- ])
- 
-if [ test -n "$FREETYPE_DIR" ]; then
-	AC_PATH_PROG(FREETYPE_CONFIG,freetype-config, ,[$FREETYPE_DIR/bin:$PATH])
-else
-	AC_PATH_PROG(FREETYPE_CONFIG,freetype-config)
-fi
-
-if [ test -n "$FREETYPE_CONFIG" ]; then
-	if [ test -n "$FREETYPE_DIR" ]; then
-		freetype_cflags="`$FREETYPE_CONFIG --cflags` -I$FREETYPE_DIR/include"
-		freetype_libs=`$FREETYPE_CONFIG --libs`
-	else
-		freetype_cflags=`$FREETYPE_CONFIG --cflags`
-		freetype_libs=`$FREETYPE_CONFIG --libs`
-	fi
-else
-	if [ test -n "$FREETYPE_DIR" ]; then
-		freetype_cflags="-I$FREETYPE_DIR/include/freetype2 -I$FREETYPE_DIR/include"
-		freetype_libs="-L$FREETYPE_DIR/lib -lfreetype"
-	else
-		freetype_cflags=""
-		freetype_libs="-lfreetype"
-	fi
-fi
-
-CPPFLAGS="$freetype_cflags $CPPFLAGS"
-LDFLAGS="$LDFLAGS $freetype_libs"
-+PKG_CHECK_MODULES(FREETYPE2, freetype2, 
-+    CFLAGS="$CFLAGS $FREETYPE2_CFLAGS"
-+    LDFLAGS="$LDFLAGS $FREETYPE2_LIBS",
-+    AC_MSG_ERROR([*** Unable to find FreeType2 library (http://www.freetype.org/)])
-+)
- 
- AC_CHECK_LIB(freetype,FT_Init_FreeType,[
-	WMF_FT_LDFLAGS="$freetype_libs"
-+	WMF_FT_LDFLAGS="$FREETYPE2_LIBS"
- ],[	AC_MSG_ERROR([* * * freetype(2) is required * * *])
- ])
- AC_CHECK_HEADER(ft2build.h,[
-	WMF_FT_CFLAGS="$freetype_cflags"
-	WMF_FT_CONFIG_CFLAGS="$freetype_cflags"
-+	WMF_FT_CFLAGS="$FREETYPE2_CFLAGS"
-+	WMF_FT_CONFIG_CFLAGS="$FREETYPE2_CFLAGS"
- ],[	AC_MSG_ERROR([* * * freetype(2) is required * * *])
- ])
- 
-- 
-1.9.0
-
--- a/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-intoverflow.patch
+++ b/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-intoverflow.patch
@@ -1,33 +0,0 @@
-Upstream-Status: Pending
-
-http://cvs.fedoraproject.org/viewvc/devel/libwmf/libwmf-0.2.8.4-intoverflow.patch?view=log
-
-CVE-2006-3376 libwmf integer overflow
-
--- libwmf-0.2.8.4.orig/src/player.c	2002-12-10 19:30:26.000000000 +0000
-+++ libwmf-0.2.8.4/src/player.c	2006-07-12 15:12:52.000000000 +0100
-@@ -42,6 +42,7 @@
- #include "player/defaults.h" /* Provides: default settings               */
- #include "player/record.h"   /* Provides: parameter mechanism            */
- #include "player/meta.h"     /* Provides: record interpreters            */
-+#include <stdint.h>
- 
- /**
-  * @internal
-@@ -132,8 +134,14 @@
- 		}
- 	}
- 
-/*	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char));
- */	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
-+	if (MAX_REC_SIZE(API) > UINT32_MAX / 2)
-+	{
-+		API->err = wmf_E_InsMem;
-+		WMF_DEBUG (API,"bailing...");
-+		return (API->err);
-+	}
-+	
-+ 	P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) * 2 * sizeof (unsigned char));
- 
- 	if (ERR (API))
- 	{	WMF_DEBUG (API,"bailing...");
--- a/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-useafterfree.patch
+++ b/meta-oe/recipes-extended/libwmf/libwmf/libwmf-0.2.8.4-useafterfree.patch
@@ -1,16 +0,0 @@
-Upstream-Status: Pending
-
-
-http://cvs.fedoraproject.org/viewvc/devel/libwmf/libwmf-0.2.8.4-useafterfree.patch?view=log
-Resolves: CVE-2009-1364
-
--- libwmf-0.2.8.4/src/extra/gd/gd_clip.c.CVE-2009-1364-im-clip-list	2009-04-24 04:06:44.000000000 -0400
-+++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c	2009-04-24 04:08:30.000000000 -0400
-@@ -70,6 +70,7 @@ void gdClipSetAdd(gdImagePtr im,gdClipRe
- 	{	more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof (gdClipRectangle));
- 		if (more == 0) return;
- 		im->clip->max += 8;
-+                im->clip->list = more;
- 	}
- 	im->clip->list[im->clip->count] = (*rect);
- 	im->clip->count++;
--- a/meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb
+++ b/meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb
@@ -16,21 +16,17 @@ inherit features_check autotools pkgconfig

 REQUIRED_DISTRO_FEATURES = "x11"

-SRC_URI = "git://github.com/caolanm/libwmf.git;protocol=https;branch=master \
-           file://libwmf-0.2.8.4-intoverflow.patch \
-           file://libwmf-0.2.8.4-useafterfree.patch \
-           file://0001-configure-use-pkg-config-for-freetype.patch \
-          "
-SRCREV = "27b4aaf8cf653b4cd2ebe14717ffa9e76560485e"
+SRC_URI = "git://github.com/caolanm/libwmf.git;protocol=https;branch=master"
+SRCREV = "9e4737f2293c0d127bda92e5b01896df10571424"

 S = "${WORKDIR}/git"

 do_install:append() {
-    sed -i -e 's@${RECIPE_SYSROOT}@@g' ${D}${bindir}/libwmf-config
+    sed -i -e 's@${RECIPE_SYSROOT}@@g' ${D}${bindir}/libwmf-config ${D}${libdir}/pkgconfig/libwmf.pc
 }

-FILES:${PN}-dbg += "${libdir}/gtk-2.0/2.10.0/loaders/.debug"
-FILES:${PN}-dev += "${libdir}/gtk-2.0/2.10.0/loaders/*.la"
-FILES:${PN}-staticdev += "${libdir}/gtk-2.0/2.10.0/loaders/*.a"
-FILES:${PN} += "${libdir}/gtk-2.0/2.10.0/loaders/*.so"
+FILES:${PN}-dbg += "${libdir}/gdk-pixbuf-2.0/2.10.0/loaders/.debug"
+FILES:${PN}-dev += "${libdir}/gdk-pixbuf-2.0/2.10.0/loaders/*.la"
+FILES:${PN}-staticdev += "${libdir}/gdk-pixbuf-2.0/2.10.0/loaders/*.a"
+FILES:${PN} += "${libdir}/gdk-pixbuf-2.0/2.10.0/loaders/*.so"