mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-15 16:07:26 +00:00
1aa842b7af
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer. Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6906 Upstream patches: https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415 https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558 Signed-off-by: Catalin Enache <catalin.enache@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
68 lines
2.2 KiB
BlitzBasic
68 lines
2.2 KiB
BlitzBasic
SUMMARY = "gd is a library used to create PNG, JPEG, or WBMP images"
|
|
DESCRIPTION = "The gd graphics library allows your code to quickly draw images \
|
|
complete with lines, arcs, text, multiple colors, cut and paste from other \
|
|
images, and flood fills, and to write out the result as a PNG or JPEG file. \
|
|
This is particularly useful in Web applications, where PNG and JPEG are two \
|
|
of the formats accepted for inline images by most browsers. Note that gd is not \
|
|
a paint program."
|
|
HOMEPAGE = "http://libgd.bitbucket.org/"
|
|
|
|
SECTION = "libs"
|
|
LICENSE = "GD"
|
|
LIC_FILES_CHKSUM = "file://COPYING;md5=c97638cafd3581eb87abd37332137669"
|
|
DEPENDS = "freetype libpng jpeg zlib tiff"
|
|
|
|
SRC_URI = "git://github.com/libgd/libgd.git;branch=GD-2.2 \
|
|
file://fix-gcc-unused-functions.patch \
|
|
file://CVE-2016-10166.patch \
|
|
file://CVE-2016-10167.patch \
|
|
file://CVE-2016-10168.patch \
|
|
file://.gitignore-the-new-test-case.patch \
|
|
file://Fix-290-TGA-RLE-decoding-is-broken.patch;apply=no \
|
|
file://CVE-2016-6906-1.patch;apply=no \
|
|
file://CVE-2016-6906-2.patch;apply=no"
|
|
|
|
SRCREV = "46ceef5970bf3a847ff61d1bdde7501d66c11d0c"
|
|
|
|
S = "${WORKDIR}/git"
|
|
|
|
inherit autotools binconfig gettext pkgconfig
|
|
|
|
EXTRA_OECONF += " --disable-rpath \
|
|
--with-jpeg=${STAGING_LIBDIR}/.. \
|
|
--with-freetype=yes \
|
|
--without-fontconfig \
|
|
--without-webp \
|
|
--without-xpm \
|
|
--without-x \
|
|
"
|
|
|
|
EXTRA_OEMAKE = 'LDFLAGS="${LDFLAGS}"'
|
|
|
|
do_git_apply () {
|
|
cd ${S}
|
|
if [ ! -f tests/tga/tga_read_rgb.png ]; then
|
|
git apply ${S}/../Fix-290-TGA-RLE-decoding-is-broken.patch
|
|
git apply ${S}/../CVE-2016-6906-1.patch
|
|
git apply ${S}/../CVE-2016-6906-2.patch
|
|
fi
|
|
}
|
|
|
|
do_patch_append() {
|
|
bb.build.exec_func('do_git_apply', d)
|
|
}
|
|
|
|
do_install_append() {
|
|
# cleanup buildpaths from gdlib.pc
|
|
sed -i -e 's#${STAGING_DIR_HOST}##g' ${D}${libdir}/pkgconfig/gdlib.pc
|
|
}
|
|
|
|
PACKAGES += "${PN}-tools"
|
|
|
|
FILES_${PN} = "${libdir}/lib*${SOLIBS}"
|
|
FILES_${PN}-tools = "${bindir}/*"
|
|
|
|
PROVIDES += "${PN}-tools"
|
|
RPROVIDES_${PN}-tools = "${PN}-tools"
|
|
RDEPENDS_${PN}-tools = "perl perl-module-strict"
|