mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-11 15:11:26 +00:00
Code Issues Projects Releases Wiki Activity
Files
49732c90c0a4e1b3fc3679456ce2bd2819b144d0
meta-openembedded/meta-gnome/recipes-gimp/gimp/gimp_3.0.6.bb
Gyorgy Sarvari 49732c90c0 gimp: patch CVE-2025-14425 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-14425

Backport the patch referenced by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2025-12-31 08:28:49 -08:00

142 lines
4.5 KiB
BlitzBasic
Raw Blame History

SUMMARY = "The GIMP is the GNU Image Manipulation Program"
HOMEPAGE = "http://www.gimp.org"
SECTION = "graphics"
LICENSE = "GPL-3.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=c678957b0c8e964aa6c70fd77641a71e"
DEPENDS = " \
appstream \
atk \
babl \
bzip2 \
bison-native \
cairo \
fontconfig \
freetype \
gdk-pixbuf-native \
gegl \
gexiv2 \
glib-2.0 \
glib-2.0-native \
gtk+3 \
harfbuzz \
iso-codes-native \
jpeg \
json-glib \
lcms \
libarchive \
libexif \
libmypaint \
libpng \
librsvg \
librsvg-native \
libxmu \
libxslt-native \
mypaint-brushes-1.0 \
pango \
poppler \
poppler-data \
python3-pygobject-native \
tiff \
xz \
zlib \
"
DEPENDS:append:libc-musl = " libexecinfo"
LDFLAGS:append:libc-musl = " -lexecinfo"
inherit meson gtk-icon-cache mime-xdg pkgconfig gettext gobject-introspection vala
GIR_MESON_OPTION = 'can-crosscompile-gir'
VALA_MESON_OPTION = "vala"
VALA_MESON_ENABLE_FLAG = "enabled"
VALA_MESON_DISABLE_FLAG = "disabled"
GIDOCGEN_MESON_OPTION = "gi-docgen"
GIDOCGEN_MESON_ENABLE_FLAG = "enabled"
GIDOCGEN_MESON_DISABLE_FLAG = "disabled"
SRC_URI = "https://download.gimp.org/gimp/v3.0/${BP}.tar.xz \
file://0001-gimp-cross-compile-fix-for-bz2.patch \
file://0002-meson.build-reproducibility-fix.patch \
file://0001-meson.build-dont-check-for-lgi.patch \
file://0001-meson.build-require-iso-codes-native.patch \
file://CVE-2025-14422.patch \
file://CVE-2025-14423.patch \
file://CVE-2025-14424.patch \
file://CVE-2025-14425.patch \
"
SRC_URI[sha256sum] = "246c225383c72ef9f0dc7703b7d707084bbf177bd2900e94ce466a62862e296b"
PACKAGECONFIG[aa] = "-Daa=enabled,-Daa=disabled,aalib"
PACKAGECONFIG[alsa] = "-Dalsa=enabled,-Dalsa=disabled,alsa-lib"
PACKAGECONFIG[appdata-test] = "-Dappdata-test=enabled,-Dappdata-test=disabled,appstream-native"
PACKAGECONFIG[cairo-pdf] = "-Dcairo-pdf=enabled,-Dcairo-pdf=disabled"
PACKAGECONFIG[check-update] = "-Dcheck-update=yes,-Dcheck-update=no"
PACKAGECONFIG[ghostscript] = "-Dghostscript=enabled,-Dghostscript=disabled,ghostscript,ghostscript"
PACKAGECONFIG[gudev] = "-Dgudev=enabled,-Dgudev=disabled,libgudev"
PACKAGECONFIG[heif] = "-Dheif=enabled,-Dheif=disabled,libheif"
PACKAGECONFIG[javascript] = "-Djavascript=enabled,-Djavascript=disabled,,gjs"
PACKAGECONFIG[jpeg2000] = "-Djpeg2000=enabled,-Djpeg2000=disabled,jasper"
PACKAGECONFIG[jpeg-xl] = "-Djpeg-xl=enabled,-Djpeg-xl=disabled,libjxl"
PACKAGECONFIG[libunwind] = "-Dlibunwind=true,-Dlibunwind=false,libunwind"
PACKAGECONFIG[libbacktrace] = "-Dlibbacktrace=true,-Dlibbacktrace=false,libbacktrace"
PACKAGECONFIG[lua] = "-Dlua=true,-Dlua=false,,luajit lua-lgi"
PACKAGECONFIG[mng] = "-Dmng=enabled,-Dmng=disabled,libmng"
PACKAGECONFIG[openmp] = "-Dopenmp=enabled,-Dopenmp=disabled,gcc-runtime"
PACKAGECONFIG[vector-icons] = "-Dvector-icons=true,-Dvector-icons=false,librsvg shared-mime-info"
PACKAGECONFIG[webp] = "-Dwebp=enabled,-Dwebp=disabled,libwebp"
PACKAGECONFIG[xcursor] = "-Dxcursor=enabled,-Dxcursor=disabled,libxcursor"
PACKAGECONFIG[x11] = "-Dxpm=enabled,-Dxpm=disabled,libxpm libxext libxfixes"
PACKAGECONFIG ?= " \
alsa \
cairo-pdf \
ghostscript \
gudev \
javascript \
jpeg2000 \
jpeg-xl \
lua \
mng \
webp \
${@oe.utils.conditional('SITEINFO_BITS', '32', '', 'vector-icons', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 xcursor', '', d)} \
"
PACKAGECONFIG:remove:riscv32 = "lua"
PACKAGECONFIG:remove:riscv64 = "lua"
PACKAGECONFIG:remove:powerpc64 = "lua"
PACKAGECONFIG:remove:powerpc64le = "lua"
EXTRA_OEMESON += " \
-Dshmem-type=posix \
-Dlinux-input=enabled \
--buildtype release \
--cross-file=${WORKDIR}/meson-${PN}.cross \
"
do_write_config:append() {
cat >${WORKDIR}/meson-${PN}.cross <<EOF
[binaries]
gjs = '${bindir}/gjs'
luajit = '${bindir}/luajit'
EOF
}
do_configure:append () {
sed -i -e "s|build_by_default: true|build_by_default: false|" ${S}/gimp-data/images/meson.build
}
do_install:prepend() {
sed -i -e "s|${B}||" ${B}/app/widgets/gimplanguagestore-data.h
sed -i -e "s|${B}||" ${B}/plug-ins/file-bmp/huffman.h
}
FILES:${PN} += "${datadir}/metainfo"
RDEPENDS:${PN} = "mypaint-brushes-1.0 glib-networking python3-pygobject"
CVE_STATUS[CVE-2007-3741] = "not-applicable-platform: This only applies for Mandriva Linux"
CVE_STATUS[CVE-2025-8672] = "not-applicable-config: the vulnerability only affects MacOS"
Reference in New Issue View Git Blame Copy Permalink