From dab2542f845bf1b6b7761f1be6fc55b9259238fe Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 21 Dec 2017 01:53:48 -0500 Subject: [PATCH] gnu: mupdf: Update to 1.12.0 [fixes CVE-2017-15369]. * gnu/packages/pdf.scm (mupdf): Update to 1.12.0. [source]: Remove obsolete patches. [inputs]: Add freeglut. * gnu/packages/patches/mupdf-CVE-2017-14685.patch, gnu/packages/patches/mupdf-CVE-2017-14686.patch, gnu/packages/patches/mupdf-CVE-2017-14687.patch, gnu/packages/patches/mupdf-CVE-2017-15587.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. * gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch: Update and rename to... * gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch: ... new file. --- gnu/local.mk | 6 +- .../patches/mupdf-CVE-2017-14685.patch | 34 ----- .../patches/mupdf-CVE-2017-14686.patch | 34 ----- .../patches/mupdf-CVE-2017-14687.patch | 130 ------------------ .../patches/mupdf-CVE-2017-15587.patch | 25 ---- ...=> mupdf-build-with-latest-openjpeg.patch} | 8 +- gnu/packages/pdf.scm | 13 +- 7 files changed, 10 insertions(+), 240 deletions(-) delete mode 100644 gnu/packages/patches/mupdf-CVE-2017-14685.patch delete mode 100644 gnu/packages/patches/mupdf-CVE-2017-14686.patch delete mode 100644 gnu/packages/patches/mupdf-CVE-2017-14687.patch delete mode 100644 gnu/packages/patches/mupdf-CVE-2017-15587.patch rename gnu/packages/patches/{mupdf-build-with-openjpeg-2.1.patch => mupdf-build-with-latest-openjpeg.patch} (69%) diff --git a/gnu/local.mk b/gnu/local.mk index f583a61c66..8ffcc58005 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -897,11 +897,7 @@ dist_patch_DATA = \ %D%/packages/patches/mozjs38-tracelogger.patch \ %D%/packages/patches/mozjs38-version-detection.patch \ %D%/packages/patches/mumps-build-parallelism.patch \ - %D%/packages/patches/mupdf-build-with-openjpeg-2.1.patch \ - %D%/packages/patches/mupdf-CVE-2017-14685.patch \ - %D%/packages/patches/mupdf-CVE-2017-14686.patch \ - %D%/packages/patches/mupdf-CVE-2017-14687.patch \ - %D%/packages/patches/mupdf-CVE-2017-15587.patch \ + %D%/packages/patches/mupdf-build-with-latest-openjpeg.patch \ %D%/packages/patches/mupen64plus-ui-console-notice.patch \ %D%/packages/patches/mutt-store-references.patch \ %D%/packages/patches/ncurses-CVE-2017-10684-10685.patch \ diff --git a/gnu/packages/patches/mupdf-CVE-2017-14685.patch b/gnu/packages/patches/mupdf-CVE-2017-14685.patch deleted file mode 100644 index 3fcce5fedf..0000000000 --- a/gnu/packages/patches/mupdf-CVE-2017-14685.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2017-14685: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14685 - -Patch copied from upstream source repository: - -https://git.ghostscript.com/?p=mupdf.git;h=ab1a420613dec93c686acbee2c165274e922f82a - -From ab1a420613dec93c686acbee2c165274e922f82a Mon Sep 17 00:00:00 2001 -From: Tor Andersson -Date: Tue, 19 Sep 2017 15:23:04 +0200 -Subject: [PATCH] Fix 698539: Don't use xps font if it could not be loaded. - -xps_load_links_in_glyphs did not cope with font loading failures. ---- - source/xps/xps-link.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/source/xps/xps-link.c b/source/xps/xps-link.c -index c07e0d7..c26a8d9 100644 ---- a/source/xps/xps-link.c -+++ b/source/xps/xps-link.c -@@ -91,6 +91,8 @@ xps_load_links_in_glyphs(fz_context *ctx, xps_document *doc, const fz_matrix *ct - bidi_level = atoi(bidi_level_att); - - font = xps_lookup_font(ctx, doc, base_uri, font_uri_att, style_att); -+ if (!font) -+ return; - text = xps_parse_glyphs_imp(ctx, doc, &local_ctm, font, fz_atof(font_size_att), - fz_atof(origin_x_att), fz_atof(origin_y_att), - is_sideways, bidi_level, indices_att, unicode_att); --- -2.9.1 - diff --git a/gnu/packages/patches/mupdf-CVE-2017-14686.patch b/gnu/packages/patches/mupdf-CVE-2017-14686.patch deleted file mode 100644 index e462a6ffeb..0000000000 --- a/gnu/packages/patches/mupdf-CVE-2017-14686.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2017-14686: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14686 - -Patch copied from upstream source repository: - -https://git.ghostscript.com/?p=mupdf.git;h=0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1 - -From 0f0fbc07d9be31f5e83ec5328d7311fdfd8328b1 Mon Sep 17 00:00:00 2001 -From: Tor Andersson -Date: Tue, 19 Sep 2017 16:33:38 +0200 -Subject: [PATCH] Fix 698540: Check name, comment and meta size field signs. - ---- - source/fitz/unzip.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/source/fitz/unzip.c b/source/fitz/unzip.c -index f2d4f32..0bcce0f 100644 ---- a/source/fitz/unzip.c -+++ b/source/fitz/unzip.c -@@ -141,6 +141,9 @@ static void read_zip_dir_imp(fz_context *ctx, fz_zip_archive *zip, int start_off - (void) fz_read_int32_le(ctx, file); /* ext file atts */ - offset = fz_read_int32_le(ctx, file); - -+ if (namesize < 0 || metasize < 0 || commentsize < 0) -+ fz_throw(ctx, FZ_ERROR_GENERIC, "invalid size in zip entry"); -+ - name = fz_malloc(ctx, namesize + 1); - n = fz_read(ctx, file, (unsigned char*)name, namesize); - if (n < (size_t)namesize) --- -2.9.1 - diff --git a/gnu/packages/patches/mupdf-CVE-2017-14687.patch b/gnu/packages/patches/mupdf-CVE-2017-14687.patch deleted file mode 100644 index cdc41df813..0000000000 --- a/gnu/packages/patches/mupdf-CVE-2017-14687.patch +++ /dev/null @@ -1,130 +0,0 @@ -Fix CVE-2017-14687: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14687 - -Patch copied from upstream source repository: - -https://git.ghostscript.com/?p=mupdf.git;h=2b16dbd8f73269cb15ca61ece75cf8d2d196ed28 - -From 2b16dbd8f73269cb15ca61ece75cf8d2d196ed28 Mon Sep 17 00:00:00 2001 -From: Tor Andersson -Date: Tue, 19 Sep 2017 17:17:12 +0200 -Subject: [PATCH] Fix 698558: Handle non-tags in tag name comparisons. - -Use fz_xml_is_tag instead of fz_xml_tag && !strcmp idiom. ---- - source/html/css-apply.c | 2 +- - source/svg/svg-run.c | 2 +- - source/xps/xps-common.c | 6 +++--- - source/xps/xps-glyphs.c | 2 +- - source/xps/xps-path.c | 4 ++-- - source/xps/xps-resource.c | 2 +- - 6 files changed, 9 insertions(+), 9 deletions(-) - -diff --git a/source/html/css-apply.c b/source/html/css-apply.c -index de55490..6a91df0 100644 ---- a/source/html/css-apply.c -+++ b/source/html/css-apply.c -@@ -328,7 +328,7 @@ match_selector(fz_css_selector *sel, fz_xml *node) - - if (sel->name) - { -- if (strcmp(sel->name, fz_xml_tag(node))) -+ if (!fz_xml_is_tag(node, sel->name)) - return 0; - } - -diff --git a/source/svg/svg-run.c b/source/svg/svg-run.c -index f974c67..5302c64 100644 ---- a/source/svg/svg-run.c -+++ b/source/svg/svg-run.c -@@ -1044,7 +1044,7 @@ svg_run_use(fz_context *ctx, fz_device *dev, svg_document *doc, fz_xml *root, co - fz_xml *linked = fz_tree_lookup(ctx, doc->idmap, xlink_href_att + 1); - if (linked) - { -- if (!strcmp(fz_xml_tag(linked), "symbol")) -+ if (fz_xml_is_tag(linked, "symbol")) - svg_run_use_symbol(ctx, dev, doc, root, linked, &local_state); - else - svg_run_element(ctx, dev, doc, linked, &local_state); -diff --git a/source/xps/xps-common.c b/source/xps/xps-common.c -index cc7fed9..f2f9b93 100644 ---- a/source/xps/xps-common.c -+++ b/source/xps/xps-common.c -@@ -47,7 +47,7 @@ xps_parse_brush(fz_context *ctx, xps_document *doc, const fz_matrix *ctm, const - else if (fz_xml_is_tag(node, "RadialGradientBrush")) - xps_parse_radial_gradient_brush(ctx, doc, ctm, area, base_uri, dict, node); - else -- fz_warn(ctx, "unknown brush tag: %s", fz_xml_tag(node)); -+ fz_warn(ctx, "unknown brush tag"); - } - - void -@@ -85,7 +85,7 @@ xps_begin_opacity(fz_context *ctx, xps_document *doc, const fz_matrix *ctm, cons - if (opacity_att) - opacity = fz_atof(opacity_att); - -- if (opacity_mask_tag && !strcmp(fz_xml_tag(opacity_mask_tag), "SolidColorBrush")) -+ if (fz_xml_is_tag(opacity_mask_tag, "SolidColorBrush")) - { - char *scb_opacity_att = fz_xml_att(opacity_mask_tag, "Opacity"); - char *scb_color_att = fz_xml_att(opacity_mask_tag, "Color"); -@@ -129,7 +129,7 @@ xps_end_opacity(fz_context *ctx, xps_document *doc, char *base_uri, xps_resource - - if (opacity_mask_tag) - { -- if (strcmp(fz_xml_tag(opacity_mask_tag), "SolidColorBrush")) -+ if (!fz_xml_is_tag(opacity_mask_tag, "SolidColorBrush")) - fz_pop_clip(ctx, dev); - } - } -diff --git a/source/xps/xps-glyphs.c b/source/xps/xps-glyphs.c -index 29dc5b3..5b26d78 100644 ---- a/source/xps/xps-glyphs.c -+++ b/source/xps/xps-glyphs.c -@@ -592,7 +592,7 @@ xps_parse_glyphs(fz_context *ctx, xps_document *doc, const fz_matrix *ctm, - - /* If it's a solid color brush fill/stroke do a simple fill */ - -- if (fill_tag && !strcmp(fz_xml_tag(fill_tag), "SolidColorBrush")) -+ if (fz_xml_is_tag(fill_tag, "SolidColorBrush")) - { - fill_opacity_att = fz_xml_att(fill_tag, "Opacity"); - fill_att = fz_xml_att(fill_tag, "Color"); -diff --git a/source/xps/xps-path.c b/source/xps/xps-path.c -index 6faeb0c..021d202 100644 ---- a/source/xps/xps-path.c -+++ b/source/xps/xps-path.c -@@ -879,14 +879,14 @@ xps_parse_path(fz_context *ctx, xps_document *doc, const fz_matrix *ctm, char *b - if (!data_att && !data_tag) - return; - -- if (fill_tag && !strcmp(fz_xml_tag(fill_tag), "SolidColorBrush")) -+ if (fz_xml_is_tag(fill_tag, "SolidColorBrush")) - { - fill_opacity_att = fz_xml_att(fill_tag, "Opacity"); - fill_att = fz_xml_att(fill_tag, "Color"); - fill_tag = NULL; - } - -- if (stroke_tag && !strcmp(fz_xml_tag(stroke_tag), "SolidColorBrush")) -+ if (fz_xml_is_tag(stroke_tag, "SolidColorBrush")) - { - stroke_opacity_att = fz_xml_att(stroke_tag, "Opacity"); - stroke_att = fz_xml_att(stroke_tag, "Color"); -diff --git a/source/xps/xps-resource.c b/source/xps/xps-resource.c -index c2292e6..8e81ab8 100644 ---- a/source/xps/xps-resource.c -+++ b/source/xps/xps-resource.c -@@ -84,7 +84,7 @@ xps_parse_remote_resource_dictionary(fz_context *ctx, xps_document *doc, char *b - if (!xml) - return NULL; - -- if (strcmp(fz_xml_tag(xml), "ResourceDictionary")) -+ if (!fz_xml_is_tag(xml, "ResourceDictionary")) - { - fz_drop_xml(ctx, xml); - fz_throw(ctx, FZ_ERROR_GENERIC, "expected ResourceDictionary element"); --- -2.9.1 - diff --git a/gnu/packages/patches/mupdf-CVE-2017-15587.patch b/gnu/packages/patches/mupdf-CVE-2017-15587.patch deleted file mode 100644 index 7d24666756..0000000000 --- a/gnu/packages/patches/mupdf-CVE-2017-15587.patch +++ /dev/null @@ -1,25 +0,0 @@ -Fix CVE-2017-15587. - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15587 -https://nandynarwhals.org/CVE-2017-15587/ - -This patch is these two upstream commits squashed together: - - - -diff --git a/source/pdf/pdf-xref.c b/source/pdf/pdf-xref.c -index 66bd0ed8..89499e61 100644 ---- a/source/pdf/pdf-xref.c -+++ b/source/pdf/pdf-xref.c -@@ -924,7 +924,7 @@ pdf_read_new_xref_section(fz_context *ctx, pdf_document *doc, fz_stream *stm, fz - pdf_xref_entry *table; - int i, n; - -- if (i0 < 0 || i1 < 0) -+ if (i0 < 0 || i1 < 0 || i0 > INT_MAX - i1) - fz_throw(ctx, FZ_ERROR_GENERIC, "negative xref stream entry index"); - //if (i0 + i1 > pdf_xref_len(ctx, doc)) - // fz_throw(ctx, FZ_ERROR_GENERIC, "xref stream has too many entries"); --- -2.15.0 - diff --git a/gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch b/gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch similarity index 69% rename from gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch rename to gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch index 0b5b735ff3..d5c9c60242 100644 --- a/gnu/packages/patches/mupdf-build-with-openjpeg-2.1.patch +++ b/gnu/packages/patches/mupdf-build-with-latest-openjpeg.patch @@ -1,4 +1,4 @@ -Make it possible to build MuPDF with OpenJPEG 2.1, which is the latest +Make it possible to build MuPDF with OpenJPEG 2.3, which is the latest release series and contains many important bug fixes. Patch adapted from Debian: @@ -10,16 +10,16 @@ And related to this upstream commit: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=f88bfe2e62dbadb96d4f52d7aa025f0a516078da diff --git a/source/fitz/load-jpx.c b/source/fitz/load-jpx.c -index 6b92e5c..72dea50 100644 +index 65699ba..ea84778 100644 --- a/source/fitz/load-jpx.c +++ b/source/fitz/load-jpx.c -@@ -444,11 +444,6 @@ +@@ -445,11 +445,6 @@ fz_load_jpx_info(fz_context *ctx, const unsigned char *data, size_t size, int *w #else /* HAVE_LURATECH */ -#define OPJ_STATIC -#define OPJ_HAVE_INTTYPES_H --#if !defined(_WIN32) && !defined(_WIN64) +-#if !defined(_MSC_VER) || _MSC_VER >= 1600 -#define OPJ_HAVE_STDINT_H -#endif #define USE_JPIP diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 84b9261885..335d0b29dc 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -567,25 +567,22 @@ extracting content or merging files.") (define-public mupdf (package (name "mupdf") - (version "1.11") + (version "1.12.0") (source (origin (method url-fetch) (uri (string-append "https://mupdf.com/downloads/archive/" - name "-" version "-source.tar.gz")) + name "-" version "-source.tar.xz")) + (patches (search-patches "mupdf-build-with-latest-openjpeg.patch")) (sha256 (base32 - "02phamcchgsmvjnb3ir7r5sssvx9fcrscn297z73b82n1jl79510")) - (patches (search-patches "mupdf-build-with-openjpeg-2.1.patch" - "mupdf-CVE-2017-14685.patch" - "mupdf-CVE-2017-14686.patch" - "mupdf-CVE-2017-14687.patch" - "mupdf-CVE-2017-15587.patch")) + "0b9j0gqbc3jhmx87r6idcsh8lnb30840c3hyx6dk2gdjqqh3hysp")) (modules '((guix build utils))) (snippet '(delete-file-recursively "thirdparty")))) (build-system gnu-build-system) (inputs `(("curl" ,curl) + ("freeglut" ,freeglut) ("freetype" ,freetype) ("harfbuzz" ,harfbuzz) ("jbig2dec" ,jbig2dec)