From 8fda37bca1e160e13e90e93d2d51640e8461611a Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 6 Apr 2017 23:19:11 -0400 Subject: gnu: libpng: Update to 1.6.29. * gnu/packages/image.scm (libpng): Update to 1.6.29. --- gnu/packages/image.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'gnu/packages/image.scm') diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index b5b3a7283d..82fc7bfe7a 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -66,7 +66,7 @@ (define-public libpng (package (name "libpng") - (version "1.6.28") + (version "1.6.29") (source (origin (method url-fetch) (uri (list (string-append "mirror://sourceforge/libpng/libpng16/" @@ -78,7 +78,8 @@ "ftp://ftp.simplesystems.org/pub/libpng/png/src/history" "/libpng16/libpng-" version ".tar.xz"))) (sha256 - (base32 "0ylgyx93hnk38haqrh8prd3ax5ngzwvjqw5cxw7p9nxmwsfyrlyq")))) + (base32 + "0fgjqp7x6jynacmqh6dj72cn6nnf6yxjfqqqfsxrx0pyx22bcia2")))) (build-system gnu-build-system) ;; libpng.la says "-lz", so propagate it. -- cgit v1.2.3 From 14c7790f1ad845b7e1932d6a700a1fb25f110608 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 15 Jun 2017 11:35:17 -0400 Subject: gnu: libtiff: Fix several bugs related to improper codec usage [security fixes]. This commit applies the patch to the libtiff package, not the grafting replacement. * gnu/packages/patches/libtiff-tiffgetfield-bugs.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 1 + .../patches/libtiff-tiffgetfield-bugs.patch | 201 +++++++++++++++++++++ 3 files changed, 203 insertions(+) create mode 100644 gnu/packages/patches/libtiff-tiffgetfield-bugs.patch (limited to 'gnu/packages/image.scm') diff --git a/gnu/local.mk b/gnu/local.mk index e30fa34efe..1d5c98094c 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -743,6 +743,7 @@ dist_patch_DATA = \ %D%/packages/patches/libssh2-fix-build-failure-with-gcrypt.patch \ %D%/packages/patches/libtar-CVE-2013-4420.patch \ %D%/packages/patches/libtheora-config-guess.patch \ + %D%/packages/patches/libtiff-tiffgetfield-bugs.patch \ %D%/packages/patches/libtirpc-CVE-2017-8779.patch \ %D%/packages/patches/libtorrent-rasterbar-boost-compat.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index da05c64545..c35a6d3b39 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -341,6 +341,7 @@ extracting icontainer icon files.") (method url-fetch) (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" version ".tar.gz")) + (patches (search-patches "libtiff-tiffgetfield-bugs.patch")) (sha256 (base32 "0419mh6kkhz5fkyl77gv0in8x4d2jpdpfs147y8mj86rrjlabmsr")))) diff --git a/gnu/packages/patches/libtiff-tiffgetfield-bugs.patch b/gnu/packages/patches/libtiff-tiffgetfield-bugs.patch new file mode 100644 index 0000000000..84566ca23e --- /dev/null +++ b/gnu/packages/patches/libtiff-tiffgetfield-bugs.patch @@ -0,0 +1,201 @@ +Fix several bugs in libtiff related to use of TIFFGetField(): + +http://bugzilla.maptools.org/show_bug.cgi?id=2580 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7554 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10095 + +Patch copied from upstream CVS. 3rd-party Git reference: +https://github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06 + +2017-06-01 Even Rouault + +* libtiff/tif_dirinfo.c, tif_dirread.c: add _TIFFCheckFieldIsValidForCodec(), +and use it in TIFFReadDirectory() so as to ignore fields whose tag is a +codec-specified tag but this codec is not enabled. This avoids TIFFGetField() +to behave differently depending on whether the codec is enabled or not, and +thus can avoid stack based buffer overflows in a number of TIFF utilities +such as tiffsplit, tiffcmp, thumbnail, etc. +Patch derived from 0063-Handle-properly-CODEC-specific-tags.patch +(http://bugzilla.maptools.org/show_bug.cgi?id=2580) by Raphaël Hertzog. +Fixes: +http://bugzilla.maptools.org/show_bug.cgi?id=2580 +http://bugzilla.maptools.org/show_bug.cgi?id=2693 +http://bugzilla.maptools.org/show_bug.cgi?id=2625 (CVE-2016-10095) +http://bugzilla.maptools.org/show_bug.cgi?id=2564 (CVE-2015-7554) +http://bugzilla.maptools.org/show_bug.cgi?id=2561 (CVE-2016-5318) +http://bugzilla.maptools.org/show_bug.cgi?id=2499 (CVE-2014-8128) +http://bugzilla.maptools.org/show_bug.cgi?id=2441 +http://bugzilla.maptools.org/show_bug.cgi?id=2433 +Index: libtiff/libtiff/tif_dirread.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v +retrieving revision 1.208 +retrieving revision 1.209 +diff -u -r1.208 -r1.209 +--- libtiff/libtiff/tif_dirread.c 27 Apr 2017 15:46:22 -0000 1.208 ++++ libtiff/libtiff/tif_dirread.c 1 Jun 2017 12:44:04 -0000 1.209 +@@ -1,4 +1,4 @@ +-/* $Id: tif_dirread.c,v 1.208 2017-04-27 15:46:22 erouault Exp $ */ ++/* $Id: tif_dirread.c,v 1.209 2017-06-01 12:44:04 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -3580,6 +3580,10 @@ + goto bad; + dp->tdir_tag=IGNORE; + break; ++ default: ++ if( !_TIFFCheckFieldIsValidForCodec(tif, dp->tdir_tag) ) ++ dp->tdir_tag=IGNORE; ++ break; + } + } + } +Index: libtiff/libtiff/tif_dirinfo.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirinfo.c,v +retrieving revision 1.126 +retrieving revision 1.127 +diff -u -r1.126 -r1.127 +--- libtiff/libtiff/tif_dirinfo.c 18 Nov 2016 02:52:13 -0000 1.126 ++++ libtiff/libtiff/tif_dirinfo.c 1 Jun 2017 12:44:04 -0000 1.127 +@@ -1,4 +1,4 @@ +-/* $Id: tif_dirinfo.c,v 1.126 2016-11-18 02:52:13 bfriesen Exp $ */ ++/* $Id: tif_dirinfo.c,v 1.127 2017-06-01 12:44:04 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -956,6 +956,109 @@ + return 0; + } + ++int ++_TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag) ++{ ++ /* Filter out non-codec specific tags */ ++ switch (tag) { ++ /* Shared tags */ ++ case TIFFTAG_PREDICTOR: ++ /* JPEG tags */ ++ case TIFFTAG_JPEGTABLES: ++ /* OJPEG tags */ ++ case TIFFTAG_JPEGIFOFFSET: ++ case TIFFTAG_JPEGIFBYTECOUNT: ++ case TIFFTAG_JPEGQTABLES: ++ case TIFFTAG_JPEGDCTABLES: ++ case TIFFTAG_JPEGACTABLES: ++ case TIFFTAG_JPEGPROC: ++ case TIFFTAG_JPEGRESTARTINTERVAL: ++ /* CCITT* */ ++ case TIFFTAG_BADFAXLINES: ++ case TIFFTAG_CLEANFAXDATA: ++ case TIFFTAG_CONSECUTIVEBADFAXLINES: ++ case TIFFTAG_GROUP3OPTIONS: ++ case TIFFTAG_GROUP4OPTIONS: ++ break; ++ default: ++ return 1; ++ } ++ /* Check if codec specific tags are allowed for the current ++ * compression scheme (codec) */ ++ switch (tif->tif_dir.td_compression) { ++ case COMPRESSION_LZW: ++ if (tag == TIFFTAG_PREDICTOR) ++ return 1; ++ break; ++ case COMPRESSION_PACKBITS: ++ /* No codec-specific tags */ ++ break; ++ case COMPRESSION_THUNDERSCAN: ++ /* No codec-specific tags */ ++ break; ++ case COMPRESSION_NEXT: ++ /* No codec-specific tags */ ++ break; ++ case COMPRESSION_JPEG: ++ if (tag == TIFFTAG_JPEGTABLES) ++ return 1; ++ break; ++ case COMPRESSION_OJPEG: ++ switch (tag) { ++ case TIFFTAG_JPEGIFOFFSET: ++ case TIFFTAG_JPEGIFBYTECOUNT: ++ case TIFFTAG_JPEGQTABLES: ++ case TIFFTAG_JPEGDCTABLES: ++ case TIFFTAG_JPEGACTABLES: ++ case TIFFTAG_JPEGPROC: ++ case TIFFTAG_JPEGRESTARTINTERVAL: ++ return 1; ++ } ++ break; ++ case COMPRESSION_CCITTRLE: ++ case COMPRESSION_CCITTRLEW: ++ case COMPRESSION_CCITTFAX3: ++ case COMPRESSION_CCITTFAX4: ++ switch (tag) { ++ case TIFFTAG_BADFAXLINES: ++ case TIFFTAG_CLEANFAXDATA: ++ case TIFFTAG_CONSECUTIVEBADFAXLINES: ++ return 1; ++ case TIFFTAG_GROUP3OPTIONS: ++ if (tif->tif_dir.td_compression == COMPRESSION_CCITTFAX3) ++ return 1; ++ break; ++ case TIFFTAG_GROUP4OPTIONS: ++ if (tif->tif_dir.td_compression == COMPRESSION_CCITTFAX4) ++ return 1; ++ break; ++ } ++ break; ++ case COMPRESSION_JBIG: ++ /* No codec-specific tags */ ++ break; ++ case COMPRESSION_DEFLATE: ++ case COMPRESSION_ADOBE_DEFLATE: ++ if (tag == TIFFTAG_PREDICTOR) ++ return 1; ++ break; ++ case COMPRESSION_PIXARLOG: ++ if (tag == TIFFTAG_PREDICTOR) ++ return 1; ++ break; ++ case COMPRESSION_SGILOG: ++ case COMPRESSION_SGILOG24: ++ /* No codec-specific tags */ ++ break; ++ case COMPRESSION_LZMA: ++ if (tag == TIFFTAG_PREDICTOR) ++ return 1; ++ break; ++ ++ } ++ return 0; ++} ++ + /* vim: set ts=8 sts=8 sw=8 noet: */ + + /* +Index: libtiff/libtiff/tif_dir.h +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.h,v +retrieving revision 1.54 +retrieving revision 1.55 +diff -u -r1.54 -r1.55 +--- libtiff/libtiff/tif_dir.h 18 Feb 2011 20:53:05 -0000 1.54 ++++ libtiff/libtiff/tif_dir.h 1 Jun 2017 12:44:04 -0000 1.55 +@@ -1,4 +1,4 @@ +-/* $Id: tif_dir.h,v 1.54 2011-02-18 20:53:05 fwarmerdam Exp $ */ ++/* $Id: tif_dir.h,v 1.55 2017-06-01 12:44:04 erouault Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -291,6 +291,7 @@ + extern int _TIFFMergeFields(TIFF*, const TIFFField[], uint32); + extern const TIFFField* _TIFFFindOrRegisterField(TIFF *, uint32, TIFFDataType); + extern TIFFField* _TIFFCreateAnonField(TIFF *, uint32, TIFFDataType); ++extern int _TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag); + + #if defined(__cplusplus) + } -- cgit v1.2.3 From a6aff3528c32cc921bddd78b254678a1fc121f21 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Thu, 15 Jun 2017 11:41:51 -0400 Subject: gnu: libtiff: Build with the default compiler. The relevant bug has been fixed and this special-case workaround is no longer necessary. * gnu/packages/image.scm (libtiff)[native-inputs]: Remove field. --- gnu/packages/image.scm | 3 --- 1 file changed, 3 deletions(-) (limited to 'gnu/packages/image.scm') diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index c35a6d3b39..317b1a0a30 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -354,9 +354,6 @@ extracting icontainer icon files.") (assoc-ref %outputs "doc") "/share/doc/" ,name "-" ,version)))) - ;; Build with a patched GCC to work around . - (native-inputs - `(("gcc@5" ,gcc-5))) (inputs `(("zlib" ,zlib) ("libjpeg" ,libjpeg))) (synopsis "Library for handling TIFF files") -- cgit v1.2.3 From a56bf101c603aac3c7e2fc47bd8bd025f2ed44a6 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sat, 5 Aug 2017 00:11:41 +0200 Subject: gnu: perl: Work around more "dotless @INC" build issues. * gnu/packages/web.scm (perl-www-curl)[arguments]: Add 'set-search-path' phase. * gnu/packages/bioinformatics.scm (ngs-sdk)[arguments]: Augment 'configure' phase to set PERL5LIB. * gnu/packages/image.scm (steghide)[arguments]: Add #:phases argument. --- gnu/packages/bioinformatics.scm | 4 ++++ gnu/packages/image.scm | 11 ++++++++++- gnu/packages/web.scm | 11 ++++++++++- 3 files changed, 24 insertions(+), 2 deletions(-) (limited to 'gnu/packages/image.scm') diff --git a/gnu/packages/bioinformatics.scm b/gnu/packages/bioinformatics.scm index 6bbbe33784..2b4b400c19 100644 --- a/gnu/packages/bioinformatics.scm +++ b/gnu/packages/bioinformatics.scm @@ -4680,6 +4680,10 @@ Roche 454, Ion Torrent and Pacific BioSciences SMRT.") 'configure (lambda* (#:key outputs #:allow-other-keys) (let ((out (assoc-ref outputs "out"))) + ;; Allow 'konfigure.perl' to find 'package.prl'. + (setenv "PERL5LIB" + (string-append ".:" (getenv "PERL5LIB"))) + ;; The 'configure' script doesn't recognize things like ;; '--enable-fast-install'. (zero? (system* "./configure" diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 1b230b5700..5bc9a77174 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -986,7 +986,16 @@ differences in file encoding, image quality, and other small variations.") ("libjpeg" ,libjpeg) ("zlib" ,zlib))) (arguments - `(#:make-flags '("CXXFLAGS=-fpermissive"))) ;required for MHashPP.cc + `(#:make-flags '("CXXFLAGS=-fpermissive") ;required for MHashPP.cc + + #:phases (modify-phases %standard-phases + (add-before 'configure 'set-perl-search-path + (lambda _ + ;; Work around "dotless @INC" build failure. + (setenv "PERL5LIB" + (string-append (getcwd) "/tests:" + (getenv "PERL5LIB"))) + #t))))) (home-page "http://steghide.sourceforge.net") (synopsis "Image and audio steganography") (description diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index 695b7a3b54..096d05c167 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -3249,7 +3249,16 @@ RFC 6570.") "1fmp9aib1kaps9vhs4dwxn7b15kgnlz9f714bxvqsd1j1q8spzsj")))) (build-system perl-build-system) (arguments - '(#:tests? #f)) ;XXX: tests require network access + '(#:tests? #f ;XXX: tests require network access + + #:phases (modify-phases %standard-phases + (add-before 'configure 'set-search-path + (lambda _ + ;; Work around "dotless @INC" build failure. + (setenv "PERL5LIB" + (string-append (getcwd) ":" + (getenv "PERL5LIB"))) + #t))))) (native-inputs `(("perl-module-install" ,perl-module-install))) (inputs `(("curl" ,curl))) -- cgit v1.2.3