diff options
author | Andreas Sturmlechner <asturm@gentoo.org> | 2017-11-24 23:55:47 +0100 |
---|---|---|
committer | Andreas Sturmlechner <asturm@gentoo.org> | 2017-11-25 00:06:22 +0100 |
commit | b0f7e72d6950013ea98f65116dc44cedd8923dd5 (patch) | |
tree | b1d1211e7baa39c81496196ea02379cf82680a52 /app-text/poppler | |
parent | app-text/poppler: Fix CVE-2017-14617 (diff) | |
download | gentoo-b0f7e72d6950013ea98f65116dc44cedd8923dd5.tar.gz gentoo-b0f7e72d6950013ea98f65116dc44cedd8923dd5.tar.bz2 gentoo-b0f7e72d6950013ea98f65116dc44cedd8923dd5.zip |
app-text/poppler: Fix CVE-2017-{2820,9083}
Bug: https://bugs.gentoo.org/619558
Bug: https://bugs.gentoo.org/624708
Package-Manager: Portage-2.3.16, Repoman-2.3.6
Diffstat (limited to 'app-text/poppler')
-rw-r--r-- | app-text/poppler/files/poppler-0.57.0-disable-internal-jpx.patch | 25 | ||||
-rw-r--r-- | app-text/poppler/poppler-0.57.0-r1.ebuild | 1 |
2 files changed, 26 insertions, 0 deletions
diff --git a/app-text/poppler/files/poppler-0.57.0-disable-internal-jpx.patch b/app-text/poppler/files/poppler-0.57.0-disable-internal-jpx.patch new file mode 100644 index 000000000000..faf632128ff7 --- /dev/null +++ b/app-text/poppler/files/poppler-0.57.0-disable-internal-jpx.patch @@ -0,0 +1,25 @@ +Fix security issue [internal unmaintained JPX decoder] that is caused +by building without system-jpeg libs. Fedora does not care because they +always build with system-jpeg, however in Gentoo we allow the user to +disable both options and poppler's buildsystem is making us believe +there would be no JPX decoder built in that case, when in reality +JPXStream.cc is built (even if it may not be used by the code). + + +--- a/CMakeLists.txt 2017-11-24 23:12:41.953450442 +0100 ++++ b/CMakeLists.txt 2017-11-24 23:16:09.441030669 +0100 +@@ -506,9 +508,11 @@ + add_definitions(-DUSE_OPENJPEG2) + set(poppler_LIBS ${poppler_LIBS} ${LIBOPENJPEG2_LIBRARIES}) + else () +- set(poppler_SRCS ${poppler_SRCS} +- poppler/JPXStream.cc +- ) ++ if(NOT WITH_OPENJPEG AND HAVE_JPX_DECODER) ++ set(poppler_SRCS ${poppler_SRCS} ++ poppler/JPXStream.cc ++ ) ++ endif() + endif() + if(USE_CMS) + if(LCMS_FOUND) diff --git a/app-text/poppler/poppler-0.57.0-r1.ebuild b/app-text/poppler/poppler-0.57.0-r1.ebuild index b7a421f73e2c..fafef568109a 100644 --- a/app-text/poppler/poppler-0.57.0-r1.ebuild +++ b/app-text/poppler/poppler-0.57.0-r1.ebuild @@ -65,6 +65,7 @@ PATCHES=( "${FILESDIR}/${PN}-0.53.0-respect-cflags.patch" "${FILESDIR}/${PN}-0.33.0-openjpeg2.patch" "${FILESDIR}/${PN}-0.40-FindQt4.patch" + "${FILESDIR}/${P}-disable-internal-jpx.patch" # Fedora backports from upstream "${FILESDIR}/${P}-CVE-2017-14517.patch" "${FILESDIR}/${P}-CVE-2017-14518.patch" |