summaryrefslogtreecommitdiff
path: root/packages/media-libs
diff options
context:
space:
mode:
Diffstat (limited to 'packages/media-libs')
-rw-r--r--packages/media-libs/audiofile/audiofile-0.3.6-r2.exheres-0 (renamed from packages/media-libs/audiofile/audiofile-0.3.6-r1.exheres-0)4
-rw-r--r--packages/media-libs/audiofile/files/audiofile-0.3.6-CVE-2017-68xx.patch382
-rw-r--r--packages/media-libs/audiofile/files/audiofile-0.3.6-CVE-2018-13440-CVE-2018-17095.patch82
-rw-r--r--packages/media-libs/faudio/faudio-20.11.exheres-0 (renamed from packages/media-libs/faudio/faudio-20.10.exheres-0)0
-rw-r--r--packages/media-libs/ilmbase/files/ilmbase-2.0.1-no_undefined.patch27
-rw-r--r--packages/media-libs/ilmbase/ilmbase-2.3.0.exheres-026
-rw-r--r--packages/media-libs/ilmbase/ilmbase-2.5.3.exheres-029
-rw-r--r--packages/media-libs/libass/libass-0.15.0.exheres-0 (renamed from packages/media-libs/libass/libass-0.14.0.exheres-0)13
-rw-r--r--packages/media-libs/libde265/libde265-1.0.8.exheres-0 (renamed from packages/media-libs/libde265/libde265-1.0.7.exheres-0)0
-rw-r--r--packages/media-libs/libexif/files/libexif-0.6.22-fixed-a-incorrect-overflow-check-that-could-be-optim.patch37
-rw-r--r--packages/media-libs/libexif/files/libexif-0.6.22-fixed-another-unsigned-integer-overflow.patch64
-rw-r--r--packages/media-libs/libexif/libexif-0.6.22-r1.exheres-0 (renamed from packages/media-libs/libexif/libexif-0.6.22.exheres-0)5
-rw-r--r--packages/media-libs/openexr/openexr-2.3.0.exheres-085
-rw-r--r--packages/media-libs/openexr/openexr-2.5.3.exheres-047
14 files changed, 660 insertions, 141 deletions
diff --git a/packages/media-libs/audiofile/audiofile-0.3.6-r1.exheres-0 b/packages/media-libs/audiofile/audiofile-0.3.6-r2.exheres-0
index 74243d97..9275fa31 100644
--- a/packages/media-libs/audiofile/audiofile-0.3.6-r1.exheres-0
+++ b/packages/media-libs/audiofile/audiofile-0.3.6-r2.exheres-0
@@ -22,7 +22,9 @@ DEPENDENCIES="
DEFAULT_SRC_PREPARE_PATCHES+=(
"${FILES}"/49103e386808042f830c18365976ad40875923ea.patch
- "${FILES}"/${PNV}-Fix-undefined-behavior-in-sign-conversion.patch
+ "${FILES}"/${PN}-0.3.6-Fix-undefined-behavior-in-sign-conversion.patch
+ "${FILES}"/${PN}-0.3.6-CVE-2017-68xx.patch
+ "${FILES}"/${PN}-0.3.6-CVE-2018-13440-CVE-2018-17095.patch
)
DEFAULT_SRC_CONFIGURE_PARAMS=(
diff --git a/packages/media-libs/audiofile/files/audiofile-0.3.6-CVE-2017-68xx.patch b/packages/media-libs/audiofile/files/audiofile-0.3.6-CVE-2017-68xx.patch
new file mode 100644
index 00000000..2ca85c10
--- /dev/null
+++ b/packages/media-libs/audiofile/files/audiofile-0.3.6-CVE-2017-68xx.patch
@@ -0,0 +1,382 @@
+Source/Upstream: Reported in various issues and pull requests
+Reason: Fix multiple CVEs
+
+Debian patchset for CVE-2017-68{29..38} and two other vulnerabilities:
+
+https://salsa.debian.org/multimedia-team/audiofile/commit/242f019#a064ca928f514268d4bae308e2e3990138341b76:
+
+* Address several vulnerabilities (Closes: #857651)
+ - Always check the number of coefficients (CVE-2017-6827 CVE-2017-6828
+ CVE-2017-6832 CVE-2017-6833 CVE-2017-6835 CVE-2017-6837)
+ - clamp index values to fix index overflow in IMA.cpp (CVE-2017-6829)
+ - Check for multiplication overflow in sfconvert (CVE-2017-6830
+ CVE-2017-6834 CVE-2017-6836 CVE-2017-6838)
+ - Actually fail when error occurs in parseFormat (CVE-2017-6831)
+ - Check for multiplication overflow in MSADPCM decodeSample
+ (CVE-2017-6839)
+* Fix signature of multiplyCheckOverflow. It returns a bool, not an int
+* Check for division by zero in BlockCodec::runPull
+
+
+From a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6 Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 18:59:26 +0100
+Subject: [PATCH] Actually fail when error occurs in parseFormat
+
+When there's an unsupported number of bits per sample or an invalid
+number of samples per block, don't only print an error message using
+the error handler, but actually stop parsing the file.
+
+This fixes #35 (also reported at
+https://bugzilla.opensuse.org/show_bug.cgi?id=1026983 and
+https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/
+)
+---
+ libaudiofile/WAVE.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
+index 0e81cf7..d762249 100644
+--- a/libaudiofile/WAVE.cpp
++++ b/libaudiofile/WAVE.cpp
+@@ -326,6 +326,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+ {
+ _af_error(AF_BAD_NOT_IMPLEMENTED,
+ "IMA ADPCM compression supports only 4 bits per sample");
++ return AF_FAIL;
+ }
+
+ int bytesPerBlock = (samplesPerBlock + 14) / 8 * 4 * channelCount;
+@@ -333,6 +334,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+ {
+ _af_error(AF_BAD_CODEC_CONFIG,
+ "Invalid samples per block for IMA ADPCM compression");
++ return AF_FAIL;
+ }
+
+ track->f.sampleWidth = 16;
+--
+2.11.0
+
+From c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0 Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 12:51:22 +0100
+Subject: [PATCH] Always check the number of coefficients
+
+When building the library with NDEBUG, asserts are eliminated
+so it's better to always check that the number of coefficients
+is inside the array range.
+
+This fixes the 00191-audiofile-indexoob issue in #41
+---
+ libaudiofile/WAVE.cpp | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp
+index 0e81cf7..61f9541 100644
+--- a/libaudiofile/WAVE.cpp
++++ b/libaudiofile/WAVE.cpp
+@@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size)
+
+ /* numCoefficients should be at least 7. */
+ assert(numCoefficients >= 7 && numCoefficients <= 255);
++ if (numCoefficients < 7 || numCoefficients > 255)
++ {
++ _af_error(AF_BAD_HEADER,
++ "Bad number of coefficients");
++ return AF_FAIL;
++ }
+
+ m_msadpcmNumCoefficients = numCoefficients;
+
+--
+2.11.0
+
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Thu, 9 Mar 2017 10:21:18 +0100
+Subject: Check for division by zero in BlockCodec::runPull
+
+---
+ libaudiofile/modules/BlockCodec.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libaudiofile/modules/BlockCodec.cpp b/libaudiofile/modules/BlockCodec.cpp
+index 4731be1..eb2fb4d 100644
+--- a/libaudiofile/modules/BlockCodec.cpp
++++ b/libaudiofile/modules/BlockCodec.cpp
+@@ -47,7 +47,7 @@ void BlockCodec::runPull()
+
+ // Read the compressed data.
+ ssize_t bytesRead = read(m_inChunk->buffer, m_bytesPerPacket * blockCount);
+- int blocksRead = bytesRead >= 0 ? bytesRead / m_bytesPerPacket : 0;
++ int blocksRead = (bytesRead >= 0 && m_bytesPerPacket > 0) ? bytesRead / m_bytesPerPacket : 0;
+
+ // Decompress into m_outChunk.
+ for (int i=0; i<blocksRead; i++)
+From beacc44eb8cdf6d58717ec1a5103c5141f1b37f9 Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 13:43:53 +0100
+Subject: [PATCH] Check for multiplication overflow in MSADPCM decodeSample
+
+Check for multiplication overflow (using __builtin_mul_overflow
+if available) in MSADPCM.cpp decodeSample and return an empty
+decoded block if an error occurs.
+
+This fixes the 00193-audiofile-signintoverflow-MSADPCM case of #41
+---
+ libaudiofile/modules/BlockCodec.cpp | 5 ++--
+ libaudiofile/modules/MSADPCM.cpp | 47 +++++++++++++++++++++++++++++++++----
+ 2 files changed, 46 insertions(+), 6 deletions(-)
+
+diff --git a/libaudiofile/modules/BlockCodec.cpp b/libaudiofile/modules/BlockCodec.cpp
+index 45925e8..4731be1 100644
+--- a/libaudiofile/modules/BlockCodec.cpp
++++ b/libaudiofile/modules/BlockCodec.cpp
+@@ -52,8 +52,9 @@ void BlockCodec::runPull()
+ // Decompress into m_outChunk.
+ for (int i=0; i<blocksRead; i++)
+ {
+- decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
+- static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount);
++ if (decodeBlock(static_cast<const uint8_t *>(m_inChunk->buffer) + i * m_bytesPerPacket,
++ static_cast<int16_t *>(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount)==0)
++ break;
+
+ framesRead += m_framesPerPacket;
+ }
+diff --git a/libaudiofile/modules/MSADPCM.cpp b/libaudiofile/modules/MSADPCM.cpp
+index 8ea3c85..ef9c38c 100644
+--- a/libaudiofile/modules/MSADPCM.cpp
++++ b/libaudiofile/modules/MSADPCM.cpp
+@@ -101,24 +101,60 @@ static const int16_t adaptationTable[] =
+ 768, 614, 512, 409, 307, 230, 230, 230
+ };
+
++int firstBitSet(int x)
++{
++ int position=0;
++ while (x!=0)
++ {
++ x>>=1;
++ ++position;
++ }
++ return position;
++}
++
++#ifndef __has_builtin
++#define __has_builtin(x) 0
++#endif
++
++int multiplyCheckOverflow(int a, int b, int *result)
++{
++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
++ return __builtin_mul_overflow(a, b, result);
++#else
++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
++ return true;
++ *result = a * b;
++ return false;
++#endif
++}
++
++
+ // Compute a linear PCM value from the given differential coded value.
+ static int16_t decodeSample(ms_adpcm_state &state,
+- uint8_t code, const int16_t *coefficient)
++ uint8_t code, const int16_t *coefficient, bool *ok=NULL)
+ {
+ int linearSample = (state.sample1 * coefficient[0] +
+ state.sample2 * coefficient[1]) >> 8;
++ int delta;
+
+ linearSample += ((code & 0x08) ? (code - 0x10) : code) * state.delta;
+
+ linearSample = clamp(linearSample, MIN_INT16, MAX_INT16);
+
+- int delta = (state.delta * adaptationTable[code]) >> 8;
++ if (multiplyCheckOverflow(state.delta, adaptationTable[code], &delta))
++ {
++ if (ok) *ok=false;
++ _af_error(AF_BAD_COMPRESSION, "Error decoding sample");
++ return 0;
++ }
++ delta >>= 8;
+ if (delta < 16)
+ delta = 16;
+
+ state.delta = delta;
+ state.sample2 = state.sample1;
+ state.sample1 = linearSample;
++ if (ok) *ok=true;
+
+ return static_cast<int16_t>(linearSample);
+ }
+@@ -212,13 +248,16 @@ int MSADPCM::decodeBlock(const uint8_t *encoded, int16_t *decoded)
+ {
+ uint8_t code;
+ int16_t newSample;
++ bool ok;
+
+ code = *encoded >> 4;
+- newSample = decodeSample(*state[0], code, coefficient[0]);
++ newSample = decodeSample(*state[0], code, coefficient[0], &ok);
++ if (!ok) return 0;
+ *decoded++ = newSample;
+
+ code = *encoded & 0x0f;
+- newSample = decodeSample(*state[1], code, coefficient[1]);
++ newSample = decodeSample(*state[1], code, coefficient[1], &ok);
++ if (!ok) return 0;
+ *decoded++ = newSample;
+
+ encoded++;
+--
+2.11.0
+
+From 7d65f89defb092b63bcbc5d98349fb222ca73b3c Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 13:54:52 +0100
+Subject: [PATCH] Check for multiplication overflow in sfconvert
+
+Checks that a multiplication doesn't overflow when
+calculating the buffer size, and if it overflows,
+reduce the buffer size instead of failing.
+
+This fixes the 00192-audiofile-signintoverflow-sfconvert case
+in #41
+---
+ sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++--
+ 1 file changed, 32 insertions(+), 2 deletions(-)
+
+diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c
+index 80a1bc4..970a3e4 100644
+--- a/sfcommands/sfconvert.c
++++ b/sfcommands/sfconvert.c
+@@ -45,6 +45,33 @@ void printusage (void);
+ void usageerror (void);
+ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid);
+
++int firstBitSet(int x)
++{
++ int position=0;
++ while (x!=0)
++ {
++ x>>=1;
++ ++position;
++ }
++ return position;
++}
++
++#ifndef __has_builtin
++#define __has_builtin(x) 0
++#endif
++
++int multiplyCheckOverflow(int a, int b, int *result)
++{
++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
++ return __builtin_mul_overflow(a, b, result);
++#else
++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits
++ return true;
++ *result = a * b;
++ return false;
++#endif
++}
++
+ int main (int argc, char **argv)
+ {
+ if (argc == 2)
+@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid)
+ {
+ int frameSize = afGetVirtualFrameSize(infile, trackid, 1);
+
+- const int kBufferFrameCount = 65536;
+- void *buffer = malloc(kBufferFrameCount * frameSize);
++ int kBufferFrameCount = 65536;
++ int bufferSize;
++ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize))
++ kBufferFrameCount /= 2;
++ void *buffer = malloc(bufferSize);
+
+ AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK);
+ AFframecount totalFramesWritten = 0;
+--
+2.11.0
+
+From 25eb00ce913452c2e614548d7df93070bf0d066f Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Mon, 6 Mar 2017 18:02:31 +0100
+Subject: [PATCH] clamp index values to fix index overflow in IMA.cpp
+
+This fixes #33
+(also reported at https://bugzilla.opensuse.org/show_bug.cgi?id=1026981
+and https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/)
+---
+ libaudiofile/modules/IMA.cpp | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libaudiofile/modules/IMA.cpp b/libaudiofile/modules/IMA.cpp
+index 7476d44..df4aad6 100644
+--- a/libaudiofile/modules/IMA.cpp
++++ b/libaudiofile/modules/IMA.cpp
+@@ -169,7 +169,7 @@ int IMA::decodeBlockWAVE(const uint8_t *encoded, int16_t *decoded)
+ if (encoded[1] & 0x80)
+ m_adpcmState[c].previousValue -= 0x10000;
+
+- m_adpcmState[c].index = encoded[2];
++ m_adpcmState[c].index = clamp(encoded[2], 0, 88);
+
+ *decoded++ = m_adpcmState[c].previousValue;
+
+@@ -210,7 +210,7 @@ int IMA::decodeBlockQT(const uint8_t *encoded, int16_t *decoded)
+ predictor -= 0x10000;
+
+ state.previousValue = clamp(predictor, MIN_INT16, MAX_INT16);
+- state.index = encoded[1] & 0x7f;
++ state.index = clamp(encoded[1] & 0x7f, 0, 88);
+ encoded += 2;
+
+ for (int n=0; n<m_framesPerPacket; n+=2)
+--
+2.11.0
+
+From ce536d707b8e2a26baca77320398c45238224ca7 Mon Sep 17 00:00:00 2001
+From: Antonio Larrosa <larrosa@kde.org>
+Date: Fri, 10 Mar 2017 15:40:02 +0100
+Subject: [PATCH] Fix signature of multiplyCheckOverflow. It returns a bool,
+ not an int
+
+---
+ libaudiofile/modules/MSADPCM.cpp | 2 +-
+ sfcommands/sfconvert.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libaudiofile/modules/MSADPCM.cpp b/libaudiofile/modules/MSADPCM.cpp
+index ef9c38c..d8c9553 100644
+--- a/libaudiofile/modules/MSADPCM.cpp
++++ b/libaudiofile/modules/MSADPCM.cpp
+@@ -116,7 +116,7 @@ int firstBitSet(int x)
+ #define __has_builtin(x) 0
+ #endif
+
+-int multiplyCheckOverflow(int a, int b, int *result)
++bool multiplyCheckOverflow(int a, int b, int *result)
+ {
+ #if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
+ return __builtin_mul_overflow(a, b, result);
+diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c
+index 970a3e4..367f7a5 100644
+--- a/sfcommands/sfconvert.c
++++ b/sfcommands/sfconvert.c
+@@ -60,7 +60,7 @@ int firstBitSet(int x)
+ #define __has_builtin(x) 0
+ #endif
+
+-int multiplyCheckOverflow(int a, int b, int *result)
++bool multiplyCheckOverflow(int a, int b, int *result)
+ {
+ #if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow))
+ return __builtin_mul_overflow(a, b, result);
+--
+2.11.0
+
diff --git a/packages/media-libs/audiofile/files/audiofile-0.3.6-CVE-2018-13440-CVE-2018-17095.patch b/packages/media-libs/audiofile/files/audiofile-0.3.6-CVE-2018-13440-CVE-2018-17095.patch
new file mode 100644
index 00000000..e16c7fa7
--- /dev/null
+++ b/packages/media-libs/audiofile/files/audiofile-0.3.6-CVE-2018-13440-CVE-2018-17095.patch
@@ -0,0 +1,82 @@
+Source/Upstream: Reported, https://github.com/mpruett/audiofile/pull/52
+Reason: Fixes for CVE-2018-13440 and CVE-2018-17095
+
+These are the same used in Fedora.
+
+From fde6d79fb8363c4a329a184ef0b107156602b225 Mon Sep 17 00:00:00 2001
+From: Wim Taymans <wtaymans@redhat.com>
+Date: Thu, 27 Sep 2018 10:48:45 +0200
+Subject: [PATCH 1/3] ModuleState: handle compress/decompress init failure
+
+When the unit initcompress or initdecompress function fails,
+m_fileModule is NULL. Return AF_FAIL in that case instead of
+causing NULL pointer dereferences later.
+
+Fixes #49
+---
+ libaudiofile/modules/ModuleState.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libaudiofile/modules/ModuleState.cpp b/libaudiofile/modules/ModuleState.cpp
+index 0c29d7a..070fd9b 100644
+--- a/libaudiofile/modules/ModuleState.cpp
++++ b/libaudiofile/modules/ModuleState.cpp
+@@ -75,6 +75,9 @@ status ModuleState::initFileModule(AFfilehandle file, Track *track)
+ m_fileModule = unit->initcompress(track, file->m_fh, file->m_seekok,
+ file->m_fileFormat == AF_FILE_RAWDATA, &chunkFrames);
+
++ if (!m_fileModule)
++ return AF_FAIL;
++
+ if (unit->needsRebuffer)
+ {
+ assert(unit->nativeSampleFormat == AF_SAMPFMT_TWOSCOMP);
+
+From 941774c8c0e79007196d7f1e7afdc97689f869b3 Mon Sep 17 00:00:00 2001
+From: Wim Taymans <wtaymans@redhat.com>
+Date: Thu, 27 Sep 2018 12:09:45 +0200
+Subject: [PATCH 2/3] ALAC: set chunk frameCount to 0 on short read
+
+---
+ libaudiofile/modules/ALAC.cpp | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/libaudiofile/modules/ALAC.cpp b/libaudiofile/modules/ALAC.cpp
+index 7593c11..478e2af 100644
+--- a/libaudiofile/modules/ALAC.cpp
++++ b/libaudiofile/modules/ALAC.cpp
+@@ -240,6 +240,7 @@ void ALAC::runPull()
+ if (read(m_inChunk->buffer, bytesPerPacket) < bytesPerPacket)
+ {
+ reportReadError(0, m_track->f.framesPerPacket);
++ m_outChunk->frameCount = 0;
+ return;
+ }
+
+
+From 822b732fd31ffcb78f6920001e9b1fbd815fa712 Mon Sep 17 00:00:00 2001
+From: Wim Taymans <wtaymans@redhat.com>
+Date: Thu, 27 Sep 2018 12:11:12 +0200
+Subject: [PATCH 3/3] SimpleModule: set output chunk framecount after pull
+
+After pulling the data, set the output chunk to the amount of
+frames we pulled so that the next module in the chain has the correct
+frame count.
+
+Fixes #50 and #51
+---
+ libaudiofile/modules/SimpleModule.cpp | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/libaudiofile/modules/SimpleModule.cpp b/libaudiofile/modules/SimpleModule.cpp
+index 2bae1eb..e87932c 100644
+--- a/libaudiofile/modules/SimpleModule.cpp
++++ b/libaudiofile/modules/SimpleModule.cpp
+@@ -26,6 +26,7 @@
+ void SimpleModule::runPull()
+ {
+ pull(m_outChunk->frameCount);
++ m_outChunk->frameCount = m_inChunk->frameCount;
+ run(*m_inChunk, *m_outChunk);
+ }
+
diff --git a/packages/media-libs/faudio/faudio-20.10.exheres-0 b/packages/media-libs/faudio/faudio-20.11.exheres-0
index 8a73d481..8a73d481 100644
--- a/packages/media-libs/faudio/faudio-20.10.exheres-0
+++ b/packages/media-libs/faudio/faudio-20.11.exheres-0
diff --git a/packages/media-libs/ilmbase/files/ilmbase-2.0.1-no_undefined.patch b/packages/media-libs/ilmbase/files/ilmbase-2.0.1-no_undefined.patch
deleted file mode 100644
index 72b87c1e..00000000
--- a/packages/media-libs/ilmbase/files/ilmbase-2.0.1-no_undefined.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-Source: Arch, https://git.archlinux.org/svntogit/packages.git/tree/trunk/ilmbase-2.0.1-no_undefined.patch?h=packages/ilmbase
-Upstream: submitted, https://github.com/openexr/openexr/issues/282
-
-diff -up ilmbase-2.0.1/IlmThread/Makefile.am.no_undefined ilmbase-2.0.1/IlmThread/Makefile.am
---- ilmbase-2.0.1/IlmThread/Makefile.am.no_undefined 2013-06-18 14:51:38.000000000 -0500
-+++ ilmbase-2.0.1/IlmThread/Makefile.am 2013-08-28 21:04:25.793391766 -0500
-@@ -14,7 +14,7 @@ libIlmThread_la_LDFLAGS = -version-info
- if LIB_SUFFIX_EXISTS
- libIlmThread_la_LDFLAGS += -release @LIB_SUFFIX@
- endif
--libIlmThread_la_LIBADD = ../Iex/libIex.la
-+libIlmThread_la_LIBADD = ../Iex/libIex.la $(PTHREAD_LIBS)
-
- libIlmThreadincludedir = $(includedir)/OpenEXR
-
-diff -up ilmbase-2.0.1/IlmThread/Makefile.in.no_undefined ilmbase-2.0.1/IlmThread/Makefile.in
---- ilmbase-2.0.1/IlmThread/Makefile.in.no_undefined 2013-06-18 14:55:24.000000000 -0500
-+++ ilmbase-2.0.1/IlmThread/Makefile.in 2013-08-28 21:04:55.395049371 -0500
-@@ -253,7 +253,7 @@ libIlmThread_la_SOURCES = IlmThreadPool.
-
- libIlmThread_la_LDFLAGS = -version-info @LIBTOOL_VERSION@ \
- -no-undefined $(am__append_1)
--libIlmThread_la_LIBADD = ../Iex/libIex.la
-+libIlmThread_la_LIBADD = ../Iex/libIex.la $(PTHREAD_LIBS)
- libIlmThreadincludedir = $(includedir)/OpenEXR
- libIlmThreadinclude_HEADERS = IlmThreadPool.h IlmThread.h \
- IlmThreadSemaphore.h IlmThreadMutex.h \
diff --git a/packages/media-libs/ilmbase/ilmbase-2.3.0.exheres-0 b/packages/media-libs/ilmbase/ilmbase-2.3.0.exheres-0
deleted file mode 100644
index 52e7490e..00000000
--- a/packages/media-libs/ilmbase/ilmbase-2.3.0.exheres-0
+++ /dev/null
@@ -1,26 +0,0 @@
-# Copyright 2008 Thomas Anderson
-# Distributed under the terms of the GNU General Public License v2
-
-require github [ user=openexr project=openexr release=v${PV} suffix=tar.gz ] \
- autotools [ supported_autoconf=[ 2.5 ] supported_automake=[ 1.16 ] ]
-
-SUMMARY="ILM Base libraries for OpenEXR"
-HOMEPAGE+=" https://www.openexr.com"
-
-LICENCES="BSD-3"
-SLOT="0"
-PLATFORMS="~amd64 ~x86"
-MYOPTIONS=""
-
-DEPENDENCIES=""
-
-AT_M4DIR=( m4 )
-
-DEFAULT_SRC_PREPARE_PATCHES=( "${FILES}"/ilmbase-2.0.1-no_undefined.patch )
-
-DEFAULT_SRC_CONFIGURE_PARAMS=( --disable-static )
-
-# Needed because libtool is being libtool
-# https://bugzilla.redhat.com/show_bug.cgi?id=661333
-DEFAULT_SRC_COMPILE_PARAMS=( PTHREAD_LIBS="-pthread -lpthread" )
-
diff --git a/packages/media-libs/ilmbase/ilmbase-2.5.3.exheres-0 b/packages/media-libs/ilmbase/ilmbase-2.5.3.exheres-0
new file mode 100644
index 00000000..4a9c3c4a
--- /dev/null
+++ b/packages/media-libs/ilmbase/ilmbase-2.5.3.exheres-0
@@ -0,0 +1,29 @@
+# Copyright 2008 Thomas Anderson
+# Distributed under the terms of the GNU General Public License v2
+
+require github [ user=openexr project=openexr tag=v${PV} ] \
+ cmake
+
+SUMMARY="ILM Base libraries for OpenEXR"
+HOMEPAGE+=" https://www.openexr.com"
+
+LICENCES="BSD-3"
+SLOT="0"
+PLATFORMS="~amd64 ~x86"
+MYOPTIONS=""
+
+DEPENDENCIES=""
+
+CMAKE_SOURCE=${WORKBASE}/openexr-${PV}/IlmBase
+
+CMAKE_SRC_CONFIGURE_PARAMS=(
+ -DBUILD_SHARED_LIBS:BOOL=TRUE
+ -DILMBASE_BUILD_BOTH_STATIC_SHARED:BOOL=FALSE
+ -DILMBASE_ENABLE_LARGE_STACK:BOOL=FALSE
+ -DILMBASE_INSTALL_PKG_CONFIG:BOOL=TRUE
+)
+
+CMAKE_SRC_CONFIGURE_TESTS=(
+ '-DBUILD_TESTING:BOOL=TRUE -DBUILD_TESTING:BOOL=FALSE'
+)
+
diff --git a/packages/media-libs/libass/libass-0.14.0.exheres-0 b/packages/media-libs/libass/libass-0.15.0.exheres-0
index 47c3f84f..7a9337a5 100644
--- a/packages/media-libs/libass/libass-0.14.0.exheres-0
+++ b/packages/media-libs/libass/libass-0.15.0.exheres-0
@@ -21,6 +21,12 @@ MYOPTIONS="
platform: amd64 x86
"
+# fail to build, last checked: 0.15.0
+RESTRICT="test"
+
+# TODO: add once tests are working
+# build+test:
+# media-libs/libpng:=[>=1.2.0]
DEPENDENCIES="
build:
virtual/pkg-config[>=0.9.0]
@@ -29,12 +35,11 @@ DEPENDENCIES="
build+run:
dev-libs/fribidi[>=0.19.0]
media-libs/freetype:2[>=2.2.0]
- x11-libs/harfbuzz[>=0.9.5]
+ x11-libs/harfbuzz[>=1.2.3]
fontconfig? ( media-libs/fontconfig[>=2.10.92] )
"
DEFAULT_SRC_CONFIGURE_PARAMS=(
- --enable-harfbuzz
--disable-coretext
--disable-directwrite
--disable-static
@@ -45,4 +50,8 @@ DEFAULT_SRC_CONFIGURE_OPTION_ENABLES=(
'platform:amd64 asm'
'platform:x86 asm'
)
+DEFAULT_SRC_CONFIGURE_TESTS=(
+ '--enable-compare --disable-compare'
+ '--enable-test --disable-test'
+)
diff --git a/packages/media-libs/libde265/libde265-1.0.7.exheres-0 b/packages/media-libs/libde265/libde265-1.0.8.exheres-0
index ec564ee0..ec564ee0 100644
--- a/packages/media-libs/libde265/libde265-1.0.7.exheres-0
+++ b/packages/media-libs/libde265/libde265-1.0.8.exheres-0
diff --git a/packages/media-libs/libexif/files/libexif-0.6.22-fixed-a-incorrect-overflow-check-that-could-be-optim.patch b/packages/media-libs/libexif/files/libexif-0.6.22-fixed-a-incorrect-overflow-check-that-could-be-optim.patch
new file mode 100644
index 00000000..a3e21dee
--- /dev/null
+++ b/packages/media-libs/libexif/files/libexif-0.6.22-fixed-a-incorrect-overflow-check-that-could-be-optim.patch
@@ -0,0 +1,37 @@
+Upstream: yes
+Reason: CVE 2020-0452
+
+From 9266d14b5ca4e29b970fa03272318e5f99386e06 Mon Sep 17 00:00:00 2001
+From: Marcus Meissner <marcus@jet.franken.de>
+Date: Thu, 5 Nov 2020 09:50:08 +0100
+Subject: [PATCH] fixed a incorrect overflow check that could be optimized
+ away.
+
+inspired by:
+https://android.googlesource.com/platform/external/libexif/+/8e7345f3bc0bad06ac369d6cbc1124c8ceaf7d4b
+
+https://source.android.com/security/bulletin/2020-11-01
+
+CVE-2020-0452
+---
+ libexif/exif-entry.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libexif/exif-entry.c b/libexif/exif-entry.c
+index 3fc0ff9..4b866ce 100644
+--- a/libexif/exif-entry.c
++++ b/libexif/exif-entry.c
+@@ -1371,8 +1371,8 @@ exif_entry_get_value (ExifEntry *e, char *val, unsigned int maxlen)
+ {
+ unsigned char *utf16;
+
+- /* Sanity check the size to prevent overflow */
+- if (e->size+sizeof(uint16_t)+1 < e->size) break;
++ /* Sanity check the size to prevent overflow. Note EXIF files are 64kb at most. */
++ if (e->size >= 65536 - sizeof(uint16_t)*2) break;
+
+ /* The tag may not be U+0000-terminated , so make a local
+ U+0000-terminated copy before converting it */
+--
+2.29.2
+
diff --git a/packages/media-libs/libexif/files/libexif-0.6.22-fixed-another-unsigned-integer-overflow.patch b/packages/media-libs/libexif/files/libexif-0.6.22-fixed-another-unsigned-integer-overflow.patch
new file mode 100644
index 00000000..164ce282
--- /dev/null
+++ b/packages/media-libs/libexif/files/libexif-0.6.22-fixed-another-unsigned-integer-overflow.patch
@@ -0,0 +1,64 @@
+Upstream: yes
+Reason: CVE-2020-0198
+
+From ce03ad7ef4e8aeefce79192bf5b6f69fae396f0c Mon Sep 17 00:00:00 2001
+From: Marcus Meissner <marcus@jet.franken.de>
+Date: Mon, 8 Jun 2020 17:27:06 +0200
+Subject: [PATCH] fixed another unsigned integer overflow
+
+first fixed by google in android fork,
+https://android.googlesource.com/platform/external/libexif/+/1e187b62682ffab5003c702657d6d725b4278f16%5E%21/#F0
+
+(use a more generic overflow check method, also check second overflow instance.)
+
+https://security-tracker.debian.org/tracker/CVE-2020-0198
+---
+ libexif/exif-data.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/libexif/exif-data.c b/libexif/exif-data.c
+index 8b280d3..b495726 100644
+--- a/libexif/exif-data.c
++++ b/libexif/exif-data.c
+@@ -47,6 +47,8 @@
+ #undef JPEG_MARKER_APP1
+ #define JPEG_MARKER_APP1 0xe1
+
++#define CHECKOVERFLOW(offset,datasize,structsize) (( offset >= datasize) || (structsize > datasize) || (offset > datasize - structsize ))
++
+ static const unsigned char ExifHeader[] = {0x45, 0x78, 0x69, 0x66, 0x00, 0x00};
+
+ struct _ExifDataPrivate
+@@ -327,7 +329,7 @@ exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d,
+ exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail offset (%u).", o);
+ return;
+ }
+- if (s > ds - o) {
++ if (CHECKOVERFLOW(o,ds,s)) {
+ exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail size (%u), max would be %u.", s, ds-o);
+ return;
+ }
+@@ -420,9 +422,9 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
+ }
+
+ /* Read the number of entries */
+- if ((offset + 2 < offset) || (offset + 2 < 2) || (offset + 2 > ds)) {
++ if (CHECKOVERFLOW(offset, ds, 2)) {
+ exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData",
+- "Tag data past end of buffer (%u > %u)", offset+2, ds);
++ "Tag data past end of buffer (%u+2 > %u)", offset, ds);
+ return;
+ }
+ n = exif_get_short (d + offset, data->priv->order);
+@@ -431,7 +433,7 @@ exif_data_load_data_content (ExifData *data, ExifIfd ifd,
+ offset += 2;
+
+ /* Check if we have enough data. */
+- if (offset + 12 * n > ds) {
++ if (CHECKOVERFLOW(offset, ds, 12*n)) {
+ n = (ds - offset) / 12;
+ exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
+ "Short data; only loading %hu entries...", n);
+--
+2.29.2
+
diff --git a/packages/media-libs/libexif/libexif-0.6.22.exheres-0 b/packages/media-libs/libexif/libexif-0.6.22-r1.exheres-0
index 23be133a..07780c51 100644
--- a/packages/media-libs/libexif/libexif-0.6.22.exheres-0
+++ b/packages/media-libs/libexif/libexif-0.6.22-r1.exheres-0
@@ -22,6 +22,11 @@ DEPENDENCIES="
doc? ( app-doc/doxygen )
"
+DEFAULT_SRC_PREPARE_PATCHES=(
+ "${FILES}"/${PNV}-fixed-another-unsigned-integer-overflow.patch
+ "${FILES}"/${PNV}-fixed-a-incorrect-overflow-check-that-could-be-optim.patch
+)
+
DEFAULT_SRC_CONFIGURE_PARAMS=(
--enable-nls
--disable-static
diff --git a/packages/media-libs/openexr/openexr-2.3.0.exheres-0 b/packages/media-libs/openexr/openexr-2.3.0.exheres-0
deleted file mode 100644
index 667407ff..00000000
--- a/packages/media-libs/openexr/openexr-2.3.0.exheres-0
+++ /dev/null
@@ -1,85 +0,0 @@
-# Copyright 2008 Thomas Anderson
-# Distributed under the terms of the GNU General Public License v2
-# Based in part upon 'openexr-1.6.1.ebuild' which is:
-# Copyright 1999-2008 Gentoo Foundation
-
-require github [ release=v${PV} suffix=tar.gz ] \
- toolchain-funcs \
- autotools [ supported_autoconf=[ 2.5 ] supported_automake=[ 1.16 ] ]
-
-SUMMARY="High dynamic-range image file format library"
-HOMEPAGE+=" https://www.${PN}.com/"
-
-LICENCES="BSD-3"
-SLOT="0"
-PLATFORMS="~amd64 ~x86"
-MYOPTIONS="examples"
-
-# Some example files are missing from the tarball (e.g. comp_dwaa_v1.exr)
-# https://lists.gnu.org/archive/html/openexr-devel/2014-08/msg00022.html
-RESTRICT="test"
-
-DEPENDENCIES="
- build:
- virtual/pkg-config
- build+run:
- media-libs/ilmbase[>=${PV}]
- sys-libs/zlib
-"
-
-AT_M4DIR=( m4 )
-
-DEFAULT_SRC_PREPARE_PATCHES=(
- "${FILES}"/${PN}-2.3.0-Fix-build-when-updating-from-an-older-version.patch
-)
-
-DEFAULT_SRC_CONFIGURE_PARAMS=(
- # TODO: perhaps enable via expensive_tests
- --disable-imfhugetest
- --disable-imffuzztest
- --disable-static
-)
-DEFAULT_SRC_CONFIGURE_OPTION_ENABLES=(
- 'examples imfexamples'
-)
-
-DEFAULT_SRC_INSTALL_PARAMS=(
- docdir=/usr/share/doc/${PNVR}
- examplesdir=/usr/share/doc/${PNVR}/examples
-)
-
-openexr-cc_define_enable() {
- cc-has-defined ${1} && echo --enable-${2} || echo --disable-${2}
-}
-
-src_prepare() {
- autotools_src_prepare
-
- edo sed -e 's:"/var/tmp/":"'"${TEMP}"'":' -i IlmImfTest/tmpDir.h
-}
-
-src_configure() {
- local myconf=(
- "${DEFAULT_SRC_CONFIGURE_PARAMS[@]}" \
- $(for s in "${DEFAULT_SRC_CONFIGURE_OPTION_ENABLES[@]}" ; do \
- option_enable ${s} ; \
- done )
- )
-
- myconf+=(
- $(openexr-cc_define_enable __AVX__ avx)
- )
-
- econf "${myconf[@]}"
-}
-
-src_install() {
- default
-
- if option examples; then
- dobin IlmImfExamples/imfexamples
- else
- edo rm -r "${IMAGE}"/usr/share/doc/${PNVR}/examples
- fi
-}
-
diff --git a/packages/media-libs/openexr/openexr-2.5.3.exheres-0 b/packages/media-libs/openexr/openexr-2.5.3.exheres-0
new file mode 100644
index 00000000..0b0d3093
--- /dev/null
+++ b/packages/media-libs/openexr/openexr-2.5.3.exheres-0
@@ -0,0 +1,47 @@
+# Copyright 2008 Thomas Anderson
+# Distributed under the terms of the GNU General Public License v2
+# Based in part upon 'openexr-1.6.1.ebuild' which is:
+# Copyright 1999-2008 Gentoo Foundation
+
+require github [ tag=v${PV} ] \
+ cmake
+
+SUMMARY="High dynamic-range image file format library"
+HOMEPAGE+=" https://www.${PN}.com/"
+
+LICENCES="BSD-3"
+SLOT="0"
+PLATFORMS="~amd64 ~x86"
+MYOPTIONS="
+ doc
+ examples
+"
+
+DEPENDENCIES="
+ build:
+ virtual/pkg-config
+ build+run:
+ media-libs/ilmbase[>=${PV}]
+ sys-libs/zlib
+"
+
+CMAKE_SOURCE=${WORKBASE}/${PNV}/OpenEXR
+
+CMAKE_SRC_CONFIGURE_PARAMS=(
+ -DBUILD_SHARED_LIBS:BOOL=TRUE
+ -DCMAKE_INSTALL_DOCDIR:PATH=/usr/share/doc/${PNVR}
+ -DOPENEXR_BUILD_BOTH_STATIC_SHARED:BOOL=FALSE
+ -DOPENEXR_BUILD_UTILS:BOOL=TRUE
+ -DOPENEXR_INSTALL_PKG_CONFIG:BOOL=TRUE
+)
+
+CMAKE_SRC_CONFIGURE_OPTIONS=(
+ 'doc INSTALL_OPENEXR_DOCS'
+ 'examples INSTALL_OPENEXR_EXAMPLES'
+)
+
+CMAKE_SRC_CONFIGURE_TESTS=(
+ '-DBUILD_TESTING:BOOL=TRUE -DBUILD_TESTING:BOOL=FALSE'
+ -DOPENEXR_RUN_FUZZ_TESTS:BOOL=FALSE
+)
+