pool/gimp
SHA256
6
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 499883 from graphics

Browse Source 
drop mypaint support until it is in Factory

OBS-URL: https://build.opensuse.org/request/show/499883
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gimp?expand=0&rev=99
This commit is contained in:
Dominique Leuenberger 2017-05-31 10:11:51 +00:00 committed by Git OBS Bridge
commit bfc19280f2
6 changed files with 31 additions and 330 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
gimp-2.8.20.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:939ca1df70be865c672ffd654f4e20f188121d01601c5c90237214101533c805
size 20853324

3
gimp-2.8.22.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9187a35cc52b110d78124d7b27b68a68ade14a794c2721314bac6134d2a5638a
size 20873278

293
gimp-bgo773233-CVE-2007-3126.patch
View File

@ -1,293 +0,0 @@
From 323ecb73f7bf36788fb7066eb2d6678830cd5de7 Mon Sep 17 00:00:00 2001
From: Michael Natterer <mitch@gimp.org>
Date: Sun, 6 Nov 2016 21:34:43 +0100
Subject: Bug 773233 - CVE-2007-3126 - Gimp 2.3.14 allows context-dependent
attackers...
...to cause a denial of service (crash) via an ICO file with an
InfoHeader containing a Height of zero
Add some error handling to ico-load.c and bail out on zero width or height
icons. Also some formatting cleanup.
(cherry picked from commit 46bcd82800e37b0f5aead76184430ef2fe802748)
---
plug-ins/file-ico/ico-load.c | 103 ++++++++++++++++++++++++++-----------------
1 file changed, 62 insertions(+), 41 deletions(-)
diff --git a/plug-ins/file-ico/ico-load.c b/plug-ins/file-ico/ico-load.c
index fde543a..0075eab 100644
--- a/plug-ins/file-ico/ico-load.c
+++ b/plug-ins/file-ico/ico-load.c
@@ -124,15 +124,17 @@ static guint32
ico_read_init (FILE *fp)
{
IcoFileHeader header;
+
/* read and check file header */
- if (!ico_read_int16 (fp, &header.reserved, 1)
- || !ico_read_int16 (fp, &header.resource_type, 1)
- || !ico_read_int16 (fp, &header.icon_count, 1)
- || header.reserved != 0
- || header.resource_type != 1)
+ if (! ico_read_int16 (fp, &header.reserved, 1) ||
+ ! ico_read_int16 (fp, &header.resource_type, 1) ||
+ ! ico_read_int16 (fp, &header.icon_count, 1) ||
+ header.reserved != 0 ||
+ header.resource_type != 1)
{
return 0;
}
+
return header.icon_count;
}
@@ -148,22 +150,25 @@ ico_read_size (FILE *fp,
gint32 color_type;
guint32 magic;
- if ( fseek (fp, info->offset, SEEK_SET) < 0 )
+ if (fseek (fp, info->offset, SEEK_SET) < 0)
return FALSE;
ico_read_int32 (fp, &magic, 1);
+
if (magic == ICO_PNG_MAGIC)
{
png_ptr = png_create_read_struct (PNG_LIBPNG_VER_STRING, NULL, NULL,
NULL);
- if (! png_ptr )
+ if (! png_ptr)
return FALSE;
+
info_ptr = png_create_info_struct (png_ptr);
- if (! info_ptr )
+ if (! info_ptr)
{
png_destroy_read_struct (&png_ptr, NULL, NULL);
return FALSE;
}
+
if (setjmp (png_jmpbuf (png_ptr)))
{
png_destroy_read_struct (&png_ptr, NULL, NULL);
@@ -182,8 +187,8 @@ ico_read_size (FILE *fp,
}
else if (magic == 40)
{
- if (ico_read_int32 (fp, &info->width, 1)
- && ico_read_int32 (fp, &info->height, 1))
+ if (ico_read_int32 (fp, &info->width, 1) &&
+ ico_read_int32 (fp, &info->height, 1))
{
info->height /= 2;
D(("ico_read_size: ICO: %ix%i\n", info->width, info->height));
@@ -200,8 +205,9 @@ ico_read_size (FILE *fp,
}
static IcoLoadInfo*
-ico_read_info (FILE *fp,
- gint icon_count)
+ico_read_info (FILE *fp,
+ gint icon_count,
+ GError **error)
{
gint i;
IcoFileEntry *entries;
@@ -209,8 +215,11 @@ ico_read_info (FILE *fp,
/* read icon entries */
entries = g_new (IcoFileEntry, icon_count);
- if ( fread (entries, sizeof(IcoFileEntry), icon_count, fp) <= 0 )
+ if (fread (entries, sizeof (IcoFileEntry), icon_count, fp) <= 0)
{
+ g_set_error (error, G_FILE_ERROR, 0,
+ _("Could not read '%lu' bytes"),
+ sizeof (IcoFileEntry));
g_free (entries);
return NULL;
}
@@ -218,23 +227,33 @@ ico_read_info (FILE *fp,
info = g_new (IcoLoadInfo, icon_count);
for (i = 0; i < icon_count; i++)
{
- info[i].width = entries[i].width;
+ info[i].width = entries[i].width;
info[i].height = entries[i].height;
- info[i].bpp = GUINT16_FROM_LE (entries[i].bpp);
- info[i].size = GUINT32_FROM_LE (entries[i].size);
+ info[i].bpp = GUINT16_FROM_LE (entries[i].bpp);
+ info[i].size = GUINT32_FROM_LE (entries[i].size);
info[i].offset = GUINT32_FROM_LE (entries[i].offset);
if (info[i].width == 0 || info[i].height == 0)
{
- ico_read_size (fp, info+i);
+ ico_read_size (fp, info + i);
}
D(("ico_read_info: %ix%i (%i bits, size: %i, offset: %i)\n",
info[i].width, info[i].height, info[i].bpp,
info[i].size, info[i].offset));
+
+ if (info[i].width == 0 || info[i].height == 0)
+ {
+ g_set_error (error, G_FILE_ERROR, 0,
+ _("Icon #%d has zero width or height"), i);
+ g_free (info);
+ g_free (entries);
+ return NULL;
+ }
}
g_free (entries);
+
return info;
}
@@ -256,10 +275,10 @@ ico_read_png (FILE *fp,
gint i;
png_ptr = png_create_read_struct (PNG_LIBPNG_VER_STRING, NULL, NULL, NULL);
- if (! png_ptr )
+ if (! png_ptr)
return FALSE;
info = png_create_info_struct (png_ptr);
- if (! info )
+ if (! info)
{
png_destroy_read_struct (&png_ptr, NULL, NULL);
return FALSE;
@@ -287,14 +306,14 @@ ico_read_png (FILE *fp,
{
case PNG_COLOR_TYPE_GRAY:
png_set_expand_gray_1_2_4_to_8 (png_ptr);
- if ( bit_depth == 16 )
+ if (bit_depth == 16)
png_set_strip_16 (png_ptr);
png_set_gray_to_rgb (png_ptr);
png_set_add_alpha (png_ptr, 0xff, PNG_FILLER_AFTER);
break;
case PNG_COLOR_TYPE_GRAY_ALPHA:
png_set_expand_gray_1_2_4_to_8 (png_ptr);
- if ( bit_depth == 16 )
+ if (bit_depth == 16)
png_set_strip_16 (png_ptr);
png_set_gray_to_rgb (png_ptr);
break;
@@ -427,16 +446,18 @@ ico_read_icon (FILE *fp,
data.planes, data.image_size, data.bpp,
data.used_clrs, data.important_clrs));
- if (data.planes != 1
- || data.compression != 0)
+ if (data.planes != 1 ||
+ data.compression != 0)
{
D(("skipping image: invalid header\n"));
return FALSE;
}
- if (data.bpp != 1 && data.bpp != 4
- && data.bpp != 8 && data.bpp != 24
- && data.bpp != 32)
+ if (data.bpp != 1 &&
+ data.bpp != 4 &&
+ data.bpp != 8 &&
+ data.bpp != 24 &&
+ data.bpp != 32)
{
D(("skipping image: invalid depth: %i\n", data.bpp));
return FALSE;
@@ -591,8 +612,8 @@ ico_load_layer (FILE *fp,
GimpPixelRgn pixel_rgn;
gchar buf [ICO_MAXBUF];
- if ( fseek (fp, info->offset, SEEK_SET) < 0
- || !ico_read_int32 (fp, &first_bytes, 1) )
+ if (fseek (fp, info->offset, SEEK_SET) < 0 ||
+ ! ico_read_int32 (fp, &first_bytes, 1))
return -1;
if (first_bytes == ICO_PNG_MAGIC)
@@ -645,7 +666,7 @@ ico_load_image (const gchar *filename,
gimp_filename_to_utf8 (filename));
fp = g_fopen (filename, "rb");
- if (! fp )
+ if (! fp)
{
g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errno),
_("Could not open '%s' for reading: %s"),
@@ -660,8 +681,8 @@ ico_load_image (const gchar *filename,
return -1;
}
- info = ico_read_info (fp, icon_count);
- if (!info)
+ info = ico_read_info (fp, icon_count, error);
+ if (! info)
{
fclose (fp);
return -1;
@@ -672,12 +693,12 @@ ico_load_image (const gchar *filename,
max_height = 0;
for (i = 0; i < icon_count; i++)
{
- if ( info[i].width > max_width )
+ if (info[i].width > max_width)
max_width = info[i].width;
- if ( info[i].height > max_height )
+ if (info[i].height > max_height)
max_height = info[i].height;
}
- if ( max_width <= 0 || max_height <= 0 )
+ if (max_width <= 0 || max_height <= 0)
{
g_free (info);
fclose (fp);
@@ -723,7 +744,7 @@ ico_load_thumbnail_image (const gchar *filename,
gimp_filename_to_utf8 (filename));
fp = g_fopen (filename, "rb");
- if (! fp )
+ if (! fp)
{
g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errno),
_("Could not open '%s' for reading: %s"),
@@ -732,7 +753,7 @@ ico_load_thumbnail_image (const gchar *filename,
}
icon_count = ico_read_init (fp);
- if (! icon_count )
+ if (! icon_count)
{
fclose (fp);
return -1;
@@ -741,8 +762,8 @@ ico_load_thumbnail_image (const gchar *filename,
D(("*** %s: Microsoft icon file, containing %i icon(s)\n",
filename, icon_count));
- info = ico_read_info (fp, icon_count);
- if (! info )
+ info = ico_read_info (fp, icon_count, error);
+ if (! info)
{
fclose (fp);
return -1;
@@ -760,9 +781,9 @@ ico_load_thumbnail_image (const gchar *filename,
match = i;
}
- else if ( w == info[i].width
- && h == info[i].height
- && info[i].bpp > bpp )
+ else if (w == info[i].width &&
+ h == info[i].height &&
+ info[i].bpp > bpp)
{
/* better quality */
bpp = info[i].bpp;
--
cgit v0.12

27
gimp-fix-PDF-Import-filter-crash.patch
View File

@ -1,27 +0,0 @@
From abf4f7560bf9baecd9e111e47c7c82c50e813ef1 Mon Sep 17 00:00:00 2001
From: Massimo Valentini <mvalentini@src.gnome.org>
Date: Sun, 19 Feb 2017 21:01:49 +0100
Subject: Bug 593576 - PDF Import filter: crashes when importing large image
PDF or specifying high resolution
Manually committed to master as commit adae3882d2c9955f9dd62482f9bcdb8456679701 due to code changes there.
---
libgimp/gimplayer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libgimp/gimplayer.c b/libgimp/gimplayer.c
index af210a4..15367e7 100644
--- a/libgimp/gimplayer.c
+++ b/libgimp/gimplayer.c
@@ -236,7 +236,7 @@ gimp_layer_new_from_surface (gint32 image_ID,
cairo_format_t format;
gint width;
gint height;
- gint rowstride;
+ gsize rowstride;
gdouble range = progress_end - progress_start;
guint count = 0;
guint done = 0;
--
cgit v0.12

21
gimp.changes
View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Wed May 31 04:59:00 UTC 2017 - plinnell@opensuse.org
- drop mypaint until it is in Factory.
-------------------------------------------------------------------
Fri May 12 03:38:13 UTC 2017 - plinnell@opensuse.org
- update to 2.8.22
- drop upstream patches - now in the the source
- drop gimp-fix-PDF-Import-filter-crash.patch
- drop gimp-bgo773233-CVE-2007-3126.patch
- conditionalize mypaint support
- full change log:
https://git.gnome.org/browse/gimp/plain/NEWS?h=GIMP_2_8_22
-------------------------------------------------------------------
Sat Feb 25 10:45:30 UTC 2017 - mailaender@opensuse.org
- Build with libmypaint support.
-------------------------------------------------------------------
Tue Feb 21 11:25:43 UTC 2017 - zaitor@opensuse.org

14
gimp.spec
View File

@ -20,7 +20,7 @@
%global apiver 2.0
Name: gimp
Version: 2.8.20
Version: 2.8.22
Release: 0
Summary: The GNU Image Manipulation Program
License: GPL-3.0+
@ -28,10 +28,7 @@ Group: Productivity/Graphics/Bitmap Editors
Url: http://www.gimp.org/
Source: http://download.gimp.org/pub/gimp/v2.8/%{name}-%{version}.tar.bz2
Source1: macros.gimp
# PATCH-FIX-UPSTREAM gimp-bgo773233-CVE-2007-3126.patch bgo#773233 CVE-2007-3126 zaitor@opensuse.org -- Fix a crash
Patch0: gimp-bgo773233-CVE-2007-3126.patch
# PATCH-FIX-UPSTREAM gimp-fix-PDF-Import-filter-crash.patch bgo#593576 zaitor@opensuse.org -- Fix a crash when importing PDF's
Patch1: gimp-fix-PDF-Import-filter-crash.patch
# openSUSE palette file
Source2: openSUSE.gpl
Source99: baselibs.conf
@ -71,12 +68,16 @@ BuildRequires: pkgconfig(gudev-1.0) >= 167
BuildRequires: pkgconfig(lcms2) >= 2.2
BuildRequires: pkgconfig(libexif) >= 0.6.15
BuildRequires: pkgconfig(libpng) >= 1.2.37
BuildRequires: pkgconfig(pango) >= 1.29.4
BuildRequires: pkgconfig(poppler-glib) >= 0.12.4
BuildRequires: pkgconfig(xcursor)
BuildRequires: pkgconfig(xfixes)
BuildRequires: pkgconfig(xpm)
BuildRequires: pkgconfig(zlib)
#%%if 0%{?suse_version} > 1320
#BuildRequires: pkgconfig(libmypaint) >= 1.3
#%%endif
# Explicitly declare the libgimp versions for upgrade purposes
Requires: libgimp-2_0-0 = %{version}
Requires: libgimpui-2_0-0 = %{version}
@ -206,8 +207,7 @@ This package contains the help browser for the GIMP.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
translation-update-upstream
translation-update-upstream po-libgimp gimp20-libgimp
translation-update-upstream po-python gimp20-python