diff --git a/CVE-2016-10132.patch b/CVE-2016-10132.patch deleted file mode 100644 index 3b62168..0000000 --- a/CVE-2016-10132.patch +++ /dev/null @@ -1,178 +0,0 @@ -From fd003eceda531e13fbdd1aeb6e9c73156496e569 Mon Sep 17 00:00:00 2001 -From: Tor Andersson -Date: Fri, 2 Dec 2016 14:56:20 -0500 -Subject: [PATCH 1/1] Fix 697381: check allocation when compiling regular - expressions. - -Also use allocator callback function. ---- - jsgc.c | 2 +- - jsregexp.c | 2 +- - jsstate.c | 6 ------ - regexp.c | 45 +++++++++++++++++++++++++++++++++++---------- - regexp.h | 7 +++++++ - 5 files changed, 44 insertions(+), 18 deletions(-) - -diff --git a/jsgc.c b/jsgc.c -index 4f7e7dc..f80111e 100644 ---- a/jsgc.c -+++ b/jsgc.c -@@ -46,7 +46,7 @@ static void jsG_freeobject(js_State *J, js_Object *obj) - jsG_freeproperty(J, obj->head); - if (obj->type == JS_CREGEXP) { - js_free(J, obj->u.r.source); -- js_regfree(obj->u.r.prog); -+ js_regfreex(J->alloc, J->actx, obj->u.r.prog); - } - if (obj->type == JS_CITERATOR) - jsG_freeiterator(J, obj->u.iter.head); -diff --git a/jsregexp.c b/jsregexp.c -index a2d5156..7b09c06 100644 ---- a/jsregexp.c -+++ b/jsregexp.c -@@ -16,7 +16,7 @@ void js_newregexp(js_State *J, const char *pattern, int flags) - if (flags & JS_REGEXP_I) opts |= REG_ICASE; - if (flags & JS_REGEXP_M) opts |= REG_NEWLINE; - -- prog = js_regcomp(pattern, opts, &error); -+ prog = js_regcompx(J->alloc, J->actx, pattern, opts, &error); - if (!prog) - js_syntaxerror(J, "regular expression: %s", error); - -diff --git a/jsstate.c b/jsstate.c -index 638cab3..fd5bcf6 100644 ---- a/jsstate.c -+++ b/jsstate.c -@@ -9,12 +9,6 @@ - - static void *js_defaultalloc(void *actx, void *ptr, int size) - { -- if (size == 0) { -- free(ptr); -- return NULL; -- } -- if (!ptr) -- return malloc((size_t)size); - return realloc(ptr, (size_t)size); - } - -diff --git a/regexp.c b/regexp.c -index 9852be2..01c18a3 100644 ---- a/regexp.c -+++ b/regexp.c -@@ -807,23 +807,31 @@ static void dumpprog(Reprog *prog) - } - #endif - --Reprog *regcomp(const char *pattern, int cflags, const char **errorp) -+Reprog *regcompx(void *(*alloc)(void *ctx, void *p, int n), void *ctx, -+ const char *pattern, int cflags, const char **errorp) - { - struct cstate g; - Renode *node; - Reinst *split, *jump; - int i; - -- g.prog = malloc(sizeof (Reprog)); -- g.pstart = g.pend = malloc(sizeof (Renode) * strlen(pattern) * 2); -+ g.pstart = NULL; -+ g.prog = NULL; - - if (setjmp(g.kaboom)) { - if (errorp) *errorp = g.error; -- free(g.pstart); -- free(g.prog); -+ alloc(ctx, g.pstart, 0); -+ alloc(ctx, g.prog, 0); - return NULL; - } - -+ g.prog = alloc(ctx, NULL, sizeof (Reprog)); -+ if (!g.prog) -+ die(&g, "cannot allocate regular expression"); -+ g.pstart = g.pend = alloc(ctx, NULL, sizeof (Renode) * strlen(pattern) * 2); -+ if (!g.pstart) -+ die(&g, "cannot allocate regular expression parse list"); -+ - g.source = pattern; - g.ncclass = 0; - g.nsub = 1; -@@ -840,7 +848,9 @@ Reprog *regcomp(const char *pattern, int cflags, const char **errorp) - die(&g, "syntax error"); - - g.prog->nsub = g.nsub; -- g.prog->start = g.prog->end = malloc((count(node) + 6) * sizeof (Reinst)); -+ g.prog->start = g.prog->end = alloc(ctx, NULL, (count(node) + 6) * sizeof (Reinst)); -+ if (!g.prog->start) -+ die(&g, "cannot allocate regular expression instruction list"); - - split = emit(g.prog, I_SPLIT); - split->x = split + 3; -@@ -859,20 +869,35 @@ Reprog *regcomp(const char *pattern, int cflags, const char **errorp) - dumpprog(g.prog); - #endif - -- free(g.pstart); -+ alloc(ctx, g.pstart, 0); - - if (errorp) *errorp = NULL; - return g.prog; - } - --void regfree(Reprog *prog) -+void regfreex(void *(*alloc)(void *ctx, void *p, int n), void *ctx, Reprog *prog) - { - if (prog) { -- free(prog->start); -- free(prog); -+ alloc(ctx, prog->start, 0); -+ alloc(ctx, prog, 0); - } - } - -+static void *default_alloc(void *ctx, void *p, int n) -+{ -+ return realloc(p, (size_t)n); -+} -+ -+Reprog *regcomp(const char *pattern, int cflags, const char **errorp) -+{ -+ return regcompx(default_alloc, NULL, pattern, cflags, errorp); -+} -+ -+void regfree(Reprog *prog) -+{ -+ regfreex(default_alloc, NULL, prog); -+} -+ - /* Match */ - - static int isnewline(int c) -diff --git a/regexp.h b/regexp.h -index 4bb4615..6bb73e8 100644 ---- a/regexp.h -+++ b/regexp.h -@@ -1,6 +1,8 @@ - #ifndef regexp_h - #define regexp_h - -+#define regcompx js_regcompx -+#define regfreex js_regfreex - #define regcomp js_regcomp - #define regexec js_regexec - #define regfree js_regfree -@@ -8,6 +10,11 @@ - typedef struct Reprog Reprog; - typedef struct Resub Resub; - -+Reprog *regcompx(void *(*alloc)(void *ctx, void *p, int n), void *ctx, -+ const char *pattern, int cflags, const char **errorp); -+void regfreex(void *(*alloc)(void *ctx, void *p, int n), void *ctx, -+ Reprog *prog); -+ - Reprog *regcomp(const char *pattern, int cflags, const char **errorp); - int regexec(Reprog *prog, const char *string, Resub *sub, int eflags); - void regfree(Reprog *prog); --- -2.9.1 - diff --git a/CVE-2016-10133.patch b/CVE-2016-10133.patch deleted file mode 100644 index 36fad4b..0000000 --- a/CVE-2016-10133.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 77ab465f1c394bb77f00966cd950650f3f53cb24 Mon Sep 17 00:00:00 2001 -From: Tor Andersson -Date: Thu, 12 Jan 2017 14:47:01 +0100 -Subject: [PATCH 1/1] Fix 697401: Error when dropping extra arguments to - lightweight functions. - ---- - jsrun.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/jsrun.c b/jsrun.c -index ee80845..782a6f9 100644 ---- a/jsrun.c -+++ b/jsrun.c -@@ -937,7 +937,7 @@ static void jsR_calllwfunction(js_State *J, int n, js_Function *F, js_Environmen - jsR_savescope(J, scope); - - if (n > F->numparams) { -- js_pop(J, F->numparams - n); -+ js_pop(J, n - F->numparams); - n = F->numparams; - } - for (i = n; i < F->varlen; ++i) --- -2.9.1 - diff --git a/CVE-2016-10141.patch b/CVE-2016-10141.patch deleted file mode 100644 index a6b7508..0000000 --- a/CVE-2016-10141.patch +++ /dev/null @@ -1,103 +0,0 @@ -From fa3d30fd18c348bb4b1f3858fb860f4fcd4b2045 Mon Sep 17 00:00:00 2001 -From: Tor Andersson -Date: Thu, 12 Jan 2017 15:13:14 +0100 -Subject: [PATCH] Fix 697448: Limit the maximum program size to something - reasonable. - -A regular expression with lots of nested repetition can lead to -integer overflow when calculating the size of the program. - -Check max program size when counting the number of instructions required -for a loop, so we can bail before integer overflow can happen. ---- - regexp.c | 38 ++++++++++++++++++++++++-------------- - 1 file changed, 24 insertions(+), 14 deletions(-) - -diff --git a/regexp.c b/regexp.c -index 01c18a3..4a5948b 100644 ---- a/regexp.c -+++ b/regexp.c -@@ -16,6 +16,7 @@ - #define REPINF 255 - #define MAXTHREAD 1000 - #define MAXSUB REG_MAXSUB -+#define MAXPROG (32 << 10) - - typedef struct Reclass Reclass; - typedef struct Renode Renode; -@@ -595,23 +596,25 @@ struct Reinst { - Reinst *y; - }; - --static int count(Renode *node) -+static int count(struct cstate *g, Renode *node) - { -- int min, max; -+ int min, max, n; - if (!node) return 0; - switch (node->type) { - default: return 1; -- case P_CAT: return count(node->x) + count(node->y); -- case P_ALT: return count(node->x) + count(node->y) + 2; -+ case P_CAT: return count(g, node->x) + count(g, node->y); -+ case P_ALT: return count(g, node->x) + count(g, node->y) + 2; - case P_REP: - min = node->m; - max = node->n; -- if (min == max) return count(node->x) * min; -- if (max < REPINF) return count(node->x) * max + (max - min); -- return count(node->x) * (min + 1) + 2; -- case P_PAR: return count(node->x) + 2; -- case P_PLA: return count(node->x) + 2; -- case P_NLA: return count(node->x) + 2; -+ if (min == max) n = count(g, node->x) * min; -+ else if (max < REPINF) n = count(g, node->x) * max + (max - min); -+ else n = count(g, node->x) * (min + 1) + 2; -+ if (n < 0 || n > MAXPROG) die(g, "program too large"); -+ return n; -+ case P_PAR: return count(g, node->x) + 2; -+ case P_PLA: return count(g, node->x) + 2; -+ case P_NLA: return count(g, node->x) + 2; - } - } - -@@ -813,7 +816,7 @@ Reprog *regcompx(void *(*alloc)(void *ctx, void *p, int n), void *ctx, - struct cstate g; - Renode *node; - Reinst *split, *jump; -- int i; -+ int i, n; - - g.pstart = NULL; - g.prog = NULL; -@@ -847,8 +850,17 @@ Reprog *regcompx(void *(*alloc)(void *ctx, void *p, int n), void *ctx, - if (g.lookahead != 0) - die(&g, "syntax error"); - -+#ifdef TEST -+ dumpnode(node); -+ putchar('\n'); -+#endif -+ -+ n = 6 + count(&g, node); -+ if (n < 0 || n > MAXPROG) -+ die(&g, "program too large"); -+ - g.prog->nsub = g.nsub; -- g.prog->start = g.prog->end = alloc(ctx, NULL, (count(node) + 6) * sizeof (Reinst)); -+ g.prog->start = g.prog->end = alloc(ctx, NULL, n * sizeof (Reinst)); - if (!g.prog->start) - die(&g, "cannot allocate regular expression instruction list"); - -@@ -864,8 +876,6 @@ Reprog *regcompx(void *(*alloc)(void *ctx, void *p, int n), void *ctx, - emit(g.prog, I_END); - - #ifdef TEST -- dumpnode(node); -- putchar('\n'); - dumpprog(g.prog); - #endif - --- -2.9.1 - diff --git a/CVE-2016-10221.patch b/CVE-2016-10221.patch deleted file mode 100644 index a61d2b0..0000000 --- a/CVE-2016-10221.patch +++ /dev/null @@ -1,40 +0,0 @@ -X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=blobdiff_plain;f=source%2Fpdf%2Fpdf-layer.c;h=fc29c9d3e78eefa823cf768a9a37c476ba6f7c20;hp=3296b6c5ad953a1050899ae01021be05b3b08fa3;hb=2590fed7a355a421f062ebd4293df892800fa7ac;hpb=ffc4b61e6baf7a4d4e34c8901ae78ffd57da2530 - -diff --git a/source/pdf/pdf-layer.c b/source/pdf/pdf-layer.c -index 3296b6c..fc29c9d 100644 ---- a/source/pdf/pdf-layer.c -+++ b/source/pdf/pdf-layer.c -@@ -90,7 +90,14 @@ count_entries(fz_context *ctx, pdf_obj *obj) - for (i = 0; i < len; i++) - { - pdf_obj *o = pdf_array_get(ctx, obj, i); -- count += (pdf_is_array(ctx, o) ? count_entries(ctx, o) : 1); -+ if (pdf_mark_obj(ctx, o)) -+ continue; -+ fz_try(ctx) -+ count += (pdf_is_array(ctx, o) ? count_entries(ctx, o) : 1); -+ fz_always(ctx) -+ pdf_unmark_obj(ctx, o); -+ fz_catch(ctx) -+ fz_rethrow(ctx); - } - return count; - } -@@ -106,7 +113,16 @@ populate_ui(fz_context *ctx, pdf_ocg_descriptor *desc, pdf_ocg_ui *ui, pdf_obj * - pdf_obj *o = pdf_array_get(ctx, order, i); - if (pdf_is_array(ctx, o)) - { -- ui = populate_ui(ctx, desc, ui, o, depth+1, rbgroups, locked); -+ if (pdf_mark_obj(ctx, o)) -+ continue; -+ -+ fz_try(ctx) -+ ui = populate_ui(ctx, desc, ui, o, depth+1, rbgroups, locked); -+ fz_always(ctx) -+ pdf_unmark_obj(ctx, o); -+ fz_catch(ctx) -+ fz_rethrow(ctx); -+ - continue; - } - ui->depth = depth; diff --git a/CVE-2016-8728.patch b/CVE-2016-8728.patch deleted file mode 100644 index 69d1b7e..0000000 --- a/CVE-2016-8728.patch +++ /dev/null @@ -1,31 +0,0 @@ -Index: mupdf-1.10a-source/source/fitz/draw-scale-simple.c -=================================================================== ---- mupdf-1.10a-source.orig/source/fitz/draw-scale-simple.c -+++ mupdf-1.10a-source/source/fitz/draw-scale-simple.c -@@ -1294,7 +1294,7 @@ scale_single_row(unsigned char * restric - tmp[j] = 128; - if (weights->flip) - { -- dst += (weights->count-1)*n; -+ dst += (weights->count-1)*nf; - for (i=weights->count; i > 0; i--) - { - min = *contrib++; -Index: mupdf-1.10a-source/thirdparty/jbig2dec/jbig2_image.c -=================================================================== ---- mupdf-1.10a-source.orig/thirdparty/jbig2dec/jbig2_image.c -+++ mupdf-1.10a-source/thirdparty/jbig2dec/jbig2_image.c -@@ -38,6 +38,13 @@ jbig2_image_new(Jbig2Ctx *ctx, int width - int stride; - int64_t check; - -+ if (width == 0 || height == 0) { -+ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, -+ "zero width (%d) or height (%d) in jbig2_image_new", -+ width, height); -+ return NULL; -+ } -+ - image = jbig2_new(ctx, Jbig2Image, 1); - if (image == NULL) { - jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "could not allocate image structure in jbig2_image_new"); diff --git a/CVE-2017-5627.patch b/CVE-2017-5627.patch deleted file mode 100644 index 19e5d13..0000000 --- a/CVE-2017-5627.patch +++ /dev/null @@ -1,15 +0,0 @@ -X-Git-Url: http://git.ghostscript.com/?p=mujs.git;a=blobdiff_plain;f=jsrun.c;h=ca7d5ad46ba2414f075280ee94121a88f0bcfde6;hp=782a6f9caa62d510377397b0c63c1407e70f6c95;hb=4006739a28367c708dea19aeb19b8a1a9326ce08;hpb=8f62ea10a0af68e56d5c00720523ebcba13c2e6a - -diff --git a/jsrun.c b/jsrun.c -index 782a6f9..ca7d5ad 100644 ---- a/jsrun.c -+++ b/jsrun.c -@@ -544,7 +544,7 @@ static void jsR_setproperty(js_State *J, js_Object *obj, const char *name) - if (!strcmp(name, "length")) { - double rawlen = jsV_tonumber(J, value); - int newlen = jsV_numbertointeger(rawlen); -- if (newlen != rawlen) -+ if (newlen != rawlen || newlen < 0) - js_rangeerror(J, "array length"); - jsV_resizearray(J, obj, newlen); - return; diff --git a/CVE-2017-5628.patch b/CVE-2017-5628.patch deleted file mode 100644 index fb27982..0000000 --- a/CVE-2017-5628.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 8f62ea10a0af68e56d5c00720523ebcba13c2e6a Mon Sep 17 00:00:00 2001 -From: Tor Andersson -Date: Tue, 24 Jan 2017 14:32:14 +0100 -Subject: [PATCH] Fix 697496: Check NAN before accessing array in MakeDay(). - ---- - jsdate.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/jsdate.c b/jsdate.c -index 2b43edf..6efbb60 100644 ---- a/jsdate.c -+++ b/jsdate.c -@@ -207,12 +207,17 @@ static double MakeDay(double y, double m, double date) - }; - - double yd, md; -+ int im; - - y += floor(m / 12); - m = pmod(m, 12); - -+ im = (int)m; -+ if (im < 0 || im >= 12) -+ return NAN; -+ - yd = floor(TimeFromYear(y) / msPerDay); -- md = firstDayOfMonth[InLeapYear(y)][(int)m]; -+ md = firstDayOfMonth[InLeapYear(y)][im]; - - return yd + md + date - 1; - } --- -2.9.1 - diff --git a/CVE-2017-5896.patch b/CVE-2017-5896.patch deleted file mode 100644 index 50227bc..0000000 --- a/CVE-2017-5896.patch +++ /dev/null @@ -1,40 +0,0 @@ -X-Git-Url: http://git.ghostscript.com/?p=mupdf.git;a=blobdiff_plain;f=source%2Ffitz%2Fpixmap.c;h=f1291dc29d49ead44c10785fd014a0d995e45a91;hp=a8317127da7af6d39eb86fe3ca02cb4106a9b262;hb=2c4e5867ee699b1081527bc6c6ea0e99a35a5c27;hpb=90fa6203ad032fe161d85a3e580941ce3d1216f0 - -diff --git a/source/fitz/pixmap.c b/source/fitz/pixmap.c -index a831712..f1291dc 100644 ---- a/source/fitz/pixmap.c -+++ b/source/fitz/pixmap.c -@@ -1104,6 +1104,7 @@ fz_subsample_pixmap_ARM(unsigned char *ptr, int w, int h, int f, int factor, - "@STACK:r1,<9>,factor,n,fwd,back,back2,fwd2,divX,back4,fwd4,fwd3,divY,back5,divXY\n" - "ldr r4, [r13,#4*22] @ r4 = divXY \n" - "ldr r5, [r13,#4*11] @ for (nn = n; nn > 0; n--) { \n" -+ "ldr r8, [r13,#4*17] @ r8 = back4 \n" - "18: @ \n" - "mov r14,#0 @ r14= v = 0 \n" - "sub r5, r5, r1, LSL #8 @ for (xx = x; xx > 0; x--) { \n" -@@ -1120,7 +1121,7 @@ fz_subsample_pixmap_ARM(unsigned char *ptr, int w, int h, int f, int factor, - "mul r14,r4, r14 @ r14= v *= divX \n" - "mov r14,r14,LSR #16 @ r14= v >>= 16 \n" - "strb r14,[r9], #1 @ *d++ = r14 \n" -- "sub r0, r0, r8 @ s -= back2 \n" -+ "sub r0, r0, r8 @ s -= back4 \n" - "subs r5, r5, #1 @ n-- \n" - "bgt 18b @ } \n" - "21: @ \n" -@@ -1249,6 +1250,7 @@ fz_subsample_pixmap(fz_context *ctx, fz_pixmap *tile, int factor) - x += f; - if (x > 0) - { -+ int back4 = x * n - 1; - div = x * y; - for (nn = n; nn > 0; nn--) - { -@@ -1263,7 +1265,7 @@ fz_subsample_pixmap(fz_context *ctx, fz_pixmap *tile, int factor) - s -= back5; - } - *d++ = v / div; -- s -= back2; -+ s -= back4; - } - } - } diff --git a/CVE-2017-7976.patch b/CVE-2017-7976.patch deleted file mode 100644 index f3886bc..0000000 --- a/CVE-2017-7976.patch +++ /dev/null @@ -1,14 +0,0 @@ -Index: mupdf-1.10a-source/thirdparty/jbig2dec/jbig2_image.c -=================================================================== ---- mupdf-1.10a-source.orig/thirdparty/jbig2dec/jbig2_image.c -+++ mupdf-1.10a-source/thirdparty/jbig2dec/jbig2_image.c -@@ -263,7 +263,8 @@ jbig2_image_compose(Jbig2Ctx *ctx, Jbig2 - /* general OR case */ - s = ss; - d = dd = dst->data + y * dst->stride + leftbyte; -- if (d < dst->data || leftbyte > dst->stride || h * dst->stride < 0 || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride) { -+ if (d < dst->data || leftbyte > dst->stride || d - leftbyte + h * dst->stride > dst->data + dst->height * dst->stride || -+ s - leftbyte + (h - 1) * src->stride + rightbyte > src->data + src->height * src->stride) { - return jbig2_error(ctx, JBIG2_SEVERITY_FATAL, -1, "preventing heap overflow in jbig2_image_compose"); - } - if (leftbyte == rightbyte) { diff --git a/bsc1023760.patch b/bsc1023760.patch deleted file mode 100644 index 772d089..0000000 --- a/bsc1023760.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: mupdf-1.10a-source/source/tools/mudraw.c -=================================================================== ---- mupdf-1.10a-source.orig/source/tools/mudraw.c -+++ mupdf-1.10a-source/source/tools/mudraw.c -@@ -720,7 +720,7 @@ static void dodrawpage(fz_context *ctx, - char buf[512]; - fz_output *out; - -- if (!strcmp(output, "-")) -+ if (!output || !strcmp(output, "-")) - out = fz_stdout(ctx); - else - { diff --git a/fix-openjpeg-flags.patch b/fix-openjpeg-flags.patch index ae68d14..30a296f 100644 --- a/fix-openjpeg-flags.patch +++ b/fix-openjpeg-flags.patch @@ -1,15 +1,12 @@ -Index: mupdf-1.10a-source/source/fitz/load-jpx.c +Index: mupdf-1.11-source/source/fitz/load-jpx.c =================================================================== ---- mupdf-1.10a-source.orig/source/fitz/load-jpx.c -+++ mupdf-1.10a-source/source/fitz/load-jpx.c -@@ -481,10 +481,6 @@ fz_load_jpx_info(fz_context *ctx, unsign +--- mupdf-1.11-source.orig/source/fitz/load-jpx.c ++++ mupdf-1.11-source/source/fitz/load-jpx.c +@@ -444,7 +444,6 @@ fz_load_jpx_info(fz_context *ctx, unsign #else /* HAVE_LURATECH */ --/* Without the definition of OPJ_STATIC, compilation fails on windows -- * due to the use of __stdcall. We believe it is required on some -- * linux toolchains too. */ -#define OPJ_STATIC - #ifndef _MSC_VER + #define OPJ_HAVE_INTTYPES_H + #if !defined(_WIN32) && !defined(_WIN64) #define OPJ_HAVE_STDINT_H - #endif diff --git a/mupdf-1.10a-source.tar.gz b/mupdf-1.10a-source.tar.gz deleted file mode 100644 index eab126c..0000000 --- a/mupdf-1.10a-source.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:aacc1f36b9180f562022ef1ab3439b009369d944364f3cff8a2a898834e3a836 -size 42264707 diff --git a/mupdf-1.11-source.tar.gz b/mupdf-1.11-source.tar.gz new file mode 100644 index 0000000..3734570 --- /dev/null +++ b/mupdf-1.11-source.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:209474a80c56a035ce3f4958a63373a96fad75c927c7b1acdc553fc85855f00a +size 40156070 diff --git a/mupdf.changes b/mupdf.changes index 9272760..a16d06c 100644 --- a/mupdf.changes +++ b/mupdf.changes @@ -1,3 +1,23 @@ +------------------------------------------------------------------- +Fri Nov 10 08:15:18 UTC 2017 - aloisio@gmx.com + +- Update to version 1.11 + * This is primarily a bug fix release. + * PDF portfolio support with command line tool "mutool + portfolio". + * Add callbacks to load fallback fonts from the system. + * Use system fonts in Android to reduce install size. + * Flag to disable publisher styles in EPUB layout. + * Improved SVG output. + +- Refreshed fix-openjpeg-flags.patch and reproducible.patch + +- Dropped CVE-2017-5896.patch, bsc1023760.patch, + CVE-2016-10221.patch, CVE-2016-8728.patch, CVE-2017-7976.patch, + CVE-2016-10132.patch, CVE-2016-10133.patch, + CVE-2016-10141.patch, CVE-2017-5627.patch + and CVE-2017-5628.patch (merged or adapted upstream) + ------------------------------------------------------------------- Thu Aug 3 08:23:47 UTC 2017 - idonmez@suse.com diff --git a/mupdf.spec b/mupdf.spec index 4be33bc..27ec285 100644 --- a/mupdf.spec +++ b/mupdf.spec @@ -18,40 +18,30 @@ Name: mupdf -Version: 1.10a +Version: 1.11 Release: 0 Summary: Lightweight PDF and XPS Viewer and Parser and Rendering Library License: AGPL-3.0+ Group: Productivity/Office/Other -Url: http://mupdf.com/ -Source0: http://mupdf.com/downloads/mupdf-%{version}-source.tar.gz +Url: https://mupdf.com/ +Source0: https://mupdf.com/downloads/mupdf-%{version}-source.tar.gz Source1: mupdf.desktop Source2: mupdf.png Patch1: fix-openjpeg-flags.patch -Patch2: CVE-2016-10132.patch -Patch3: CVE-2016-10133.patch -Patch4: CVE-2016-10141.patch -Patch5: CVE-2017-5627.patch -Patch6: CVE-2017-5628.patch -Patch7: CVE-2017-5896.patch -Patch8: bsc1023760.patch # PATCH-FIX-UPSTREAM https://bugs.ghostscript.com/show_bug.cgi?id=697958 Patch9: reproducible.patch -Patch10: CVE-2016-8728.patch -Patch11: CVE-2017-7976.patch -Patch12: CVE-2016-10221.patch BuildRequires: freetype-devel BuildRequires: gcc-c++ BuildRequires: jbig2dec-devel BuildRequires: libcurl-devel BuildRequires: libjpeg-devel BuildRequires: openjpeg2-devel +BuildRequires: pkgconfig BuildRequires: update-desktop-files BuildRequires: xorg-x11-devel BuildRequires: zlib-devel BuildRequires: pkgconfig(harfbuzz) Requires: xdg-utils -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description MuPDF is a lightweight PDF and XPS viewer and parser/rendering library. @@ -76,20 +66,7 @@ based on mupdf. %prep %setup -q -n %{name}-%{version}-source %patch1 -p1 -%patch7 -p1 -%patch8 -p1 %patch9 -p1 -%patch10 -p1 -%patch11 -p1 -%patch12 -p1 - -pushd ./thirdparty/mujs -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -popd # do not use the inlined copies of build dpendencies except for mujs rm -rf $(ls -d thirdparty/*/ | grep -v mujs) @@ -101,7 +78,8 @@ for src in docs/*.c; do fi done -sed -i s,'INSTALL_APPS := .*','INSTALL_APPS := $(MUTOOL) $(MUVIEW_CURL)', Makefile +sed -e s,'INSTALL_APPS := .*','INSTALL_APPS := $(MUTOOL_EXE) $(MUVIEW_X11_CURL_EXE)', \ + -e '/^INSTALL_APPS +=/d' -i Makefile %build # do no set CFLAGS which is used by the build system itself! @@ -133,24 +111,25 @@ install -D -p -m 644 %{SOURCE2} \ %suse_update_desktop_file mupdf +%if 0%{?suse_version} <= 1320 %post %desktop_database_post %postun %desktop_database_postun +%endif %files -%defattr(-,root,root) %doc CHANGES COPYING README docs/naming.txt docs/overview.txt %doc docs/progressive.txt docs/refcount.txt docs/examples/ %{_bindir}/mupdf %{_bindir}/mutool %{_datadir}/applications/mupdf.desktop %{_datadir}/pixmaps/mupdf.png -%{_mandir}/man1/mu*.1* +%{_mandir}/man1/mupdf.1%{ext_man} +%{_mandir}/man1/mutool.1%{ext_man} %files devel-static -%defattr(-,root,root,-) %{_includedir}/mupdf/ %{_libdir}/libmupdf.a %{_libdir}/libmupdfthird.a diff --git a/reproducible.patch b/reproducible.patch index 04d8d34..baa30bf 100644 --- a/reproducible.patch +++ b/reproducible.patch @@ -1,10 +1,10 @@ -Index: mupdf-1.10a-source/Makefile +Index: mupdf-1.11-source/Makefile =================================================================== ---- mupdf-1.10a-source.orig/Makefile -+++ mupdf-1.10a-source/Makefile -@@ -83,13 +83,13 @@ PDF_HDR := include/mupdf/pdf.h $(wildcar - SVG_HDR := include/mupdf/svg.h +--- mupdf-1.11-source.orig/Makefile ++++ mupdf-1.11-source/Makefile +@@ -125,14 +125,14 @@ SVG_HDR := include/mupdf/svg.h HTML_HDR := include/mupdf/html.h + THREAD_HDR := include/mupdf/helpers/mu-threads.h -FITZ_SRC := $(wildcard source/fitz/*.c) -PDF_SRC := $(wildcard source/pdf/*.c) @@ -13,6 +13,7 @@ Index: mupdf-1.10a-source/Makefile -CBZ_SRC := $(wildcard source/cbz/*.c) -HTML_SRC := $(wildcard source/html/*.c) -GPRF_SRC := $(wildcard source/gprf/*.c) +-THREAD_SRC := $(wildcard source/helpers/mu-threads/*.c) +FITZ_SRC := $(sort $(wildcard source/fitz/*.c)) +PDF_SRC := $(sort $(wildcard source/pdf/*.c)) +XPS_SRC := $(sort $(wildcard source/xps/*.c)) @@ -20,12 +21,13 @@ Index: mupdf-1.10a-source/Makefile +CBZ_SRC := $(sort $(wildcard source/cbz/*.c)) +HTML_SRC := $(sort $(wildcard source/html/*.c)) +GPRF_SRC := $(sort $(wildcard source/gprf/*.c)) ++THREAD_SRC := $(sort $(wildcard source/helpers/mu-threads/*.c)) FITZ_SRC_HDR := $(wildcard source/fitz/*.h) PDF_SRC_HDR := $(wildcard source/pdf/*.h) source/pdf/pdf-name-table.h -@@ -116,11 +116,11 @@ $(GPRF_OBJ) : $(FITZ_HDR) $(GPRF_HDR) $( +@@ -180,11 +180,11 @@ generate: $(NAME_GEN) - # --- Generated embedded font files --- + HEXDUMP_EXE := $(OUT)/scripts/hexdump.exe -FONT_BIN_DROID := $(wildcard resources/fonts/droid/*.ttf) -FONT_BIN_NOTO := $(wildcard resources/fonts/noto/*.ttf) @@ -38,20 +40,20 @@ Index: mupdf-1.10a-source/Makefile +FONT_BIN_URW := $(sort $(wildcard resources/fonts/urw/*.cff)) +FONT_BIN_SIL := $(sort $(wildcard resources/fonts/sil/*.cff)) - FONT_GEN_DROID := $(subst resources/fonts/droid/, $(GEN)/, $(addsuffix .c, $(basename $(FONT_BIN_DROID)))) - FONT_GEN_NOTO := $(subst resources/fonts/noto/, $(GEN)/, $(addsuffix .c, $(basename $(FONT_BIN_NOTO)))) -@@ -210,10 +210,10 @@ NAMEDUMP := $(OUT)/namedump - CQUOTE := $(OUT)/cquote - BIN2HEX := $(OUT)/bin2hex + FONT_GEN_DROID := $(subst resources/fonts/droid/, generated/, $(addsuffix .c, $(basename $(FONT_BIN_DROID)))) + FONT_GEN_NOTO := $(subst resources/fonts/noto/, generated/, $(addsuffix .c, $(basename $(FONT_BIN_NOTO)))) +@@ -224,10 +224,10 @@ generate: $(FONT_GEN) --CMAP_CNS_SRC := $(wildcard resources/cmaps/cns/*) --CMAP_GB_SRC := $(wildcard resources/cmaps/gb/*) --CMAP_JAPAN_SRC := $(wildcard resources/cmaps/japan/*) --CMAP_KOREA_SRC := $(wildcard resources/cmaps/korea/*) -+CMAP_CNS_SRC := $(sort $(wildcard resources/cmaps/cns/*)) -+CMAP_GB_SRC := $(sort $(wildcard resources/cmaps/gb/*)) -+CMAP_JAPAN_SRC := $(sort $(wildcard resources/cmaps/japan/*)) -+CMAP_KOREA_SRC := $(sort $(wildcard resources/cmaps/korea/*)) + CMAPDUMP_EXE := $(OUT)/scripts/cmapdump.exe - $(GEN)/gen_cmap_cns.h : $(CMAP_CNS_SRC) - $(QUIET_GEN) $(CMAPDUMP) $@ $(CMAP_CNS_SRC) +-CMAP_CJK_SRC := $(wildcard resources/cmaps/cjk/*) +-CMAP_EXTRA_SRC := $(wildcard resources/cmaps/extra/*) +-CMAP_UTF8_SRC := $(wildcard resources/cmaps/utf8/*) +-CMAP_UTF32_SRC := $(wildcard resources/cmaps/utf32/*) ++CMAP_CJK_SRC := $(sort $(wildcard resources/cmaps/cjk/*)) ++CMAP_EXTRA_SRC := $(sort $(wildcard resources/cmaps/extra/*)) ++CMAP_UTF8_SRC := $(sort $(wildcard resources/cmaps/utf8/*)) ++CMAP_UTF32_SRC := $(sort $(wildcard resources/cmaps/utf32/*)) + + generated/gen_cmap_cjk.h : $(CMAP_CJK_SRC) | generated + $(QUIET_GEN) $(CMAPDUMP_EXE) $@ $(CMAP_CJK_SRC)