From 399442e394e431a2cb19d83bdfc3ed8ae77123835766693bed2ededb44a8ca62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matthias=20Mail=C3=A4nder?= Date: Mon, 18 Dec 2017 08:27:59 +0000 Subject: [PATCH 1/2] Accepting request 557941 from home:alarrosa:branches:games - Update to version 2.0.0 New Games: * Added support for Full Pipe. * Added support for Hi-Res Adventure #3: Cranston Manor. * Added support for Hi-Res Adventure #4: Ulysses and the Golden Fleece. * Added support for Hi-Res Adventure #5: Time Zone. * Added support for Hi-Res Adventure #6: The Dark Crystal. * Added support for Riven. * Added support for Starship Titanic English & German. New Games (Sierra SCI2 - SCI3): * Added support for Gabriel Knight. * Added support for Gabriel Knight 2. * Added support for King's Quest VII. * Added support for King's Questions. * Added support for Leisure Suit Larry 6 (hires). * Added support for Leisure Suit Larry 7. * Added support for Lighthouse. * Added support for Mixed-Up Mother Goose Deluxe. * Added support for Phantasmagoria. * Added support for Phantasmagoria 2. * Added support for Police Quest 4. * Added support for RAMA. * Added support for Shivers. * Added support for Space Quest 6. * Added support for Torin's Passage. General: * Added bilinear filtering option for SDL2 fullscreen mode. * Fixed a bug that caused a crash in the options dialog of the GUI. * Added a command-line option to automatically scan for supported games in the current or a specified directory. OBS-URL: https://build.opensuse.org/request/show/557941 OBS-URL: https://build.opensuse.org/package/show/games/scummvm?expand=0&rev=48 --- scummvm-1.9.0.tar.xz | 3 - scummvm-2.0.0.tar.xz | 3 + scummvm.changes | 154 +++++++++++++++++++++++++++++++++ scummvm.spec | 7 +- use-getaddrinfo.patch | 197 ------------------------------------------ 5 files changed, 159 insertions(+), 205 deletions(-) delete mode 100644 scummvm-1.9.0.tar.xz create mode 100644 scummvm-2.0.0.tar.xz delete mode 100644 use-getaddrinfo.patch diff --git a/scummvm-1.9.0.tar.xz b/scummvm-1.9.0.tar.xz deleted file mode 100644 index bd32cab..0000000 --- a/scummvm-1.9.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2417edcb1ad51ca05a817c58aeee610bc6db5442984e8cf28e8a5fd914e8ae05 -size 22020384 diff --git a/scummvm-2.0.0.tar.xz b/scummvm-2.0.0.tar.xz new file mode 100644 index 0000000..dd4c9f7 --- /dev/null +++ b/scummvm-2.0.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:9784418d555ba75822d229514a05cf226b8ce1a751eec425432e6b7e128fca60 +size 21291656 diff --git a/scummvm.changes b/scummvm.changes index 646044b..fb4c78d 100644 --- a/scummvm.changes +++ b/scummvm.changes @@ -1,3 +1,157 @@ +------------------------------------------------------------------- +Sun Dec 17 19:25:33 UTC 2017 - alarrosa@suse.com + +- Update to version 2.0.0 + New Games: + * Added support for Full Pipe. + * Added support for Hi-Res Adventure #3: Cranston Manor. + * Added support for Hi-Res Adventure #4: Ulysses and the Golden Fleece. + * Added support for Hi-Res Adventure #5: Time Zone. + * Added support for Hi-Res Adventure #6: The Dark Crystal. + * Added support for Riven. + * Added support for Starship Titanic English & German. + New Games (Sierra SCI2 - SCI3): + * Added support for Gabriel Knight. + * Added support for Gabriel Knight 2. + * Added support for King's Quest VII. + * Added support for King's Questions. + * Added support for Leisure Suit Larry 6 (hires). + * Added support for Leisure Suit Larry 7. + * Added support for Lighthouse. + * Added support for Mixed-Up Mother Goose Deluxe. + * Added support for Phantasmagoria. + * Added support for Phantasmagoria 2. + * Added support for Police Quest 4. + * Added support for RAMA. + * Added support for Shivers. + * Added support for Space Quest 6. + * Added support for Torin's Passage. + General: + * Added bilinear filtering option for SDL2 fullscreen mode. + * Fixed a bug that caused a crash in the options dialog of the GUI. + * Added a command-line option to automatically scan for supported games in + the current or a specified directory. + * Added possibility to apply changes in the options dialog without closing + the dialog. + * Added support for on-the-fly GUI language switching. + * Updated Munt MT-32 emulation code to version 2.0.3. + * Improved handling of joysticks. + * Improved audio latency. + * Improved management of the ScummVM window in games that switch display + modes. + * Fixed list view drawing over text above it (for example in the save dialog). + * Changed location where screenshot are saved. This fixes issues when scummvm + is installed in a read*only directory. Also added setting to allow changing + this location. + * Changed screenshot format to png. + * Fixed multithreading issue that could cause a crash in games using MP3 audio. + ADL: + * Fixed application freeze when reading sign in rocket in Mission Asteroid. + AGI: + * Fixed game script blocking forever after loading a savegame that was saved + while music was playing (this could happen for example in Police Quest 1 + poker back room. + * Fixed cursor behaviour in Manhunter. + * Fixed nightclub arcade sequence speed for Manhunter Apple IIgs version. + * Reduced fastest game speed to a maximum of 40 FPS to ensure the games do + not run too fast. + AGOS: + * Fixed subtitle speed setting in the Hebrew version of Simon the Sorcerer 1. + Composer: + * Added save/load from General Main Menu. + * Fixed the detection for the French Gregory. + * Added detection for German Baba Yaga. + Cruise: + * Fixed font rendering. + Drascula: + * Fixed bug that made it impossible to talk to the drunkard more than once in the inn. + * Added handling of the master volume and fix volume synchronization between + the game and ScummVM options. + * Added possibility to load and save games using GMM. + Dreamweb: + * Fixed crash when collecting last stones under church. + * Fixed detection of Italian CD release. + Kyra: + * Fixed a buffer overflow in Lands of Lore. + * Fixed crash due to missing palette data for Legend of Kyrandia floppy version. + MADE: + * Fixed badly distorted sound (bug #9753). + MADS: + * Fixed a bug that caused a crash after starting Rex Nebular and the Cosmic Gender Bender. + * Fix rare crash that can happen when Rex is first locked up + MOHAWK: + * Added patch to the original data files to correct the vault access + instructions in Myst ME. + * Fixed situations where Myst could appear to be unresponsive. + * Reworked sound handling in Myst to be more accurate. + * Fixed crash in Myst piano puzzle. + Neverhood: + * Fixed crash in musical hut in Russian DR version. + * Fixed late game notes crash in Russian DR version. + Pegasus: + * Fixed loading a game from the launcher after returning to the launcher. + * Ignored events occuring while the GUI is visible. This for example fixed an + issue where closing the GMM using Escape would also opens the game's own + menu. + * Fixed several crashes when toggling the shared screen space. + * Improved performances when fading screen. + SAGA: + * Fixed crash when using the give verb on an actor in IHNM. + * Fixed Gorrister invisible and stuck when reloading at mooring ring in IHNM. + * Fixed the conversation panel background color in IHNM. + * Added support French Fan Translation of Inherit the Earth. + SCI: + * Fixed a script bug in Laura Bow 2: Dagger of Amon Ra that made it impossible + to exit the party room with the large golden head inside the museum (room 350). + This bug is also present, when using the original interpreter. + * Improved startup speed when using the MT-32 emulator. + * Improved handling of MT-32 reverb in SCI0 games. + * Improved selection of synthesized sound effects in SCI0 games. + * Improved selection of digital audio in SQ4. + * Improved resource bounds checking. + * Improved error handling of corrupt MIDI data. + * Fixed slow leak of small amounts of data into save games over time. + * Fixed broken day/night cycle in QFG3. + * Fixed a script bug in Police Quest 3 to now grant 10 points when giving the + locket to Marie. Now it's possible to beat the game with a perfect score. + This bug is also present when using the original interpreter. + * Fixed various other script bugs. + * Improved audio volume and settings synchronization. + SCUMM: + * Fixed crash in amiga games. + * Fixed two soundtracks playing at once in Monkey Island 2. + * Fixed Caponians dont disguise after using blue crystal in Zak McKracken. + * Fixed Dr. Fred facing wrong way in lab cutscene in Maniac Mansion. + * Fixed actors being drawn one line too high in V0 and V1 games. + * Fixed Purple Tentacle appears in Lab Entry after being chased out in maniac Mansion. + * Fixed power not turning back on in Maniac Mansion when entering the lab + while Dr. Fred has the power off. + * Fixed actors skipping between certain walk-boxes in Maniac Mansion. + Sherlock: + * Fixed detection for Italian fan translation of Serrated Scalpel. + Sky: + * Fixed collision detection. + Sword1: + * Added thumbnail when saving from in-game dialog. + * Fixed audio and subtitles settings being changed when open the load/save + in*game dialog. + Tinsel: + * Fixed some Discworld 2 text/voice not displaying & playing all the way through + * Fix crash in in-game save menu when all slots are used with long names + TsAGE: + * Fixed regression preventing animations in Return to Ringworld from playing. + * Fixed display issues in Return to Ringworld Demo. + * Fixed loading Return to Ringworld savegames with unreferenced dynamic objects. + * Fixed deadlock in audio code. + * Fixed crash on Return to Launcher. + Voyeur: + * Fixed backgrounds not showing for static rooms. + * Fixed playback of audio events on VCR. + * Fixed exiting game from the VCR screen. + * Added workaround for original game bug using invalid hotspot Ids +- Drop use-getaddrinfo.patch which is already included upstream +- Use libmad to build scummvm by default + ------------------------------------------------------------------- Wed Feb 1 13:19:09 UTC 2017 - aloisio@gmx.com diff --git a/scummvm.spec b/scummvm.spec index 2856389..f02f104 100644 --- a/scummvm.spec +++ b/scummvm.spec @@ -18,9 +18,9 @@ %bcond_with faad %bcond_with libmpeg2 -%bcond_with mad +%bcond_without mad Name: scummvm -Version: 1.9.0 +Version: 2.0.0 Release: 0 Summary: Interpreter for several adventure games License: GPL-2.0+ @@ -28,8 +28,6 @@ Group: Amusements/Games/Other Url: http://www.scummvm.org/ Source: http://www.scummvm.org/frs/scummvm/%{version}/scummvm-%{version}.tar.xz Source99: %{name}.changes -# PATCH-FEATURE-UPSTREAM use-getaddrinfo.patch -- https://github.com/scummvm/scummvm/pull/811 -Patch1: use-getaddrinfo.patch BuildRequires: desktop-file-utils BuildRequires: gcc-c++ BuildRequires: hicolor-icon-theme @@ -82,7 +80,6 @@ These engines are in a worse state, but allow to play extra games. %prep %setup -q -%patch1 -p1 modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{SOURCE99}")" DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\"" TIME="\"$(date -d "${modified}" "+%%R")\"" diff --git a/use-getaddrinfo.patch b/use-getaddrinfo.patch deleted file mode 100644 index f71567a..0000000 --- a/use-getaddrinfo.patch +++ /dev/null @@ -1,197 +0,0 @@ -diff --git a/backends/midi/timidity.cpp b/backends/midi/timidity.cpp -index 4971388..1ff4ed9 100644 ---- a/backends/midi/timidity.cpp -+++ b/backends/midi/timidity.cpp -@@ -52,24 +52,18 @@ - #include - #include - #include --#include /* for gethostbyname */ -+#include /* for getaddrinfo */ - #include - #include - #include - #include - #include - --// WORKAROUND bug #1870304: Solaris does not provide INADDR_NONE. --#ifndef INADDR_NONE --#define INADDR_NONE 0xffffffff --#endif -- - // BeOS BONE uses snooze (x/1000) in place of usleep(x) - #ifdef __BEOS__ - #define usleep(v) snooze(v/1000) - #endif - -- - #define SEQ_MIDIPUTC 5 - - #define TIMIDITY_LOW_DELAY -@@ -84,7 +78,7 @@ - - /* default host & port */ - #define DEFAULT_TIMIDITY_HOST "127.0.0.1" --#define DEFAULT_TIMIDITY_PORT 7777 -+#define DEFAULT_TIMIDITY_PORT "7777" - - class MidiDriver_TIMIDITY : public MidiDriver_MPU401 { - public: -@@ -97,11 +91,8 @@ public: - void sysEx(const byte *msg, uint16 length); - - private: -- /* standart routine to extract ip address from a string */ -- in_addr_t host_to_addr(const char* address); -- - /* creates a tcp connection to TiMidity server, returns filedesc (like open()) */ -- int connect_to_server(const char* hostname, unsigned short tcp_port); -+ int connect_to_server(const char* hostname, const char* tcp_port); - - /* send command to the server; printf-like; returns reply string */ - char *timidity_ctl_command(const char *fmt, ...) GCC_PRINTF(2, 3); -@@ -150,7 +141,8 @@ MidiDriver_TIMIDITY::MidiDriver_TIMIDITY() { - int MidiDriver_TIMIDITY::open() { - char *res; - char timidity_host[NI_MAXHOST]; -- int timidity_port, data_port, i; -+ char timidity_port[6], data_port[6]; -+ int num; - - /* count ourselves open */ - if (_isOpen) -@@ -166,16 +158,16 @@ int MidiDriver_TIMIDITY::open() { - /* extract control port */ - if ((res = strrchr(timidity_host, ':')) != NULL) { - *res++ = '\0'; -- timidity_port = atoi(res); -+ Common::strlcpy(timidity_port, res, sizeof(timidity_port)); - } else { -- timidity_port = DEFAULT_TIMIDITY_PORT; -+ Common::strlcpy(timidity_port, DEFAULT_TIMIDITY_PORT, sizeof(timidity_port)); - } - - /* - * create control connection to the server - */ - if ((_control_fd = connect_to_server(timidity_host, timidity_port)) < 0) { -- warning("TiMidity: can't open control connection (host=%s, port=%d)", timidity_host, timidity_port); -+ warning("TiMidity: can't open control connection (host=%s, port=%s)", timidity_host, timidity_port); - return -1; - } - -@@ -183,7 +175,7 @@ int MidiDriver_TIMIDITY::open() { - * "220 TiMidity++ v2.13.2 ready)" */ - res = timidity_ctl_command(NULL); - if (atoi(res) != 220) { -- warning("TiMidity: bad response from server (host=%s, port=%d): %s", timidity_host, timidity_port, res); -+ warning("TiMidity: bad response from server (host=%s, port=%s): %s", timidity_host, timidity_port, res); - close_all(); - return -1; - } -@@ -198,13 +190,11 @@ int MidiDriver_TIMIDITY::open() { - - /* should read something like "200 63017 is ready acceptable", - * where 63017 is port for data connection */ -- // FIXME: The following looks like a cheap endian test. If this is true, then -- // it should be replaced by suitable #ifdef SCUMM_LITTLE_ENDIAN. -- i = 1; -- if (*(char *)&i == 1) -- res = timidity_ctl_command("OPEN lsb"); -- else -- res = timidity_ctl_command("OPEN msb"); -+#ifdef SCUMM_LITTLE_ENDIAN -+ res = timidity_ctl_command("OPEN lsb"); -+#else -+ res = timidity_ctl_command("OPEN msb"); -+#endif - - if (atoi(res) != 200) { - warning("TiMidity: bad reply for OPEN command: %s", res); -@@ -215,9 +205,15 @@ int MidiDriver_TIMIDITY::open() { - /* - * open data connection - */ -- data_port = atoi(res + 4); -+ num = atoi(res + 4); -+ if (num > 65535) { -+ warning("TiMidity: Invalid port %d given.\n", num); -+ close_all(); -+ return -1; -+ } -+ snprintf(data_port, sizeof(data_port), "%d", num); - if ((_data_fd = connect_to_server(timidity_host, data_port)) < 0) { -- warning("TiMidity: can't open data connection (host=%s, port=%d)", timidity_host, data_port); -+ warning("TiMidity: can't open data connection (host=%s, port=%s)", timidity_host, data_port); - close_all(); - return -1; - } -@@ -277,46 +273,33 @@ void MidiDriver_TIMIDITY::teardown() { - close_all(); - } - --in_addr_t MidiDriver_TIMIDITY::host_to_addr(const char* address) { -- in_addr_t addr; -- struct hostent *hp; -- -- /* first check if IP address is given (like 127.0.0.1)*/ -- if ((addr = inet_addr(address)) != INADDR_NONE) -- return addr; -- -- /* if not, try to resolve a hostname */ -- if ((hp = gethostbyname(address)) == NULL) { -- warning("TiMidity: unknown hostname: %s", address); -- return INADDR_NONE; -- } -- -- memcpy(&addr, hp->h_addr, (int)sizeof(in_addr_t) <= hp->h_length ? sizeof(in_addr_t) : hp->h_length); -- -- return addr; --} -- --int MidiDriver_TIMIDITY::connect_to_server(const char* hostname, unsigned short tcp_port) { -+int MidiDriver_TIMIDITY::connect_to_server(const char* hostname, const char* tcp_port) { - int fd; -- struct sockaddr_in in; -- unsigned int addr; -- -- /* create socket */ -- if ((fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) { -- warning("TiMidity: socket(): %s", strerror(errno)); -+ struct addrinfo hints; -+ struct addrinfo *result, *rp; -+ -+ /* get all address(es) matching host and port */ -+ memset(&hints, 0, sizeof(struct addrinfo)); -+ hints.ai_socktype = SOCK_STREAM; -+ hints.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */ -+ if (getaddrinfo(hostname, tcp_port, &hints, &result) != 0) { -+ warning("TiMidity: getaddrinfo: %s\n", strerror(errno)); - return -1; - } - -- /* connect */ -- memset(&in, 0, sizeof(in)); -- in.sin_family = AF_INET; -- in.sin_port = htons(tcp_port); -- addr = host_to_addr(hostname); -- memcpy(&in.sin_addr, &addr, 4); -- -- if (connect(fd, (struct sockaddr *)&in, sizeof(in)) < 0) { -- warning("TiMidity: connect(): %s", strerror(errno)); -+ /* Try all address structures we have got previously */ -+ for (rp = result; rp != NULL; rp = rp->ai_next) { -+ if ((fd = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol)) == -1) -+ continue; -+ if (connect(fd, rp->ai_addr, rp->ai_addrlen) != -1) -+ break; - ::close(fd); -+ } -+ -+ freeaddrinfo(result); -+ -+ if (rp == NULL) { -+ warning("TiMidity: Could not connect\n"); - return -1; - } - From 9311b944c3798e635b617535998adaf3de63af665aae2daf3335cb4c013db3f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matthias=20Mail=C3=A4nder?= Date: Mon, 18 Dec 2017 12:56:16 +0000 Subject: [PATCH 2/2] Accepting request 557972 from home:alois:branches:games - Added scummvm-fix_CVE-2017-17528.patch to address (boo#1073248) OBS-URL: https://build.opensuse.org/request/show/557972 OBS-URL: https://build.opensuse.org/package/show/games/scummvm?expand=0&rev=49 --- scummvm-fix_CVE-2017-17528.patch | 64 ++++++++++++++++++++++++++++++++ scummvm.changes | 5 +++ scummvm.spec | 3 ++ 3 files changed, 72 insertions(+) create mode 100644 scummvm-fix_CVE-2017-17528.patch diff --git a/scummvm-fix_CVE-2017-17528.patch b/scummvm-fix_CVE-2017-17528.patch new file mode 100644 index 0000000..a91bba1 --- /dev/null +++ b/scummvm-fix_CVE-2017-17528.patch @@ -0,0 +1,64 @@ +From 7aaac1dfba22d2e70b33b2cf856d7885944d4a6e Mon Sep 17 00:00:00 2001 +From: Colin Snover +Date: Thu, 14 Dec 2017 13:51:04 -0600 +Subject: [PATCH] POSIX: Fix CVE-2017-17528 + +--- + backends/platform/sdl/posix/posix.cpp | 28 ++++++++++++++++++++-------- + 1 file changed, 20 insertions(+), 8 deletions(-) + +diff --git a/backends/platform/sdl/posix/posix.cpp b/backends/platform/sdl/posix/posix.cpp +index b805a452cf7..60f85efc2f1 100644 +--- a/backends/platform/sdl/posix/posix.cpp ++++ b/backends/platform/sdl/posix/posix.cpp +@@ -49,6 +49,9 @@ + #include + #include + ++#include ++extern char **environ; ++ + OSystem_POSIX::OSystem_POSIX(Common::String baseConfigName) + : + _baseConfigName(baseConfigName) { +@@ -279,7 +282,7 @@ bool OSystem_POSIX::openUrl(const Common::String &url) { + // try desktop environment specific tools + if (launchBrowser("gnome-open", url)) // gnome + return true; +- if (launchBrowser("kfmclient openURL", url)) // kde ++ if (launchBrowser("kfmclient", url)) // kde + return true; + if (launchBrowser("exo-open", url)) // xfce + return true; +@@ -302,15 +305,24 @@ bool OSystem_POSIX::openUrl(const Common::String &url) { + return false; + } + +-bool OSystem_POSIX::launchBrowser(const Common::String& client, const Common::String &url) { +- // FIXME: system's input must be heavily escaped +- // well, when url's specified by user +- // it's OK now (urls are hardcoded somewhere in GUI) +- Common::String cmd = client + " " + url; +- return (system(cmd.c_str()) != -1); ++bool OSystem_POSIX::launchBrowser(const Common::String &client, const Common::String &url) { ++ pid_t pid; ++ const char *argv[] = { ++ client.c_str(), ++ url.c_str(), ++ NULL, ++ NULL ++ }; ++ if (client == "kfmclient") { ++ argv[2] = argv[1]; ++ argv[1] = "openURL"; ++ } ++ if (posix_spawnp(&pid, client.c_str(), NULL, NULL, const_cast(argv), environ) != 0) { ++ return false; ++ } ++ return (waitpid(pid, NULL, 0) != -1); + } + +- + AudioCDManager *OSystem_POSIX::createAudioCDManager() { + #ifdef USE_LINUXCD + return createLinuxAudioCDManager(); diff --git a/scummvm.changes b/scummvm.changes index fb4c78d..06b1de7 100644 --- a/scummvm.changes +++ b/scummvm.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Dec 18 09:12:00 UTC 2017 - aloisio@gmx.com + +- Added scummvm-fix_CVE-2017-17528.patch to address (boo#1073248) + ------------------------------------------------------------------- Sun Dec 17 19:25:33 UTC 2017 - alarrosa@suse.com diff --git a/scummvm.spec b/scummvm.spec index f02f104..e372ca3 100644 --- a/scummvm.spec +++ b/scummvm.spec @@ -28,6 +28,8 @@ Group: Amusements/Games/Other Url: http://www.scummvm.org/ Source: http://www.scummvm.org/frs/scummvm/%{version}/scummvm-%{version}.tar.xz Source99: %{name}.changes +# PATCH-FIX-UPSTREAM scummvm-fix_CVE-2017-17528.patch -- backported commit #7aaac1d +Patch0: scummvm-fix_CVE-2017-17528.patch BuildRequires: desktop-file-utils BuildRequires: gcc-c++ BuildRequires: hicolor-icon-theme @@ -80,6 +82,7 @@ These engines are in a worse state, but allow to play extra games. %prep %setup -q +%patch0 -p1 modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{SOURCE99}")" DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\"" TIME="\"$(date -d "${modified}" "+%%R")\""