Accepting request 497907 from home:jsmeix:branches:graphics

sane-backends version upgrade to 1.0.27 OBS-URL: https://build.opensuse.org/request/show/497907 OBS-URL: https://build.opensuse.org/package/show/graphics/sane-backends?expand=0&rev=85
2017-05-24 09:43:09 +00:00 · 2017-05-24 09:43:09 +00:00 · 1f6ecafce1
commit 1f6ecafce1
parent 5db422d7c0
6 changed files with 68 additions and 115 deletions
--- a/CVE-2017-6318.patch
+++ b/CVE-2017-6318.patch
@ -1,35 +0,0 @@
--- frontend/saned.c
-+++ frontend/saned.c
-@@ -1992,6 +1992,32 @@ process_request (Wire * w)
- 	    return 1;
- 	  }
- 
-+        /* Debian BTS #853804 */
-+        if (w->direction == WIRE_DECODE
-+            && req.value_type == SANE_TYPE_STRING
-+            && req.action     == SANE_ACTION_GET_VALUE)
-+          {
-+            if (req.value)
-+              {
-+                /* FIXME: If req.value contained embedded NUL
-+                 *        characters, this is wrong.
-+                 */
-+                w->allocated_memory -= (1 + strlen (req.value));
-+                free (req.value);
-+              }
-+            req.value = malloc (req.value_size);
-+            if (!req.value)
-+              {
-+                w->status = ENOMEM;
-+                DBG (DBG_ERR,
-+                     "process_request: (control_option) "
-+                     "h=%d (%s)\n", req.handle, strerror (w->status));
-+                return 1;
-+              }
-+            memset (req.value, 0, req.value_size);
-+            w->allocated_memory += req.value_size;
-+          }
-+
- 	can_authorize = 1;
- 
- 	memset (&reply, 0, sizeof (reply));	/* avoid leaking bits */
--- a/dell1600n_net-fix-strncat.patch
+++ b/dell1600n_net-fix-strncat.patch
@ -1,38 +0,0 @@
--- backend/dell1600n_net.c.orig	2013-02-23 03:00:56.000000000 +0100
-+++ backend/dell1600n_net.c	2015-10-06 10:44:01.000000000 +0200
-@@ -943,7 +943,7 @@ HexDump (int debugLevel, const unsigned
- 
-       sprintf (itemBuf, "%02x ", (const unsigned int) buf[i]);
- 
-      strncat (lineBuf, itemBuf, sizeof (lineBuf));
-+      strncat (lineBuf, itemBuf, sizeof (lineBuf) - strlen (lineBuf) - 1);
- 
-       if ((i + 1) % 16)
-         continue;
-@@ -960,7 +960,7 @@ HexDump (int debugLevel, const unsigned
-         {
-           sprintf (itemBuf, ".");
-         }
-    strncat (lineBuf, itemBuf, sizeof (lineBuf));
-+    strncat (lineBuf, itemBuf, sizeof (lineBuf) - strlen (lineBuf) - 1);
- 
-     } /* for j */
- 
-@@ -974,7 +974,7 @@ HexDump (int debugLevel, const unsigned
- 
-       for (j = (i % 16); j < 16; ++j)
-         {
-          strncat (lineBuf, "   ", sizeof (lineBuf));
-+          strncat (lineBuf, "   ", sizeof (lineBuf) - strlen (lineBuf) - 1);
-         }
-       for (j = 1 + i - ((i + 1) % 16); j < i; ++j)
-         {
-@@ -986,7 +986,7 @@ HexDump (int debugLevel, const unsigned
-             {
-               strcpy (itemBuf, ".");
-             }
-          strncat (lineBuf, itemBuf, sizeof (lineBuf));
-+          strncat (lineBuf, itemBuf, sizeof (lineBuf) - strlen (lineBuf) - 1);
-         }
-       DBG (debugLevel, "%s\n", lineBuf);
-     }
--- a/sane-backends-1.0.25.tar.gz
+++ b/sane-backends-1.0.25.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a4d7ba8d62b2dea702ce76be85699940992daf3f44823ddc128812da33dc6e2c
-size 5955016
--- a/sane-backends-1.0.27.tar.gz
+++ b/sane-backends-1.0.27.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:293747bf37275c424ebb2c833f8588601a60b2f9653945d5a3194875355e36c9
+size 6430188
--- a/sane-backends.changes
+++ b/sane-backends.changes
@ -1,3 +1,38 @@
+-------------------------------------------------------------------
+Wed May 24 10:02:33 CEST 2017 - jsmeix@suse.de
+
+- Upgraded to sane-backends version 1.0.27:
+  There is no 1.0.26 release of sane-backends.
+  That number was skipped so that the SANE upstream
+  development version numbers would more clearly be
+  an extension of the prior release.
+  Changes since 1.0.25:
+  * Significant enhancements to canon_dr, epjitsu, epsonds,
+    fujitsu, genesys, hp3500, pixma and xerox-mfp backends.
+  * Minor updates, bugfixes or scanners added in several backends.
+  * 30+ new scanner models supported.
+  * Made libusb-1.0 the default for USB support.
+  * Switched code from C90 to C99 (Thanks to Volker Diels-Grabsch).
+  * Updated Linux USB3 workaround:
+    The Linux USB3 workaround which was added in version 1.0.25
+    is now disabled by default. If you have difficulty using
+    a scanner which previously worked, or intermittent scanner
+    availability, try setting the new environment variable
+    SANE_USB_WORKAROUND=1
+    before starting your frontend.
+  * Documentation and translation updates.
+  * Bugfixes (Avahi, threading, USB, ICC/PNG/JPEG, etc).
+  * Reduced compiler warnings, improved code:
+    A special thanks goes to Olaf Meeuwissen for picking up
+    the janitorial duties in sane-backends. He has found and
+    fixed a large number of long-standing bugs, curated the
+    SANE upstream bug tracker, improved the build scripts
+    and docs, and provided user support.
+- CVE-2017-6318.patch is no longer needed because
+  the issue is fixed in the upstream sources.
+- dell1600n_net-fix-strncat.patch is no longer needed because
+  the issue is fixed in the upstream sources.
+
 -------------------------------------------------------------------
 Tue Feb 28 12:15:12 CET 2017 - jsmeix@suse.de

--- a/sane-backends.spec
+++ b/sane-backends.spec
@ -26,6 +26,7 @@ BuildRequires:  libjpeg-devel
 BuildRequires:  libpng-devel
 BuildRequires:  libtiff-devel
 BuildRequires:  libtool
+# Cf. the comment about 'libusb' at .configure below:
 BuildRequires:  libusb-1_0-devel
 BuildRequires:  libv4l-devel
 BuildRequires:  net-snmp-devel
@ -33,16 +34,21 @@ BuildRequires:  pkg-config
 Summary:        SANE (Scanner Access Now Easy) Scanner Drivers
 License:        GPL-2.0+ and SUSE-GPL-2.0+-with-sane-exception and SUSE-Public-Domain
 Group:          Hardware/Scanner
-Version:        1.0.25
+# There is no 1.0.26 release of sane-backends. That number was skipped so that the SANE upstream
+# development version numbers would more clearly be an extension of the prior release:
+Version:        1.0.27
 Release:        0
 Url:            http://www.sane-project.org/
+# URLs to get Source0:
+# On http://www.sane-project.org/source.html at "Stable Source" there is the link to "alioth.debian.org"
+# that points to http://alioth.debian.org/project/showfiles.php?group_id=30186 and there:
 # How to get Source0:
-# wget --no-check-certificate https://alioth.debian.org/frs/download.php/file/4146/sane-backends-1.0.25.tar.gz
+# wget --no-check-certificate https://alioth.debian.org/frs/download.php/file/4224/sane-backends-1.0.27.tar.gz
 # How to get the MD5 sum file:
-# wget --no-check-certificate https://alioth.debian.org/frs/download.php/file/4144/sane-backends-1.0.25.tar.gz.md5
+# wget --no-check-certificate https://alioth.debian.org/frs/download.php/file/4223/sane-backends-1.0.27.tar.gz.md5
 # How to check the MD5 sum:
-# md5sum -c sane-backends-1.0.25.tar.gz.md5
-Source0:        https://alioth.debian.org/frs/download.php/file/4146/sane-backends-%{version}.tar.gz
+# md5sum -c sane-backends-1.0.27.tar.gz.md5
+Source0:        https://alioth.debian.org/frs/download.php/file/4224/sane-backends-%{version}.tar.gz
 # Source100... is SUSE specific stuff:
 # Source101 is the xinetd file for the saned:
 Source101:      sane-port
@ -66,20 +72,8 @@ Source200:      create_scanner_database
 # to extract the needed info from which create_sane-backends-autoconfig.rules
 # generates the 56-sane-backends-autoconfig.rules file:
 Source201:      create_sane-backends-autoconfig.rules
-# Patch1 dell1600n_net-fix-strncat.patch fixes the following build error:
-#   Statement might be overflowing a buffer in strncat. Common mistake:
-#   BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument
-#   GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1):
-# see https://alioth.debian.org/tracker/index.php?func=detail&aid=315198&group_id=30186&atid=410366
-Patch1:         dell1600n_net-fix-strncat.patch
 # Patch2 sane-backends.builttime.patch avoids build-compare noise
 Patch2:         sane-backends.builttime.patch
-# Patch3 CVE-2017-6318.patch fixes CVE-2017-6318 which is about that via
-# access to saned some opcodes could leak uninitialized memory back to the requester
-# allowing information disclosure of memory content in saned,
-# see https://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035029.html
-# and https://bugzilla.suse.com/show_bug.cgi?id=1027197
-Patch3:         CVE-2017-6318.patch
 # Patch100... is SUSE specific stuff:
 # Patch101 no-descriptions-external-hpoj.patch removes descriptions-external/hpoj.desc from doc/Makefile.am
 # because it is intentionally removed from the sources in the prep section:
@ -95,7 +89,6 @@ Patch101:       no-descriptions-external-hpoj.patch
 # Furthermore it removes "unsupported" models from epkowa.desc because
 # otherwise there would be confusing model entries shown in yast2-scanner:
 Patch102:       adapt_epkowa.desc_for_yast2-scanner.patch
-
 # Install into this non-root directory (required when norootforbuild is used):
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 # Prerequire /sbin/ldconfig which is used in the traditional bash scriptlets for post/postun:
@ -169,20 +162,8 @@ package or remove it when it is already installed.

 %prep
 %setup -q
-# Patch1 dell1600n_net-fix-strncat.patch fixes the following build error:
-#   Statement might be overflowing a buffer in strncat. Common mistake:
-#   BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument
-#   GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1)
-# see https://alioth.debian.org/tracker/index.php?func=detail&aid=315198&group_id=30186&atid=410366
-%patch1
 # Patch2 sane-backends.builttime.patch avoids build-compare noise
 %patch2 -p1
-# Patch3 CVE-2017-6318.patch fixes CVE-2017-6318 which is about that via
-# access to saned some opcodes could leak uninitialized memory back to the requester
-# allowing information disclosure of memory content in saned,
-# see https://lists.alioth.debian.org/pipermail/sane-devel/2017-February/035029.html
-# and https://bugzilla.suse.com/show_bug.cgi?id=1027197
-%patch3
 # Patch100... is SUSE specific stuff:
 # Patch101 no-descriptions-external-hpoj.patch removes descriptions-external/hpoj.desc from doc/Makefile.am
 # because it is intentionally removed from the sources in the prep section:
@ -226,11 +207,19 @@ export LDFLAGS="-L/%_lib $LDFLAGS"
 # see https://bugzilla.novell.com/show_bug.cgi?id=633780
 # Enable libusb-1.0 support which is available since sane-backends 1.0.20
 # and libusb-1_0 is available at least since openSUSE 11.1.
+# On all systems, the --enable-libusb* flags (in particular --enable-libusb_1_0 ) are now ignored.
+# Instead, the --with-usb and --without-usb flags now control support.
+# When neither is given, USB support will be enabled if possible and disabled otherwise.
+# If --with-usb is requested but not possible, ./configure will fail.
+# There is no support to prefer libusb-0.1 over libusb-1.0.
+# When libusb-1.0 is not found, libusb-0.1 will be tried.
+# Without converting API spec to supported output formats PostScript, PDF, HTML
+# i.e. use none of --with_api_ps --with_api_pdf --with_api_html cf. configure.ac
+# because converting the API spec needs tons of stuff in the build system
+# like LaTeX, Ghostscript, PDF tools and all what those require and
+# the API spec is not for users but for developers who could get
+# the "Programmer's Documentation" at http://www.sane-project.org/docs.html
 # Disable locking because /var/lock/sane/ would be a world-writable directory.
-# Disable use of LaTeX to generate documentation because LaTeX blows up the build system
-# and "BuildRequires: texlive-latex" causes various cycles and the sane.ps documentation
-# is not for users but for developers who could get the "Programmer's Documentation"
-# from SANE upstream at http://www.sane-project.org/docs.html
 ./configure --prefix=/usr \
            --exec-prefix=/usr \
            --sysconfdir=%{_sysconfdir} \
@ -238,11 +227,11 @@ export LDFLAGS="-L/%_lib $LDFLAGS"
            --sbindir=%{_sbindir} \
            --mandir=%{_mandir} \
            --datadir=%{_datadir} \
-            --with-docdir=%{_defaultdocdir}/sane-backends \
+            --docdir=%{_defaultdocdir}/sane-backends \
            --enable-pthread \
-            --enable-libusb_1_0 \
-            --disable-locking \
-            --disable-latex
+            --with-usb \
+            --without-api-spec \
+            --disable-locking
 # Enable locking for backends where "99" is the group of the lockfile path (LOCKPATH_GROUP)
 # because "99" is the group of the user who runs the build when norootforbuild is used
 # and set localstatedir to have the lock files in /var/lock/sane (see backend/Makefile.in).
@ -436,7 +425,9 @@ install -m644 %{SOURCE101} %{buildroot}%{_sysconfdir}/xinetd.d/
 install -d -m755 %{buildroot}%{_sysconfdir}/slp.reg.d
 install -m644 %{SOURCE102} %{buildroot}%{_sysconfdir}/slp.reg.d
 # Delete documentation files for non-Linux platforms:
-rm %{buildroot}%{_defaultdocdir}/sane-backends/{README.os2,README.aix,README.solaris}
+rm %{buildroot}%{_defaultdocdir}/sane-backends/{README.aix,README.beos,README.darwin,README.djpeg,README.freebsd,README.hp-ux,README.netbsd,README.openbsd,README.os2,README.solaris,README.unixware2,README.unixware7,README.windows,README.zeta}
+# Mark locale-dependent files with the respective 'lang' tag in the file list, see
+# https://en.opensuse.org/openSUSE:Packaging_Conventions_RPM_Macros#.25find_lang
 %find_lang sane-backends

 %post