From 1b6af45263c6904f5b07590ca4dc02641e2521d2 Mon Sep 17 00:00:00 2001 From: mhmdanas Date: Fri, 6 Jan 2023 00:33:29 +0000 Subject: [PATCH 1/2] matio: update to 1.5.23. --- common/shlibs | 2 +- srcpkgs/matio/patches/CVE-2019-20020.patch | 45 ---------------------- srcpkgs/matio/template | 8 ++-- 3 files changed, 5 insertions(+), 50 deletions(-) delete mode 100644 srcpkgs/matio/patches/CVE-2019-20020.patch diff --git a/common/shlibs b/common/shlibs index 32b6337a4f92..37c8dd7d7fdb 100644 --- a/common/shlibs +++ b/common/shlibs @@ -3921,7 +3921,7 @@ libhidrd_opt.so.0 hidrd-0.2.0_1 libhidrd_strm.so.0 hidrd-0.2.0_1 libhidrd_fmt.so.0 hidrd-0.2.0_1 libjcat.so.1 libjcat-0.1.2_1 -libmatio.so.9 matio-1.5.17_2 +libmatio.so.11 matio-1.5.23_1 libportal.so.1 libportal-0.6_1 libportal-gtk3.so.1 libportal-gtk3-0.6_1 libportal-gtk4.so.1 libportal-gtk4-0.6_1 diff --git a/srcpkgs/matio/patches/CVE-2019-20020.patch b/srcpkgs/matio/patches/CVE-2019-20020.patch deleted file mode 100644 index abcedd6fed20..000000000000 --- a/srcpkgs/matio/patches/CVE-2019-20020.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 8138e767bf6df7cccf1664f3a854e596628fdb2d Mon Sep 17 00:00:00 2001 -From: Nathan Owens -Date: Sat, 28 Dec 2019 18:25:58 -0600 -Subject: [PATCH] matio: CVE-2019-20020 patch - -Signed-off-by: Nathan Owens ---- - src/mat5.c | 18 +++++++++++++++++- - 1 file changed, 17 insertions(+), 1 deletion(-) - -diff --git a/src/mat5.c b/src/mat5.c -index abdb351..776f233 100644 ---- a/src/mat5.c -+++ b/src/mat5.c -@@ -980,10 +980,26 @@ ReadNextCell( mat_t *mat, matvar_t *matvar ) - /* Rank and Dimension */ - if ( uncomp_buf[0] == MAT_T_INT32 ) { - int j; -+ size_t size; - cells[i]->rank = uncomp_buf[1]; - nbytes -= cells[i]->rank; - cells[i]->rank /= 4; -- cells[i]->dims = (size_t*)malloc(cells[i]->rank*sizeof(*cells[i]->dims)); -+ if ( 0 == do_clean && cells[i]->rank > 13 ) { -+ int rank = cells[i]->rank; -+ cells[i]->rank = 0; -+ Mat_Critical("%d is not a valid rank", rank); -+ continue; -+ } -+ err = SafeMul(&size, cells[i]->rank, sizeof(*cells[i]->dims)); -+ if ( err ) { -+ if ( do_clean ) -+ free(dims); -+ Mat_VarFree(cells[i]); -+ cells[i] = NULL; -+ Mat_Critical("Integer multiplication overflow"); -+ continue; -+ } -+ cells[i]->dims = (size_t*)malloc(size); - if ( mat->byteswap ) { - for ( j = 0; j < cells[i]->rank; j++ ) - cells[i]->dims[j] = Mat_uint32Swap(dims + j); --- -2.24.1 - diff --git a/srcpkgs/matio/template b/srcpkgs/matio/template index d22e883530b0..18188e9fb288 100644 --- a/srcpkgs/matio/template +++ b/srcpkgs/matio/template @@ -1,7 +1,7 @@ # Template file for 'matio' pkgname=matio -version=1.5.17 -revision=2 +version=1.5.23 +revision=1 build_style=gnu-configure configure_args="--disable-static" hostmakedepends="libtool" @@ -10,8 +10,8 @@ short_desc="MATLAB MAT file I/O library" maintainer="Florian Eich " license="BSD-2-Clause" homepage="https://github.com/tbeu/matio" -distfiles="https://github.com/tbeu/matio/releases/download/v${version}/${pkgname}-${version}.tar.gz" -checksum=5e455527d370ab297c4abe5a2ab4d599c93ac7c1a0c85d841cc5c22f8221c400 +distfiles="https://github.com/tbeu/matio/releases/download/v${version}/matio-${version}.tar.gz" +checksum=9f91eae661df46ea53c311a1b2dcff72051095b023c612d7cbfc09406c9f4d6e if [ "$CROSS_BUILD" ]; then configure_args+=" ac_cv_va_copy=C99" From 1bec3e70278c4e2e5d1fe2e266e66f80c4dbd2f1 Mon Sep 17 00:00:00 2001 From: mhmdanas Date: Thu, 12 Jan 2023 16:10:33 +0000 Subject: [PATCH 2/2] vips: revbump for matio-1.5.23. --- srcpkgs/vips/template | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/srcpkgs/vips/template b/srcpkgs/vips/template index 5e47bcaced1e..2dde7d3b7e32 100644 --- a/srcpkgs/vips/template +++ b/srcpkgs/vips/template @@ -1,7 +1,7 @@ # Template file for 'vips' pkgname=vips version=8.14.1 -revision=1 +revision=2 build_style=meson build_helper=gir # TODO: As of version 8.11 vips supports loading its support for OpenSlide,