[PR PATCH] matio: update to 1.5.23.

[PR PATCH] matio: update to 1.5.23.

[mhmdanas]

[-- Attachment #1: Type: text/plain, Size: 1487 bytes --]

There is a new pull request by mhmdanas against master on the void-packages repository

https://github.com/mhmdanas/void-packages matio-1.5.23
https://github.com/void-linux/void-packages/pull/41601

matio: update to 1.5.23.

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **briefly**

The currently packaged matio release includes a number of vulnerabilities fixed
in in the latest version (see https://github.com/tbeu/matio/releases/tag/v1.5.18
and https://github.com/tbeu/matio/releases/tag/v1.5.22), so this PR should
probably be merged soon.

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64-musl
  - armv7l
  - armv6l-musl
-->


A patch file from https://github.com/void-linux/void-packages/pull/41601.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-matio-1.5.23-41601.patch --]
[-- Type: text/x-diff, Size: 4710 bytes --]

From 2f5137cb91249695d1fdab880bd90eb17bd8c5b3 Mon Sep 17 00:00:00 2001
From: mhmdanas <triallax@tutanota.com>
Date: Fri, 6 Jan 2023 00:33:29 +0000
Subject: [PATCH 1/2] matio: update to 1.5.23.

---
 common/shlibs                              |  2 +-
 srcpkgs/matio/patches/CVE-2019-20020.patch | 45 ----------------------
 srcpkgs/matio/template                     |  8 ++--
 3 files changed, 5 insertions(+), 50 deletions(-)
 delete mode 100644 srcpkgs/matio/patches/CVE-2019-20020.patch

diff --git a/common/shlibs b/common/shlibs
index 0a803960ab55..c5931178a3da 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -3921,7 +3921,7 @@ libhidrd_opt.so.0 hidrd-0.2.0_1
 libhidrd_strm.so.0 hidrd-0.2.0_1
 libhidrd_fmt.so.0 hidrd-0.2.0_1
 libjcat.so.1 libjcat-0.1.2_1
-libmatio.so.9 matio-1.5.17_2
+libmatio.so.11 matio-1.5.23_1
 libportal.so.1 libportal-0.6_1
 libportal-gtk3.so.1 libportal-gtk3-0.6_1
 libportal-gtk4.so.1 libportal-gtk4-0.6_1
diff --git a/srcpkgs/matio/patches/CVE-2019-20020.patch b/srcpkgs/matio/patches/CVE-2019-20020.patch
deleted file mode 100644
index abcedd6fed20..000000000000
--- a/srcpkgs/matio/patches/CVE-2019-20020.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 8138e767bf6df7cccf1664f3a854e596628fdb2d Mon Sep 17 00:00:00 2001
-From: Nathan Owens <ndowens04@gmail.com>
-Date: Sat, 28 Dec 2019 18:25:58 -0600
-Subject: [PATCH] matio: CVE-2019-20020 patch
-
-Signed-off-by: Nathan Owens <ndowens04@gmail.com>
----
- src/mat5.c | 18 +++++++++++++++++-
- 1 file changed, 17 insertions(+), 1 deletion(-)
-
-diff --git a/src/mat5.c b/src/mat5.c
-index abdb351..776f233 100644
---- a/src/mat5.c
-+++ b/src/mat5.c
-@@ -980,10 +980,26 @@ ReadNextCell( mat_t *mat, matvar_t *matvar )
-                 /* Rank and Dimension */
-                 if ( uncomp_buf[0] == MAT_T_INT32 ) {
-                     int j;
-+                    size_t size;
-                     cells[i]->rank = uncomp_buf[1];
-                     nbytes -= cells[i]->rank;
-                     cells[i]->rank /= 4;
--                    cells[i]->dims = (size_t*)malloc(cells[i]->rank*sizeof(*cells[i]->dims));
-+                    if ( 0 == do_clean && cells[i]->rank > 13 ) {
-+                        int rank = cells[i]->rank;
-+                        cells[i]->rank = 0;
-+                        Mat_Critical("%d is not a valid rank", rank);
-+                        continue;
-+                    }
-+                    err = SafeMul(&size, cells[i]->rank, sizeof(*cells[i]->dims));
-+                    if ( err ) {
-+                        if ( do_clean )
-+                            free(dims);
-+                        Mat_VarFree(cells[i]);
-+                        cells[i] = NULL;
-+                        Mat_Critical("Integer multiplication overflow");
-+                        continue;
-+                    }
-+                    cells[i]->dims = (size_t*)malloc(size);
-                     if ( mat->byteswap ) {
-                         for ( j = 0; j < cells[i]->rank; j++ )
-                             cells[i]->dims[j] = Mat_uint32Swap(dims + j);
--- 
-2.24.1
-
diff --git a/srcpkgs/matio/template b/srcpkgs/matio/template
index d22e883530b0..18188e9fb288 100644
--- a/srcpkgs/matio/template
+++ b/srcpkgs/matio/template
@@ -1,7 +1,7 @@
 # Template file for 'matio'
 pkgname=matio
-version=1.5.17
-revision=2
+version=1.5.23
+revision=1
 build_style=gnu-configure
 configure_args="--disable-static"
 hostmakedepends="libtool"
@@ -10,8 +10,8 @@ short_desc="MATLAB MAT file I/O library"
 maintainer="Florian Eich <flrn@nrmncr.net>"
 license="BSD-2-Clause"
 homepage="https://github.com/tbeu/matio"
-distfiles="https://github.com/tbeu/matio/releases/download/v${version}/${pkgname}-${version}.tar.gz"
-checksum=5e455527d370ab297c4abe5a2ab4d599c93ac7c1a0c85d841cc5c22f8221c400
+distfiles="https://github.com/tbeu/matio/releases/download/v${version}/matio-${version}.tar.gz"
+checksum=9f91eae661df46ea53c311a1b2dcff72051095b023c612d7cbfc09406c9f4d6e
 
 if [ "$CROSS_BUILD" ]; then
 	configure_args+=" ac_cv_va_copy=C99"

From 1c69ee9aac3606ba514d5bb0d6d5a98862968706 Mon Sep 17 00:00:00 2001
From: mhmdanas <triallax@tutanota.com>
Date: Thu, 12 Jan 2023 16:10:33 +0000
Subject: [PATCH 2/2] vips: revbump for matio-1.5.23.

---
 srcpkgs/vips/template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/srcpkgs/vips/template b/srcpkgs/vips/template
index aa2d766ebfe2..a922b7bb0135 100644
--- a/srcpkgs/vips/template
+++ b/srcpkgs/vips/template
@@ -1,7 +1,7 @@
 # Template file for 'vips'
 pkgname=vips
 version=8.12.1
-revision=3
+revision=4
 build_style=gnu-configure
 build_helper=gir
 # TODO: As of version 8.11 vips supports loading its support for OpenSlide,

Re: matio: update to 1.5.23.

[paper42]

[-- Attachment #1: Type: text/plain, Size: 163 bytes --]

New comment by paper42 on void-packages repository

https://github.com/void-linux/void-packages/pull/41601#issuecomment-1383129612

Comment:
please rebase this PR

Re: [PR PATCH] [Updated] matio: update to 1.5.23.

[mhmdanas]

[-- Attachment #1: Type: text/plain, Size: 1492 bytes --]

There is an updated pull request by mhmdanas against master on the void-packages repository

https://github.com/mhmdanas/void-packages matio-1.5.23
https://github.com/void-linux/void-packages/pull/41601

matio: update to 1.5.23.

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **briefly**

The currently packaged matio release includes a number of vulnerabilities fixed
in in the latest version (see https://github.com/tbeu/matio/releases/tag/v1.5.18
and https://github.com/tbeu/matio/releases/tag/v1.5.22), so this PR should
probably be merged soon.

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64-musl
  - armv7l
  - armv6l-musl
-->


A patch file from https://github.com/void-linux/void-packages/pull/41601.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-matio-1.5.23-41601.patch --]
[-- Type: text/x-diff, Size: 4702 bytes --]

From 1b6af45263c6904f5b07590ca4dc02641e2521d2 Mon Sep 17 00:00:00 2001
From: mhmdanas <triallax@tutanota.com>
Date: Fri, 6 Jan 2023 00:33:29 +0000
Subject: [PATCH 1/2] matio: update to 1.5.23.

---
 common/shlibs                              |  2 +-
 srcpkgs/matio/patches/CVE-2019-20020.patch | 45 ----------------------
 srcpkgs/matio/template                     |  8 ++--
 3 files changed, 5 insertions(+), 50 deletions(-)
 delete mode 100644 srcpkgs/matio/patches/CVE-2019-20020.patch

diff --git a/common/shlibs b/common/shlibs
index 32b6337a4f92..37c8dd7d7fdb 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -3921,7 +3921,7 @@ libhidrd_opt.so.0 hidrd-0.2.0_1
 libhidrd_strm.so.0 hidrd-0.2.0_1
 libhidrd_fmt.so.0 hidrd-0.2.0_1
 libjcat.so.1 libjcat-0.1.2_1
-libmatio.so.9 matio-1.5.17_2
+libmatio.so.11 matio-1.5.23_1
 libportal.so.1 libportal-0.6_1
 libportal-gtk3.so.1 libportal-gtk3-0.6_1
 libportal-gtk4.so.1 libportal-gtk4-0.6_1
diff --git a/srcpkgs/matio/patches/CVE-2019-20020.patch b/srcpkgs/matio/patches/CVE-2019-20020.patch
deleted file mode 100644
index abcedd6fed20..000000000000
--- a/srcpkgs/matio/patches/CVE-2019-20020.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 8138e767bf6df7cccf1664f3a854e596628fdb2d Mon Sep 17 00:00:00 2001
-From: Nathan Owens <ndowens04@gmail.com>
-Date: Sat, 28 Dec 2019 18:25:58 -0600
-Subject: [PATCH] matio: CVE-2019-20020 patch
-
-Signed-off-by: Nathan Owens <ndowens04@gmail.com>
----
- src/mat5.c | 18 +++++++++++++++++-
- 1 file changed, 17 insertions(+), 1 deletion(-)
-
-diff --git a/src/mat5.c b/src/mat5.c
-index abdb351..776f233 100644
---- a/src/mat5.c
-+++ b/src/mat5.c
-@@ -980,10 +980,26 @@ ReadNextCell( mat_t *mat, matvar_t *matvar )
-                 /* Rank and Dimension */
-                 if ( uncomp_buf[0] == MAT_T_INT32 ) {
-                     int j;
-+                    size_t size;
-                     cells[i]->rank = uncomp_buf[1];
-                     nbytes -= cells[i]->rank;
-                     cells[i]->rank /= 4;
--                    cells[i]->dims = (size_t*)malloc(cells[i]->rank*sizeof(*cells[i]->dims));
-+                    if ( 0 == do_clean && cells[i]->rank > 13 ) {
-+                        int rank = cells[i]->rank;
-+                        cells[i]->rank = 0;
-+                        Mat_Critical("%d is not a valid rank", rank);
-+                        continue;
-+                    }
-+                    err = SafeMul(&size, cells[i]->rank, sizeof(*cells[i]->dims));
-+                    if ( err ) {
-+                        if ( do_clean )
-+                            free(dims);
-+                        Mat_VarFree(cells[i]);
-+                        cells[i] = NULL;
-+                        Mat_Critical("Integer multiplication overflow");
-+                        continue;
-+                    }
-+                    cells[i]->dims = (size_t*)malloc(size);
-                     if ( mat->byteswap ) {
-                         for ( j = 0; j < cells[i]->rank; j++ )
-                             cells[i]->dims[j] = Mat_uint32Swap(dims + j);
--- 
-2.24.1
-
diff --git a/srcpkgs/matio/template b/srcpkgs/matio/template
index d22e883530b0..18188e9fb288 100644
--- a/srcpkgs/matio/template
+++ b/srcpkgs/matio/template
@@ -1,7 +1,7 @@
 # Template file for 'matio'
 pkgname=matio
-version=1.5.17
-revision=2
+version=1.5.23
+revision=1
 build_style=gnu-configure
 configure_args="--disable-static"
 hostmakedepends="libtool"
@@ -10,8 +10,8 @@ short_desc="MATLAB MAT file I/O library"
 maintainer="Florian Eich <flrn@nrmncr.net>"
 license="BSD-2-Clause"
 homepage="https://github.com/tbeu/matio"
-distfiles="https://github.com/tbeu/matio/releases/download/v${version}/${pkgname}-${version}.tar.gz"
-checksum=5e455527d370ab297c4abe5a2ab4d599c93ac7c1a0c85d841cc5c22f8221c400
+distfiles="https://github.com/tbeu/matio/releases/download/v${version}/matio-${version}.tar.gz"
+checksum=9f91eae661df46ea53c311a1b2dcff72051095b023c612d7cbfc09406c9f4d6e
 
 if [ "$CROSS_BUILD" ]; then
 	configure_args+=" ac_cv_va_copy=C99"

From 1bec3e70278c4e2e5d1fe2e266e66f80c4dbd2f1 Mon Sep 17 00:00:00 2001
From: mhmdanas <triallax@tutanota.com>
Date: Thu, 12 Jan 2023 16:10:33 +0000
Subject: [PATCH 2/2] vips: revbump for matio-1.5.23.

---
 srcpkgs/vips/template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/srcpkgs/vips/template b/srcpkgs/vips/template
index 5e47bcaced1e..2dde7d3b7e32 100644
--- a/srcpkgs/vips/template
+++ b/srcpkgs/vips/template
@@ -1,7 +1,7 @@
 # Template file for 'vips'
 pkgname=vips
 version=8.14.1
-revision=1
+revision=2
 build_style=meson
 build_helper=gir
 # TODO: As of version 8.11 vips supports loading its support for OpenSlide,

Re: [PR PATCH] [Merged]: matio: update to 1.5.23.

[Piraty]

[-- Attachment #1: Type: text/plain, Size: 1329 bytes --]

There's a merged pull request on the void-packages repository

matio: update to 1.5.23.
https://github.com/void-linux/void-packages/pull/41601

Description:

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **briefly**

The currently packaged matio release includes a number of vulnerabilities fixed
in in the latest version (see https://github.com/tbeu/matio/releases/tag/v1.5.18
and https://github.com/tbeu/matio/releases/tag/v1.5.22), so this PR should
probably be merged soon.

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64-musl
  - armv7l
  - armv6l-musl
-->