CVS commit: pkgsrc/x11/libXpm

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/x11/libXpm
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Tue, 17 Jan 2023 18:42:39 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Tue Jan 17 18:42:39 UTC 2023

Modified Files:
        pkgsrc/x11/libXpm: Makefile distinfo
        pkgsrc/x11/libXpm/patches: patch-aa

Log Message:
libXpm: update to 3.5.15.

This release contains fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg-announce/2023-January/003312.html

It also adds a new configure option --disable-open-zfile that makes it easy
for people building libXpm to completely disable the code to fork compression
and uncompression programs if they do not have a need for it in their use case.
The README.md file has been updated to document both of the configure options
to control the optional compression handling features.

Alan Coopersmith (12):
      man pages: Fix typos and other minor editing
      man pages: Replace "See Also" entries with more useful ones
      man pages: Apply standard man page style/formatting
      configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE
      test: Add unit tests using glib framework
      cxpm: getc/ungetc wrappers should not adjust position when c == EOF
      test: add test case for CVE-2022-46285 (unclosed comments)
      Fix CVE-2022-46285: Infinite loop on unclosed comments
      test: add test cases for CVE-2022-44617 (zero-width w/enormous height)
      Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height
      Fix CVE-2022-4883: compression commands depend on $PATH
      libXpm 3.5.15

Matthieu Herrb (1):
      Prevent a double free in the error code path

Peter Hutterer (1):
      Use gzip -d instead of gunzip


To generate a diff of this commit:
cvs rdiff -u -r1.26 -r1.27 pkgsrc/x11/libXpm/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/x11/libXpm/distinfo
cvs rdiff -u -r1.4 -r1.5 pkgsrc/x11/libXpm/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/x11/libXpm/Makefile
diff -u pkgsrc/x11/libXpm/Makefile:1.26 pkgsrc/x11/libXpm/Makefile:1.27
--- pkgsrc/x11/libXpm/Makefile:1.26     Sat Nov 19 21:34:31 2022
+++ pkgsrc/x11/libXpm/Makefile  Tue Jan 17 18:42:39 2023
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.26 2022/11/19 21:34:31 wiz Exp $
+# $NetBSD: Makefile,v 1.27 2023/01/17 18:42:39 wiz Exp $
 
-DISTNAME=              libXpm-3.5.14
+DISTNAME=              libXpm-3.5.15
 CATEGORIES=            x11 graphics
 MASTER_SITES=          ${MASTER_SITE_XORG:=lib/}
 EXTRACT_SUFX=          .tar.xz

Index: pkgsrc/x11/libXpm/distinfo
diff -u pkgsrc/x11/libXpm/distinfo:1.12 pkgsrc/x11/libXpm/distinfo:1.13
--- pkgsrc/x11/libXpm/distinfo:1.12     Sat Nov 19 21:34:31 2022
+++ pkgsrc/x11/libXpm/distinfo  Tue Jan 17 18:42:39 2023
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.12 2022/11/19 21:34:31 wiz Exp $
+$NetBSD: distinfo,v 1.13 2023/01/17 18:42:39 wiz Exp $
 
-BLAKE2s (libXpm-3.5.14.tar.xz) = aa73cc80d219e008d51f3dcbabd6e83df2ccfecdd73154ab6b9833df95776d24
-SHA512 (libXpm-3.5.14.tar.xz) = c3fe554453068a6b188d3cad2cb3648e84b7f1909aea8f213daadce3d444b34361c3b2edce14a4fd481f97e4dc45c3125e2483ff4f44b3390a75829ed2782e4b
-Size (libXpm-3.5.14.tar.xz) = 392624 bytes
-SHA1 (patch-aa) = 4472bd7d5f80ba2fa0b8779b40df26ace2434f2c
+BLAKE2s (libXpm-3.5.15.tar.xz) = 2896625c9d2daab1248b8bcd5d16fd432dc5487758253b4f1d5d7e512d35d014
+SHA512 (libXpm-3.5.15.tar.xz) = 955d716fcea2c9d868ab941c56f017b39bfa0f47fd2904e9b04c6a9be17f23f8b8c906da9c90a89a789f1f399d419641705ff5b6f9921820e34d4807c7a1992f
+Size (libXpm-3.5.15.tar.xz) = 459140 bytes
+SHA1 (patch-aa) = 9e7998ac85cc62746ad9da279b9702774b73012f
 SHA1 (patch-ab) = faaefb61693805272bd4cccc1301c6e3edd14919
 SHA1 (patch-ac) = 9226dce77b0a7d9c792d9465727423581db7f01e

Index: pkgsrc/x11/libXpm/patches/patch-aa
diff -u pkgsrc/x11/libXpm/patches/patch-aa:1.4 pkgsrc/x11/libXpm/patches/patch-aa:1.5
--- pkgsrc/x11/libXpm/patches/patch-aa:1.4      Sat Nov 19 21:34:31 2022
+++ pkgsrc/x11/libXpm/patches/patch-aa  Tue Jan 17 18:42:39 2023
@@ -1,9 +1,9 @@
-$NetBSD: patch-aa,v 1.4 2022/11/19 21:34:31 wiz Exp $
+$NetBSD: patch-aa,v 1.5 2023/01/17 18:42:39 wiz Exp $
 
---- configure.orig     2022-11-19 20:39:11.000000000 +0000
+--- configure.orig     2023-01-17 16:32:44.000000000 +0000
 +++ configure
-@@ -19501,6 +19501,10 @@ else
- printf "%s\n" "$LOCALEDIR" >&6; }
+@@ -18589,6 +18589,10 @@ else
+ $as_echo "$LOCALEDIR" >&6; }
  fi
  
 +# For pkgsrc, always set USE_GETTEXT=yes because it is used by [cs]xpm.
@@ -12,4 +12,4 @@ $NetBSD: patch-aa,v 1.4 2022/11/19 21:34
 +USE_GETTEXT=yes
  if test "x$USE_GETTEXT" = "xyes" ; then
  
- printf "%s\n" "#define USE_GETTEXT 1" >>confdefs.h
+ $as_echo "#define USE_GETTEXT 1" >>confdefs.h

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/devel/goredo
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/devel/goredo
Indexes:

Home | Main Index | Thread Index | Old Index