pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/textproc/FlightCrew
Module Name: pkgsrc
Committed By: kikadf
Date: Sat Oct 25 13:20:08 UTC 2025
Modified Files:
pkgsrc/textproc/FlightCrew: Makefile distinfo
Added Files:
pkgsrc/textproc/FlightCrew/patches:
patch-src_FlightCrew_Framework_ValidateEpub.cpp
Log Message:
textproc/FlightCrew: fix CVE-2019-13032, fix build with boost-1.89
To generate a diff of this commit:
cvs rdiff -u -r1.80 -r1.81 pkgsrc/textproc/FlightCrew/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/textproc/FlightCrew/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/textproc/FlightCrew/patches/patch-src_FlightCrew_Framework_ValidateEpub.cpp
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/textproc/FlightCrew/Makefile
diff -u pkgsrc/textproc/FlightCrew/Makefile:1.80 pkgsrc/textproc/FlightCrew/Makefile:1.81
--- pkgsrc/textproc/FlightCrew/Makefile:1.80 Thu Oct 23 20:39:31 2025
+++ pkgsrc/textproc/FlightCrew/Makefile Sat Oct 25 13:20:07 2025
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.80 2025/10/23 20:39:31 wiz Exp $
+# $NetBSD: Makefile,v 1.81 2025/10/25 13:20:07 kikadf Exp $
DISTNAME= FlightCrew-0.7.2-Code
PKGNAME= ${DISTNAME:S/-Code//}
-PKGREVISION= 61
+PKGREVISION= 62
CATEGORIES= textproc
MASTER_SITES= http://flightcrew.googlecode.com/files/
EXTRACT_SUFX= .zip
@@ -31,12 +31,12 @@ SUBST_FILES.cr+= src/utf8-cpp/utf8/core.
SUBST_FILTER_CMD.cr= ${TR} -d '\r'
SUBST_NOOP_OK.cr= yes
-BUILDLINK_TRANSFORM+= l:BoostParts:boost_date_time:boost_filesystem:boost_regex:boost_system:boost_thread:boost_program_options
+BUILDLINK_TRANSFORM+= l:BoostParts:boost_date_time:boost_filesystem:boost_regex:boost_thread:boost_program_options
BUILDLINK_TRANSFORM+= l:Xerces:xerces-c
BUILDLINK_TRANSFORM+= l:zlib:z
SUBST_CLASSES+= fix-damaged
-SUBST_STAGE.fix-damaged= pre-patch
+SUBST_STAGE.fix-damaged= pre-configure
SUBST_MESSAGE.fix-damaged= fixing
SUBST_FILES.fix-damaged= src/FlightCrew/tests/misc_tests/ConvertUtf8PathToBoostPath_test.cpp
SUBST_SED.fix-damaged+= -e "2,2s/^/\//" # commented-out
Index: pkgsrc/textproc/FlightCrew/distinfo
diff -u pkgsrc/textproc/FlightCrew/distinfo:1.11 pkgsrc/textproc/FlightCrew/distinfo:1.12
--- pkgsrc/textproc/FlightCrew/distinfo:1.11 Mon Aug 18 07:02:05 2025
+++ pkgsrc/textproc/FlightCrew/distinfo Sat Oct 25 13:20:07 2025
@@ -1,10 +1,11 @@
-$NetBSD: distinfo,v 1.11 2025/08/18 07:02:05 wiz Exp $
+$NetBSD: distinfo,v 1.12 2025/10/25 13:20:07 kikadf Exp $
BLAKE2s (FlightCrew-0.7.2-Code.zip) = 50b593a716ff0d33052b3fe7b70b85e42a3c404c5fe2beebb3b71d8405575992
SHA512 (FlightCrew-0.7.2-Code.zip) = 6933cd85bab0300ee2258106225cbf23474516c4993bc1bcad6736676169eabcaf4a5b31a6cdfc2bf4ff3be8fee9432a8048615112f330d1ac55a04874d094aa
Size (FlightCrew-0.7.2-Code.zip) = 7794710 bytes
SHA1 (patch-CMakeLists.txt) = 8423ab7b53fad354e04fdfd159b070a8f8bf61f9
SHA1 (patch-src_FlightCrew_CMakeLists.txt) = 2c60cb722bb7613f007f2e3a644f1d9f8509f8ba
+SHA1 (patch-src_FlightCrew_Framework_ValidateEpub.cpp) = a8f78da3bef54ec2382e264b67b0910373799181
SHA1 (patch-src_FlightCrew_Validators_Opf_ReachabilityAnalysis.cpp) = 53fbd6e1b1b9a11739f16383406f10ddaa253293
SHA1 (patch-src_FlightCrew_Validators_SaxSchemaValidator.cpp) = 65b6fe9e04d4567449dd36039999d14bee1e7e61
SHA1 (patch-src_FlightCrew_tests_CMakeLists.txt) = 934296b4cd2425d30d5e4926dfd8f835a5284953
Added files:
Index: pkgsrc/textproc/FlightCrew/patches/patch-src_FlightCrew_Framework_ValidateEpub.cpp
diff -u /dev/null pkgsrc/textproc/FlightCrew/patches/patch-src_FlightCrew_Framework_ValidateEpub.cpp:1.1
--- /dev/null Sat Oct 25 13:20:08 2025
+++ pkgsrc/textproc/FlightCrew/patches/patch-src_FlightCrew_Framework_ValidateEpub.cpp Sat Oct 25 13:20:08 2025
@@ -0,0 +1,46 @@
+$NetBSD: patch-src_FlightCrew_Framework_ValidateEpub.cpp,v 1.1 2025/10/25 13:20:08 kikadf Exp $
+
+* Fix CVE-2019-13032 with upstream commits:
+ https://github.com/Sigil-Ebook/flightcrew/commit/c75c100218ed5c0e7652947051e28b54a75212ae
+ https://github.com/Sigil-Ebook/flightcrew/commit/b4f4a70f604ddcb4e8e343aa0e690764fc46d780
+
+--- src/FlightCrew/Framework/ValidateEpub.cpp.orig 2025-10-04 12:04:47.334261964 +0000
++++ src/FlightCrew/Framework/ValidateEpub.cpp
+@@ -118,10 +118,15 @@ fs::path GetRelativePathToNcx( const xc:
+ std::string href = fromX( item->getAttribute( toX( "href" ) ) );
+ std::string media_type = fromX( item->getAttribute( toX( "media-type" ) ) );
+
+- if ( xc::XMLUri::isValidURI( true, toX( href ) ) &&
+- media_type == NCX_MIME )
+- {
+- return Util::Utf8PathToBoostPath( Util::UrlDecode( href ) );
++ // prevent segfault here that would result as toX() will return null when
++ // passed and empty string
++ if (!href.empty()) {
++
++ if ( xc::XMLUri::isValidURI( true, toX( href ) ) &&
++ media_type == NCX_MIME )
++ {
++ return Util::Utf8PathToBoostPath( Util::UrlDecode( href ) );
++ }
+ }
+ }
+
+@@ -141,10 +146,13 @@ std::vector< fs::path > GetRelativePaths
+ std::string href = fromX( item->getAttribute( toX( "href" ) ) );
+ std::string media_type = fromX( item->getAttribute( toX( "media-type" ) ) );
+
+- if ( xc::XMLUri::isValidURI( true, toX( href ) ) &&
+- ( media_type == XHTML_MIME || media_type == OEB_DOC_MIME ) )
+- {
+- paths.push_back( Util::Utf8PathToBoostPath( Util::UrlDecode( href ) ) );
++ if (!href.empty()) {
++
++ if ( xc::XMLUri::isValidURI( true, toX( href ) ) &&
++ ( media_type == XHTML_MIME || media_type == OEB_DOC_MIME ) )
++ {
++ paths.push_back( Util::Utf8PathToBoostPath( Util::UrlDecode( href ) ) );
++ }
+ }
+ }
+
Home |
Main Index |
Thread Index |
Old Index