head	1.2;
access;
symbols
	pkgsrc-2017Q3:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2017.12.18.15.06.34;	author leot;	state dead;
branches;
next	1.1;
commitid	piDUW6ZgHXgvUnjA;

1.1
date	2017.10.25.11.00.03;	author leot;	state Exp;
branches
	1.1.2.1;
next	;
commitid	mSGpjiZUP4KyhqcA;

1.1.2.1
date	2017.10.25.11.00.03;	author bsiegert;	state dead;
branches;
next	1.1.2.2;
commitid	7DS2pPV5fZPCeKdA;

1.1.2.2
date	2017.11.04.17.48.30;	author bsiegert;	state Exp;
branches;
next	;
commitid	7DS2pPV5fZPCeKdA;


desc
@@


1.2
log
@mupdf: Update print/mupdf to 1.12.0

pkgsrc changes:
 - Add support for the `opengl' option via graphics/glut and remove the `glfw'
   option to follow upstream changes. Adjust options.mk and buildlink3.mk
   accordingly.
 - Add patches/patch-platform_gl_gl-app.h to not force freeglut GLUT
   implementation to every non-APPLE platforms (glut also works!) and adjust the
   glut.h include.
 - Add a commented out lcms2 bl3 inclusion entry, lcms2>=2.9 is needed (due
   "lcms2art.h" et al. inclusion, so disable it for now)
 - Explain the OPJ_STATIC comment in patches/patch-source_fitz_load-jpx.c
   a bit more in depth... ...this will hopefully save some time to
   debug opj_* undefined symbols when trying to link libmupdf and
   accidently omitting the patches/patch-source_fitz_load-jpx.c
   hunk (for extra debugging stories fun, if OPJ_STATIC is defined
   some opj_* symbols are defined while others are not defined,
   making the debugging of that problem more naughty!).
 - Inject HAVE_{CURL,GLUT} variables via MAKE_ENV in options.mk to avoid
   depending on www/curl and graphics/glut (yes, that's a bit kludgy
   but unfortunately mupdf doesn't have a configure and so there
   isn't a more sensible way to do it).  This is needed to avoid
   building mupdf-gl for native X.org where the glut.pc pkg-config
   file is available at build time.  Also adjust patches/patch-ab
   accordingly.
 - Remove patches/patch-CVE*, they are no longer needed (all applied in 1.12.0)
 - Bump BUILDLINK_API_DEPENDS.mupdf to 1.12.0 (there were several API changes
   from 1.11 to 1.12.0) and remove the now redundant and no longer needed
   BUILDLINK_ABI_DEPENDS.mupdf.

Changes:
List of changes in MuPDF 1.12.0

* Color management:
   * LCMS2 library for color management.
   * CMYK rendering with overprint simulation.
   * Spot color rendering.
   * Transparency rendering fixes.

* Structured text output improvements:
   * Reworked structured text API.
   * Faster text searching.
   * Highlight and copy text by selecting lines instead of by area.
   * New semantic XHTML output format.
   * New layout preserving HTML output format.

* Features and improvements:
   * Improved non-AA rendering with new scan converter.
   * Improved LARGEFILE support.
   * Improved TIFF support.
   * Improved documentation.
   * PCLm output.
   * PSD output.
   * New "mutool trace" tool.
   * New "mutool sign" tool (work in progress).
   * Text redaction (work in progress).

* Lots of bug fixes.
@
text
@$NetBSD: patch-CVE-2017-15369,v 1.1 2017/10/25 11:00:03 leot Exp $

Bug 698592: Mark variable fz_var(), avoiding optimization.
(AKA CVE-2017-15369)

The change in 2707fa9e8e6d17d794330e719dec1b08161fb045
in build_filter_chain() allows for the variable chain
to reside in a register, which means that the bug is
likely to only be visible if built under optimization.

First the chain variable is transferred to chain2, then
set to NULL, then when an exception occurs in build_filter()
the filter chain will be freed by build_filter(). Next
the expectation is that execution proceeds to fz_catch()
where fz_drop_stream() would be called with chain == NULL.

However due to the chain variable residing in a register,
its value is not NULL as expected, but was reset to its
original value upon the exception (since they use setjmp()),
hence fz_drop_stream() is called with a non-NULL value.

Marking the chain variable with fz_var() prevents the
compiler from allowing the chain variable to reside in
a register and hence its value will remain NULL and
never be reset.

From upstream commit c2663e51238ec8256da7fc61ad580db891d9fe9a

--- source/pdf/pdf-stream.c.orig
+++ source/pdf/pdf-stream.c
@@@@ -246,6 +246,8 @@@@ build_filter_chain(fz_context *ctx, fz_stream *chain, pdf_document *doc, pdf_obj
 	pdf_obj *p;
 	int i, n;
 
+	fz_var(chain);
+
 	fz_try(ctx)
 	{
 		n = pdf_array_len(ctx, fs);
@


1.1
log
@mupdf: backport patches to fix several possible security issues

Backport patches from upstream to address CVE-2017-14685, CVE-2017-14686,
CVE-2017-14687, CVE-2017-15369 and CVE-2017-15587.

These will not be needed for the next mupdf stable release.

Bump PKGREVISION.
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-CVE-2017-15369 was added on branch pkgsrc-2017Q3 on 2017-11-04 17:48:30 +0000
@
text
@d1 39
@


1.1.2.2
log
@Pullup ticket #5595 - requested by sevan
print/mupdf: security fix

Revisions pulled up:
- print/mupdf/Makefile                                          1.54
- print/mupdf/distinfo                                          1.38
- print/mupdf/patches/patch-CVE-2017-14685                      1.1
- print/mupdf/patches/patch-CVE-2017-14686                      1.1
- print/mupdf/patches/patch-CVE-2017-14687                      1.1
- print/mupdf/patches/patch-CVE-2017-15369                      1.1
- print/mupdf/patches/patch-CVE-2017-15587                      1.1

---
   Module Name:    pkgsrc
   Committed By:   leot
   Date:           Wed Oct 25 11:00:03 UTC 2017

   Modified Files:
           pkgsrc/print/mupdf: Makefile distinfo
   Added Files:
           pkgsrc/print/mupdf/patches: patch-CVE-2017-14685
   patch-CVE-2017-14686
               patch-CVE-2017-14687 patch-CVE-2017-15369 patch-CVE-2017-15587

   Log Message:
   mupdf: backport patches to fix several possible security issues

   Backport patches from upstream to address CVE-2017-14685, CVE-2017-14686,
   CVE-2017-14687, CVE-2017-15369 and CVE-2017-15587.

   These will not be needed for the next mupdf stable release.

   Bump PKGREVISION.
@
text
@a0 39
$NetBSD: patch-CVE-2017-15369,v 1.1 2017/10/25 11:00:03 leot Exp $

Bug 698592: Mark variable fz_var(), avoiding optimization.
(AKA CVE-2017-15369)

The change in 2707fa9e8e6d17d794330e719dec1b08161fb045
in build_filter_chain() allows for the variable chain
to reside in a register, which means that the bug is
likely to only be visible if built under optimization.

First the chain variable is transferred to chain2, then
set to NULL, then when an exception occurs in build_filter()
the filter chain will be freed by build_filter(). Next
the expectation is that execution proceeds to fz_catch()
where fz_drop_stream() would be called with chain == NULL.

However due to the chain variable residing in a register,
its value is not NULL as expected, but was reset to its
original value upon the exception (since they use setjmp()),
hence fz_drop_stream() is called with a non-NULL value.

Marking the chain variable with fz_var() prevents the
compiler from allowing the chain variable to reside in
a register and hence its value will remain NULL and
never be reset.

From upstream commit c2663e51238ec8256da7fc61ad580db891d9fe9a

--- source/pdf/pdf-stream.c.orig
+++ source/pdf/pdf-stream.c
@@@@ -246,6 +246,8 @@@@ build_filter_chain(fz_context *ctx, fz_stream *chain, pdf_document *doc, pdf_obj
 	pdf_obj *p;
 	int i, n;
 
+	fz_var(chain);
+
 	fz_try(ctx)
 	{
 		n = pdf_array_len(ctx, fs);
@