diff options
| author | Alyssa Ross <hi@alyssa.is> | 2024-03-24 11:04:41 +0100 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2024-03-24 11:04:41 +0100 |
| commit | 5423cabbbf2b6dec5568f1ecabd288d5d9a642ec (patch) | |
| tree | f316a6a921bfefd3a63bd4502c2eb50ff1644f67 /nixpkgs/pkgs/development/libraries/giflib | |
| parent | 46a88117a05c3469af5d99433af140c3de8ca088 (diff) | |
| parent | 8aa81f34981add12aecada6c702ddbbd0375ca36 (diff) | |
| download | nixlib-5423cabbbf2b6dec5568f1ecabd288d5d9a642ec.tar nixlib-5423cabbbf2b6dec5568f1ecabd288d5d9a642ec.tar.gz nixlib-5423cabbbf2b6dec5568f1ecabd288d5d9a642ec.tar.bz2 nixlib-5423cabbbf2b6dec5568f1ecabd288d5d9a642ec.tar.lz nixlib-5423cabbbf2b6dec5568f1ecabd288d5d9a642ec.tar.xz nixlib-5423cabbbf2b6dec5568f1ecabd288d5d9a642ec.tar.zst nixlib-5423cabbbf2b6dec5568f1ecabd288d5d9a642ec.zip | |
Merge branch 'nixos-unstable-small' of https://github.com/NixOS/nixpkgs
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/giflib')
3 files changed, 39 insertions, 42 deletions
diff --git a/nixpkgs/pkgs/development/libraries/giflib/4.1.nix b/nixpkgs/pkgs/development/libraries/giflib/4.1.nix deleted file mode 100644 index 8f3ebcf7d3be..000000000000 --- a/nixpkgs/pkgs/development/libraries/giflib/4.1.nix +++ /dev/null @@ -1,21 +0,0 @@ -{lib, stdenv, fetchurl}: - -stdenv.mkDerivation rec { - pname = "giflib"; - version = "4.1.6"; - - src = fetchurl { - url = "mirror://sourceforge/giflib/giflib-${version}.tar.bz2"; - sha256 = "1v9b7ywz7qg8hli0s9vv1b8q9xxb2xvqq2mg1zpr73xwqpcwxhg1"; - }; - - hardeningDisable = [ "format" ]; - - meta = with lib; { - description = "A library for reading and writing gif images"; - branch = "4.1"; - license = licenses.mit; - platforms = platforms.unix; - }; -} - diff --git a/nixpkgs/pkgs/development/libraries/giflib/CVE-2021-40633.patch b/nixpkgs/pkgs/development/libraries/giflib/CVE-2021-40633.patch new file mode 100644 index 000000000000..8a665bb1638b --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/giflib/CVE-2021-40633.patch @@ -0,0 +1,26 @@ +From ccbc956432650734c91acb3fc88837f7b81267ff Mon Sep 17 00:00:00 2001 +From: "Eric S. Raymond" <esr@thyrsus.com> +Date: Wed, 21 Feb 2024 18:55:00 -0500 +Subject: [PATCH] Clean up memory better at end of run (CVE-2021-40633) + +--- + gif2rgb.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/gif2rgb.c b/gif2rgb.c +index d51226d..fc2e683 100644 +--- a/gif2rgb.c ++++ b/gif2rgb.c +@@ -517,6 +517,9 @@ static void GIF2RGB(int NumFiles, char *FileName, bool OneFileFlag, + DumpScreen2RGB(OutFileName, OneFileFlag, ColorMap, ScreenBuffer, + GifFile->SWidth, GifFile->SHeight); + ++ for (i = 0; i < GifFile->SHeight; i++) { ++ (void)free(ScreenBuffer[i]); ++ } + (void)free(ScreenBuffer); + + { +-- +2.44.0 + diff --git a/nixpkgs/pkgs/development/libraries/giflib/default.nix b/nixpkgs/pkgs/development/libraries/giflib/default.nix index 8c8a587ed548..a73d12061250 100644 --- a/nixpkgs/pkgs/development/libraries/giflib/default.nix +++ b/nixpkgs/pkgs/development/libraries/giflib/default.nix @@ -4,31 +4,20 @@ , fetchpatch , fixDarwinDylibNames , pkgsStatic +, imagemagick_light }: stdenv.mkDerivation rec { pname = "giflib"; - version = "5.2.1"; + version = "5.2.2"; src = fetchurl { url = "mirror://sourceforge/giflib/giflib-${version}.tar.gz"; - sha256 = "1gbrg03z1b6rlrvjyc6d41bc8j1bsr7rm8206gb1apscyii5bnii"; + hash = "sha256-vn/70FfK3r4qoURUL9kMaDjGoIO16KkEi47jtmsp1fs="; }; patches = [ - (fetchpatch { - name = "CVE-2022-28506.patch"; - url = "https://src.fedoraproject.org/rpms/giflib/raw/2e9917bf13df114354163f0c0211eccc00943596/f/CVE-2022-28506.patch"; - sha256 = "sha256-TBemEXkuox8FdS9RvjnWcTWPaHRo4crcwSR9czrUwBY="; - }) - ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ - # https://sourceforge.net/p/giflib/bugs/133/ - (fetchpatch { - name = "darwin-soname.patch"; - url = "https://sourceforge.net/p/giflib/bugs/_discuss/thread/4e811ad29b/c323/attachment/Makefile.patch"; - sha256 = "12afkqnlkl3n1hywwgx8sqnhp3bz0c5qrwcv8j9hifw1lmfhv67r"; - extraPrefix = "./"; - }) + ./CVE-2021-40633.patch ] ++ lib.optionals stdenv.hostPlatform.isMinGW [ # Build dll libraries. (fetchurl { @@ -40,7 +29,9 @@ stdenv.mkDerivation rec { ./mingw-install-exes.patch ]; - nativeBuildInputs = lib.optionals stdenv.isDarwin [ + nativeBuildInputs = [ + imagemagick_light + ] ++ lib.optionals stdenv.isDarwin [ fixDarwinDylibNames ]; @@ -50,10 +41,11 @@ stdenv.mkDerivation rec { postPatch = lib.optionalString stdenv.hostPlatform.isStatic '' # Upstream build system does not support NOT building shared libraries. - sed -i '/all:/ s/libgif.so//' Makefile - sed -i '/all:/ s/libutil.so//' Makefile - sed -i '/-m 755 libgif.so/ d' Makefile - sed -i '/ln -sf libgif.so/ d' Makefile + sed -i '/all:/ s/$(LIBGIFSO)//' Makefile + sed -i '/all:/ s/$(LIBUTILSO)//' Makefile + sed -i '/-m 755 $(LIBGIFSO)/ d' Makefile + sed -i '/ln -sf $(LIBGIFSOVER)/ d' Makefile + sed -i '/ln -sf $(LIBGIFSOMAJOR)/ d' Makefile ''; passthru.tests = { @@ -63,7 +55,7 @@ stdenv.mkDerivation rec { meta = { description = "A library for reading and writing gif images"; homepage = "https://giflib.sourceforge.net/"; - platforms = lib.platforms.unix; + platforms = lib.platforms.unix ++ lib.platforms.windows; license = lib.licenses.mit; maintainers = with lib.maintainers; [ ]; branch = "5.2"; |