diff options
author | Alyssa Ross <hi@alyssa.is> | 2023-06-16 06:56:35 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-06-16 06:56:35 +0000 |
commit | 99fcaeccb89621dd492203ce1f2d551c06f228ed (patch) | |
tree | 41cb730ae07383004789779b0f6e11cb3f4642a3 /nixpkgs/pkgs/development/libraries/libtiff | |
parent | 59c5f5ac8682acc13bb22bc29c7cf02f7d75f01f (diff) | |
parent | 75a5ebf473cd60148ba9aec0d219f72e5cf52519 (diff) | |
download | nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.gz nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.bz2 nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.lz nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.xz nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.tar.zst nixlib-99fcaeccb89621dd492203ce1f2d551c06f228ed.zip |
Merge branch 'nixos-unstable' of https://github.com/NixOS/nixpkgs
Conflicts: nixpkgs/nixos/modules/config/console.nix nixpkgs/nixos/modules/services/mail/mailman.nix nixpkgs/nixos/modules/services/mail/public-inbox.nix nixpkgs/nixos/modules/services/mail/rss2email.nix nixpkgs/nixos/modules/services/networking/ssh/sshd.nix nixpkgs/pkgs/applications/networking/instant-messengers/dino/default.nix nixpkgs/pkgs/applications/networking/irc/weechat/default.nix nixpkgs/pkgs/applications/window-managers/sway/default.nix nixpkgs/pkgs/build-support/go/module.nix nixpkgs/pkgs/build-support/rust/build-rust-package/default.nix nixpkgs/pkgs/development/interpreters/python/default.nix nixpkgs/pkgs/development/node-packages/overrides.nix nixpkgs/pkgs/development/tools/b4/default.nix nixpkgs/pkgs/servers/dict/dictd-db.nix nixpkgs/pkgs/servers/mail/public-inbox/default.nix nixpkgs/pkgs/tools/security/pinentry/default.nix nixpkgs/pkgs/tools/text/unoconv/default.nix nixpkgs/pkgs/top-level/all-packages.nix
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/libtiff')
3 files changed, 63 insertions, 29 deletions
diff --git a/nixpkgs/pkgs/development/libraries/libtiff/default.nix b/nixpkgs/pkgs/development/libraries/libtiff/default.nix index 7f6d11d9e715..06dc76d92328 100644 --- a/nixpkgs/pkgs/development/libraries/libtiff/default.nix +++ b/nixpkgs/pkgs/development/libraries/libtiff/default.nix @@ -1,16 +1,19 @@ -{ lib, stdenv -, fetchurl +{ lib +, stdenv +, fetchFromGitLab , fetchpatch +, nix-update-script , autoreconfHook , pkg-config +, sphinx , libdeflate , libjpeg , xz , zlib -# for passthru.tests + # for passthru.tests , libgeotiff , python3Packages , imagemagick @@ -18,16 +21,17 @@ , gdal , openimageio , freeimage -, imlib }: stdenv.mkDerivation rec { pname = "libtiff"; - version = "4.4.0"; + version = "4.5.0"; - src = fetchurl { - url = "https://download.osgeo.org/libtiff/tiff-${version}.tar.gz"; - sha256 = "1vdbk3sc497c58kxmp02irl6nqkfm9rjs3br7g59m59qfnrj6wli"; + src = fetchFromGitLab { + owner = "libtiff"; + repo = "libtiff"; + rev = "v${version}"; + hash = "sha256-KG6rB940JMjFUTAgtkzg+Zh75gylPY6Q7/4gEbL0Hcs="; }; patches = [ @@ -37,9 +41,30 @@ stdenv.mkDerivation rec { # `version` in the project's include paths ./rename-version.patch (fetchpatch { - name = "CVE-2022-34526.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/275735d0354e39c0ac1dc3c0db2120d6f31d1990.patch"; - sha256 = "sha256-faKsdJjvQwNdkAKjYm4vubvZvnULt9zz4l53zBFr67s="; + name = "CVE-2022-48281.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5.diff"; + sha256 = "sha256-FWUlyJyHXac6fuM5f9PG33kcF5Bm4fyFmYnaDal46iM="; + }) + (fetchpatch { + name = "CVE-2023-0800.CVE-2023-0801.CVE-2023-0802.CVE-2023-0803.CVE-2023-0804.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00.patch"; + sha256 = "sha256-wNSa1D9EWObTs331utjIKgo9p9PUWqTM54qG+1Hhm1A="; + }) + (fetchpatch { + name = "CVE-2023-0795.CVE-2023-0796.CVE-2023-0797.CVE-2023-0798.CVE-2023-0799.prerequisite-0.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/9c22495e5eeeae9e00a1596720c969656bb8d678.patch"; + sha256 = "sha256-NTs+dCUweKddQDzJLqbdIdvNbaSweGG0cSVt57tntoI="; + }) + (fetchpatch { + name = "CVE-2023-0795.CVE-2023-0796.CVE-2023-0797.CVE-2023-0798.CVE-2023-0799.prerequisite-1.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/d63de61b1ec3385f6383ef9a1f453e4b8b11d536.patch"; + includes = [ "tools/tiffcrop.c" ]; + sha256 = "sha256-VHg5aAcHKwRkDFDyC1rLjCjj1rMzcq/2SUR/r1fQubQ="; + }) + (fetchpatch { + name = "CVE-2023-0795.CVE-2023-0796.CVE-2023-0797.CVE-2023-0798.CVE-2023-0799.patch"; + url = "https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68.patch"; + sha256 = "sha256-9+oXKVJEeaIuMBdtvhNlUBNpw9uzg31s+zxt4GJo6Lo="; }) ]; @@ -50,26 +75,34 @@ stdenv.mkDerivation rec { outputs = [ "bin" "dev" "dev_private" "out" "man" "doc" ]; postFixup = '' - moveToOutput include/tif_dir.h $dev_private moveToOutput include/tif_config.h $dev_private + moveToOutput include/tif_dir.h $dev_private + moveToOutput include/tif_hash_set.h $dev_private moveToOutput include/tiffiop.h $dev_private ''; # If you want to change to a different build system, please make # sure cross-compilation works first! - nativeBuildInputs = [ autoreconfHook pkg-config ]; - - propagatedBuildInputs = [ libjpeg xz zlib ]; #TODO: opengl support (bogus configure detection) - - buildInputs = [ libdeflate ]; + nativeBuildInputs = [ autoreconfHook pkg-config sphinx ]; + + # TODO: opengl support (bogus configure detection) + propagatedBuildInputs = [ + libdeflate + libjpeg + xz + zlib + ]; enableParallelBuilding = true; doCheck = true; - passthru.tests = { - inherit libgeotiff imagemagick graphicsmagick gdal openimageio freeimage imlib; - inherit (python3Packages) pillow imread; + passthru = { + tests = { + inherit libgeotiff imagemagick graphicsmagick gdal openimageio freeimage; + inherit (python3Packages) pillow imread; + }; + updateScript = nix-update-script { }; }; meta = with lib; { diff --git a/nixpkgs/pkgs/development/libraries/libtiff/headers.patch b/nixpkgs/pkgs/development/libraries/libtiff/headers.patch index e1c681502b33..e0ef9f3478a6 100644 --- a/nixpkgs/pkgs/development/libraries/libtiff/headers.patch +++ b/nixpkgs/pkgs/development/libraries/libtiff/headers.patch @@ -2,15 +2,16 @@ diff --git i/libtiff/Makefile.am w/libtiff/Makefile.am index 44522b62..d66e5948 100644 --- i/libtiff/Makefile.am +++ w/libtiff/Makefile.am -@@ -36,8 +36,11 @@ EXTRA_DIST = \ +@@ -36,8 +36,12 @@ EXTRA_DIST = \ tiffconf.h.cmake.in - + libtiffinclude_HEADERS = \ + tif_config.h \ + tif_dir.h \ ++ tif_hash_set.h \ tiff.h \ tiffio.h \ + tiffiop.h \ tiffvers.h - + if HAVE_CXX diff --git a/nixpkgs/pkgs/development/libraries/libtiff/rename-version.patch b/nixpkgs/pkgs/development/libraries/libtiff/rename-version.patch index 30601c0f04ee..ddd33ad49045 100644 --- a/nixpkgs/pkgs/development/libraries/libtiff/rename-version.patch +++ b/nixpkgs/pkgs/development/libraries/libtiff/rename-version.patch @@ -6,15 +6,15 @@ TODO \ - VERSION + VERSION.txt - + EXTRA_DIST = \ cmake \ -@@ -61,7 +61,7 @@ SUBDIRS = port libtiff tools build contrib test man html - +@@ -61,7 +61,7 @@ SUBDIRS = port libtiff tools build contrib test doc + release: - (rm -f $(top_srcdir)/RELEASE-DATE && echo $(LIBTIFF_RELEASE_DATE) > $(top_srcdir)/RELEASE-DATE) + (rm -f $(top_srcdir)/RELEASE-DATE && echo $(LIBTIFF_RELEASE_DATE) > $(top_srcdir)/RELEASE-DATE) - (rm -f $(top_srcdir)/VERSION && echo $(LIBTIFF_VERSION) > $(top_srcdir)/VERSION) + (rm -f $(top_srcdir)/VERSION.txt && echo $(LIBTIFF_VERSION) > $(top_srcdir)/VERSION.txt) - (rm -f $(top_srcdir)/libtiff/tiffvers.h && sed 's,LIBTIFF_VERSION,$(LIBTIFF_VERSION),;s,LIBTIFF_RELEASE_DATE,$(LIBTIFF_RELEASE_DATE),' $(top_srcdir)/libtiff/tiffvers.h.in > $(top_srcdir)/libtiff/tiffvers.h) - + (rm -f $(top_srcdir)/libtiff/tiffvers.h && sed 's,LIBTIFF_VERSION,$(LIBTIFF_VERSION),;s,LIBTIFF_RELEASE_DATE,$(LIBTIFF_RELEASE_DATE),;s,LIBTIFF_MAJOR_VERSION,$(LIBTIFF_MAJOR_VERSION),;s,LIBTIFF_MINOR_VERSION,$(LIBTIFF_MINOR_VERSION),;s,LIBTIFF_MICRO_VERSION,$(LIBTIFF_MICRO_VERSION),' $(top_srcdir)/libtiff/tiffvers.h.in > $(top_srcdir)/libtiff/tiffvers.h) + pkgconfigdir = $(libdir)/pkgconfig |