Skip to content

mupdf: 1.17.0 -> 1.18.0, pymupdf: 1.17.6 -> 1.18.0, llpp 32 -> 33#100441

Merged
jonringer merged 5 commits intoNixOS:masterfrom
wamserma:mupdf-1-18-0
Nov 9, 2020
Merged

mupdf: 1.17.0 -> 1.18.0, pymupdf: 1.17.6 -> 1.18.0, llpp 32 -> 33#100441
jonringer merged 5 commits intoNixOS:masterfrom
wamserma:mupdf-1-18-0

Conversation

@wamserma
Copy link
Member

@wamserma wamserma commented Oct 13, 2020
edited
Loading

also drops the patch for shared libs (not needed any more)

fixes #90910
fixes #100316 (unstable)

Motivation for this change

Upstream release and security issues mentioned above.

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nixpkgs-review --run "NIXPKGS_ALLOW_INSECURE=1 nixpkgs-review pr 100441"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@wamserma
Copy link
Member Author

wamserma commented Oct 13, 2020
edited
Loading

this bundles a number of package updates similar to #88919 to avoid a broken state on master, old version is marked insecure but kept for k2pdfopt which is currently not compatible with MuPDF 1.18 and jfbview, which needs to be updated in its own PR

@wamserma wamserma changed the title mupdf: 1.17.0 -> 1.18.0 WIP: mupdf: 1.17.0 -> 1.18.0 Oct 13, 2020
@wamserma wamserma marked this pull request as draft October 13, 2020 20:44
@wamserma wamserma changed the title WIP: mupdf: 1.17.0 -> 1.18.0 WIP: mupdf: 1.17.0 -> 1.18.0, pymupdf: 1.17.6 -> 1.18.0 Oct 13, 2020
@ofborg ofborg bot added the 6.topic: python Python is a high-level, general-purpose programming language. label Oct 13, 2020
@wamserma wamserma changed the title WIP: mupdf: 1.17.0 -> 1.18.0, pymupdf: 1.17.6 -> 1.18.0 WIP: mupdf: 1.17.0 -> 1.18.0, pymupdf: 1.17.6 -> 1.18.0, llpp 32 -> 33 Oct 14, 2020
@wamserma wamserma changed the title WIP: mupdf: 1.17.0 -> 1.18.0, pymupdf: 1.17.6 -> 1.18.0, llpp 32 -> 33 mupdf: 1.17.0 -> 1.18.0, pymupdf: 1.17.6 -> 1.18.0, llpp 32 -> 33 Oct 14, 2020
@wamserma wamserma marked this pull request as ready for review October 14, 2020 07:44
@wamserma
Copy link
Member Author

wamserma commented Oct 17, 2020

@ofborg eval
@ofborg build mupdf mupdf-1-17 pymupdf llpp k2pdfopt jfbview

@wamserma wamserma marked this pull request as draft October 17, 2020 12:33
@wamserma wamserma force-pushed the mupdf-1-18-0 branch 3 times, most recently from 450048c to cf9e181 Compare October 17, 2020 14:15
@ofborg ofborg bot added the 8.has: package (new) This PR adds a new package label Oct 17, 2020
@ofborg ofborg bot requested review from Enzime, fpletz, pSub, teto and vrthra October 17, 2020 14:26
@ofborg ofborg bot added 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 11-100 This PR causes between 11 and 100 packages to rebuild on Linux. labels Oct 17, 2020
@wamserma wamserma marked this pull request as ready for review October 17, 2020 14:36
jonringer
jonringer reviewed Oct 17, 2020
View reviewed changes
@wamserma
Copy link
Member Author

wamserma commented Oct 18, 2020

@jonringer While you're at it: Can you add the security label to the PR?

@wamserma wamserma requested a review from jonringer October 18, 2020 12:27
@wamserma
Copy link
Member Author

wamserma commented Nov 2, 2020

/marvin opt-in
/status needs_reviewer

@marvin-mk2
Copy link

marvin-mk2 bot commented Nov 2, 2020

Hi! I'm an experimental bot. My goal is to guide this PR through its stages, hopefully ending with a merge. You can read up on the usage here.

@wamserma wamserma mentioned this pull request Nov 5, 2020
Open
@andir andir self-assigned this Nov 6, 2020
@andir andir added 1.severity: security Issues which raise a security issue, or PRs that fix one needs_reviewer and removed awaiting_reviewer labels Nov 6, 2020
andir
andir reviewed Nov 6, 2020
View reviewed changes
andir
andir reviewed Nov 6, 2020
View reviewed changes
@andir
Copy link
Member

andir commented Nov 9, 2020

This looks good as is. Could you also add the relevant CVE identifiers (or links to our tracking issues) to the relevant commits?

@wamserma
Copy link
Member Author

wamserma commented Nov 9, 2020

This looks good as is. Could you also add the relevant CVE identifiers (or links to our tracking issues) to the relevant commits?

I'll put the CVEs, as e.g. #100316 can only be closed once this is also backported.

jonringer
jonringer approved these changes Nov 9, 2020
View reviewed changes
Copy link
Contributor

@jonringer jonringer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

diff LGTM

https://github.com/NixOS/nixpkgs/pull/100441
1 package marked as broken and skipped:
mupdf_1_17

10 packages built:
cups-filters llpp mupdf python27Packages.pymupdf python37Packages.pymupdf python38Packages.pymupdf splix system-config-printer termpdfpy zathura

@timokau
Copy link
Member

timokau commented Nov 13, 2020

This (commit e13120b in particular) broke the zathura pdf viewer at runtime:

$ zathura some-file.pdf
error: Could not load plugin '/nix/store/l73f0x9xwcngvmq0wngdk77if0zd3n99-zathura-with-plugins-0.4.5/lib/zathura/libpdf-mupdf.so' (/nix/store/l73f0x9xwcngvmq0wngdk77if0zd3n99-zathura-with-plugins-0.4.5/lib/zathura/libpdf-mupdf.so: undefined symbol: jpeg_resync_to_restart).
error: Could not determine file type.

zathura then displays a black window without any of the pdf's contents.

@timokau
Copy link
Member

timokau commented Nov 13, 2020

Also CC @globin, the maintainer of zathura.

@wamserma wamserma deleted the mupdf-1-18-0 branch November 14, 2020 21:40
@wamserma wamserma mentioned this pull request Nov 14, 2020
Merged
10 tasks
timokau added a commit to timokau/dotfiles that referenced this pull request Nov 17, 2020
@timokau
Revert "nixpkgs: update"
45e293d 
This reverts commit ec488c8.

The mupdf update broke zathura, reverting for now.
NixOS/nixpkgs#100441 (comment)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andir andir andir left review comments

@FRidh FRidh Awaiting requested review from FRidh

@pSub pSub Awaiting requested review from pSub

@Enzime Enzime Awaiting requested review from Enzime

@fpletz fpletz Awaiting requested review from fpletz

@teto teto Awaiting requested review from teto

@vrthra vrthra Awaiting requested review from vrthra

+1 more reviewer

@jonringer jonringer jonringer approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@andir andir

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: python Python is a high-level, general-purpose programming language. 8.has: package (new) This PR adds a new package 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 11-100 This PR causes between 11 and 100 packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Vulnerability roundup 94: mupdf-1.17.0: 1 advisory [5.5] Vulnerability roundup 85: mupdf-1.17.0: 1 advisory [7.5]

4 participants

@wamserma @andir @timokau @jonringer