Skip to content

gd: 2.0.35 -> 2.1.1 #15323

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
joachifm merged 5 commits into from
May 15, 2016
Merged

gd: 2.0.35 -> 2.1.1 #15323

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
f8bdd79
gd: 2.0.35 -> 2.1.1
joachifm May 9, 2016
220836d
gd: apply patch for CVE-2016-3074 from upstream
joachifm May 13, 2016
a371094
pstoedit: explicit dependency on jpeg
joachifm May 14, 2016
9428652
mscgen: add libjpeg to build inputs
joachifm May 14, 2016
2113b73
mldonkey: add libjpeg to build inputs
joachifm May 14, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions pkgs/applications/networking/p2p/mldonkey/default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{stdenv, fetchurl, ocaml, zlib, bzip2, ncurses, file, gd, libpng }:
{stdenv, fetchurl, ocaml, zlib, bzip2, ncurses, file, gd, libpng, libjpeg }:

stdenv.mkDerivation (rec {
name = "mldonkey-3.1.5";
Expand All @@ -14,7 +14,7 @@ stdenv.mkDerivation (rec {
license = stdenv.lib.licenses.gpl2;
};

buildInputs = [ ocaml zlib ncurses bzip2 file gd libpng ];
buildInputs = [ ocaml zlib ncurses bzip2 file gd libpng libjpeg ];
configureFlags = [ "--disable-gui" ];
} // (if !ocaml.nativeCompilers then
{
Expand Down
13 changes: 13 additions & 0 deletions pkgs/development/libraries/gd/CVE-2016-3074.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
diff --git a/src/gd_gd2.c b/src/gd_gd2.c
index 6f28461..a50b33d 100644
--- a/src/gd_gd2.c
+++ b/src/gd_gd2.c
@@ -165,6 +165,8 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
if (gdGetInt (&cidx[i].size, in) != 1) {
goto fail2;
};
+ if (cidx[i].offset < 0 || cidx[i].size < 0)
+ goto fail2;
};
*chunkIdx = cidx;
};
39 changes: 26 additions & 13 deletions pkgs/development/libraries/gd/default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,21 +1,34 @@
{stdenv, fetchurl, zlib, libpng, freetype, libjpeg, fontconfig}:
{ stdenv, fetchurl
, pkgconfig
, zlib
, libjpeg
, libpng
, libtiff ? null
, libXpm ? null
, fontconfig
, freetype
}:

stdenv.mkDerivation rec {
name = "gd-${version}";
version = "2.1.1";

stdenv.mkDerivation {
name = "gd-2.0.35";

src = fetchurl {
url = http://www.libgd.org/releases/gd-2.0.35.tar.bz2;
sha256 = "1y80lcmb8qbzf0a28841zxhq9ndfapmh2fsrqfd9lalxfj8288mz";
url = "https://github.com/libgd/libgd/releases/download/${name}/libgd-${version}.tar.xz";
sha256 = "11djy9flzxczphigqgp7fbbblbq35gqwwhn9xfcckawlapa1xnls";
};

buildInputs = [zlib libpng freetype];

propagatedBuildInputs = [libjpeg fontconfig]; # urgh
patches = [
./CVE-2016-3074.patch
];

configureFlags = "--without-x";
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ zlib fontconfig freetype libjpeg libpng libtiff libXpm ];

meta = {
homepage = http://www.libgd.org/;
description = "An open source code library for the dynamic creation of images by programmers";
meta = with stdenv.lib; {
homepage = https://libgd.github.io/;
description = "A dynamic image creation library";
license = licenses.free; # some custom license
platforms = platforms.unix;
};
}
4 changes: 2 additions & 2 deletions pkgs/tools/graphics/mscgen/default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ stdenv, fetchurl, flex, bison, gd, libpng, freetype, zlib }:
{ stdenv, fetchurl, flex, bison, gd, libpng, libjpeg, freetype, zlib }:

let
version = "0.20";
Expand All @@ -11,7 +11,7 @@ stdenv.mkDerivation {
sha256 = "3c3481ae0599e1c2d30b7ed54ab45249127533ab2f20e768a0ae58d8551ddc23";
};

buildInputs = [ flex bison gd libpng freetype zlib ];
buildInputs = [ flex bison gd libjpeg libpng freetype zlib ];

doCheck = true;
preCheck = ''
Expand Down
10 changes: 5 additions & 5 deletions pkgs/tools/graphics/pstoedit/default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
{ stdenv, fetchurl, pkgconfig, ghostscript, gd, zlib, plotutils }:
{ stdenv, fetchurl, pkgconfig, ghostscript, gd, libjpeg, zlib, plotutils }:

stdenv.mkDerivation {
stdenv.mkDerivation rec {
name = "pstoedit-3.62";

src = fetchurl {
url = mirror://sourceforge/pstoedit/pstoedit-3.62.tar.gz;
url = "mirror://sourceforge/pstoedit/${name}.tar.gz";
sha256 = "0j410dm9nqwa7n03yiyz0jwvln0jlqc3n9iv4nls33yl6x3c8x40";
};

buildInputs = [ pkgconfig ghostscript gd zlib plotutils ];
buildInputs = [ pkgconfig ghostscript gd libjpeg zlib plotutils ];

meta = {
description = "translates PostScript and PDF graphics into other vector formats";
description = "Translates PostScript and PDF graphics into other vector formats";
homepage = http://www.helga-glunz.homepage.t-online.de/pstoedit;
license = stdenv.lib.licenses.gpl2;
maintainers = [ stdenv.lib.maintainers.marcweber ];
Expand Down
5 changes: 4 additions & 1 deletion pkgs/top-level/all-packages.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6963,7 +6963,10 @@ in

gettext = callPackage ../development/libraries/gettext { };

gd = callPackage ../development/libraries/gd { };
gd = callPackage ../development/libraries/gd {
libtiff = null;
libXpm = null;
};

gdal = callPackage ../development/libraries/gdal { };

Expand Down