import autotrace-0.31.1-52.el8

This commit is contained in:
CentOS Sources 2019-08-02 12:09:49 -04:00 committed by Stepan Oksanichenko
commit a919918acd
10 changed files with 482 additions and 0 deletions

1
.autotrace.metadata Normal file
View File

@ -0,0 +1 @@
679e4912528030b86f23db5b99e60f8e7df883fd SOURCES/autotrace-0.31.1.tar.gz

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/autotrace-0.31.1.tar.gz

View File

@ -0,0 +1,12 @@
diff -up autotrace-0.31.1/input-bmp.c.orig autotrace-0.31.1/input-bmp.c
--- autotrace-0.31.1/input-bmp.c.orig 2002-10-10 22:44:08.000000000 +0200
+++ autotrace-0.31.1/input-bmp.c 2013-06-28 10:24:58.336056959 +0200
@@ -166,7 +166,7 @@ input_bmp_reader (at_string filename,
/* 36 */
Maps = 4;
}
- else if (Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
+ else if (Bitmap_File_Head.biSize >= 40 && Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
{
if (!ReadOK (fd, buffer, Bitmap_File_Head.biSize - 4))
{

View File

@ -0,0 +1,16 @@
Subject: Fix heap-based buffer overflow in pstoedit_suffix_table_init
ID: CVE-2016-7392
Author: unknown (taken from DLA-621-1)
Bug-Debian: https://bugs.debian.org/837599
--- a/output-pstoedit.c
+++ b/output-pstoedit.c
@@ -84,7 +84,7 @@
dd_tmp = dd_start;
while (dd_tmp->symbolicname)
dd_tmp++;
- XMALLOC(pstoedit_suffix_table, sizeof(char *) * 2 * (dd_tmp - dd_start) + 1);
+ XMALLOC(pstoedit_suffix_table, sizeof(char *) * (2 * (dd_tmp - dd_start) + 1));
#if defined (OUTPUT_PSTOEDIT_DEBUG) && defined(__GNUC__)
fprintf(stderr, "OUTPUT PSTOEDIT BACKEND DEBUG(%s)\n", __FUNCTION__);

View File

@ -0,0 +1,20 @@
diff -up autotrace-0.31.1/autotrace-config.in.orig autotrace-0.31.1/autotrace-config.in
--- autotrace-0.31.1/autotrace-config.in.orig 2002-11-08 19:18:31.000000000 +0100
+++ autotrace-0.31.1/autotrace-config.in 2013-07-19 10:05:14.516133368 +0200
@@ -4,6 +4,7 @@ af_libs=
af_cflags=
prefix=@prefix@
exec_prefix=@exec_prefix@
+libdir=`pkg-config --variable=libdir autotrace`
##
@@ -205,7 +206,7 @@ fi
#dummy because this should always be selected
af_cflags="$af_cflags -I@includedir@"
-af_libs="-L@libdir@ -lautotrace @LIBPNG_LDFLAGS@ @MAGICK_LDFLAGS@ @LIBSWF_LDFLAGS@ @LIBPSTOEDIT_LIBS@ $af_libs"
+af_libs="-L$libdir -lautotrace @LIBPNG_LDFLAGS@ @MAGICK_LDFLAGS@ @LIBSWF_LDFLAGS@ @LIBPSTOEDIT_LIBS@ $af_libs"

View File

@ -0,0 +1,33 @@
--- autotrace-0.31.1.orig/configure.in
+++ autotrace-0.31.1/configure.in
@@ -282,8 +300,12 @@ AC_CHECK_LIB(dl,main,[LIBLD_LDFLAGS=-ldl
if test "x${LIBLD_LDFLAGS}" != x; then
LIBPSTOEDIT_EXTRA_LIBS="${LIBPSTOEDIT_EXTRA_LIBS} ${LIBLD_LDFLAGS}"
fi
-
-echo '*** Checking pstoedit existence TWICE(if needed) ***'
+
+echo '*** Checking pstoedit existence THRICE(if needed)***'
+echo '*** This is the 0th check ***'
+PKG_CHECK_MODULES(LIBPSTOEDIT,[pstoedit >= 3.32.1],HAVE_LIBPSTOEDIT_321=yes)
+if test ${HAVE_LIBPSTOEDIT_321} != yes; then
+ echo '*** The 0th check failed ***'
echo '*** This is the 1st check ***'
AM_PATH_PSTOEDIT(3.32.1,HAVE_LIBPSTOEDIT_321=yes)
if test ${HAVE_LIBPSTOEDIT_321} != yes; then
@@ -310,6 +332,15 @@ else
LIBPSTOEDIT_LIBS="${PSTOEDIT_LIBS} ${LIBPSTOEDIT_EXTRA_LIBS}"
LIBPSTOEDIT_CFLAGS="${PSTOEDIT_CFLAGS}"
fi
+else
+ echo '*** The 0th check is passed. ***'
+ HAVE_LIBPSTOEDIT=yes
+
+ # Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1415258
+ LIBPSTOEDIT_LIBS="${LIBPSTOEDIT_LIBS/@LIBPNG_LDFLAGS@/-lpng}"
+
+ AC_DEFINE(HAVE_LIBPSTOEDIT)
+fi
if test ${HAVE_LIBPSTOEDIT} = yes; then
AC_CHECK_FUNCS([mkstemp])

View File

@ -0,0 +1,29 @@
From 296538ef2754df0c6e704ac172854816d4ff5cd2 Mon Sep 17 00:00:00 2001
From: Caolan McNamara <caolanm@fedoraproject.org>
Date: Mon, 2 Mar 2009 12:21:34 +0000
Subject: [PATCH 1/3] Modify GetOnePixel usage to build against current
ImageMagick api
---
input-magick.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/input-magick.c b/input-magick.c
index 51c6409..bc36b8f 100644
--- a/input-magick.c
+++ b/input-magick.c
@@ -83,7 +83,11 @@ at_bitmap_type input_magick_reader(at_string filename,
for(j=0,runcount=0,point=0;j<image->rows;j++)
for(i=0;i<image->columns;i++) {
+#if (MagickLibVersion < 0x0645) || (MagickLibVersion >= 0x0649)
p=GetOnePixel(image,i,j);
+#else
+ GetOnePixel(image,i,j,pixel);
+#endif
AT_BITMAP_BITS(bitmap)[point++]=pixel->red; /* if gray: red=green=blue */
if(np==3) {
AT_BITMAP_BITS(bitmap)[point++]=pixel->green;
--
1.7.11.2

View File

@ -0,0 +1,31 @@
From c3410ede752b3b0a092a2a4d196f4a6ccf8c3a10 Mon Sep 17 00:00:00 2001
From: Peter Lemenkov <peter@fedoraproject.org>
Date: Mon, 27 Jul 2009 14:20:46 +0000
Subject: [PATCH 2/3] Fixed underquoted AM_PATH_AUTOTRACE definition
See rhbz #477980 for the details:
* https://bugzilla.redhat.com/477980
Reported-by: Jerry James <loganjerry@gmail.com>
Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
---
autotrace.m4 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/autotrace.m4 b/autotrace.m4
index 4b16a77..11d6276 100644
--- a/autotrace.m4
+++ b/autotrace.m4
@@ -4,7 +4,7 @@
dnl AM_PATH_AUTOTRACE([MINIMUM-VERSION, [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]])
dnl Test to see if libautotrace is installed, and define AUTOTRACE_CFLAGS, LIBS
dnl
-AC_DEFUN(AM_PATH_AUTOTRACE,
+AC_DEFUN([AM_PATH_AUTOTRACE],
[dnl
dnl Get the cflags and libraries from the autotrace-config script
dnl
--
1.7.11.2

View File

@ -0,0 +1,68 @@
From 56103b05af8a9d67ce158eceab9f7c984b38eabb Mon Sep 17 00:00:00 2001
From: Jon Ciesla <limburgher@gmail.com>
Date: Fri, 2 Mar 2012 09:39:36 -0600
Subject: [PATCH 3/3] libpng fix.
---
input-png.c | 22 ++++++----------------
1 file changed, 6 insertions(+), 16 deletions(-)
diff --git a/input-png.c b/input-png.c
index 77b96f1..b631f07 100644
--- a/input-png.c
+++ b/input-png.c
@@ -42,7 +42,7 @@ static png_bytep * read_png(png_structp png_ptr, png_infop info_ptr, at_input_op
static void handle_warning(png_structp png, const at_string message) {
LOG1("PNG warning: %s", message);
- at_exception_warning((at_exception_type *)png->error_ptr,
+ at_exception_warning((at_exception_type *)png_get_error_ptr(png),
message);
/* at_exception_fatal((at_exception_type *)at_png->error_ptr,
"PNG warning"); */
@@ -50,7 +50,7 @@ static void handle_warning(png_structp png, const at_string message) {
static void handle_error(png_structp png, const at_string message) {
LOG1("PNG error: %s", message);
- at_exception_fatal((at_exception_type *)png->error_ptr,
+ at_exception_fatal((at_exception_type *)png_get_error_ptr(png),
message);
/* at_exception_fatal((at_exception_type *)at_png->error_ptr,
"PNG error"); */
@@ -157,8 +157,8 @@ read_png(png_structp png_ptr, png_infop info_ptr, at_input_opts_type * opts)
png_set_strip_16(png_ptr);
png_set_packing(png_ptr);
- if ((png_ptr->bit_depth < 8) ||
- (png_ptr->color_type == PNG_COLOR_TYPE_PALETTE) ||
+ if ((png_get_bit_depth(png_ptr, info_ptr) < 8) ||
+ (png_get_color_type(png_ptr, info_ptr) == PNG_COLOR_TYPE_PALETTE) ||
(png_get_valid(png_ptr, info_ptr, PNG_INFO_tRNS)))
png_set_expand(png_ptr);
@@ -181,20 +181,10 @@ read_png(png_structp png_ptr, png_infop info_ptr, at_input_opts_type * opts)
PNG_BACKGROUND_GAMMA_FILE, 1, 1.0);
} else
png_set_strip_alpha(png_ptr);
+ png_set_interlace_handling(png_ptr);
png_read_update_info(png_ptr, info_ptr);
-
- info_ptr->row_pointers = (png_bytepp)png_malloc(png_ptr,
- info_ptr->height * sizeof(png_bytep));
-#ifdef PNG_FREE_ME_SUPPORTED
- info_ptr->free_me |= PNG_FREE_ROWS;
-#endif
- for (row = 0; row < (int)info_ptr->height; row++)
- info_ptr->row_pointers[row] = (png_bytep)png_malloc(png_ptr,
- png_get_rowbytes(png_ptr, info_ptr));
-
- png_read_image(png_ptr, info_ptr->row_pointers);
- info_ptr->valid |= PNG_INFO_IDAT;
+ png_read_png(png_ptr, info_ptr, PNG_TRANSFORM_IDENTITY, NULL);
png_read_end(png_ptr, info_ptr);
return png_get_rows(png_ptr, info_ptr);
}
--
1.7.11.2

271
SPECS/autotrace.spec Normal file
View File

@ -0,0 +1,271 @@
Name: autotrace
Version: 0.31.1
Release: 52%{?dist}
Summary: Utility for converting bitmaps to vector graphics
License: GPLv2+ and LGPLv2+
URL: http://autotrace.sourceforge.net/
Source0: http://download.sf.net/autotrace/%{name}-%{version}.tar.gz
Patch1: autotrace-0001-Modify-GetOnePixel-usage-to-build-against-current-Im.patch
Patch2: autotrace-0002-Fixed-underquoted-AM_PATH_AUTOTRACE-definition.patch
Patch3: autotrace-0003-libpng-fix.patch
# Sent upstream
Patch4: autotrace-0.31.1-CVE-2013-1953.patch
Patch5: autotrace-0.31.1-multilib-fix.patch
Patch6: autotrace-0.31.1-pstoedit-detection-fix.patch
Patch7: autotrace-0.31.1-CVE-2016-7392.patch
BuildRequires: libpng-devel > 2:1.2
BuildRequires: libexif-devel
BuildRequires: libtiff-devel
BuildRequires: libjpeg-devel
BuildRequires: libxml2-devel
BuildRequires: bzip2-devel
BuildRequires: freetype-devel
BuildRequires: pstoedit-devel
BuildRequires: gcc-c++
# For autoreconf
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
BuildRequires: pstoedit-devel
%description
AutoTrace is a program for converting bitmaps to vector graphics.
Supported input formats include BMP, TGA, PNM, PPM, PNG, whereas output
can be produced in Postscript, SVG, xfig, SWF, and others.
%package devel
Summary: Header files for autotrace
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: pkgconfig
Requires: pstoedit-devel
%description devel
This package contains header files and development libraries for autotrace.
%prep
%setup -q
%patch1 -p1 -b .GetOnePixel
%patch2 -p1 -b .aclocal18
%patch3 -p1 -b .libpng15
%patch4 -p1 -b .CVE-2013-1953
%patch5 -p1 -b .multilib-fix
%patch6 -p1 -b .pstoedit-detection-fix
%patch7 -p1 -b .CVE-2016-7392
autoreconf -ivf
%build
%configure --without-magick
# remove rpaths
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
make %{?_smp_mflags}
%install
make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
find $RPM_BUILD_ROOT -type f -name "*.la" -exec rm -f {} ';'
find $RPM_BUILD_ROOT -type f -name "*.a" -exec rm -f {} ';'
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%doc AUTHORS ChangeLog FAQ NEWS README THANKS TODO
%license COPYING COPYING.LIB
%{_bindir}/autotrace
%{_libdir}/*.so.*
%{_mandir}/man[^3]/*
%files devel
%doc HACKING
%{_bindir}/autotrace-config
%{_libdir}/*.so
%{_libdir}/pkgconfig/autotrace.pc
%{_includedir}/autotrace/
%{_datadir}/aclocal/autotrace.m4
%changelog
* Tue Aug 21 2018 Parag Nemade <pnemade AT redhat DOT com> - 0.31.1-52
- Resolves:rh#1564990: Removed BR: ImageMagick-devel
* Thu May 3 2018 Jan Horak <jhorak@redhat.com> - 0.31.1-51
- Resolves:rh#1564990: Removed ImageMagick support
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.31.1-50
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Aug 24 2017 Michael Cronenworth <mike@cchtml.com> - 0.31.1-49
- Bump release for upgrade path
* Wed Aug 23 2017 Michael Cronenworth <mike@cchtml.com> - 0.31.1-48
- Rebuilt for new ImageMagick
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.31.1-47
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Sun Jul 30 2017 Kevin Fenzi <kevin@scrye.com> - 0.31.1-46
- Rebuild for new ImageMagick
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.31.1-45
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.31.1-44
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri Jan 20 2017 Jaroslav Škarvada <jskarvad@redhat.com> - 0.31.1-43
- Enabled pstoedit backend
- Fixed out of bounds write when using pstoedit backend
Resolves: CVE-2016-7392
- Fixed hardcoded version on source URL
- Fixed bogus date in changelog (best effort)
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.31.1-42
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-41
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-40
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-39
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Mon Mar 31 2014 Jon Ciesla <limburgher@gmail.com> - 0.31.1-38
- ImageMagick rebuild.
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-37
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 21 2013 Peter Lemenkov <lemenkov@gmail.com> - 0.31.1-36
- Fix building on AArch64
- Enable pstoedit back
* Fri Jul 19 2013 Jaroslav Škarvada <jskarvad@redhat.com> - 0.31.1-35
- Fixed multilib conflict in devel package (by multilib-fix patch)
- Removed rpaths
* Fri Jun 28 2013 Jaroslav Škarvada <jskarvad@redhat.com> - 0.31.1-34
- Fixed buffer overflow when parsing BMP files
Resolves: CVE-2013-1953
* Mon Mar 18 2013 Jon Ciesla <limburgher@gmail.com> - 0.31.1-33
- ImageMagick rebuild.
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Sat Jul 21 2012 Peter Lemenkov <lemenkov@gmail.com> - 0.31.1-31
- Cosmetic changes in the spec-file (closes rhbz #803928 and #817950)
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-30.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Mar 02 2012 Jon Ciesla <limburgher@gmail.com> - 0.31.1-29.1
- Libpng 1.5 fix.
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-28.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Tue Dec 06 2011 Adam Jackson <ajax@redhat.com> - 0.31.1-27.1
- Rebuild for new libpng
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-26.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Sep 29 2010 jkeating - 0.31.1-25.1
- Rebuilt for gcc bug 634757
* Fri Sep 17 2010 Rex Dieter <rdieter@fedoraproject.org> - 0.31.1-24.1
- rebuild (ImageMagick)
* Mon May 17 2010 Peter Lemenkov <lemenkov@gmail.com> - 0.31.1-24
- Changed description (closes rhbz #591659).
* Mon Jul 27 2009 Peter Lemenkov <lemenkov@gmail.com> - 0.31.1-23
- Removed static libraries from -devel
- Changed %%makeinstall to "make install DESTDIR=blablabla"
- Fixed rhbz# 477980
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Fri Mar 13 2009 Hans de Goede <hdegoede@redhat.com> - 0.31.1-21
- Rebuild for new ImageMagick
* Mon Mar 02 2009 Caolán McNamara <caolanm@redhat.com> - 0.31.1-20
- Modify GetOnePixel usage to build against current ImageMagick api
* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.31.1-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Mon Jul 14 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.31.1-18
- fix license tag
* Mon May 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.31.1-17
- Rebuild for new ImageMagick.
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.31.1-16
- Autorebuild for GCC 4.3
* Wed Aug 22 2007 Quentin Spencer <qspencer@users.sourceforge.net> - 0.31.1-15
- Rebuild for F8.
* Thu Oct 05 2006 Christian Iseli <Christian.Iseli@licr.org> 0.31.1-14
- rebuilt for unwind info generation, broken in gcc-4.1.1-21
* Thu Sep 21 2006 Quentin Spencer <qspencer@users.sourceforge.net> - 0.31.1-13
- Rebuild for FC6.
* Mon Feb 13 2006 Roozbeh Pournader <roozbeh@farsiweb.info> - 0.31.1-12
- Rebuild for Fedora Extras 5
* Sat Jan 28 2006 Roozbeh Pournader <roozbeh@farsiweb.info> - 0.31.1-11
- rebuild
* Tue Jan 17 2006 Roozbeh Pournader <roozbeh@farsiweb.info> - 0.31.1-10
- add BuildRequires on freetype-devel
* Tue Jan 17 2006 Roozbeh Pournader <roozbeh@farsiweb.info> - 0.31.1-9
- remove BuildRequires on XFree86-devel
* Mon Jan 16 2006 Roozbeh Pournader <roozbeh@farsiweb.info> - 0.31.1-8
- add %%{?dist} tag
- add a BuildRequires on bzip2-devel
- add ldconfig to %%post and %%postun
* Thu May 26 2005 Jeremy Katz <katzj@redhat.com> - 0.31.1-7
- and more buildrequires
* Thu May 26 2005 Jeremy Katz <katzj@redhat.com> - 0.31.1-6
- BR libtiff-devel
* Wed May 25 2005 Jeremy Katz <katzj@redhat.com> - 0.31.1-5
- rebuild
* Thu Apr 7 2005 Michael Schwendt <mschwendt[AT]users.sf.net>
- rebuilt
* Sat Aug 21 2004 Marius L. Jøhndal <mariuslj at ifi.uio.no> - 0:0.31.1-3
- Temporarily changed buildreq pstoedit-devel to buildconflicts.
* Thu Apr 22 2004 Marius L. Jøhndal <mariuslj at ifi.uio.no> - 0:0.31.1-0.fdr.2
- Added new BuildReq pstoedit-devel.
- Added missing BuildReq libexif-devel.
- Added missing -devel requires pkgconfig, ImageMagick-devel.
- Converted spec file to UTF-8.
* Mon Sep 29 2003 Marius L. Johndal <mariuslj at ifi.uio.no> 0:0.31.1-0.fdr.1
- Initial RPM release.