[packages/libcaca] - updated to 0.99.beta20, fixes: CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2

qboosh qboosh at pld-linux.org
Mon Dec 6 19:35:24 CET 2021 

commit dc266775fc2ac8c8d99efc4f7f62804c6d24ef29
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Mon Dec 6 19:35:47 2021 +0100

    - updated to 0.99.beta20, fixes:
      CVE-2018-20545 CVE-2018-20546 CVE-2018-20547 CVE-2018-20548 CVE-2018-20549 CVE-2021-3410 CVE-2021-30498 CVE-2021-30499
    - updated ruby-vendordir patch
    - added sh patch (remove bashism from configure)
    - added plugins patch (fix plugin symbols exporting with hidden visibility support)
    - reenabled ncurses by default (now colors work with ABI 6)
    - drop .la files

 libcaca-plugins.patch | 39 ++++++++++++++++++++++++++++++++++
 libcaca-sh.patch      | 11 ++++++++++
 libcaca.spec          | 58 ++++++++++++++++++++++++++++++++++-----------------
 ruby-vendordir.patch  | 18 ++++++++--------
 4 files changed, 98 insertions(+), 28 deletions(-)
---
diff --git a/libcaca.spec b/libcaca.spec
index 96db3ea..93b1f4f 100644
--- a/libcaca.spec
+++ b/libcaca.spec
@@ -4,16 +4,18 @@
 %bcond_without	java		# Java binding
 %bcond_without	ruby		# Ruby binding
 %bcond_without	python		# Python binding
+%bcond_without	ncurses		# ncurses driver
+%bcond_without	slang		# slang driver
 
-%ifnarch %{ix86} %{x8664} alpha arm hppa ia64 mips ppc s390 s390x sparc sparcv9
+%ifnarch %{ix86} %{x8664} alpha %{arm} hppa ia64 mips ppc s390 s390x sparc sparcv9
 %undefine	with_dotnet
 %endif
 %ifarch i386
 %undefine	with_dotnet
 %endif
 
-%define		rel	10
-%define	subver	beta19
+%define		rel	1
+%define	subver	beta20
 Summary:	Graphics library that outputs text instead of pixels
 Summary(pl.UTF-8):	Biblioteka graficzna wyświetlająca tekst zamiast pikseli
 Name:		libcaca
@@ -21,11 +23,14 @@ Version:	0.99
 Release:	0.%{subver}.%{rel}
 License:	WTFPL v2
 Group:		Libraries
-Source0:	http://caca.zoy.org/raw-attachment/wiki/libcaca/%{name}-%{version}.%{subver}.tar.gz
-# Source0-md5:	a3d4441cdef488099f4a92f4c6c1da00
+#Source0Download: https://github.com/cacalabs/libcaca/releases
+Source0:	https://github.com/cacalabs/libcaca/releases/download/v%{version}.%{subver}/%{name}-%{version}.%{subver}.tar.bz2
+# Source0-md5:	019c036ef038e7b5727b46f07fda739b
 Patch0:		%{name}-monodir.patch
 Patch1:		ruby-vendordir.patch
-URL:		http://caca.zoy.org/
+Patch2:		%{name}-sh.patch
+Patch3:		%{name}-plugins.patch
+URL:		http://caca.zoy.org/wiki/libcaca
 BuildRequires:	OpenGL-devel
 BuildRequires:	autoconf >= 2.50
 BuildRequires:	automake
@@ -36,11 +41,13 @@ BuildRequires:	freeglut-devel >= 2.0.0
 BuildRequires:	imlib2-devel
 BuildRequires:	libstdc++-devel
 BuildRequires:	libtool >= 2:1.5
+%{?with_ncurses:BuildRequires:	ncurses-devel >= 5}
 BuildRequires:	pkgconfig
+BuildRequires:	rpm-build >= 4.6
 BuildRequires:	rpmbuild(macros) >= 1.533
 BuildRequires:	rpmbuild(monoautodeps)
 BuildRequires:	sed >= 4.0
-BuildRequires:	slang-devel >= 2.0.0
+%{?with_slang:BuildRequires:	slang-devel >= 2.0.0}
 #BuildRequires:	texlive-fonts-jknappen
 #BuildRequires:	texlive-format-pdflatex
 #BuildRequires:	texlive-latex-ams
@@ -200,6 +207,18 @@ C++ bindings for libcaca - static libraries.
 %description c++-static -l pl.UTF-8
 Wiązania C++ do libcaca - biblioteki statyczne.
 
+%package apidocs
+Summary:	API documentation for libcaca library
+Summary(pl.UTF-8):	Dokumentacja API biblioteki libcaca
+Group:		Documentation
+BuildArch:	noarch
+
+%description apidocs
+API documentation for libcaca library.
+
+%description apidocs -l pl.UTF-8
+Dokumentacja API biblioteki libcaca.
+
 %package -n dotnet-caca-sharp
 Summary:	C# bindings for libcaca
 Summary(pl.UTF-8):	Wiązania C# do libcaca
@@ -256,6 +275,8 @@ Wiązania języka Ruby do libcaca.
 %setup -q -n %{name}-%{version}.%{subver}
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
+%patch3 -p1
 
 %build
 %{__libtoolize}
@@ -263,20 +284,19 @@ Wiązania języka Ruby do libcaca.
 %{__autoconf}
 %{__autoheader}
 %{__automake}
-# NOTE: ncurses driver builds, but there's no color when linked against
-# ABI 6. While caca defaults to ncurses this must be disabled until fixed.
 # NOTE: as of libcaca 0.99beta19 / doxygen 1.8.7 pdflatex fails - use
 # KPSEWHICH hack to disable PDF documentation.
 %configure \
-	KPSEWHICH=/nonexisting \
 	%{?with_dotnet:CSC=/usr/bin/dmcs} \
+	KPSEWHICH=/nonexisting \
+	--disable-cocoa \
 	--enable-csharp%{!?with_dotnet:=no} \
 	--enable-cxx \
 	--enable-gl \
 	--enable-java%{!?with_java:=no} \
-	--disable-ncurses \
+	--enable-ncurses%{!?with_ncurses:=no} \
 	--enable-plugins \
-	--enable-slang \
+	--enable-slang%{!?with_slang:=no} \
 	--enable-x11
 
 # --disable-silent-rules doesn't work due to AM_DEFAULT_VERBOSITY=0; use V=1 instead
@@ -301,9 +321,8 @@ echo '.so cacafire.1' > $RPM_BUILD_ROOT%{_mandir}/man1/cacademo.1
 # loadable modules
 %{__rm} $RPM_BUILD_ROOT%{_libdir}/caca/*.{a,la}
 %{__rm} $RPM_BUILD_ROOT%{ruby_vendorarchdir}/*.la
-%if %{with java}
-%{__rm} $RPM_BUILD_ROOT%{_libdir}/libcaca-java.la
-%endif
+# obsoleted by pkg-config
+%{__rm} $RPM_BUILD_ROOT%{_libdir}/libcaca*.la
 # man3 pages have too common base names to be included
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/man3/*.3caca
 # packaged as %doc in -devel
@@ -325,7 +344,7 @@ rm -rf $RPM_BUILD_ROOT
 
 %files
 %defattr(644,root,root,755)
-%doc AUTHORS COPYING ChangeLog NEWS NOTES README THANKS
+%doc AUTHORS COPYING NEWS NOTES README THANKS
 %attr(755,root,root) %{_bindir}/cacaclock
 %attr(755,root,root) %{_bindir}/cacademo
 %attr(755,root,root) %{_bindir}/cacafire
@@ -357,10 +376,8 @@ rm -rf $RPM_BUILD_ROOT
 
 %files devel
 %defattr(644,root,root,755)
-%doc doc/html/*
 %attr(755,root,root) %{_bindir}/caca-config
 %attr(755,root,root) %{_libdir}/libcaca.so
-%{_libdir}/libcaca.la
 %{_includedir}/caca.h
 %{_includedir}/caca0.h
 %{_includedir}/caca_conio.h
@@ -381,7 +398,6 @@ rm -rf $RPM_BUILD_ROOT
 %files c++-devel
 %defattr(644,root,root,755)
 %attr(755,root,root) %{_libdir}/libcaca++.so
-%{_libdir}/libcaca++.la
 %{_includedir}/caca++.h
 %{_pkgconfigdir}/caca++.pc
 
@@ -389,6 +405,10 @@ rm -rf $RPM_BUILD_ROOT
 %defattr(644,root,root,755)
 %{_libdir}/libcaca++.a
 
+%files apidocs
+%defattr(644,root,root,755)
+%doc doc/html/*
+
 %if %{with dotnet}
 %files -n dotnet-caca-sharp
 %defattr(644,root,root,755)
diff --git a/libcaca-plugins.patch b/libcaca-plugins.patch
new file mode 100644
index 0000000..fc9cf49
--- /dev/null
+++ b/libcaca-plugins.patch
@@ -0,0 +1,39 @@
+--- libcaca-0.99.beta20/caca/caca_internals.h.orig	2021-10-19 15:47:32.000000000 +0200
++++ libcaca-0.99.beta20/caca/caca_internals.h	2021-12-06 17:15:52.742419166 +0100
+@@ -252,7 +252,11 @@ extern int _caca_getticks(caca_timer_t *
+ /* Internal event functions */
+ extern void _caca_handle_resize(caca_display_t *);
+ #if defined(USE_SLANG) || defined(USE_NCURSES) || defined(USE_CONIO) || defined(USE_GL)
+-extern void _push_event(caca_display_t *, caca_privevent_t *);
++extern
++#if defined(CACA_ENABLE_VISIBILITY)
++__attribute__((visibility("default")))
++#endif
++void _push_event(caca_display_t *, caca_privevent_t *);
+ extern int _pop_event(caca_display_t *, caca_privevent_t *);
+ #endif
+ 
+--- libcaca-0.99.beta20/caca/driver/gl.c.orig	2015-01-17 12:51:01.000000000 +0100
++++ libcaca-0.99.beta20/caca/driver/gl.c	2021-12-06 17:16:26.072238603 +0100
+@@ -604,6 +604,9 @@ static void gl_compute_font(caca_display
+  * Driver initialisation
+  */
+ 
++#if defined(CACA_ENABLE_VISIBILITY)
++__attribute__((visibility("default")))
++#endif
+ int gl_install(caca_display_t *dp)
+ {
+ #if defined(HAVE_GETENV) && defined(GLUT_XLIB_IMPLEMENTATION)
+--- libcaca-0.99.beta20/caca/driver/x11.c.orig	2017-04-21 15:33:16.000000000 +0200
++++ libcaca-0.99.beta20/caca/driver/x11.c	2021-12-06 17:17:57.918407696 +0100
+@@ -966,6 +966,9 @@ static void x11_put_glyph(caca_display_t
+  * Driver initialisation
+  */
+ 
++#if defined(CACA_ENABLE_VISIBILITY)
++__attribute__((visibility("default")))
++#endif
+ int x11_install(caca_display_t *dp)
+ {
+ #if defined HAVE_GETENV
diff --git a/libcaca-sh.patch b/libcaca-sh.patch
new file mode 100644
index 0000000..a016958
--- /dev/null
+++ b/libcaca-sh.patch
@@ -0,0 +1,11 @@
+--- libcaca-0.99.beta20/configure.ac.orig	2021-12-05 21:19:06.371427650 +0100
++++ libcaca-0.99.beta20/configure.ac	2021-12-05 21:23:03.620142363 +0100
+@@ -269,7 +269,7 @@ if test "${enable_cocoa}" != "no"; then
+    [ac_cv_my_have_cocoa="yes"])
+   CFLAGS="$save_CFLAGS"
+   if test "${ac_cv_my_have_cocoa}" = "yes"; then
+-    [[[ "$target_os" =~ [0-9]+ ]]] && darwin_ver="${BASH_REMATCH[[0]]}"
++    darwin_ver="$(echo "$target_os}" | sed -ne 's/.*\([0-9]\+\).*/\1/p')"
+     case x${target} in
+     xpowerpc*darwin*)
+       # 10.3 needed to link with X11
diff --git a/ruby-vendordir.patch b/ruby-vendordir.patch
index 2c615d0..58f3084 100644
--- a/ruby-vendordir.patch
+++ b/ruby-vendordir.patch
@@ -1,13 +1,13 @@
---- libcaca-0.99.beta19/configure.ac~	2014-05-16 22:07:53.000000000 +0300
-+++ libcaca-0.99.beta19/configure.ac	2014-07-28 10:58:16.493153286 +0300
-@@ -467,8 +467,8 @@
+--- libcaca-0.99.beta20/configure.ac.orig	2021-12-05 21:13:36.396548611 +0100
++++ libcaca-0.99.beta20/configure.ac	2021-12-05 21:15:11.839364886 +0100
+@@ -491,8 +491,8 @@ if test "${enable_ruby}" != "no"; then
    if test "${RUBY}" != "no"; then
-     RUBY_CFLAGS="$(ruby -r mkmf -e 'conf = RbConfig::CONFIG.merge("hdrdir" => $hdrdir, "arch_hdrdir" => $arch_hdrdir); print RbConfig::expand("#$INCFLAGS", conf)')"
-     RUBY_LIBS="-L$(ruby -r rbconfig -e 'print RbConfig::CONFIG@<:@"libdir"@:>@') -l$(ruby -r rbconfig -e 'print RbConfig::CONFIG@<:@"RUBY_SO_NAME"@:>@')"
--    RUBY_SITEARCHDIR=`ruby -r rbconfig -e 'print RbConfig::CONFIG@<:@"sitearchdir"@:>@'`
--    RUBY_SITELIBDIR=`ruby -r rbconfig -e 'print RbConfig::CONFIG@<:@"sitelibdir"@:>@'`
-+    RUBY_SITEARCHDIR=`ruby -r rbconfig -e 'print RbConfig::CONFIG@<:@"vendorarchdir"@:>@'`
-+    RUBY_SITELIBDIR=`ruby -r rbconfig -e 'print RbConfig::CONFIG@<:@"vendorlibdir"@:>@'`
+     RUBY_CFLAGS="$("${RUBY}" -r mkmf -e 'conf = RbConfig::CONFIG.merge("hdrdir" => $hdrdir, "arch_hdrdir" => $arch_hdrdir); print RbConfig::expand("#$INCFLAGS", conf)')"
+     RUBY_LIBS="-L$("${RUBY}" -r rbconfig -e 'print RbConfig::CONFIG@<:@"libdir"@:>@') -l$("${RUBY}" -r rbconfig -e 'print RbConfig::CONFIG@<:@"RUBY_SO_NAME"@:>@')"
+-    RUBY_SITEARCHDIR=`"${RUBY}" -r rbconfig -e 'print RbConfig::CONFIG@<:@"sitearchdir"@:>@'`
+-    RUBY_SITELIBDIR=`"${RUBY}" -r rbconfig -e 'print RbConfig::CONFIG@<:@"sitelibdir"@:>@'`
++    RUBY_SITEARCHDIR=`"${RUBY}" -r rbconfig -e 'print RbConfig::CONFIG@<:@"vendorarchdir"@:>@'`
++    RUBY_SITELIBDIR=`"${RUBY}" -r rbconfig -e 'print RbConfig::CONFIG@<:@"vendorlibdir"@:>@'`
      AC_SUBST(RUBY_CFLAGS)
      AC_SUBST(RUBY_LIBS)
      AC_SUBST(RUBY_SITEARCHDIR)
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/libcaca.git/commitdiff/dc266775fc2ac8c8d99efc4f7f62804c6d24ef29

More information about the pld-cvs-commit mailing list