mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2026-02-02 06:22:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
aports/main/ghostscript/APKBUILD
J0WI 47e96eb4a6 main/ghostscript: add security patches 
CVE-2019-14811
CVE-2019-14812
CVE-2019-14813
2019-09-03 14:19:27 +00:00

140 lines
4.0 KiB
Plaintext
Raw Blame History

# Contributor: Cameron Banta <cbanta@gmail.com>
# Maintainer: Cameron Banta <cbanta@gmail.com>
pkgname=ghostscript
pkgver=9.27
pkgrel=3
pkgdesc="An interpreter for the PostScript language and for PDF"
url="https://ghostscript.com/"
arch="all"
license="AGPL-3.0-or-later"
options="!check"
makedepends="autoconf automake libjpeg-turbo-dev libpng-dev expat-dev
zlib-dev tiff-dev freetype-dev lcms2-dev gtk+3.0-dev
cups-dev libtool jbig2dec-dev openjpeg-dev"
subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev $pkgname-gtk"
source="https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${pkgver/./}/ghostscript-$pkgver.tar.gz
https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs926/0001-Bug700317-Address-.force-operators-exposure.tgz
ghostscript-system-zlib.patch
fix-sprintf.patch
CVE-2019-10216.patch
forceput-inaccessible.patch
"
# secfixes:
# 9.27-r3:
# - CVE-2019-14811
# - CVE-2019-14812
# - CVE-2019-14813
# 9.27-r2:
# - CVE-2019-10216
# 9.26-r2:
# - CVE-2019-3835
# - CVE-2019-3838
# - CVE-2019-6116
# 9.26-r1:
# - CVE-2019-6116
# 9.26-r0:
# - CVE-2018-19409
# - CVE-2018-19475
# - CVE-2018-19476
# - CVE-2018-19477
# 9.25-r1:
# - CVE-2018-17961
# - CVE-2018-18073
# - CVE-2018-18284
# 9.25-r0:
# - CVE-2018-16802
# 9.24-r0:
# - CVE-2018-15908
# - CVE-2018-15909
# - CVE-2018-15910
# - CVE-2018-15911
# 9.23-r0:
# - CVE-2018-10194
# 9.21-r2:
# - CVE-2017-8291
# 9.21-r3:
# - CVE-2017-7207
# - CVE-2017-5951
prepare() {
cd "$builddir"
default_prepare # apply patches
# force it to use system-libs
rm -r jpeg libpng zlib tiff lcms2mt cups/libs jbig2dec \
freetype
# fix parallel builds
sed -i -e 's/ECHO_XE/ECHOGS_XE/g' \
-e 's/^\($(GLOBJ)md5.$(OBJ) :.*\)/\1 $(ECHOGS_XE)/' \
base/lib.mak
aclocal && autoconf --force
cd $builddir/ijs
libtoolize --force && aclocal && autoconf && automake --add-missing
}
build() {
# build ijs
cd "$builddir"/ijs
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--enable-shared \
--disable-static \
make
cd "$builddir"
# --disable-compile-inits is needed to link with system-zlib
./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--sysconfdir=/etc \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--docdir=/usr/share/doc/"$pkgname" \
--enable-dynamic \
--disable-static \
--with-system-libtiff \
--with-ijs \
--with-jbig2dec \
--without-omni \
--enable-gtk \
--with-drivers=ALL \
--with-fontpath=/usr/share/fonts/Type1:/usr/share/fonts \
--disable-compile-inits
make obj/arch.h # workaround parallel build issue
make so all
}
package() {
cd "$builddir"
make -j1 DESTDIR="$pkgdir" install soinstall
cd "$builddir"/ijs
make -j1 DESTDIR="$pkgdir" install
cd ..
# create empty dir for future fonts
mkdir -p "$pkgdir"/usr/share/fonts/Type1
}
gtk() {
pkgdesc="A GTK-enabled PostScript interpreter and renderer"
install -d "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/gsx "$subpkgdir"/usr/bin/
}
sha512sums="9ad7bd24b6d9b7d258e943783817be036a2e0234517baffa1016804ef9b6f3062fb5da20a890a0bfc9e58203ddcf25dc4465f5b3bf5e4a61db87bef0606a0884 ghostscript-9.27.tar.gz
289d916a0b0da410e6f721e42bc44659c91c66ca0f7b96b1a6b010ae1c25e47788e282edc3578b4e4b120a2c684c7b1fd4cc574084bdc9cbbf6e431a01fbae0e 0001-Bug700317-Address-.force-operators-exposure.tgz
70721e3a335afa5e21d4e6cf919119010bd4544a03ab8f53f5325c173902221ad9b88c118b4bfeee80b3e1956bcdbaf4c53f64ae7fb81f5ba57dbc956750c482 ghostscript-system-zlib.patch
beefcf395f7f828e1b81c088022c08a506e218f27535b9de01e0f0edf7979b435316c318fa676771630f6ad16ff1ab059cd68aa128ed97e5a9f2f3fa840200c4 fix-sprintf.patch
f89744b17922b7d9c04c6de69ce35fa621732e4373eccc158b7ff6a9e56d2cf0bbea30c28119f4808864ca584e94342e5125d7bcc6195252455b5f223f379e3f CVE-2019-10216.patch
d7045aa5a02a3fc882552da0b9a60ea565a36d5d038cdf576dc7188158dc05a470ce9fa40bdf1e1003a48995f6707431980910372da549918caf789eb3a2f81f forceput-inaccessible.patch"
Reference in New Issue View Git Blame Copy Permalink