Update to 0.9.8

3 years ago · aaf1262ecc
parent d30fc63d00
commit aaf1262ecc
8 changed files with 26 additions and 41 deletions
--- a/.gitignore
+++ b/.gitignore
@ -7,3 +7,4 @@ podofo-0.8.1.tar.gz
 /podofo-0.9.5.tar.gz
 /podofo-0.9.6.tar.gz
 /podofo-0.9.7.tar.gz
+/podofo-0.9.8.tar.gz
--- a/podofo-0.9.4-freetype.patch
+++ b/podofo-0.9.4-freetype.patch
@ -1,6 +1,6 @@
-diff -rupN --no-dereference podofo-0.9.7/CMakeLists.txt podofo-0.9.7-new/CMakeLists.txt
--- podofo-0.9.7/CMakeLists.txt	2021-01-05 17:56:54.000000000 +0100
-+++ podofo-0.9.7-new/CMakeLists.txt	2022-01-28 10:14:43.955674693 +0100
+diff -rupN --no-dereference podofo-0.9.8/CMakeLists.txt podofo-0.9.8-new/CMakeLists.txt
+--- podofo-0.9.8/CMakeLists.txt	2022-05-03 14:18:23.000000000 +0200
+++ podofo-0.9.8-new/CMakeLists.txt	2022-05-03 15:21:08.930832253 +0200
@@ -407,8 +407,8 @@ ENDIF(NOT PODOFO_BUILD_LIB_ONLY)
 
 FIND_PACKAGE(OpenSSL)
--- a/podofo-gcc12.patch
+++ b/podofo-gcc12.patch
@ -1,6 +1,6 @@
-diff -rupN --no-dereference podofo-0.9.7/test/unit/StringTest.cpp podofo-0.9.7-new/test/unit/StringTest.cpp
--- podofo-0.9.7/test/unit/StringTest.cpp	2019-01-15 14:04:40.000000000 +0100
-+++ podofo-0.9.7-new/test/unit/StringTest.cpp	2022-01-28 10:14:44.069677817 +0100
+diff -rupN --no-dereference podofo-0.9.8/test/unit/StringTest.cpp podofo-0.9.8-new/test/unit/StringTest.cpp
+--- podofo-0.9.8/test/unit/StringTest.cpp	2019-01-15 14:04:40.000000000 +0100
+++ podofo-0.9.8-new/test/unit/StringTest.cpp	2022-05-03 15:21:09.037838070 +0200
@@ -179,19 +179,19 @@ void StringTest::testUtf16beContructor()
     CPPUNIT_ASSERT_EQUAL_MESSAGE( "Comparing UTF8 and UTF16 string converted to UTF8", 
                                   strUtf8.GetStringUtf8(), strUtf16.GetStringUtf8() );
--- a/podofo.spec
+++ b/podofo.spec
@ -1,6 +1,6 @@
 Name:           podofo
-Version:        0.9.7
-Release:        8%{?dist}
+Version:        0.9.8
+Release:        1%{?dist}
 Summary:        Tools and libraries to work with the PDF file format

 # The library is licensed under the LGPL.
@ -15,9 +15,6 @@ Patch0:         podofo-0.9.4-freetype.patch
 # Downstream patch for CVE-2019-20093
 # https://sourceforge.net/p/podofo/tickets/75/
 Patch20:        podofo_CVE-2019-20093.patch
-# Proposed patch for CVE-2018-12983
-# https://sourceforge.net/p/podofo/tickets/23/
-Patch21:        podofo_CVE-2018-12983.patch
 # https://sourceforge.net/p/podofo/tickets/101/
 Patch22:        podofo_maxbytes.patch
 # Comment out some asserts in the testsuite which fail to build with gcc12
@ -181,7 +178,7 @@ rm -rf %{buildroot}%{mingw64_datadir}
 %files libs
 %doc AUTHORS ChangeLog FAQ.html README.html TODO
 %license COPYING.LIB COPYING.exception
-%{_libdir}/*.so.0.9.7
+%{_libdir}/*.so.0.9.8

 %files devel
 %doc doc/html examples
@ -211,6 +208,9 @@ rm -rf %{buildroot}%{mingw64_datadir}


 %changelog
+* Tue May 03 2022 Sandro Mani <manisandro@gmail.com> - 0.9.8-1
+- Update to 0.9.8
+
 * Fri Mar 25 2022 Sandro Mani <manisandro@gmail.com> - 0.9.7-8
 - Rebuild with mingw-gcc-12

--- a/podofo_CVE-2018-12983.patch
+++ b/podofo_CVE-2018-12983.patch
@ -1,16 +0,0 @@
-diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfEncrypt.cpp podofo-0.9.7-new/src/podofo/base/PdfEncrypt.cpp
--- podofo-0.9.7/src/podofo/base/PdfEncrypt.cpp	2019-01-15 14:04:40.000000000 +0100
-+++ podofo-0.9.7-new/src/podofo/base/PdfEncrypt.cpp	2022-01-28 10:14:44.010676200 +0100
-@@ -615,6 +615,12 @@ PdfEncrypt* PdfEncrypt::CreatePdfEncrypt
-             && PdfEncrypt::IsEncryptionEnabled( ePdfEncryptAlgorithm_RC4V2 ) ) 
-     {
-         // [Alexey] - lLength is pdf_int64. Please make changes in encryption algorithms
-+        // [mabri] - Fix CVE-2018-12983: Check key length lLength here
-+        // to prevent stack-based buffer over-read in line 867 of this file
-+        if (lLength > MD5_DIGEST_LENGTH * 8) // lLength in bits, md5 in bytes 
-+        {
-+            PODOFO_RAISE_ERROR_INFO( ePdfError_ValueOutOfRange, "Given key length too large for MD5." );
-+        }
-         pdfEncrypt = new PdfEncryptRC4(oValue, uValue, pValue, rValue, ePdfEncryptAlgorithm_RC4V2, static_cast<int>(lLength), encryptMetadata);
-     }
-     else 
--- a/podofo_CVE-2019-20093.patch
+++ b/podofo_CVE-2019-20093.patch
@ -1,6 +1,6 @@
-diff -rupN --no-dereference podofo-0.9.7/tools/podofoimgextract/ImageExtractor.cpp podofo-0.9.7-new/tools/podofoimgextract/ImageExtractor.cpp
--- podofo-0.9.7/tools/podofoimgextract/ImageExtractor.cpp	2018-02-25 12:48:38.000000000 +0100
-+++ podofo-0.9.7-new/tools/podofoimgextract/ImageExtractor.cpp	2022-01-28 10:14:43.982675433 +0100
+diff -rupN --no-dereference podofo-0.9.8/tools/podofoimgextract/ImageExtractor.cpp podofo-0.9.8-new/tools/podofoimgextract/ImageExtractor.cpp
+--- podofo-0.9.8/tools/podofoimgextract/ImageExtractor.cpp	2018-02-25 12:48:38.000000000 +0100
+++ podofo-0.9.8-new/tools/podofoimgextract/ImageExtractor.cpp	2022-05-03 15:21:08.964834103 +0200
@@ -117,6 +117,11 @@ void ImageExtractor::ExtractImage( PdfOb
         //long lBitsPerComponent = pObject->GetDictionary().GetKey( PdfName("BitsPerComponent" ) )->GetNumber();
         // TODO: Handle colorspaces
--- a/podofo_maxbytes.patch
+++ b/podofo_maxbytes.patch
@ -1,6 +1,6 @@
-diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfParser.h podofo-0.9.7-new/src/podofo/base/PdfParser.h
--- podofo-0.9.7/src/podofo/base/PdfParser.h	2020-03-27 17:53:35.000000000 +0100
-+++ podofo-0.9.7-new/src/podofo/base/PdfParser.h	2022-01-28 10:14:44.039676995 +0100
+diff -rupN --no-dereference podofo-0.9.8/src/podofo/base/PdfParser.h podofo-0.9.8-new/src/podofo/base/PdfParser.h
+--- podofo-0.9.8/src/podofo/base/PdfParser.h	2022-03-12 17:08:42.000000000 +0100
+++ podofo-0.9.8-new/src/podofo/base/PdfParser.h	2022-05-03 15:21:09.000836061 +0200
@@ -39,7 +39,7 @@
 #include "PdfVecObjects.h"
 
@ -10,9 +10,9 @@ diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfParser.h podofo-0.9.
 
 namespace PoDoFo {
 
-diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObject.cpp podofo-0.9.7-new/src/podofo/base/PdfXRefStreamParserObject.cpp
--- podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObject.cpp	2020-10-10 19:17:47.000000000 +0200
-+++ podofo-0.9.7-new/src/podofo/base/PdfXRefStreamParserObject.cpp	2022-01-28 10:14:44.039676995 +0100
+diff -rupN --no-dereference podofo-0.9.8/src/podofo/base/PdfXRefStreamParserObject.cpp podofo-0.9.8-new/src/podofo/base/PdfXRefStreamParserObject.cpp
+--- podofo-0.9.8/src/podofo/base/PdfXRefStreamParserObject.cpp	2021-08-18 19:14:51.000000000 +0200
+++ podofo-0.9.8-new/src/podofo/base/PdfXRefStreamParserObject.cpp	2022-05-03 15:21:09.000836061 +0200
@@ -237,7 +237,7 @@ void PdfXRefStreamParserObject::ReadXRef
 {
     int              i;
@ -32,9 +32,9 @@ diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObje
             ++pBuffer;
         }
     }
-diff -rupN --no-dereference podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObject.h podofo-0.9.7-new/src/podofo/base/PdfXRefStreamParserObject.h
--- podofo-0.9.7/src/podofo/base/PdfXRefStreamParserObject.h	2019-05-23 12:08:59.000000000 +0200
-+++ podofo-0.9.7-new/src/podofo/base/PdfXRefStreamParserObject.h	2022-01-28 10:14:44.040677023 +0100
+diff -rupN --no-dereference podofo-0.9.8/src/podofo/base/PdfXRefStreamParserObject.h podofo-0.9.8-new/src/podofo/base/PdfXRefStreamParserObject.h
+--- podofo-0.9.8/src/podofo/base/PdfXRefStreamParserObject.h	2021-08-18 19:14:51.000000000 +0200
+++ podofo-0.9.8-new/src/podofo/base/PdfXRefStreamParserObject.h	2022-05-03 15:21:09.000836061 +0200
@@ -38,7 +38,7 @@
 #include "PdfParserObject.h"
 
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (podofo-0.9.7.tar.gz) = 0e699739c2fb7d4d02ffca371504bb19f3a8a97ddcbfc06f8d9636db9e73064b4f633f7f09bce92140bb2174610ad68c1e5f8460d474d176ab803ed28295251b
+SHA512 (podofo-0.9.8.tar.gz) = b220322114450f1656c73d325f5172bc4cec0b1913e98b4eb2455f8ed7394bcaa47438d41003c9678937ef44d411e135431ddd6784f83d3663337d471baa02b1