From e13120bb098f25ac552570c2f9ea5908ef102a50 Mon Sep 17 00:00:00 2001 From: "Markus S. Wamser" Date: Tue, 13 Oct 2020 21:47:08 +0200 Subject: [PATCH] mupdf: 1.17.0 -> 1.18.0 fixes CVE-2017-5991 fixes CVE-2020-26519 also drops the patch for shared libs (not needed anymore) --- pkgs/applications/misc/mupdf/default.nix | 14 ++++--- .../misc/mupdf/mupdf-1.14-shared_libs.patch | 39 ------------------- 2 files changed, 8 insertions(+), 45 deletions(-) delete mode 100644 pkgs/applications/misc/mupdf/mupdf-1.14-shared_libs.patch diff --git a/pkgs/applications/misc/mupdf/default.nix b/pkgs/applications/misc/mupdf/default.nix index 61eb32bbd5cd..ecefbd17cfe0 100644 --- a/pkgs/applications/misc/mupdf/default.nix +++ b/pkgs/applications/misc/mupdf/default.nix @@ -1,5 +1,6 @@ { stdenv, lib, fetchurl, fetchpatch, pkgconfig, freetype, harfbuzz, openjpeg , jbig2dec, libjpeg , darwin +, gumbo , enableX11 ? true, libX11, libXext, libXi, libXrandr , enableCurl ? true, curl, openssl , enableGL ? true, freeglut, libGLU @@ -13,27 +14,28 @@ let in stdenv.mkDerivation rec { - version = "1.17.0"; + version = "1.18.0"; pname = "mupdf"; src = fetchurl { url = "https://mupdf.com/downloads/archive/${pname}-${version}-source.tar.gz"; - sha256 = "13nl9nrcx2awz9l83mlv2psi1lmn3hdnfwxvwgwiwbxlkjl3zqq0"; + sha256 = "0rljl44y8p8hgaqializlyrgpij1wbnrzyp0ll5kcg7w05nylq48"; }; patches = - # Use shared libraries to decrease size - stdenv.lib.optional (!stdenv.isDarwin) ./mupdf-1.14-shared_libs.patch - ++ stdenv.lib.optional stdenv.isDarwin ./darwin.patch + stdenv.lib.optional stdenv.isDarwin ./darwin.patch ; postPatch = '' sed -i "s/__OPENJPEG__VERSION__/${openJpegVersion}/" source/fitz/load-jpx.c ''; + # Use shared libraries to decrease size + buildFlags = [ "shared" ]; + makeFlags = [ "prefix=$(out) USE_SYSTEM_LIBS=yes" ]; nativeBuildInputs = [ pkgconfig ]; - buildInputs = [ freetype harfbuzz openjpeg jbig2dec libjpeg freeglut libGLU ] + buildInputs = [ freetype harfbuzz openjpeg jbig2dec libjpeg freeglut libGLU gumbo ] ++ lib.optionals enableX11 [ libX11 libXext libXi libXrandr ] ++ lib.optionals enableCurl [ curl openssl ] ++ lib.optionals enableGL ( diff --git a/pkgs/applications/misc/mupdf/mupdf-1.14-shared_libs.patch b/pkgs/applications/misc/mupdf/mupdf-1.14-shared_libs.patch deleted file mode 100644 index 131a1bbbf6bd..000000000000 --- a/pkgs/applications/misc/mupdf/mupdf-1.14-shared_libs.patch +++ /dev/null @@ -1,39 +0,0 @@ ---- mupdf-1.14.0-source.orig/Makefile 2018-11-02 06:57:12.114012496 +0100 -+++ mupdf-1.14.0-source/Makefile 2018-11-02 09:57:10.067945307 +0100 -@@ -20,7 +20,7 @@ - # Do not specify CFLAGS or LIBS on the make invocation line - specify - # XCFLAGS or XLIBS instead. Make ignores any lines in the makefile that - # set a variable that was set on the command line. --CFLAGS += $(XCFLAGS) -Iinclude -+CFLAGS += $(XCFLAGS) -Iinclude -fPIC - LIBS += $(XLIBS) -lm - - ifneq ($(threading),no) -@@ -190,17 +190,21 @@ - - # --- Library --- - --MUPDF_LIB = $(OUT)/libmupdf.a --THIRD_LIB = $(OUT)/libmupdf-third.a --THREAD_LIB = $(OUT)/libmupdf-threads.a --PKCS7_LIB = $(OUT)/libmupdf-pkcs7.a -+MUPDF_LIB = $(OUT)/libmupdf.so -+THIRD_LIB = $(OUT)/libmupdf-third.so -+THREAD_LIB = $(OUT)/libmupdf-threads.so -+PKCS7_LIB = $(OUT)/libmupdf-pkcs7.so - --$(MUPDF_LIB) : $(MUPDF_OBJ) -+$(MUPDF_LIB) : $(MUPDF_OBJ) $(THIRD_LIB) $(THREAD_LIB) -+ $(LINK_CMD) $(THIRD_LIBS) -shared -Wl,-soname -Wl,libmupdf.so -Wl,--no-undefined - $(THIRD_LIB) : $(THIRD_OBJ) -+ $(LINK_CMD) -shared -Wl,-soname -Wl,libmupdf-third.so -Wl,--no-undefined - $(THREAD_LIB) : $(THREAD_OBJ) -+ $(LINK_CMD) -shared -Wl,-soname -Wl,libmupdf-threads.so -Wl,--no-undefined -lpthread - $(PKCS7_LIB) : $(PKCS7_OBJ) -+ $(LINK_CMD) -shared -Wl,-soname -Wl,libmupdf-pkcs7.so - --INSTALL_LIBS := $(MUPDF_LIB) $(THIRD_LIB) -+INSTALL_LIBS := $(MUPDF_LIB) $(THIRD_LIB) $(THREAD_LIB) $(PKCS7_LIB) - - # --- Main tools and viewers --- -