graphics/exiv2: Update to 0.28.2

Fixes CVE-2024-24826, CVE-2024-25112 and CVE-2023-44398 (0.28.1) Changelog: https://github.com/Exiv2/exiv2/blob/v0.28.2/doc/ChangeLog PR: 277146 Sponsored by: Blinkinblox
2024-03-06 22:02:43 +01:00 · 2024-03-06 22:02:43 +01:00 · 5a50cca81b
parent edc147c358
commit 5a50cca81b
5 changed files with 13 additions and 136 deletions
--- a/graphics/exiv2/Makefile
+++ b/graphics/exiv2/Makefile
@ -1,20 +1,8 @@
 PORTNAME=	exiv2
-DISTVERSION=	0.28.0
-DISTVERSIONSUFFIX=	-Source
-PORTREVISION=	1
+DISTVERSIONPREFIX=	v
+DISTVERSION=	0.28.2
 PORTEPOCH=	1
 CATEGORIES=	graphics
-MASTER_SITES=	https://github.com/Exiv2/exiv2/releases/download/v${DISTVERSION}/
-
-# https://git.alpinelinux.org/aports/log/community/exiv2
-# https://github.com/Exiv2/exiv2/compare/v0.28.0...0.28.x
-PATCH_SITES=	https://github.com/Exiv2/exiv2/commit/
-PATCHFILES=	16c1cd7da0cd159ee2d53c39088564edaf046c77.patch:-p1 \
-		2876c8c5f70f71b5b51b0f26b31dd0dc08583212.patch:-p1 \
-		3664f5b826f5688b82470235d1dceef0c9c4c47d.patch:-p1 \
-		b4f435a4ecceba0ef3a785dbe8eead6f55f49cc1.patch:-p1 \
-		c5c4a54d4cf4ea544c30fe6780dab2755f404300.patch:-p1 \
-		f47e7bd666aa063d016bdf00ea8f62c97a5b5a7a.patch:-p1

 MAINTAINER=	multimedia@FreeBSD.org
 COMMENT=	Exif, IPTC, and XMP metadata manipulation library and tools
@ -31,10 +19,11 @@ LIB_DEPENDS=	libbrotlidec.so:archivers/brotli \
 USES=		cmake compiler:c++17-lang cpe dos2unix gettext-tools iconv \
 		localbase:ldflags pathfix shebangfix
 DOS2UNIX_FILES=	cmake/compilerFlags.cmake
-USE_LDCONFIG=	yes
 SHEBANG_FILES=	fuzz/mkdictionary.py tests/runner.py
+USE_LDCONFIG=	yes

-CMAKE_ARGS=	-DPython${PYTHON_MAJOR_VER}_EXECUTABLE:FILEPATH="${PYTHON_CMD}"
+USE_GITHUB=	yes
+GH_ACCOUNT=	Exiv2

 CMAKE_ON=	EXIV2_ENABLE_VIDEO
 CMAKE_OFF=	EXIV2_ENABLE_EXTERNAL_XMP
@ -42,8 +31,6 @@ CMAKE_OFF=	EXIV2_ENABLE_EXTERNAL_XMP
 LDFLAGS_mips=	-lintl
 LDFLAGS_mips64=	-lintl

-WRKSRC=		${WRKDIR}/${PORTNAME}-${DISTVERSION}-Source
-
 OPTIONS_DEFINE=	DOCS DOXYGEN NLS SAMPLE TEST
 OPTIONS_SUB=	yes

@ -60,11 +47,12 @@ NLS_CMAKE_BOOL=	EXIV2_ENABLE_NLS

 SAMPLE_CMAKE_BOOL=	EXIV2_BUILD_SAMPLES

-TEST_IMPLIES=		SAMPLE
 TEST_LIB_DEPENDS=	libgtest.so:devel/googletest
 TEST_TEST_DEPENDS=	bash:shells/bash
 TEST_USES=		python:build,test
 TEST_CMAKE_BOOL=	EXIV2_BUILD_UNIT_TESTS
+TEST_CMAKE_ON=		-DPython${PYTHON_MAJOR_VER}_EXECUTABLE:FILEPATH="${PYTHON_CMD}"
 TEST_TEST_TARGET=	test
+TEST_IMPLIES=		SAMPLE

 .include <bsd.port.mk>
--- a/graphics/exiv2/distinfo
+++ b/graphics/exiv2/distinfo
@ -1,15 +1,3 @@
-TIMESTAMP = 1688940824
-SHA256 (exiv2-0.28.0-Source.tar.gz) = 89af3b5ef7277753ef7a7b5374ae017c6b9e304db3b688f1948e73e103491f3d
-SIZE (exiv2-0.28.0-Source.tar.gz) = 44893310
-SHA256 (16c1cd7da0cd159ee2d53c39088564edaf046c77.patch) = a82d468d34ed0d656a19d1be529ed29efe19ced5e2c1d0a321b6d10b4ccbe3f7
-SIZE (16c1cd7da0cd159ee2d53c39088564edaf046c77.patch) = 4995
-SHA256 (2876c8c5f70f71b5b51b0f26b31dd0dc08583212.patch) = 43f6fd90aca09e6a8aa9400f1aad3b805766661ecf2b428dbe5b427ffaedde5d
-SIZE (2876c8c5f70f71b5b51b0f26b31dd0dc08583212.patch) = 2265
-SHA256 (3664f5b826f5688b82470235d1dceef0c9c4c47d.patch) = d301da6b22ea163497a17beb773d47c2fd254ed98032bd26c875b997c7bbe05b
-SIZE (3664f5b826f5688b82470235d1dceef0c9c4c47d.patch) = 12991
-SHA256 (b4f435a4ecceba0ef3a785dbe8eead6f55f49cc1.patch) = e3b0dce84cdacbdbb24c6c39772f6cdbba7e3e3101be540d7695d3d981c810e5
-SIZE (b4f435a4ecceba0ef3a785dbe8eead6f55f49cc1.patch) = 755
-SHA256 (c5c4a54d4cf4ea544c30fe6780dab2755f404300.patch) = df98e6aee22365742d5550f1b32b21a486145b7c798f1fea805ad3d690898ae1
-SIZE (c5c4a54d4cf4ea544c30fe6780dab2755f404300.patch) = 776
-SHA256 (f47e7bd666aa063d016bdf00ea8f62c97a5b5a7a.patch) = c2e1f84d0a86cf899fddd50b2741add3902c25a79925b32964a7c5187f4deabd
-SIZE (f47e7bd666aa063d016bdf00ea8f62c97a5b5a7a.patch) = 1125
+TIMESTAMP = 1707967147
+SHA256 (Exiv2-exiv2-v0.28.2_GH0.tar.gz) = 543bead934135f20f438e0b6d8858c55c5fcb7ff80f5d1d55489965f1aad58b9
+SIZE (Exiv2-exiv2-v0.28.2_GH0.tar.gz) = 45224206
--- a/graphics/exiv2/files/patch-_MSVC_LANG-warning-Wundef
+++ b/graphics/exiv2/files/patch-_MSVC_LANG-warning-Wundef
@ -1,84 +0,0 @@
-From aaa876159ada768ba0fb2d44b4eaaf23b3b2ed98 Mon Sep 17 00:00:00 2001
-From: Matthias Andree <matthias.andree@gmx.de>
-Date: Mon, 3 Jul 2023 11:16:44 +0200
-Subject: [PATCH] Fix preprocessor warnings about undefined _MSVC_LANG
-
-Stricter compiler/settings, such as found during a build
-on FreeBSD with clang 14, issue warnings of the kind below.
-
-/usr/local/include/exiv2/value.hpp:1272:31: warning: '_MSVC_LANG' is not defined, evaluates to 0 [-Wundef]
-fixed-width font helps here-- ^
-
-Fix: Guard use of _MSVC_LANG by a check.
-
-Personally, I found that MSVC has several feature-specific
-checks in predefined macros which might allow for one
-standards-based check that matches GCC/clang/MSVC rather than the
-split check for C++ standard and MSVC language version settings.
-
-See https://en.cppreference.com/w/cpp/feature_test
-
-I am not building Exiv2 on MSVC, so I cannot test/suggest
-anything here.
--- include/exiv2/slice.hpp.orig	2023-05-08 16:01:13 UTC
-+++ include/exiv2/slice.hpp
-@@ -255,7 +255,7 @@ struct ContainerStorage {
-   using iterator = typename container::iterator;
-   using const_iterator = typename container::const_iterator;
- 
-#if __cplusplus >= 201402L || _MSVC_LANG >= 201402L
-+#if __cplusplus >= 201402L || (defined(_MSVC_LANG) && (_MSVC_LANG >= 201402L))
-   using value_type = std::remove_cv_t<typename container::value_type>;
- #else
-   using value_type = typename std::remove_cv<typename container::value_type>::type;
-@@ -320,7 +320,7 @@ struct ContainerStorage {
-  */
- template <typename storage_type>
- struct PtrSliceStorage {
-#if __cplusplus >= 201402L || _MSVC_LANG >= 201402L
-+#if __cplusplus >= 201402L || (defined(_MSVC_LANG) && (_MSVC_LANG >= 201402L))
-   using value_type = std::remove_cv_t<std::remove_pointer_t<storage_type>>;
- #else
-   using value_type = typename std::remove_cv<typename std::remove_pointer<storage_type>::type>::type;
-@@ -423,7 +423,7 @@ struct Slice : public Internal::MutableSliceBase<Inter
-   using iterator = typename container::iterator;
-   using const_iterator = typename container::const_iterator;
- 
-#if __cplusplus >= 201402L || _MSVC_LANG >= 201402L
-+#if __cplusplus >= 201402L || (defined(_MSVC_LANG) && (_MSVC_LANG >= 201402L))
-   using value_type = std::remove_cv_t<typename container::value_type>;
- #else
-   using value_type = typename std::remove_cv<typename container::value_type>::type;
-@@ -460,7 +460,7 @@ struct Slice<const container> : public Internal::Const
-   using iterator = typename container::iterator;
-   using const_iterator = typename container::const_iterator;
- 
-#if __cplusplus >= 201402L || _MSVC_LANG >= 201402L
-+#if __cplusplus >= 201402L || (defined(_MSVC_LANG) && (_MSVC_LANG >= 201402L))
-   using value_type = std::remove_cv_t<typename container::value_type>;
- #else
-   using value_type = typename std::remove_cv<typename container::value_type>::type;
- include/exiv2/slice.hpp | 8 ++++----
- include/exiv2/value.hpp | 4 ++--
- 2 files changed, 6 insertions(+), 6 deletions(-)
-
--- include/exiv2/value.hpp.orig	2023-05-08 16:01:13 UTC
-+++ include/exiv2/value.hpp
-@@ -1254,7 +1254,7 @@ class ValueType : public Value {
-     } else if (std::is_signed<I>::value) {
- #endif
-       // conversion is from unsigned to signed
-#if __cplusplus >= 201402L || _MSVC_LANG >= 201402L
-+#if __cplusplus >= 201402L || (defined(_MSVC_LANG) && (_MSVC_LANG >= 201402L))
-       const auto imax = static_cast<std::make_unsigned_t<I>>(std::numeric_limits<I>::max());
- #else
-       const auto imax = static_cast<typename std::make_unsigned<I>::type>(std::numeric_limits<I>::max());
-@@ -1269,7 +1269,7 @@ class ValueType : public Value {
-         return 0;
-       }
-       // Inputs are not negative so convert them to unsigned.
-#if __cplusplus >= 201402L || _MSVC_LANG >= 201402L
-+#if __cplusplus >= 201402L || (defined(_MSVC_LANG) && (_MSVC_LANG >= 201402L))
-       const auto a_u = static_cast<std::make_unsigned_t<decltype(a)>>(a);
-       const auto b_u = static_cast<std::make_unsigned_t<decltype(b)>>(b);
- #else
--- a/graphics/exiv2/files/patch-src_version.cpp
+++ b/graphics/exiv2/files/patch-src_version.cpp
@ -1,16 +0,0 @@
-This patch fixes a crash when the procstat_getfiles()
-return list contains non-vnodes that don't have an fs_path.
-
-filed as https://github.com/Exiv2/exiv2/pull/2672
-
--- src/version.cpp.orig	2023-05-08 16:01:13 UTC
-+++ src/version.cpp
-@@ -148,7 +148,7 @@ static std::vector<std::string> getLoadedLibraries() {
-     struct filestat_list* files = procs ? procstat_getfiles(procstat, procs, true) : nullptr;
-     if (files) {
-       filestat* entry;
-      STAILQ_FOREACH(entry, files, next) {
-+      STAILQ_FOREACH(entry, files, next) if (entry && PS_FST_TYPE_VNODE == entry->fs_type && entry->fs_path) {
-         std::string path(entry->fs_path);
-         pushPath(path, libs, paths);
-       }
--- a/graphics/exiv2/pkg-plist
+++ b/graphics/exiv2/pkg-plist
@ -62,11 +62,12 @@ include/exiv2/version.hpp
 include/exiv2/webpimage.hpp
 include/exiv2/xmp_exiv2.hpp
 include/exiv2/xmpsidecar.hpp
-lib/cmake/exiv2/exiv2Config-%%CMAKE_BUILD_TYPE%%.cmake
 lib/cmake/exiv2/exiv2Config.cmake
 lib/cmake/exiv2/exiv2ConfigVersion.cmake
+lib/cmake/exiv2/exiv2Export-%%CMAKE_BUILD_TYPE%%.cmake
+lib/cmake/exiv2/exiv2Export.cmake
 lib/libexiv2.so
-lib/libexiv2.so.0.28.0
+lib/libexiv2.so.0.28.2
 lib/libexiv2.so.28
 libdata/pkgconfig/exiv2.pc
 share/man/man1/exiv2.1.gz