ports/opt (3.3): [notify] qpdf: update to 7.0.0

18 Sep 2017

commit adc657bc7a8b66c172c318d33dea4a460b2ffaac
Author: Juergen Daubert <jue@jue.li>
Date:   Mon Sep 18 15:23:46 2017 +0200

    [notify] qpdf: update to 7.0.0
    
    new ABI, rebuild of dependent ports like cups-filters required.

diff --git a/qpdf/.footprint b/qpdf/.footprint
index 7c5e6db15..f78d6d370 100644
--- a/qpdf/.footprint
+++ b/qpdf/.footprint
@@ -15,8 +15,10 @@ drwxr-xr-x	root/root	usr/include/qpdf/
 -rw-r--r--	root/root	usr/include/qpdf/Pl_Buffer.hh
 -rw-r--r--	root/root	usr/include/qpdf/Pl_Concatenate.hh
 -rw-r--r--	root/root	usr/include/qpdf/Pl_Count.hh
+-rw-r--r--	root/root	usr/include/qpdf/Pl_DCT.hh
 -rw-r--r--	root/root	usr/include/qpdf/Pl_Discard.hh
 -rw-r--r--	root/root	usr/include/qpdf/Pl_Flate.hh
+-rw-r--r--	root/root	usr/include/qpdf/Pl_RunLength.hh
 -rw-r--r--	root/root	usr/include/qpdf/Pl_StdioFile.hh
 -rw-r--r--	root/root	usr/include/qpdf/PointerHolder.hh
 -rw-r--r--	root/root	usr/include/qpdf/QPDF.hh
@@ -35,9 +37,9 @@ drwxr-xr-x	root/root	usr/include/qpdf/
 drwxr-xr-x	root/root	usr/lib/
 -rw-r--r--	root/root	usr/lib/libqpdf.a
 -rwxr-xr-x	root/root	usr/lib/libqpdf.la
-lrwxrwxrwx	root/root	usr/lib/libqpdf.so -> libqpdf.so.17.0.0
-lrwxrwxrwx	root/root	usr/lib/libqpdf.so.17 -> libqpdf.so.17.0.0
--rwxr-xr-x	root/root	usr/lib/libqpdf.so.17.0.0
+lrwxrwxrwx	root/root	usr/lib/libqpdf.so -> libqpdf.so.18.1.0
+lrwxrwxrwx	root/root	usr/lib/libqpdf.so.18 -> libqpdf.so.18.1.0
+-rwxr-xr-x	root/root	usr/lib/libqpdf.so.18.1.0
 drwxr-xr-x	root/root	usr/lib/pkgconfig/
 -rw-r--r--	root/root	usr/lib/pkgconfig/libqpdf.pc
 drwxr-xr-x	root/root	usr/share/
diff --git a/qpdf/.md5sum b/qpdf/.md5sum
index aaf973f6c..0080db264 100644
--- a/qpdf/.md5sum
+++ b/qpdf/.md5sum
@@ -1,5 +1 @@
-b3cc65446adae1fe4f164c010c59f64b  qpdf-6.0.0-CVE-2017-9208.patch
-491486ccdfddc450f2c3b1414eb369f9  qpdf-6.0.0-CVE-2017-9209.patch
-5713ad31faa151c1b7bd9064d820a367  qpdf-6.0.0-CVE-2017-9210.patch
-c9457b6f4430f43fe7aaad93736bd67a  qpdf-6.0.0-detect-recursions.patch
-e014bd3ecf1c4d1a520bbc14d84ac20e  qpdf-6.0.0.tar.gz
+c3ff408f69b3a6b2b3b4c8b373b2600c  qpdf-7.0.0.tar.gz
diff --git a/qpdf/.signature b/qpdf/.signature
index 5572ccd39..59340a84d 100644
--- a/qpdf/.signature
+++ b/qpdf/.signature
@@ -1,9 +1,5 @@
 untrusted comment: verify with /etc/ports/opt.pub
-RWSE3ohX2g5d/YJAZhWWLZUYLWPRsCYcpW33dackFko68OVeTlSx977CZXMi01uWOhIRVZAponEIRQ+ErUE0c9M3DfH0TTArwwY=
-SHA256 (Pkgfile) = 48ab28428f3d935db825606f899011eba69f135142a808536958b0a8e6528bad
-SHA256 (.footprint) = 85e6362fb2da951b8318d1de30c3cb3607fb78de108a8348944a3cb992cd37c3
-SHA256 (qpdf-6.0.0.tar.gz) = a9fdc7e94d38fcd3831f37b6e0fe36492bf79aa6d54f8f66062cf7f9c4155233
-SHA256 (qpdf-6.0.0-detect-recursions.patch) = 4c59e1ca6f7a209a07191ffacac0e28f8d70345801e282493e52cbce76c15a8e
-SHA256 (qpdf-6.0.0-CVE-2017-9208.patch) = 0e2bce8c860aec84dff69739020c7320266f188dd5dfa7eb8e6fc8655d462014
-SHA256 (qpdf-6.0.0-CVE-2017-9209.patch) = 743aa98868aa887abeeaa3b3f4ec35efd9499bb80b3c1c72410afc064d7cc846
-SHA256 (qpdf-6.0.0-CVE-2017-9210.patch) = aff1f8ee13e7436d9982e14d5836172ff0236cb14b48e37c000ae7304185efde
+RWSE3ohX2g5d/dhTWsdq7DUedHp94d5JcFxreY7dhB53gVBvu0Ja0NKXbRGNE3UstEf13Mo/faxXaxjCSG2Oq86QrLMjh01CuAs=
+SHA256 (Pkgfile) = 9b40ed6dd990a05259c6b9f87261b3bb8534f6622df621d2ba590ad6782302ac
+SHA256 (.footprint) = f0b4062eff41f36629fff06cbbb36b8c6c4182a849cd54e619cd457c246242a7
+SHA256 (qpdf-7.0.0.tar.gz) = fed08de14caad0fe5efd148d9eca886d812588b2cbb35d13e61993ee8eb8c65f
diff --git a/qpdf/Pkgfile b/qpdf/Pkgfile
index 9d1ad834a..2e72343ff 100644
--- a/qpdf/Pkgfile
+++ b/qpdf/Pkgfile
@@ -4,22 +4,12 @@
 # Depends on:  libpcre zlib
 
 name=qpdf
-version=6.0.0
-release=3
-source=(http://downloads.sourceforge.net/project/$name/$name/$version/$name-$version...
-    qpdf-6.0.0-detect-recursions.patch
-    qpdf-6.0.0-CVE-2017-9208.patch
-    qpdf-6.0.0-CVE-2017-9209.patch
-    qpdf-6.0.0-CVE-2017-9210.patch)
+version=7.0.0
+release=1
+source=(http://downloads.sourceforge.net/project/$name/$name/$version/$name-$version...)
 
 build() {
     cd $name-$version
-
-    patch -p1 -i $SRC/qpdf-6.0.0-detect-recursions.patch
-    patch -p1 -i $SRC/qpdf-6.0.0-CVE-2017-9208.patch
-    patch -p1 -i $SRC/qpdf-6.0.0-CVE-2017-9209.patch
-    patch -p1 -i $SRC/qpdf-6.0.0-CVE-2017-9210.patch
-
     ./configure --prefix=/usr
     make
     make DESTDIR=$PKG install
diff --git a/qpdf/qpdf-6.0.0-CVE-2017-9208.patch b/qpdf/qpdf-6.0.0-CVE-2017-9208.patch
deleted file mode 100644
index 0dce30995..000000000
--- a/qpdf/qpdf-6.0.0-CVE-2017-9208.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-diff -up qpdf-6.0.0/libqpdf/QPDF.cc.CVE-2017-9208 qpdf-6.0.0/libqpdf/QPDF.cc
---- qpdf-6.0.0/libqpdf/QPDF.cc.CVE-2017-9208	2017-08-03 08:53:32.806072781 +0200
-+++ qpdf-6.0.0/libqpdf/QPDF.cc	2017-08-03 08:55:39.529073703 +0200
-@@ -1340,6 +1340,13 @@ QPDF::readObjectAtOffset(bool try_recove
- 	objid = atoi(tobjid.getValue().c_str());
- 	generation = atoi(tgen.getValue().c_str());
- 
-+   if (objid == 0)
-+   {
-+       throw QPDFExc(qpdf_e_damaged_pdf, this->file->getName(),
-+                     this->last_object_description, offset,
-+                     "object with ID 0");
-+   }
-+
- 	if ((exp_objid >= 0) &&
- 	    (! ((objid == exp_objid) && (generation == exp_generation))))
- 	{
-diff -up qpdf-6.0.0/libqpdf/QPDFObjectHandle.cc.CVE-2017-9208 qpdf-6.0.0/libqpdf/QPDFObjectHandle.cc
---- qpdf-6.0.0/libqpdf/QPDFObjectHandle.cc.CVE-2017-9208	2015-11-10 18:48:52.000000000 +0100
-+++ qpdf-6.0.0/libqpdf/QPDFObjectHandle.cc	2017-08-03 08:54:50.264499428 +0200
-@@ -1090,6 +1090,15 @@ QPDFObjectHandle::parseInternal(PointerH
- QPDFObjectHandle
- QPDFObjectHandle::newIndirect(QPDF* qpdf, int objid, int generation)
- {
-+    if (objid == 0)
-+    {
-+        // Special case: QPDF uses objid 0 as a sentinel for direct
-+        // objects, and the PDF specification doesn't allow for object
-+        // 0. Treat indirect references to object 0 as null so that we
-+        // never create an indirect object with objid 0.
-+        return newNull();
-+    }
-+
-     return QPDFObjectHandle(qpdf, objid, generation);
- }
- 
diff --git a/qpdf/qpdf-6.0.0-CVE-2017-9209.patch b/qpdf/qpdf-6.0.0-CVE-2017-9209.patch
deleted file mode 100644
index 6af336f14..000000000
--- a/qpdf/qpdf-6.0.0-CVE-2017-9209.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-diff -up qpdf-6.0.0/include/qpdf/QPDF.hh.CVE-2017-9209 qpdf-6.0.0/include/qpdf/QPDF.hh
---- qpdf-6.0.0/include/qpdf/QPDF.hh.CVE-2017-9209	2017-08-03 10:00:17.489291722 +0200
-+++ qpdf-6.0.0/include/qpdf/QPDF.hh	2017-08-03 10:00:17.494291685 +0200
-@@ -1095,6 +1095,7 @@ class QPDF
-     // copied_stream_data_provider is owned by copied_streams
-     CopiedStreamDataProvider* copied_stream_data_provider;
-     std::set<QPDFObjGen> attachment_streams;
-+    bool reconstructed_xref;    
- 
-     // Linearization data
-     qpdf_offset_t first_xref_item_offset; // actual value from file
-diff -up qpdf-6.0.0/libqpdf/QPDF.cc.CVE-2017-9209 qpdf-6.0.0/libqpdf/QPDF.cc
---- qpdf-6.0.0/libqpdf/QPDF.cc.CVE-2017-9209	2017-08-03 10:00:17.491291707 +0200
-+++ qpdf-6.0.0/libqpdf/QPDF.cc	2017-08-03 10:01:43.243661883 +0200
-@@ -93,6 +93,7 @@ QPDF::QPDF() :
-     cached_key_generation(0),
-     pushed_inherited_attributes_to_pages(false),
-     copied_stream_data_provider(0),
-+    reconstructed_xref(false),
-     first_xref_item_offset(0),
-     uncompressed_after_compressed(false)
- {
-@@ -331,6 +332,14 @@ QPDF::setTrailer(QPDFObjectHandle obj)
- void
- QPDF::reconstruct_xref(QPDFExc& e)
- {
-+    if (this->reconstructed_xref)
-+    {
-+        // Avoid xref reconstruction infinite loops
-+        throw e;
-+    }
-+
-+    this->reconstructed_xref = true;
-+
-     PCRE obj_re("^\\s*(\\d+)\\s+(\\d+)\\s+obj\\b");
-     PCRE endobj_re("^\\s*endobj\\b");
-     PCRE trailer_re("^\\s*trailer\\b");
diff --git a/qpdf/qpdf-6.0.0-CVE-2017-9210.patch b/qpdf/qpdf-6.0.0-CVE-2017-9210.patch
deleted file mode 100644
index e3ce8e9a4..000000000
--- a/qpdf/qpdf-6.0.0-CVE-2017-9210.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff -up qpdf-6.0.0/libqpdf/QPDFObjectHandle.cc.CVE-2017-9210 qpdf-6.0.0/libqpdf/QPDFObjectHandle.cc
---- qpdf-6.0.0/libqpdf/QPDFObjectHandle.cc.CVE-2017-9210	2017-08-03 10:09:46.670111267 +0200
-+++ qpdf-6.0.0/libqpdf/QPDFObjectHandle.cc	2017-08-03 10:10:56.430600663 +0200
-@@ -1076,8 +1076,7 @@ QPDFObjectHandle::parseInternal(PointerH
- 		throw QPDFExc(
- 		    qpdf_e_damaged_pdf,
- 		    input->getName(), object_description, offset,
--		    std::string("dictionary key not name (") +
--		    key_obj.unparse() + ")");
-+        std::string("dictionary key is not not a name token"));        
- 	    }
- 	    dict[key_obj.getName()] = val;
- 	}
diff --git a/qpdf/qpdf-6.0.0-detect-recursions.patch b/qpdf/qpdf-6.0.0-detect-recursions.patch
deleted file mode 100644
index ae87d8080..000000000
--- a/qpdf/qpdf-6.0.0-detect-recursions.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-diff -up qpdf-6.0.0/include/qpdf/QPDF.hh.detect-recursions qpdf-6.0.0/include/qpdf/QPDF.hh
---- qpdf-6.0.0/include/qpdf/QPDF.hh.detect-recursions	2015-11-10 18:48:52.000000000 +0100
-+++ qpdf-6.0.0/include/qpdf/QPDF.hh	2017-08-02 08:41:17.500831407 +0200
-@@ -603,6 +603,25 @@ class QPDF
-         int gen;
-     };
- 
-+    class ResolveRecorder
-+    {
-+      public:
-+        ResolveRecorder(QPDF* qpdf, QPDFObjGen const& og) :
-+            qpdf(qpdf),
-+            og(og)
-+        {
-+            qpdf->resolving.insert(og);
-+        }
-+        virtual ~ResolveRecorder()
-+        {
-+            this->qpdf->resolving.erase(og);
-+        }
-+      private:
-+        QPDF* qpdf;
-+        QPDFObjGen og;
-+    };
-+    friend class ResolveRecorder;
-+
-     void parse(char const* password);
-     void warn(QPDFExc const& e);
-     void setTrailer(QPDFObjectHandle obj);
-@@ -1065,6 +1084,7 @@ class QPDF
-     std::map<QPDFObjGen, QPDFXRefEntry> xref_table;
-     std::set<int> deleted_objects;
-     std::map<QPDFObjGen, ObjCache> obj_cache;
-+    std::set<QPDFObjGen> resolving;
-     QPDFObjectHandle trailer;
-     std::vector<QPDFObjectHandle> all_pages;
-     std::map<QPDFObjGen, int> pageobj_to_pages_pos;
-diff -up qpdf-6.0.0/libqpdf/QPDF.cc.detect-recursions qpdf-6.0.0/libqpdf/QPDF.cc
---- qpdf-6.0.0/libqpdf/QPDF.cc.detect-recursions	2015-11-10 18:48:52.000000000 +0100
-+++ qpdf-6.0.0/libqpdf/QPDF.cc	2017-08-02 08:42:19.070393817 +0200
-@@ -1453,6 +1453,20 @@ QPDF::resolve(int objid, int generation)
-     // to insert things into the object cache that don't actually
-     // exist in the file.
-     QPDFObjGen og(objid, generation);
-+    if (this->resolving.count(og))
-+    {
-+        // This can happen if an object references itself directly or
-+        // indirectly in some key that has to be resolved during
-+        // object parsing, such as stream length.
-+       warn(QPDFExc(qpdf_e_damaged_pdf, this->file->getName(),
-+		        "", this->file->getLastOffset(),
-+		        "loop detected resolving object " +
-+		        QUtil::int_to_string(objid) + " " +
-+		        QUtil::int_to_string(generation)));
-+        return new QPDF_Null;
-+    }
-+    ResolveRecorder rr(this, og);
-+
-     if (! this->obj_cache.count(og))
-     {
- 	if (! this->xref_table.count(og))

    

ports/opt (3.3): [notify] qpdf: update to 7.0.0

crux＠crux.nu