Do not rename the source. gs security fix. Add zstd. Improvements.

author: Daniel Bermond 2018-11-26 10:37:15 +0000
committer: Daniel Bermond 2018-11-26 10:37:15 +0000
commit: c89ba1678f1d998e7e6cc73dd29a3d108fd58c3a (patch)
tree: d1efeb432a5929947df86ba2af714e63cfd30c3d
parent: 347a533395b33bc96487e3ef40336e50d87807cf (diff)
download: aur-c89ba1678f1d998e7e6cc73dd29a3d108fd58c3a.tar.gz
3 files changed, 127 insertions, 169 deletions
diff --git a/.SRCINFO b/.SRCINFO
index f5118dc560ec..309fa06b863e 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,103 +1,69 @@
 pkgbase = imagemagick-full-git
 	pkgdesc = An image viewing/manipulation program (Q32 HDRI with all libs and features, git version)
-	pkgver = 7.0.8.15.r14948.g2f1375d5f
+	pkgver = 7.0.8.15.r15029.g459b67438
 	pkgrel = 1
 	url = http://www.imagemagick.org/
 	arch = i686
 	arch = x86_64
 	license = custom
 	makedepends = git
-	makedepends = libltdl
-	makedepends = lcms2
-	makedepends = fontconfig
-	makedepends = libxext
-	makedepends = liblqr
-	makedepends = libraqm
-	makedepends = libpng
-	makedepends = gsfonts
-	makedepends = ttf-dejavu
+	makedepends = perl
+	makedepends = jbigkit
 	makedepends = opencl-headers
-	makedepends = chrpath
+	makedepends = glu
 	makedepends = ghostpcl
 	makedepends = ghostxps
-	makedepends = ghostscript
-	makedepends = libraw
-	makedepends = librsvg
-	makedepends = libwebp
-	makedepends = libwmf
-	makedepends = libxml2
-	makedepends = ocl-icd
-	makedepends = openexr
-	makedepends = openjpeg2
-	makedepends = pango
-	makedepends = glu
-	makedepends = libxt
-	makedepends = bzip2
-	makedepends = djvulibre
-	makedepends = fftw
-	makedepends = freetype2
-	makedepends = graphviz
-	makedepends = jbigkit
-	makedepends = jemalloc
-	makedepends = libjpeg-turbo
-	makedepends = libtiff
-	makedepends = pango
-	makedepends = xz
-	makedepends = zlib
-	makedepends = autotrace-nomagick
-	makedepends = flif
-	makedepends = libde265
-	makedepends = libfpx
-	makedepends = libraqm
-	makedepends = libumem-git
-	depends = libltdl
+	makedepends = zstd
+	makedepends = chrpath
 	depends = lcms2
+	depends = libraqm
+	depends = liblqr
+	depends = fftw
+	depends = libxml2
 	depends = fontconfig
+	depends = freetype2
 	depends = libxext
-	depends = liblqr
-	depends = libraqm
+	depends = libx11
+	depends = bzip2
+	depends = zlib
+	depends = libltdl
+	depends = jemalloc
+	depends = djvulibre
+	depends = libraw
+	depends = graphviz
+	depends = openexr
+	depends = libheif
+	depends = openjpeg2
+	depends = libjpeg-turbo
+	depends = xz
+	depends = glib2
+	depends = pango
+	depends = cairo
 	depends = libpng
-	depends = gsfonts
-	depends = ttf-dejavu
-	depends = ghostpcl
-	depends = ghostxps
 	depends = ghostscript
-	depends = libraw
+	depends = ming
 	depends = librsvg
+	depends = libtiff
 	depends = libwebp
 	depends = libwmf
-	depends = libxml2
 	depends = ocl-icd
-	depends = openexr
-	depends = openjpeg2
-	depends = pango
-	depends = glu
-	depends = libxt
-	depends = bzip2
-	depends = djvulibre
-	depends = fftw
-	depends = freetype2
-	depends = graphviz
-	depends = jbigkit
-	depends = jemalloc
-	depends = libjpeg-turbo
-	depends = libtiff
-	depends = pango
-	depends = xz
-	depends = zlib
+	depends = gsfonts
+	depends = ttf-dejavu
+	depends = pstoedit-nomagick
 	depends = autotrace-nomagick
 	depends = flif
-	depends = libde265
 	depends = libfpx
-	depends = libraqm
 	depends = libumem-git
-	source = imagemagick-full-git::git+https://github.com/ImageMagick/ImageMagick.git
+	source = git+https://github.com/ImageMagick/ImageMagick.git
+	source = imagemagick-full-security-fix.patch
 	source = arch-fonts.diff
 	sha256sums = SKIP
+	sha256sums = e2453381d283c33107194fa791d6b9b2c4c1856afb936d4fa010c05aaebe538e
 	sha256sums = a85b744c61b1b563743ecb7c7adad999d7ed9a8af816650e3ab9321b2b102e73
 
 pkgname = libmagick-full-git
 	pkgdesc = An image viewing/manipulation program (Q32 HDRI with all libs and features, git version) (library)
+	optdepends = ttf-mac-fonts: for Apple fonts support
 	provides = libmagick
 	provides = libmagick-git
 	provides = libMagickCore-7.Q32HDRI.so
@@ -106,11 +72,9 @@ pkgname = libmagick-full-git
 	conflicts = libmagick
 	options = !emptydirs
 	options = libtool
-	backup = etc//coder.xml
 	backup = etc//colors.xml
 	backup = etc//delegates.xml
 	backup = etc//log.xml
-	backup = etc//magic.xml
 	backup = etc//mime.xml
 	backup = etc//policy.xml
 	backup = etc//quantization-table.xml
@@ -120,11 +84,9 @@ pkgname = libmagick-full-git
 	backup = etc//type-ghostscript.xml
 
 pkgname = imagemagick-full-git
-	depends = libmagick-full-git=7.0.8.15.r14948.g2f1375d5f-1
-	depends = perl>=
-	depends = perl<
+	depends = libmagick-full-git=7.0.8.15.r15029.g459b67438-1
+	depends = perl
 	optdepends = imagemagick-full-doc-git: manual and API docs
-	optdepends = ttf-mac-fonts: for Apple fonts support
 	provides = imagemagick
 	provides = imagemagick-git
 	conflicts = imagemagick
@@ -133,7 +95,7 @@ pkgname = imagemagick-full-git
 pkgname = imagemagick-full-doc-git
 	pkgdesc = An image viewing/manipulation program (Q32 HDRI with all libs and features, git version) (manual and API docs)
 	arch = any
+	depends = 
 	provides = imagemagick-doc
-	provides = imagemagick-doc-git
 	conflicts = imagemagick-doc
 
diff --git a/PKGBUILD b/PKGBUILD
index d7f398cead2a..c998b9bad545 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -6,24 +6,16 @@
 # http://www.x.org/releases/X11R7.7/doc/xorg-docs/graphics/dps.html
 
 # NOTE (2):
-# Change font directories bellow to match yours.
-# DeJaVu and GhostScript font directories provided bellow are the default ones.
-# Windows font directory provided bellow is set according to the example in Arch Linux Wiki.
-# This Windows font directory example is for people that copy/link fonts from a Windows
-# installation. If you prefer, you can choose an AUR package that provides the Windows fonts
-# as described in the Wiki and change the directory accordingly.
+# change font directories in build() to match yours:
+#   - deJaVu and GhostScript font directories are the default ones
+#   - Windows font directory is set according to a Wiki example
 
-_dejavu_font_dir='/usr/share/fonts/TTF'
-_gs_font_dir='/usr/share/fonts/Type1'
-_urw_font_dir='/usr/share/fonts/gsfonts'
-_windows_font_dir='/usr/share/fonts/WindowsFonts'
-_1st_apple_font_dir='/usr/share/fonts/TTF'
-_2nd_apple_font_dir='/usr/share/fonts/Type1'
 _qdepth='32'
 
 pkgbase=imagemagick-full-git
 pkgname=('libmagick-full-git' 'imagemagick-full-git' 'imagemagick-full-doc-git')
-pkgver=7.0.8.15.r14948.g2f1375d5f
+_srcname=ImageMagick
+pkgver=7.0.8.15.r15029.g459b67438
 pkgrel=1
 arch=('i686' 'x86_64')
 pkgdesc="An image viewing/manipulation program (Q${_qdepth} HDRI with all libs and features, git version)"
@@ -31,44 +23,44 @@ url='http://www.imagemagick.org/'
 license=('custom')
 depends=(
     # official repositories:
-        'libltdl' 'lcms2' 'fontconfig' 'libxext' 'liblqr' 'libraqm' 'libpng'
-        'gsfonts' 'ttf-dejavu' 'ghostpcl' 'ghostxps'
-        'ghostscript' 'libraw' 'librsvg' 'libwebp' 'libwmf' 'libxml2'
-        'ocl-icd' 'openexr' 'openjpeg2' 'pango'
-        'glu' 'libxt' 'bzip2' 'djvulibre' 'fftw' 'freetype2' 'graphviz'
-        'jbigkit' 'jemalloc' 'libjpeg-turbo' 'libtiff' 'pango' 'xz' 'zlib'
+        'lcms2' 'libraqm' 'liblqr' 'fftw' 'libxml2' 'fontconfig' 'freetype2' 'libxext'
+        'libx11' 'bzip2' 'zlib' 'libltdl' 'jemalloc' 'djvulibre' 'libraw' 'graphviz'
+        'openexr' 'libheif' 'openjpeg2' 'libjpeg-turbo' 'xz' 'glib2' 'pango' 'cairo'
+        'libpng' 'ghostscript' 'ming' 'librsvg' 'libtiff' 'libwebp' 'libwmf' 'ocl-icd'
+        'gsfonts' 'ttf-dejavu'
     # AUR:
-        'autotrace-nomagick' 'flif' 'libde265' 'libfpx' 'libraqm' 'libumem-git'
+        'pstoedit-nomagick' 'autotrace-nomagick' 'flif' 'libfpx' 'libumem-git'
 )
-makedepends=(
-    # official repositories:
-        'git'
-        'libltdl' 'lcms2' 'fontconfig' 'libxext' 'liblqr' 'libraqm' 'libpng'
-        'gsfonts' 'ttf-dejavu' 'opencl-headers' 'chrpath' 'ghostpcl' 'ghostxps'
-        'ghostscript' 'libraw' 'librsvg' 'libwebp' 'libwmf' 'libxml2'
-        'ocl-icd' 'openexr' 'openjpeg2' 'pango'
-        'glu' 'libxt' 'bzip2' 'djvulibre' 'fftw' 'freetype2' 'graphviz'
-        'jbigkit' 'jemalloc' 'libjpeg-turbo' 'libtiff' 'pango' 'xz' 'zlib'
-    # AUR:
-        'autotrace-nomagick' 'flif' 'libde265' 'libfpx' 'libraqm' 'libumem-git'
-)
-source=("$pkgbase"::'git+https://github.com/ImageMagick/ImageMagick.git'
+makedepends=('git' 'perl' 'jbigkit' 'opencl-headers' 'glu' 'ghostpcl' 'ghostxps'
+             'zstd' 'chrpath')
+source=('git+https://github.com/ImageMagick/ImageMagick.git'
+        'imagemagick-full-security-fix.patch'
         'arch-fonts.diff')
 sha256sums=('SKIP'
+            'e2453381d283c33107194fa791d6b9b2c4c1856afb936d4fa010c05aaebe538e'
             'a85b744c61b1b563743ecb7c7adad999d7ed9a8af816650e3ab9321b2b102e73')
 
 prepare() {
-    cd "$pkgbase"
+    cd "$_srcname"
     
-    # fix for 'sh: gitversion.sh: command not found' during autoreconf
-    sed -i 's|(gitversion|(./gitversion|' configure.ac
+    # 1) workaround for ghostscript security issues:
+    #      https://bugs.archlinux.org/task/59778
+    # 2) security fix:
+    #      https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
+    #      https://imagetragick.com/
+    patch -Np1 -i "${srcdir}/imagemagick-full-security-fix.patch"
     
     # fix up typemaps to match Arch Linux packages, where possible
     patch -Np1 -i "${srcdir}/arch-fonts.diff"
+    
+    # fix for 'sh: gitversion.sh: command not found' during autoreconf
+    sed -i 's|(gitversion|(./gitversion|' configure.ac
+    
+    autoreconf -fis
 }
 
 pkgver() {
-    cd "$pkgbase"
+    cd "$_srcname"
     
     local _version
     local _release
@@ -82,25 +74,18 @@ pkgver() {
 }
 
 build() {
-    cd "$pkgbase"
+    cd "$_srcname"
     
     export CFLAGS="${CFLAGS} -I/usr/include/FLIF"
     
-    autoreconf -fis
-    
     ./configure \
         --prefix='/usr' \
         --sysconfdir='/etc' \
         --enable-openmp \
         --enable-opencl \
-        --enable-largefile \
-        --enable-static='no' \
-        --enable-shared='yes' \
-        --enable-fast-install='yes' \
         --disable-delegate-build \
         --enable-cipher \
         --enable-hdri \
-        --enable-hugepages \
         --enable-docs \
         --with-threads \
         --with-modules \
@@ -113,6 +98,7 @@ build() {
         --with-bzlib \
         --with-x \
         --with-zlib \
+        --with-zstd \
         --with-autotrace \
         --without-dps \
         --with-fftw \
@@ -140,25 +126,40 @@ build() {
         --with-webp \
         --with-wmf \
         --with-xml \
-        --with-dejavu-font-dir="$_dejavu_font_dir" \
-        --with-gs-font-dir="$_gs_font_dir" \
-        --with-urw-base35-font-dir="$_urw_font_dir" \
-        --with-windows-font-dir="$_windows_font_dir" \
-        --with-apple-font-dir="$_1st_apple_font_dir" \
-        --with-fontpath="$_2nd_apple_font_dir" \
+        --with-dejavu-font-dir='/usr/share/fonts/TTF' \
+        --with-gs-font-dir='/usr/share/fonts/gsfonts' \
+        --with-urw-base35-font-dir='/usr/share/fonts/gsfonts' \
+        --with-windows-font-dir='/usr/share/fonts/WindowsFonts' \
+        --with-apple-font-dir='/usr/share/fonts/TTF' \
+        --with-fontpath='/usr/share/fonts/Type1' \
         PSDelegate='/usr/bin/gs' \
         XPSDelegate='/usr/bin/gxps' \
-        PCLDelegate='/usr/bin/gpcl6' \
+        PCLDelegate='/usr/bin/gpcl6'
+        
+    sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
             
     make
 }
 
+check() (
+   cd "$_srcname"
+   
+   ulimit -n 4096
+   sed -e '/validate-formats/d' -i Makefile # these fail due to the security patch
+   
+   make check
+)
+
 package_libmagick-full-git() {
     local _majorver="${pkgver%%.*}"
     local _etcdir="ImageMagick-${_majorver}"
     
     pkgdesc+=' (library)'
-    backup=(etc/"$_etcdir"/{coder,colors,delegates,log,magic,mime,policy,quantization-table,thresholds,type,type-{dejavu,ghostscript}}.xml)
+    optdepends=(
+        # AUR:
+            'ttf-mac-fonts: for Apple fonts support'
+    )
+    backup=(etc/"$_etcdir"/{colors,delegates,log,mime,policy,quantization-table,thresholds,type,type-{dejavu,ghostscript}}.xml)
     options=('!emptydirs' 'libtool')
     provides=('libmagick' 'libmagick-git'
               "libMagickCore-${pkgver%%.*}.Q${_qdepth}HDRI.so"
@@ -166,67 +167,41 @@ package_libmagick-full-git() {
                 "libMagick++-${pkgver%%.*}.Q${_qdepth}HDRI.so")
     conflicts=('libmagick')
     
-    cd "$pkgbase"
+    cd "$_srcname"
     make DESTDIR="$pkgdir" install
     
-    rm -f "$pkgdir"/usr/lib/*.la
+    rm "$pkgdir"/usr/lib/*.la
     
     install -D -m644 LICENSE -t "${pkgdir}/usr/share/licenses/${pkgname}"
     install -D -m644 NOTICE  -t "${pkgdir}/usr/share/licenses/${pkgname}"
     
     rm -rf binpkg/* docpkg/*
-    
     mkdir -p binpkg/usr/lib {binpkg,docpkg}/usr/share
     
     # split 'imagemagick'
-    cd binpkg
-    mv -f "${pkgdir}/usr/bin"       usr/
-    mv -f "${pkgdir}/usr/lib/perl5" usr/lib/
-    mv -f "${pkgdir}/usr/share/man" usr/share/
+    mv "${pkgdir}/usr/bin"       binpkg/usr/
+    mv "${pkgdir}/usr/lib/perl5" binpkg/usr/lib/
+    mv "${pkgdir}/usr/share/man" binpkg/usr/share/
     
     # split docs
-    cd "${srcdir}/${pkgbase}/docpkg"
-    mv -f "${pkgdir}/usr/share/doc" usr/share/
-    
-    # security fix
-    # https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
-    # https://imagetragick.com/
-    sed -i '65i\  \<policy domain="coder" rights="none" pattern="EPHEMERAL" />' "${pkgdir}/etc/${_etcdir}/policy.xml"
-    sed -i '66i\  \<policy domain="coder" rights="none" pattern="URL" />'       "${pkgdir}/etc/${_etcdir}/policy.xml"
-    sed -i '67i\  \<policy domain="coder" rights="none" pattern="HTTPS" />'     "${pkgdir}/etc/${_etcdir}/policy.xml"
-    sed -i '68i\  \<policy domain="coder" rights="none" pattern="MVG" />'       "${pkgdir}/etc/${_etcdir}/policy.xml"
-    sed -i '69i\  \<policy domain="coder" rights="none" pattern="MSL" />'       "${pkgdir}/etc/${_etcdir}/policy.xml"
-    sed -i '70i\  \<policy domain="coder" rights="none" pattern="TEXT" />'      "${pkgdir}/etc/${_etcdir}/policy.xml"
-    sed -i '71i\  \<policy domain="coder" rights="none" pattern="SHOW" />'      "${pkgdir}/etc/${_etcdir}/policy.xml"
-    sed -i '72i\  \<policy domain="coder" rights="none" pattern="WIN" />'       "${pkgdir}/etc/${_etcdir}/policy.xml"
-    sed -i '73i\  \<policy domain="coder" rights="none" pattern="PLT" />'       "${pkgdir}/etc/${_etcdir}/policy.xml"
+    mv "${pkgdir}/usr/share/doc" docpkg/usr/share/
 }
 
 package_imagemagick-full-git() {
-    depends=("libmagick-full-git=${pkgver}-${pkgrel}")
+    depends=("libmagick-full-git=${pkgver}-${pkgrel}" 'perl')
     optdepends=(
         # AUR:
             'imagemagick-full-doc-git: manual and API docs'
-            'ttf-mac-fonts: for Apple fonts support'
     )
     provides=('imagemagick' 'imagemagick-git')
     conflicts=('imagemagick')
     options=('!emptydirs')
     
-    cd "$pkgbase"
-    
-    mv -f binpkg/* "$pkgdir"
+    cd "$_srcname"
     
-    find "$pkgdir/usr/lib/perl5" -name '*.so' -exec chrpath -d {} +
+    cp -a binpkg/* "$pkgdir"
     
-    # template start; name=perl-binary-module-dependency; version=1;
-    if [ "$(find "${pkgdir}/usr/lib/perl5/" -name '*.so')" ] 
-    then
-        local _perlver_min="$(perl -e '$v = $^V->{version}; print $v->[0].".".($v->[1]);')"
-        local _perlver_max="$(perl -e '$v = $^V->{version}; print $v->[0].".".($v->[1]+1);')"
-        depends+=("perl>=${_perlver_min}" "perl<${_perlver_max}")
-    fi
-    # template end;
+    find "${pkgdir}/usr/lib/perl5" -name '*.so' -exec chrpath -d {} +
     
     install -D -m644 LICENSE -t "${pkgdir}/usr/share/licenses/${pkgname}"
     install -D -m644 NOTICE  -t "${pkgdir}/usr/share/licenses/${pkgname}"
@@ -235,12 +210,13 @@ package_imagemagick-full-git() {
 package_imagemagick-full-doc-git() {
     pkgdesc+=' (manual and API docs)'
     arch=('any')
-    provides=('imagemagick-doc' 'imagemagick-doc-git')
+    depends=()
+    provides=('imagemagick-doc')
     conflicts=('imagemagick-doc')
     
-    cd "$pkgbase"
+    cd "$_srcname"
     
-    mv -f docpkg/* "$pkgdir"
+    cp -a docpkg/* "$pkgdir"
     
     install -D -m644 LICENSE -t "${pkgdir}/usr/share/licenses/${pkgname}"
     install -D -m644 NOTICE  -t "${pkgdir}/usr/share/licenses/${pkgname}"
diff --git a/imagemagick-full-security-fix.patch b/imagemagick-full-security-fix.patch
new file mode 100644
index 000000000000..4f2d347fd424
--- /dev/null
+++ b/imagemagick-full-security-fix.patch
@@ -0,0 +1,20 @@
+diff -Naurp a/config/policy.xml b/config/policy.xml
+--- a/config/policy.xml	2018-10-24 23:55:43.000000000 +0000
++++ b/config/policy.xml	2018-11-23 12:50:49.475631653 +0000
+@@ -69,6 +69,16 @@
+   <!-- <policy domain="resource" name="throttle" value="0"/> -->
+   <!-- <policy domain="resource" name="time" value="3600"/> -->
+   <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
++  <policy domain="coder" rights="none" pattern="EPHEMERAL" />
++  <policy domain="coder" rights="none" pattern="URL" />
++  <policy domain="coder" rights="none" pattern="HTTPS" />
++  <policy domain="coder" rights="none" pattern="MVG" />
++  <policy domain="coder" rights="none" pattern="MSL" />
++  <policy domain="coder" rights="none" pattern="TEXT" />
++  <policy domain="coder" rights="none" pattern="SHOW" />
++  <policy domain="coder" rights="none" pattern="WIN" />
++  <policy domain="coder" rights="none" pattern="PLT" />
++  <policy domain="coder" rights="none" pattern="{PS,PS2,PS3,EPS,PDF,XPS}" />
+   <!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->
+   <!-- <policy domain="delegate" rights="none" pattern="HTTPS" /> -->
+   <!-- <policy domain="path" rights="none" pattern="@*" /> -->
author	Daniel Bermond	2018-11-26 10:37:15 +0000
committer	Daniel Bermond	2018-11-26 10:37:15 +0000
commit	c89ba1678f1d998e7e6cc73dd29a3d108fd58c3a (patch)
tree	d1efeb432a5929947df86ba2af714e63cfd30c3d
parent	347a533395b33bc96487e3ef40336e50d87807cf (diff)
download	aur-c89ba1678f1d998e7e6cc73dd29a3d108fd58c3a.tar.gz