From 25c990a60b524efae7c4cd0e58317248ade3eacc Mon Sep 17 00:00:00 2001 From: Kevin Mehall Date: Thu, 2 Jun 2022 10:54:13 -0700 Subject: [PATCH 1/4] libtiff: 4.3.0 -> 4.4.0 Changelog: http://www.simplesystems.org/libtiff/v4.4.0.html --- .../development/libraries/libtiff/default.nix | 59 +------------------ 1 file changed, 2 insertions(+), 57 deletions(-) diff --git a/pkgs/development/libraries/libtiff/default.nix b/pkgs/development/libraries/libtiff/default.nix index 410447a783214..4c7ea02d8aa4c 100644 --- a/pkgs/development/libraries/libtiff/default.nix +++ b/pkgs/development/libraries/libtiff/default.nix @@ -25,11 +25,11 @@ stdenv.mkDerivation rec { pname = "libtiff"; - version = "4.3.0"; + version = "4.4.0"; src = fetchurl { url = "https://download.osgeo.org/libtiff/tiff-${version}.tar.gz"; - sha256 = "1j3snghqjbhwmnm5vz3dr1zm68dj15mgbx1wqld7vkl7n2nfaihf"; + sha256 = "1vdbk3sc497c58kxmp02irl6nqkfm9rjs3br7g59m59qfnrj6wli"; }; patches = [ @@ -38,61 +38,6 @@ stdenv.mkDerivation rec { # libc++abi 11 has an `#include `, this picks up files name # `version` in the project's include paths ./rename-version.patch - (fetchpatch { - name = "CVE-2022-22844.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/03047a26952a82daaa0792957ce211e0aa51bc64.patch"; - sha256 = "0cfih55f5qpc84mvlwsffik80bgz6drkflkhrdyqq8m84jw3mbwb"; - }) - (fetchpatch { - name = "CVE-2022-0561.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef.patch"; - sha256 = "0m57fdxyvhhr9cc260lvkkn2g4zr4n4v9nricc6lf9h6diagd7mk"; - }) - (fetchpatch { - name = "CVE-2022-0562.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b.patch"; - sha256 = "0ycirjjc1vigj03kwjb92n6jszsl9p17ccw5hry7lli9gxyyr0an"; - }) - (fetchpatch { - name = "CVE-2022-0891.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/46dc8fcd4d38c3b6f35ab28e532aee80e6f609d6.patch"; - sha256 = "1zn2pgsmbrjx3g2bpdggvwwbp6i348mikwlx4ws482h2379vmyj1"; - }) - (fetchpatch { - name = "CVE-2022-0865.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/5e18004500cda10d9074bdb6166b054e95b659ed.patch"; - sha256 = "131b9ial6avl2agwk31wp2jkrx59955f4r0dikx1jdaywqb7zhd1"; - }) - (fetchpatch { - name = "CVE-2022-0924.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/408976c44ef0aad975e0d1b6c6dc80d60f9dc665.patch"; - sha256 = "1aqaynp74ijxr3rizvbyz23ncs71pbbcw5src1zv46473sy55s8p"; - }) - (fetchpatch { - name = "CVE-2022-0907.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/f2b656e2e64adde07a6cffd5c8e96bd81a850fea.patch"; - sha256 = "0nsplq671qx0f35qww9mx27raqp3nvslz8iv7f3hxdgldylmh2vs"; - }) - (fetchpatch { - name = "CVE-2022-0909.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/f8d0f9aa1ba04c9ae3bfe869a18141a8b8117ad7.patch"; - sha256 = "1plhk6ildl16bp0k3wvzfd4a97hqfqfbbn7vjinsaasf4v0x3q5j"; - }) - (fetchpatch { - name = "CVE-2022-0908.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85.patch"; - sha256 = "0i61kkjaixdn2p933lpma9s6i0772vhxjxxcwyqagw96lmszrcm7"; - }) - (fetchpatch { - name = "CVE-2022-1354.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798.patch"; - sha256 = "0171c662xiv3295x4wsq6qq0v90js51j54vsl7wm043kjkrp1fsb"; - }) - (fetchpatch { - name = "CVE-2022-1355.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/c1ae29f9ebacd29b7c3e0c7db671af7db3584bc2.patch"; - sha256 = "1y75c72s41pl39d5zr5pmkiyfrancllv8fbl10zvc67pg3qjq4v8"; - }) ]; postPatch = '' From 5dcb09d3cbeecf8ff707aac0309507fee270cc34 Mon Sep 17 00:00:00 2001 From: Kevin Mehall Date: Thu, 2 Jun 2022 21:44:57 +0000 Subject: [PATCH 2/4] freeimage: Add patch to fix build with libtiff 4.4.0 --- pkgs/development/libraries/freeimage/default.nix | 2 +- .../libraries/freeimage/libtiff-4.4.0.diff | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 pkgs/development/libraries/freeimage/libtiff-4.4.0.diff diff --git a/pkgs/development/libraries/freeimage/default.nix b/pkgs/development/libraries/freeimage/default.nix index b132b3fae8ceb..c6215873128b3 100644 --- a/pkgs/development/libraries/freeimage/default.nix +++ b/pkgs/development/libraries/freeimage/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation { # Ensure that the bundled libraries are not used at all prePatch = "rm -rf Source/Lib* Source/OpenEXR Source/ZLib"; - patches = [ ./unbundle.diff ]; + patches = [ ./unbundle.diff ./libtiff-4.4.0.diff ]; postPatch = '' # To support cross compilation, use the correct `pkg-config`. diff --git a/pkgs/development/libraries/freeimage/libtiff-4.4.0.diff b/pkgs/development/libraries/freeimage/libtiff-4.4.0.diff new file mode 100644 index 0000000000000..13abd5dd70893 --- /dev/null +++ b/pkgs/development/libraries/freeimage/libtiff-4.4.0.diff @@ -0,0 +1,15 @@ +Fix build with libtiff 4.4.0 by not using a private libtiff API. +Patch by Kurt Schwehr: https://sourceforge.net/p/freeimage/discussion/36109/thread/2018fdc6e7/ + +diff -ru a/Source/Metadata/XTIFF.cpp b/Source/Metadata/XTIFF.cpp +--- a/Source/Metadata/XTIFF.cpp ++++ b/Source/Metadata/XTIFF.cpp +@@ -749,7 +749,7 @@ + continue; + } + // type of storage may differ (e.g. rationnal array vs float array type) +- if((unsigned)_TIFFDataSize(tif_tag_type) != FreeImage_TagDataWidth(tag_type)) { ++ if((unsigned)TIFFFieldSetGetSize(fld) != FreeImage_TagDataWidth(tag_type)) { + // skip tag or _TIFFmemcpy will fail + continue; + } From 6ffe4109839c62ccd7347f915f6b810768fc99f8 Mon Sep 17 00:00:00 2001 From: Kevin Mehall Date: Fri, 3 Jun 2022 13:29:23 -0700 Subject: [PATCH 3/4] freeimage: cleanup suggestions from code review Co-authored-by: Sandro --- pkgs/development/libraries/freeimage/default.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/freeimage/default.nix b/pkgs/development/libraries/freeimage/default.nix index c6215873128b3..807e96669c677 100644 --- a/pkgs/development/libraries/freeimage/default.nix +++ b/pkgs/development/libraries/freeimage/default.nix @@ -15,8 +15,13 @@ stdenv.mkDerivation { sourceRoot = "svn-r1900/FreeImage/trunk"; # Ensure that the bundled libraries are not used at all - prePatch = "rm -rf Source/Lib* Source/OpenEXR Source/ZLib"; - patches = [ ./unbundle.diff ./libtiff-4.4.0.diff ]; + prePatch = '' + rm -rf Source/Lib* Source/OpenEXR Source/ZLib + ''; + patches = [ + ./unbundle.diff + ./libtiff-4.4.0.diff + ]; postPatch = '' # To support cross compilation, use the correct `pkg-config`. From c4897187fb65ea76dd18d22f6ca292834dcafacb Mon Sep 17 00:00:00 2001 From: Kevin Mehall Date: Thu, 2 Jun 2022 22:32:28 +0000 Subject: [PATCH 4/4] python3Packages.pillow: Add patch to fix failing test with libtiff 4.4.0 --- pkgs/development/python-modules/pillow/default.nix | 9 +++++++++ pkgs/development/python-modules/pillow/generic.nix | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/pillow/default.nix b/pkgs/development/python-modules/pillow/default.nix index 47ed191c6d993..bd14a9d7c015d 100644 --- a/pkgs/development/python-modules/pillow/default.nix +++ b/pkgs/development/python-modules/pillow/default.nix @@ -1,5 +1,6 @@ { lib , stdenv +, fetchpatch , buildPythonPackage , pythonOlder , fetchPypi @@ -22,6 +23,14 @@ import ./generic.nix (rec { sha256 = "f401ed2bbb155e1ade150ccc63db1a4f6c1909d3d378f7d1235a44e90d75fb97"; }; + patches = [ + # Fix failing test with libtiff 4.4.0 + (fetchpatch { + url = "https://github.com/python-pillow/Pillow/commit/40a918d274182b7d7c063d7797fb77d967982c4a.patch"; + sha256 = "sha256-f8m3Xt3V3pHggK1JEc2tnPmrTVPFjfV4YJqwE1KM1pA="; + }) + ]; + passthru.tests = { inherit imageio matplotlib pilkit pydicom reportlab; }; diff --git a/pkgs/development/python-modules/pillow/generic.nix b/pkgs/development/python-modules/pillow/generic.nix index 97c67fd5fa49f..ec4f052638206 100644 --- a/pkgs/development/python-modules/pillow/generic.nix +++ b/pkgs/development/python-modules/pillow/generic.nix @@ -2,6 +2,7 @@ , version , disabled , src +, patches ? [] , meta , passthru ? {} , ... @@ -10,7 +11,7 @@ with args; buildPythonPackage rec { - inherit pname version src meta passthru; + inherit pname version src meta passthru patches; # Disable imagefont tests, because they don't work well with infinality: # https://github.com/python-pillow/Pillow/issues/1259