Patch libraw_r.pc, used by at least ImageMagick.
Amend libraw.pc while here not to include trailing whitespace.
Spotted in a report by Pekka Niiranen. ok rsadowski@ (maintainer) on
a previous version, debug help, input & ok sthen@
some existing COMPILER lines with arch restrictions etc. In the usual
case this is now using "COMPILER = base-clang ports-gcc base-gcc" on
ports with c++ libraries in WANTLIB.
This is basically intended to be a noop on architectures using clang
as the system compiler, but help with other architectures where we
currently have many ports knocked out due to building with an unsuitable
compiler -
- some ports require c++11/newer so the GCC version in base that is used
on these archirtectures is too old.
- some ports have conflicts where an executable is built with one compiler
(e.g. gcc from base) but a library dependency is built with a different
one (e.g. gcc from ports), resulted in mixing incompatible libraries in the
same address space.
devel/gmp is intentionally skipped as it's on the path to building gcc -
the c++ library there is unused in ports (and not built by default upstream)
so intending to disable building gmpcxx in a future commit.
Changelog:
https://www.libraw.org/news/libraw-0-18-13
CVE-2018-10529 fixed: out of bounds read in X3F parser
CVE-2018-10528 fixed: possible stack overrun in X3F parser
CVE-2017-14265: Additional check for X-Trans CFA pattern data
No dynamic export changes detected by check_sym
CVE-2018-10529 fixed: out of bounds read in X3F parser
CVE-2018-10528 fixed: possible stack overrun in X3F parser
Upstream removed own license:
https://www.libraw.org/news/libraw-0-18-released
Just minor bumps hint and OK sthen@
state (it was intended to use the base compiler for most arches, but
a ports compiler on arm as it supported atomic ops not available in base).
Switch it back, and add hppa to MODGCC4_ARCHS as build was failing for
the same reason; may not work, but this is the simplest way to find out.
ok jca@ kirby@
- Fix for possible buffer overrun in kodak_65000 decoder
- Fix for possible heap overrun in Canon makernotes parser
- Fix for CVE-2017-13735 CVE-2017-14265: Additional check for X-Trans
CFA pattern data
-- https://www.libraw.org/news/libraw-0-18-5
- take maintainer
ok dcoppa@
