* [Buildroot] [PATCH 1/1] package: {, python-py}mupdf: bump to 1.22.0
@ 2023-04-18 10:58 Raphaël Mélotte
2023-05-13 19:51 ` Yann E. MORIN
0 siblings, 1 reply; 3+ messages in thread
From: Raphaël Mélotte @ 2023-04-18 10:58 UTC (permalink / raw)
To: buildroot; +Cc: Raphaël Mélotte, Asaf Kahlon
Also remove the last two '*_IGNORE_CVES', since the corresponding
patches have been removed (they are now part of upstream) in
1fb64680bffbda1e5fb952150652f73205322707.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
---
package/mupdf/mupdf.hash | 4 ++--
package/mupdf/mupdf.mk | 8 +-------
package/python-pymupdf/python-pymupdf.hash | 4 ++--
package/python-pymupdf/python-pymupdf.mk | 4 ++--
4 files changed, 7 insertions(+), 13 deletions(-)
diff --git a/package/mupdf/mupdf.hash b/package/mupdf/mupdf.hash
index ef91abee18..1f636097ed 100644
--- a/package/mupdf/mupdf.hash
+++ b/package/mupdf/mupdf.hash
@@ -1,8 +1,8 @@
# From https://mupdf.com/downloads/index.html:
-sha1 f759d914ec6ad6a3b96f994630ff70b75823831b mupdf-1.21.1-source.tar.lz
+sha1 b9907729d604f0bf3846b45cd5891e10d7a66e24 mupdf-1.22.0-source.tar.lz
# Locally computed:
-sha256 66a43490676c7f7c2ff74067328ef13285506fcc758d365ae27ea3668bd5e620 mupdf-1.21.1-source.tar.lz
+sha256 bed78a0abf8496b30c523497292de979db633eca57e02f6cd0f3c7c042551c3e mupdf-1.22.0-source.tar.lz
# Hash for license files:
sha256 57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6 COPYING
diff --git a/package/mupdf/mupdf.mk b/package/mupdf/mupdf.mk
index d6cc407c49..08894d7980 100644
--- a/package/mupdf/mupdf.mk
+++ b/package/mupdf/mupdf.mk
@@ -5,7 +5,7 @@
################################################################################
# python-pymupdf's version must match mupdf's version
-MUPDF_VERSION = 1.21.1
+MUPDF_VERSION = 1.22.0
MUPDF_SOURCE = mupdf-$(MUPDF_VERSION)-source.tar.lz
MUPDF_SITE = https://mupdf.com/downloads/archive
MUPDF_LICENSE = AGPL-3.0+
@@ -22,12 +22,6 @@ MUPDF_DEPENDENCIES = \
xlib_libX11 \
zlib
-# 0002-Bug-703366-Fix-double-free-of-object-during-linearization.patch
-MUPDF_IGNORE_CVES += CVE-2021-3407
-
-# 0003-Bug-703791-Stay-within-hash-table-max-key-size-in-cached-color-converter.patch
-MUPDF_IGNORE_CVES += CVE-2021-37220
-
# The pkg-config name for gumbo-parser is `gumbo`.
MUPDF_PKG_CONFIG_PACKAGES = \
freetype2 \
diff --git a/package/python-pymupdf/python-pymupdf.hash b/package/python-pymupdf/python-pymupdf.hash
index bda356d905..9fd8150088 100644
--- a/package/python-pymupdf/python-pymupdf.hash
+++ b/package/python-pymupdf/python-pymupdf.hash
@@ -1,5 +1,5 @@
# md5, sha256 from https://pypi.org/pypi/pymupdf/json
-md5 be10963679ac6d52b7aed2311ca7e3c5 PyMuPDF-1.21.1.tar.gz
-sha256 f815741a435c62a0036bbcbf5fa6c533567bd69c5338d413714fc57b22db93e0 PyMuPDF-1.21.1.tar.gz
+md5 468fe56375a1fca99e83fe0aa0b9f8bd PyMuPDF-1.22.0.tar.gz
+sha256 6e1694e5c0cd8b92d503a506ee8e4ba1bed768528de586889d3ec90e9dc4a7d3 PyMuPDF-1.22.0.tar.gz
# Locally computed sha256 checksums
sha256 57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6 COPYING
diff --git a/package/python-pymupdf/python-pymupdf.mk b/package/python-pymupdf/python-pymupdf.mk
index 70448e8d90..51d955d835 100644
--- a/package/python-pymupdf/python-pymupdf.mk
+++ b/package/python-pymupdf/python-pymupdf.mk
@@ -5,9 +5,9 @@
################################################################################
# python-pymupdf's version must match mupdf's version
-PYTHON_PYMUPDF_VERSION = 1.21.1
+PYTHON_PYMUPDF_VERSION = 1.22.0
PYTHON_PYMUPDF_SOURCE = PyMuPDF-$(PYTHON_PYMUPDF_VERSION).tar.gz
-PYTHON_PYMUPDF_SITE = https://files.pythonhosted.org/packages/30/44/9fce79689e5df7deebe2d17cb2b9b2a6b888439c241e71296e732aefa649
+PYTHON_PYMUPDF_SITE = https://files.pythonhosted.org/packages/28/ba/d6bb6fd678e8396d7b944870286fb25fd6f499b8cb599b5436c8f725adbf
PYTHON_PYMUPDF_SETUP_TYPE = setuptools
PYTHON_PYMUPDF_LICENSE = AGPL-3.0+
PYTHON_PYMUPDF_LICENSE_FILES = COPYING
--
2.39.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package: {, python-py}mupdf: bump to 1.22.0
2023-04-18 10:58 [Buildroot] [PATCH 1/1] package: {, python-py}mupdf: bump to 1.22.0 Raphaël Mélotte
@ 2023-05-13 19:51 ` Yann E. MORIN
2023-06-13 12:50 ` Peter Korsgaard
0 siblings, 1 reply; 3+ messages in thread
From: Yann E. MORIN @ 2023-05-13 19:51 UTC (permalink / raw)
To: Raphaël Mélotte; +Cc: Asaf Kahlon, buildroot
Raphaël, All,
On 2023-04-18 12:58 +0200, Raphaël Mélotte spake thusly:
> Also remove the last two '*_IGNORE_CVES', since the corresponding
> patches have been removed (they are now part of upstream) in
> 1fb64680bffbda1e5fb952150652f73205322707.
>
> Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
> ---
> package/mupdf/mupdf.hash | 4 ++--
> package/mupdf/mupdf.mk | 8 +-------
> package/python-pymupdf/python-pymupdf.hash | 4 ++--
> package/python-pymupdf/python-pymupdf.mk | 4 ++--
> 4 files changed, 7 insertions(+), 13 deletions(-)
>
> diff --git a/package/mupdf/mupdf.hash b/package/mupdf/mupdf.hash
> index ef91abee18..1f636097ed 100644
> --- a/package/mupdf/mupdf.hash
> +++ b/package/mupdf/mupdf.hash
> @@ -1,8 +1,8 @@
> # From https://mupdf.com/downloads/index.html:
> -sha1 f759d914ec6ad6a3b96f994630ff70b75823831b mupdf-1.21.1-source.tar.lz
> +sha1 b9907729d604f0bf3846b45cd5891e10d7a66e24 mupdf-1.22.0-source.tar.lz
>
> # Locally computed:
> -sha256 66a43490676c7f7c2ff74067328ef13285506fcc758d365ae27ea3668bd5e620 mupdf-1.21.1-source.tar.lz
> +sha256 bed78a0abf8496b30c523497292de979db633eca57e02f6cd0f3c7c042551c3e mupdf-1.22.0-source.tar.lz
>
> # Hash for license files:
> sha256 57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6 COPYING
> diff --git a/package/mupdf/mupdf.mk b/package/mupdf/mupdf.mk
> index d6cc407c49..08894d7980 100644
> --- a/package/mupdf/mupdf.mk
> +++ b/package/mupdf/mupdf.mk
> @@ -5,7 +5,7 @@
> ################################################################################
>
> # python-pymupdf's version must match mupdf's version
> -MUPDF_VERSION = 1.21.1
> +MUPDF_VERSION = 1.22.0
> MUPDF_SOURCE = mupdf-$(MUPDF_VERSION)-source.tar.lz
> MUPDF_SITE = https://mupdf.com/downloads/archive
> MUPDF_LICENSE = AGPL-3.0+
> @@ -22,12 +22,6 @@ MUPDF_DEPENDENCIES = \
> xlib_libX11 \
> zlib
>
> -# 0002-Bug-703366-Fix-double-free-of-object-during-linearization.patch
> -MUPDF_IGNORE_CVES += CVE-2021-3407
> -
> -# 0003-Bug-703791-Stay-within-hash-table-max-key-size-in-cached-color-converter.patch
> -MUPDF_IGNORE_CVES += CVE-2021-37220
Dropping those exclusion should have been in a seaprate patch, because
they were alreadyu incorrect even before the bump to 1.22.0 (we no
longer have those two patches).
So, I split that into its own patch.
And so: both applied to master, thanks.
Regards,
Yann E. MORIN.
> # The pkg-config name for gumbo-parser is `gumbo`.
> MUPDF_PKG_CONFIG_PACKAGES = \
> freetype2 \
> diff --git a/package/python-pymupdf/python-pymupdf.hash b/package/python-pymupdf/python-pymupdf.hash
> index bda356d905..9fd8150088 100644
> --- a/package/python-pymupdf/python-pymupdf.hash
> +++ b/package/python-pymupdf/python-pymupdf.hash
> @@ -1,5 +1,5 @@
> # md5, sha256 from https://pypi.org/pypi/pymupdf/json
> -md5 be10963679ac6d52b7aed2311ca7e3c5 PyMuPDF-1.21.1.tar.gz
> -sha256 f815741a435c62a0036bbcbf5fa6c533567bd69c5338d413714fc57b22db93e0 PyMuPDF-1.21.1.tar.gz
> +md5 468fe56375a1fca99e83fe0aa0b9f8bd PyMuPDF-1.22.0.tar.gz
> +sha256 6e1694e5c0cd8b92d503a506ee8e4ba1bed768528de586889d3ec90e9dc4a7d3 PyMuPDF-1.22.0.tar.gz
> # Locally computed sha256 checksums
> sha256 57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6 COPYING
> diff --git a/package/python-pymupdf/python-pymupdf.mk b/package/python-pymupdf/python-pymupdf.mk
> index 70448e8d90..51d955d835 100644
> --- a/package/python-pymupdf/python-pymupdf.mk
> +++ b/package/python-pymupdf/python-pymupdf.mk
> @@ -5,9 +5,9 @@
> ################################################################################
>
> # python-pymupdf's version must match mupdf's version
> -PYTHON_PYMUPDF_VERSION = 1.21.1
> +PYTHON_PYMUPDF_VERSION = 1.22.0
> PYTHON_PYMUPDF_SOURCE = PyMuPDF-$(PYTHON_PYMUPDF_VERSION).tar.gz
> -PYTHON_PYMUPDF_SITE = https://files.pythonhosted.org/packages/30/44/9fce79689e5df7deebe2d17cb2b9b2a6b888439c241e71296e732aefa649
> +PYTHON_PYMUPDF_SITE = https://files.pythonhosted.org/packages/28/ba/d6bb6fd678e8396d7b944870286fb25fd6f499b8cb599b5436c8f725adbf
> PYTHON_PYMUPDF_SETUP_TYPE = setuptools
> PYTHON_PYMUPDF_LICENSE = AGPL-3.0+
> PYTHON_PYMUPDF_LICENSE_FILES = COPYING
> --
> 2.39.1
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package: {, python-py}mupdf: bump to 1.22.0
2023-05-13 19:51 ` Yann E. MORIN
@ 2023-06-13 12:50 ` Peter Korsgaard
0 siblings, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2023-06-13 12:50 UTC (permalink / raw)
To: Yann E. MORIN; +Cc: Raphaël Mélotte, Asaf Kahlon, buildroot
>>>>> "Yann" == Yann E MORIN <yann.morin.1998@free.fr> writes:
> Raphaël, All,
> On 2023-04-18 12:58 +0200, Raphaël Mélotte spake thusly:
>> Also remove the last two '*_IGNORE_CVES', since the corresponding
>> patches have been removed (they are now part of upstream) in
>> 1fb64680bffbda1e5fb952150652f73205322707.
>>
>> Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
>> ---
>> package/mupdf/mupdf.hash | 4 ++--
>> package/mupdf/mupdf.mk | 8 +-------
>> package/python-pymupdf/python-pymupdf.hash | 4 ++--
>> package/python-pymupdf/python-pymupdf.mk | 4 ++--
>> 4 files changed, 7 insertions(+), 13 deletions(-)
>>
>> diff --git a/package/mupdf/mupdf.hash b/package/mupdf/mupdf.hash
>> index ef91abee18..1f636097ed 100644
>> --- a/package/mupdf/mupdf.hash
>> +++ b/package/mupdf/mupdf.hash
>> @@ -1,8 +1,8 @@
>> # From https://mupdf.com/downloads/index.html:
>> -sha1 f759d914ec6ad6a3b96f994630ff70b75823831b mupdf-1.21.1-source.tar.lz
>> +sha1 b9907729d604f0bf3846b45cd5891e10d7a66e24 mupdf-1.22.0-source.tar.lz
>>
>> # Locally computed:
>> -sha256 66a43490676c7f7c2ff74067328ef13285506fcc758d365ae27ea3668bd5e620 mupdf-1.21.1-source.tar.lz
>> +sha256 bed78a0abf8496b30c523497292de979db633eca57e02f6cd0f3c7c042551c3e mupdf-1.22.0-source.tar.lz
>>
>> # Hash for license files:
>> sha256 57c8ff33c9c0cfc3ef00e650a1cc910d7ee479a8bc509f6c9209a7c2a11399d6 COPYING
>> diff --git a/package/mupdf/mupdf.mk b/package/mupdf/mupdf.mk
>> index d6cc407c49..08894d7980 100644
>> --- a/package/mupdf/mupdf.mk
>> +++ b/package/mupdf/mupdf.mk
>> @@ -5,7 +5,7 @@
>> ################################################################################
>>
>> # python-pymupdf's version must match mupdf's version
>> -MUPDF_VERSION = 1.21.1
>> +MUPDF_VERSION = 1.22.0
>> MUPDF_SOURCE = mupdf-$(MUPDF_VERSION)-source.tar.lz
>> MUPDF_SITE = https://mupdf.com/downloads/archive
>> MUPDF_LICENSE = AGPL-3.0+
>> @@ -22,12 +22,6 @@ MUPDF_DEPENDENCIES = \
>> xlib_libX11 \
>> zlib
>>
>> -# 0002-Bug-703366-Fix-double-free-of-object-during-linearization.patch
>> -MUPDF_IGNORE_CVES += CVE-2021-3407
>> -
>> -# 0003-Bug-703791-Stay-within-hash-table-max-key-size-in-cached-color-converter.patch
>> -MUPDF_IGNORE_CVES += CVE-2021-37220
> Dropping those exclusion should have been in a seaprate patch, because
> they were alreadyu incorrect even before the bump to 1.22.0 (we no
> longer have those two patches).
> So, I split that into its own patch.
Committed the drop-CVE-ignore part to 2023.02.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-06-13 12:50 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-04-18 10:58 [Buildroot] [PATCH 1/1] package: {, python-py}mupdf: bump to 1.22.0 Raphaël Mélotte
2023-05-13 19:51 ` Yann E. MORIN
2023-06-13 12:50 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox