main/ghostscript/APKBUILD


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145

# Contributor: Cameron Banta <cbanta@gmail.com>
# Maintainer: Cameron Banta <cbanta@gmail.com>
pkgname=ghostscript
pkgver=9.27
pkgrel=4
pkgdesc="An interpreter for the PostScript language and for PDF"
url="https://ghostscript.com/"
arch="all"
license="AGPL-3.0-or-later"
options="!check"
makedepends="autoconf automake libjpeg-turbo-dev libpng-dev jasper-dev expat-dev
	zlib-dev tiff-dev freetype-dev lcms2-dev gtk+3.0-dev
	cups-dev libtool jbig2dec-dev openjpeg-dev"
subpackages="$pkgname-dbg $pkgname-doc $pkgname-dev $pkgname-gtk"
source="https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${pkgver/./}/ghostscript-$pkgver.tar.gz
	https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs926/0001-Bug700317-Address-.force-operators-exposure.tgz
	ghostscript-system-zlib.patch
	fix-sprintf.patch
	CVE-2019-10216.patch
	forceput-inaccessible.patch
	0001-PDF-interpreter-Decode-ToUnicode-entries-of-the-form.patch
	CVE-2019-14817.patch
	"

# secfixes:
#   9.27-r4:
#     - CVE-2019-14817
#   9.27-r3:
#     - CVE-2019-14811
#     - CVE-2019-14812
#     - CVE-2019-14813
#   9.27-r2:
#     - CVE-2019-10216
#   9.26-r2:
#     - CVE-2019-3835
#     - CVE-2019-3838
#     - CVE-2019-6116
#   9.26-r1:
#     - CVE-2019-6116
#   9.26-r0:
#     - CVE-2018-19409
#     - CVE-2018-19475
#     - CVE-2018-19476
#     - CVE-2018-19477
#   9.25-r1:
#     - CVE-2018-17961
#     - CVE-2018-18073
#     - CVE-2018-18284
#   9.25-r0:
#     - CVE-2018-16802
#   9.24-r0:
#     - CVE-2018-15908
#     - CVE-2018-15909
#     - CVE-2018-15910
#     - CVE-2018-15911
#   9.23-r0:
#     - CVE-2018-10194
#   9.21-r2:
#     - CVE-2017-8291
#   9.21-r3:
#     - CVE-2017-7207
#     - CVE-2017-5951

prepare() {
	cd "$builddir"

	default_prepare # apply patches

	# force it to use system-libs
	rm -r jpeg libpng zlib tiff lcms2mt cups/libs jbig2dec \
		freetype

	# fix parallel builds
	sed -i -e 's/ECHO_XE/ECHOGS_XE/g' \
		-e 's/^\($(GLOBJ)md5.$(OBJ) :.*\)/\1 $(ECHOGS_XE)/' \
		base/lib.mak
	aclocal && autoconf --force

	cd $builddir/ijs
	libtoolize --force && aclocal && autoconf && automake --add-missing
}

build() {
	# build ijs
	cd "$builddir"/ijs
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--enable-shared \
		--disable-static \
	make

	cd "$builddir"

	# --disable-compile-inits is needed to link with system-zlib
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--infodir=/usr/share/info \
		--docdir=/usr/share/doc/"$pkgname" \
		--enable-dynamic \
		--disable-static \
		--with-system-libtiff \
		--with-ijs \
		--with-jbig2dec \
		--without-omni \
		--enable-gtk \
		--with-drivers=ALL \
		--with-fontpath=/usr/share/fonts/Type1:/usr/share/fonts \
		--disable-compile-inits
	make obj/arch.h # workaround parallel build issue
	make so all
}

package() {
	cd "$builddir"
	make -j1 DESTDIR="$pkgdir" install soinstall

	cd "$builddir"/ijs
	make -j1 DESTDIR="$pkgdir" install
	cd ..

	# create empty dir for future fonts
	mkdir -p "$pkgdir"/usr/share/fonts/Type1
}

gtk() {
	pkgdesc="A GTK-enabled PostScript interpreter and renderer"

	install -d "$subpkgdir"/usr/bin
	mv "$pkgdir"/usr/bin/gsx "$subpkgdir"/usr/bin/
}

sha512sums="9ad7bd24b6d9b7d258e943783817be036a2e0234517baffa1016804ef9b6f3062fb5da20a890a0bfc9e58203ddcf25dc4465f5b3bf5e4a61db87bef0606a0884  ghostscript-9.27.tar.gz
289d916a0b0da410e6f721e42bc44659c91c66ca0f7b96b1a6b010ae1c25e47788e282edc3578b4e4b120a2c684c7b1fd4cc574084bdc9cbbf6e431a01fbae0e  0001-Bug700317-Address-.force-operators-exposure.tgz
70721e3a335afa5e21d4e6cf919119010bd4544a03ab8f53f5325c173902221ad9b88c118b4bfeee80b3e1956bcdbaf4c53f64ae7fb81f5ba57dbc956750c482  ghostscript-system-zlib.patch
beefcf395f7f828e1b81c088022c08a506e218f27535b9de01e0f0edf7979b435316c318fa676771630f6ad16ff1ab059cd68aa128ed97e5a9f2f3fa840200c4  fix-sprintf.patch
f89744b17922b7d9c04c6de69ce35fa621732e4373eccc158b7ff6a9e56d2cf0bbea30c28119f4808864ca584e94342e5125d7bcc6195252455b5f223f379e3f  CVE-2019-10216.patch
d7045aa5a02a3fc882552da0b9a60ea565a36d5d038cdf576dc7188158dc05a470ce9fa40bdf1e1003a48995f6707431980910372da549918caf789eb3a2f81f  forceput-inaccessible.patch
0ec65d29eb7ade7a8c02190fc5358faf257f63dc50b30d222b231aed496c8ac1fb7c0710e78117e10a16886dfcaccab610afb434efbbd557f63396c12ccd5d64  0001-PDF-interpreter-Decode-ToUnicode-entries-of-the-form.patch
deed829b14223b2f99d49aea5575c9ad855f6815d238502d3109849acac239eb312fd89e802e12a85fe7e92375694c42422240a6e1759ecfd094762eccaed826  CVE-2019-14817.patch"