download.lst | 18 ++--
external/curl/ExternalProject_curl.mk | 2
external/curl/curl-7.26.0_win-proxy.patch | 8 -
external/curl/curl-nss.patch.1 | 7 +
external/libxml2/ExternalPackage_xml2.mk | 2
external/libxml2/UnpackedTarball_xml2.mk | 5 -
external/libxml2/libxml2-android.patch | 6 -
external/libxml2/libxml2-config.patch.1 | 43 ---------
external/libxml2/xml2-config.in | 28 ++++++
external/poppler/UnpackedTarball_poppler.mk | 2
external/poppler/disable-freetype.patch.1 | 41 +++++++++
external/poppler/gcc7-EntityInfo.patch.1 | 48 +++++++++++
external/poppler/poppler-c++11.patch.1 | 13 ++
external/poppler/poppler-config.patch.1 | 27 ++----
external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch | 29 ++++++
external/zlib/UnpackedTarball_zlib.mk | 7 +
external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch | 32 +++++++
sc/source/core/tool/interpr7.cxx | 3
sdext/Executable_xpdfimport.mk | 4
unoxml/source/xpath/xpathobject.cxx | 2
20 files changed, 248 insertions(+), 79 deletions(-)
New commits:
commit 98d3d103fb99ee4433e84aa2fd1f0fa13016cf02
Author: Jan-Marek Glogowski <glo...@fbihome.de>
AuthorDate: Sun May 30 13:23:16 2021 +0200
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Fri Nov 4 03:05:50 2022 +0100
libxml2: use xml2-config dummy for internal build
When building a static LO with --disable-dynloading on Linux,
--without-system-libs failed for me. And it left me really puzzled:
raptor configure failed and claimed it couldn't link libxml2.
raptor's config.log showed missing math functions. xml2-config of
LO's build is patched and it includes a -lm. The xml2-config in my
chroot doesn't. But we explicitly pass the xml2-config for
non-system-libxml2 build. Reading the configure from raptor didn't
reveal a way, that it could somehow pick up the xml2-config from
the chroot, but that code is autoconf-complex...
When running "sh -x configure", it turned out the configure script
actually picks up the LIBXML_* flags from the environment, which
are set by LO's config_host.mk. These just add -lm for Android.
So this adds a xml2-config.in "dummy", which overwrites the one
from the libxml2 source and just echos LO's LIBXML_* values and
it adds -lm for all DISABLE_DYNLOADING targets.
Change-Id: Ia713cf80c8e7dc989cf23c224e7a0f7ea1210a87
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/116409
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glo...@fbihome.de>
(cherry picked from commit 8b9f8f0f9d38cc64f742fe5358fce88d0f82391a)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139965
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 5c044ae7a3246bddbd0513bd5ed3efef10cb1503)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/142035
Tested-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
Conflicts:
external/libxml2/UnpackedTarball_xml2.mk
external/libxml2/libxml2-config.patch.1
diff --git a/external/libxml2/UnpackedTarball_xml2.mk
b/external/libxml2/UnpackedTarball_xml2.mk
index 5cff2aed0a87..52523c5c8bd3 100644
--- a/external/libxml2/UnpackedTarball_xml2.mk
+++ b/external/libxml2/UnpackedTarball_xml2.mk
@@ -11,12 +11,15 @@ $(eval $(call gb_UnpackedTarball_UnpackedTarball,xml2))
$(eval $(call gb_UnpackedTarball_set_tarball,xml2,$(LIBXML_TARBALL),,libxml2))
+$(eval $(call gb_UnpackedTarball_update_autoconf_configs,xml2))
+
$(eval $(call gb_UnpackedTarball_add_patches,xml2,\
- external/libxml2/libxml2-config.patch.1 \
external/libxml2/libxml2-global-symbols.patch \
external/libxml2/libxml2-vc10.patch \
$(if $(filter ANDROID,$(OS)),external/libxml2/libxml2-android.patch) \
external/libxml2/libxml2-icu.patch.0 \
))
+$(eval $(call
gb_UnpackedTarball_add_file,xml2,xml2-config.in,external/libxml2/xml2-config.in))
+
# vim: set noet sw=4 ts=4:
diff --git a/external/libxml2/libxml2-config.patch.1
b/external/libxml2/libxml2-config.patch.1
deleted file mode 100644
index 28ac8f2809a7..000000000000
--- a/external/libxml2/libxml2-config.patch.1
+++ /dev/null
@@ -1,43 +0,0 @@
-Hack the xml2-config to return paths into WORKDIR.
-
---- a/xml2-config.in 2009-12-17 11:45:20.000000000 +0000
-+++ b/xml2-config.in 2009-12-17 11:45:36.000000000 +0000
-@@ -1,9 +1,14 @@
- #! /bin/sh
-
--prefix=@prefix@
--exec_prefix=@exec_prefix@
--includedir=@includedir@
--libdir=@libdir@
-+#prefix=@prefix@
-+#exec_prefix=@exec_prefix@
-+#includedir=@includedir@
-+#libdir=@libdir@
-+
-+prefix=${WORKDIR}/UnpackedTarball/xml2
-+exec_prefix=${WORKDIR}/UnpackedTarball/xml2
-+includedir=${WORKDIR}/UnpackedTarball/xml2/include
-+libdir=${WORKDIR}/UnpackedTarball/xml2/.libs
- cflags=
- libs=
-
-@@ -67,7 +72,8 @@
- ;;
-
- --cflags)
-- cflags="@XML_INCLUDEDIR@ @XML_CFLAGS@"
-+ #cflags="@XML_INCLUDEDIR@ @XML_CFLAGS@"
-+ cflags="-I${includedir}"
- ;;
-
- --libtool-libs)
-@@ -91,7 +96,8 @@
- libs="@XML_LIBDIR@ $libs"
- fi
-
-- libs="$libs @WIN32_EXTRA_LIBADD@"
-+ #libs="$libs @WIN32_EXTRA_LIBADD@"
-+ libs="-L${libdir} -lxml2 -lm"
- ;;
-
- *)
diff --git a/external/libxml2/xml2-config.in b/external/libxml2/xml2-config.in
new file mode 100644
index 000000000000..164508e47e67
--- /dev/null
+++ b/external/libxml2/xml2-config.in
@@ -0,0 +1,28 @@
+#! /bin/sh
+
+while test $# -gt 0; do
+ case "$1" in
+ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+ *) optarg= ;;
+ esac
+
+ case "$1" in
+ --version)
+ echo @VERSION@
+ exit 0
+ ;;
+ --cflags)
+ cflags="$LIBXML_CFLAGS"
+ ;;
+ --libs)
+ libs="$LIBXML_LIBS"
+ ;;
+ esac
+ shift
+done
+
+if test -n "$cflags$libs"; then
+ echo $cflags $libs
+fi
+
+exit 0
commit 7921ed237ff682cf92f7fae44fdd1a296b44a9ab
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Oct 26 11:07:49 2022 +0200
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Fri Nov 4 03:05:50 2022 +0100
curl: upgrade to release 7.86.0
Fixes CVE-2022-32221 which could affect libcmis, CVE-2022-42915,
and 2 more CVEs that probably don't affect LO.
* remove --without-ssl:
On the one hand, on GNU/Linux this now results in:
configure: error: --without-ssl has been set together with an explicit
option to use an ssl library
On the other hand, using the more obvious --without-openssl yields a link
failure on Android on the nss check in configure:
configure:28220: checking for SSL_VersionRangeSet in -lnss
/home/cl/Android/Sdk/ndk/20.1.5948944/toolchains/llvm/prebuilt/linux-x86_64/bin/../lib/gcc/aarch64-linux-android/4.9.x/../../../../aarch64-linux-android/bin/ld:
warning: liblog.so, needed by
/home/cl/rpmbuild/BUILD/lo-android2/workdir/UnpackedTarball/nss/dist/out/lib/libnss3.so,
not found (try using -rpath or -rpath-link)
/home/cl/rpmbuild/BUILD/lo-android2/workdir/UnpackedTarball/nss/dist/out/lib/libnspr4.so:
undefined reference to `__android_log_write'
/home/cl/rpmbuild/BUILD/lo-android2/workdir/UnpackedTarball/nss/dist/out/lib/libnspr4.so:
undefined reference to `__android_log_assert'
... so add the -llog for android in curl-nss.patch.1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141866
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit a76a88203d8508f38b10d9bbb94c3bba2485fcaf)
Change-Id: I3931a1eec2d681c2ce0e5695039492772e9fcc81
Conflicts:
download.lst
external/curl/curl-nss.patch.1
diff --git a/download.lst b/download.lst
index 5c6ce617217b..d5e3f2f17cb9 100644
--- a/download.lst
+++ b/download.lst
@@ -30,8 +30,8 @@ export CPPUNIT_SHA256SUM :=
3d569869d27b48860210c758c4f313082103a5e58219a7669b52
export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz
export CT2N_SHA256SUM :=
71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM :=
2cb9c2356e7263a1272fd1435ef7cdebf2cd21400ec287b068396deb705c22c4
-export CURL_TARBALL := curl-7.83.1.tar.xz
+export CURL_SHA256SUM :=
2d61116e5f485581f6d59865377df4463f2e788677ac43222b496d4e49fb627b
+export CURL_TARBALL := curl-7.86.0.tar.xz
export EBOOK_SHA256SUM :=
b710a57c633205b933015474d0ac0862253d1c52114d535dd09b20939a0d1850
export EBOOK_TARBALL := libe-book-0.1.2.tar.bz2
export EPOXY_SHA256SUM :=
1d8668b0a259c709899e1c4bab62d756d9002d546ce4f59c9665e2fc5f001a64
diff --git a/external/curl/ExternalProject_curl.mk
b/external/curl/ExternalProject_curl.mk
index 34e63e3006cb..f72c7abbb487 100644
--- a/external/curl/ExternalProject_curl.mk
+++ b/external/curl/ExternalProject_curl.mk
@@ -43,7 +43,7 @@ $(call gb_ExternalProject_get_state_target,curl,build):
$(if $(filter IOS MACOSX,$(OS)),\
--with-secure-transport,\
$(if $(ENABLE_NSS),--with-nss$(if
$(SYSTEM_NSS),,="$(call gb_UnpackedTarball_get_dir,nss)/dist/out")
--with-nss-deprecated,--without-nss)) \
- --without-ssl --without-gnutls --without-polarssl
--without-cyassl --without-axtls --without-mbedtls \
+ --without-openssl --without-gnutls --without-polarssl
--without-cyassl --without-axtls --without-mbedtls \
--enable-ftp --enable-http --enable-ipv6 \
--without-libidn2 --without-libpsl --without-librtmp \
--without-libssh2 --without-metalink --without-nghttp2 \
diff --git a/external/curl/curl-7.26.0_win-proxy.patch
b/external/curl/curl-7.26.0_win-proxy.patch
index c5498c3fdebb..f58736f2b46f 100644
--- a/external/curl/curl-7.26.0_win-proxy.patch
+++ b/external/curl/curl-7.26.0_win-proxy.patch
@@ -12,18 +12,18 @@
--- curl-7.26.0/lib/url.c
+++ misc/build/curl-7.26.0/lib/url.c
@@ -78,6 +78,10 @@
- bool curl_win32_idn_to_ascii(const char *in, char **out);
+ bool Curl_win32_idn_to_ascii(const char *in, char **out);
#endif /* USE_LIBIDN2 */
+#ifdef _WIN32
+#include <WinHttp.h>
+#endif
+
+ #include "doh.h"
#include "urldata.h"
#include "netrc.h"
-
@@ -4586,6 +4590,21 @@
- }
+ #ifndef CURL_DISABLE_PROXY
#ifndef CURL_DISABLE_HTTP
+#ifdef _WIN32
@@ -72,7 +72,7 @@
+ }
+ }
+
-+ if(!check_noproxy(conn->host.name, no_proxy)) {
++ if(!Curl_check_noproxy(conn->host.name, no_proxy)) {
+ /* Look for the http proxy setting */
+ char *tok;
+ char *saveptr;
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index d4dad7eba77e..5ef25748d7eb 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,12 +1,17 @@
diff -ur curl.org/configure curl/configure
--- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -28216,7 +28216,7 @@
+@@ -27985,7 +27985,12 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
- addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4"
+ addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 -lnssutil3"
++ case $host_os in
++ *android*)
++ addlib="${addlib} -llog"
++ ;;
++ esac
addcflags="-I$OPT_NSS/include"
version="unknown"
nssprefix=$OPT_NSS
commit fb40547abae0be062151abd42ee7425cfe978d4c
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Mon Oct 17 11:33:50 2022 +0200
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Fri Nov 4 03:05:50 2022 +0100
libxml2: upgrade to release 2.10.3
Fixes CVE-2022-40304 and CVE-2022-40303.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141448
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 39b5701976ff3d489c3212d6e2a116d6244c8ad1)
Change-Id: I5be3fd20ccf57596808a26b742aca325ac16f29b
Conflicts:
download.lst
diff --git a/download.lst b/download.lst
index b0db06789367..5c6ce617217b 100644
--- a/download.lst
+++ b/download.lst
@@ -139,8 +139,8 @@ export LIBTOMMATH_SHA256SUM :=
083daa92d8ee6f4af96a6143b12d7fc8fe1a547e14f862304
export LIBTOMMATH_TARBALL := ltm-1.0.zip
export LIBXMLSEC_SHA256SUM :=
99a8643f118bb1261a72162f83e2deba0f4f690893b4b90e1be4f708e8d481cc
export LIBXMLSEC_TARBALL := xmlsec1-1.2.24.tar.gz
-export LIBXML_SHA256SUM :=
d240abe6da9c65cb1900dd9bf3a3501ccf88b3c2a1cb98317d03f272dda5b265
-export LIBXML_VERSION_MICRO := 2
+export LIBXML_SHA256SUM :=
5d2cc3d78bec3dbe212a9d7fa629ada25a7da928af432c93060ff5c17ee28a9c
+export LIBXML_VERSION_MICRO := 3
export LIBXML_TARBALL := libxml2-2.10.$(LIBXML_VERSION_MICRO).tar.xz
export LIBXSLT_SHA256SUM :=
8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f34dd79
export LIBXSLT_VERSION_MICRO := 35
commit 3b0d0075eda45a651acc16babe7ec2d25a409821
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Wed Sep 21 16:43:27 2022 +0900
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Fri Nov 4 03:05:50 2022 +0100
update expat to 2.4.9
Fixes CVE-2022-40674
(https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/140173
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 1bff2caff1bbb39fe431c455aeab1f0234200d8d)
Change-Id: I459cf5f5de31e7cf5420d3df6b11893d5c4ca4dd
Conflicts:
download.lst
diff --git a/download.lst b/download.lst
index a2020c27bd24..b0db06789367 100644
--- a/download.lst
+++ b/download.lst
@@ -41,8 +41,8 @@ export EPM_TARBALL :=
3ade8cfe7e59ca8e65052644fed9fca4-epm-3.7.tar.gz
export ETONYEK_SHA256SUM :=
032f53e8d7691e48a73ddbe74fa84c906ff6ff32a33e6ee2a935b6fdb6aecb78
export ETONYEK_VERSION_MICRO := 6
export ETONYEK_TARBALL := libetonyek-0.1.$(ETONYEK_VERSION_MICRO).tar.bz2
-export EXPAT_SHA256SUM :=
de55794b7a9bc214852fdc075beaaecd854efe1361597e6268ee87946951289b
-export EXPAT_TARBALL := expat-2.4.6.tar.xz
+export EXPAT_SHA256SUM :=
6e8c0728fe5c7cd3f93a6acce43046c5e4736c7b4b68e032e9350daa0efc0354
+export EXPAT_TARBALL := expat-2.4.9.tar.xz
export FIREBIRD_SHA256SUM :=
6994be3555e23226630c587444be19d309b25b0fcf1f87df3b4e3f88943e5860
export FIREBIRD_TARBALL := Firebird-3.0.0.32483-0.tar.bz2
export FONTCONFIG_SHA256SUM :=
b449a3e10c47e1d1c7a6ec6e2016cca73d3bd68fbbd4f0ae5cc6b573f7d6c7f3
commit 1f41d695e09858df5cf3e89fbf1da4b02cecd783
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Sep 14 15:54:49 2022 +0200
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Fri Nov 4 03:05:49 2022 +0100
poppler: upgrade to release 22.09.0
Fixes CVE-2022-38784
Add external/poppler/disable-freetype.patch.1 to get rid of some new
code that unconditionally requires freetype, to avoid building that on
WNT/MACOSX.
Change-Id: I854d1865286b6fb4112cdf37898cda0203c52f2e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139941
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 8fce9a0a41b1bbebd325fc9d98a79d8decd3950c)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139967
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
Reviewed-by: Noel Grandin <noel.gran...@collabora.co.uk>
(cherry picked from commit bdbb450ed0ded86fb50d6b19a2cce0f11ca74b07)
Conflicts:
download.lst
external/poppler/poppler-config.patch.1
diff --git a/download.lst b/download.lst
index 54c7a693b7e2..a2020c27bd24 100644
--- a/download.lst
+++ b/download.lst
@@ -191,8 +191,8 @@ export PIXMAN_SHA256SUM :=
21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3
export PIXMAN_TARBALL := e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz
export PNG_SHA256SUM :=
505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca
export PNG_TARBALL := libpng-1.6.37.tar.xz
-export POPPLER_SHA256SUM :=
016dde34e5f868ea98a32ca99b643325a9682281500942b7113f4ec88d20e2f3
-export POPPLER_TARBALL := poppler-21.01.0.tar.xz
+export POPPLER_SHA256SUM :=
d7a8f748211359cadb774ba3e18ecda6464b34027045c0648eb30d5852a41e2e
+export POPPLER_TARBALL := poppler-22.09.0.tar.xz
export POSTGRESQL_SHA256SUM :=
9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3
export POSTGRESQL_TARBALL := postgresql-13.5.tar.bz2
export PYTHON_SHA256SUM :=
c24a37c63a67f53bdd09c5f287b5cff8e8b98f857bf348c577d454d3f74db049
diff --git a/external/poppler/UnpackedTarball_poppler.mk
b/external/poppler/UnpackedTarball_poppler.mk
index 0f29d38e097c..c08daa992060 100644
--- a/external/poppler/UnpackedTarball_poppler.mk
+++ b/external/poppler/UnpackedTarball_poppler.mk
@@ -16,6 +16,8 @@ $(eval $(call gb_UnpackedTarball_add_patches,poppler,\
external/poppler/poppler-c++11.patch.1 \
external/poppler/0001-Partially-revert-814fbda28cc8a37fed3134c2db8da28f86f.patch.1
\
external/poppler/0001-Revert-Make-the-mul-tables-be-calculated-at-compile-.patch.1
\
+ external/poppler/disable-freetype.patch.1 \
+ external/poppler/gcc7-EntityInfo.patch.1 \
))
# std::make_unique is only available in C++14
diff --git a/external/poppler/disable-freetype.patch.1
b/external/poppler/disable-freetype.patch.1
new file mode 100644
index 000000000000..d59006eba979
--- /dev/null
+++ b/external/poppler/disable-freetype.patch.1
@@ -0,0 +1,41 @@
+disable freetype dependent code
+
+--- poppler/poppler/Form.cc.orig 2022-09-14 15:46:48.588316681 +0200
++++ poppler/poppler/Form.cc 2022-09-14 15:48:01.468274551 +0200
+@@ -46,7 +46,7 @@
+ #include <cstdlib>
+ #include <cstring>
+ #include <cctype>
+-#include "goo/ft_utils.h"
++//#include "goo/ft_utils.h"
+ #include "goo/gmem.h"
+ #include "goo/gfile.h"
+ #include "goo/GooString.h"
+@@ -77,8 +77,8 @@
+ #include "fofi/FoFiTrueType.h"
+ #include "fofi/FoFiIdentifier.h"
+
+-#include <ft2build.h>
+-#include FT_FREETYPE_H
++//#include <ft2build.h>
++//#include FT_FREETYPE_H
+
+ // return a newly allocated char* containing an UTF16BE string of size length
+ char *pdfDocEncodingToUTF16(const std::string &orig, int *length)
+@@ -2730,6 +2730,8 @@
+
+ Form::AddFontResult Form::addFontToDefaultResources(const std::string
&filepath, int faceIndex, const std::string &fontFamily, const std::string
&fontStyle)
+ {
++ return {};
++#if 0
+ if (!GooString::endsWith(filepath, ".ttf") &&
!GooString::endsWith(filepath, ".ttc") && !GooString::endsWith(filepath,
".otf")) {
+ error(errIO, -1, "We only support embedding ttf/ttc/otf fonts for
now. The font file for {0:s} {1:s} was {2:s}", fontFamily.c_str(),
fontStyle.c_str(), filepath.c_str());
+ return {};
+@@ -2939,6 +2941,7 @@
+ }
+
+ return { dictFontName, fontDictRef };
++#endif
+ }
+
+ std::string Form::getFallbackFontForChar(Unicode uChar, const GfxFont
&fontToEmulate) const
diff --git a/external/poppler/gcc7-EntityInfo.patch.1
b/external/poppler/gcc7-EntityInfo.patch.1
new file mode 100644
index 000000000000..b450bff93af9
--- /dev/null
+++ b/external/poppler/gcc7-EntityInfo.patch.1
@@ -0,0 +1,48 @@
+gcc 7.3.1 says:
+
+workdir/UnpackedTarball/poppler/poppler/CertificateInfo.cc:42:34: error:
function ‘X509CertificateInfo::EntityInfo&
X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo&&)’
defaulted on its redeclaration with an exception-specification that differs
from the implicit exception-specification ‘’
+
+--- poppler/poppler/CertificateInfo.h.orig 2022-09-14 19:32:12.426351385
+0200
++++ poppler/poppler/CertificateInfo.h 2022-09-14 19:32:18.947347812 +0200
+@@ -70,7 +70,7 @@
+ ~EntityInfo();
+
+ EntityInfo(EntityInfo &&) noexcept;
+- EntityInfo &operator=(EntityInfo &&) noexcept;
++ EntityInfo &operator=(EntityInfo &&) /*noexcept*/;
+
+ EntityInfo(const EntityInfo &) = delete;
+ EntityInfo &operator=(const EntityInfo &) = delete;
+--- poppler/poppler/CertificateInfo.cc.orig 2022-09-14 19:31:10.225385467
+0200
++++ poppler/poppler/CertificateInfo.cc 2022-09-14 19:31:12.572384182 +0200
+@@ -39,7 +39,7 @@
+
+ X509CertificateInfo::EntityInfo::EntityInfo(X509CertificateInfo::EntityInfo
&&other) noexcept = default;
+
+-X509CertificateInfo::EntityInfo
&X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo
&&other) noexcept = default;
++X509CertificateInfo::EntityInfo
&X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo
&&other) /*noexcept*/ = default;
+
+ X509CertificateInfo::X509CertificateInfo() : ku_extensions(KU_NONE),
cert_version(-1), is_self_signed(false) { }
+
+--- poppler/poppler/GfxFont.cc.orig 2022-09-14 20:24:32.569607333 +0200
++++ poppler/poppler/GfxFont.cc 2022-09-14 20:24:52.323596186 +0200
+@@ -180,7 +180,7 @@
+
+ GfxFontLoc::GfxFontLoc(GfxFontLoc &&other) noexcept = default;
+
+-GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) noexcept = default;
++GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) /*noexcept*/ = default;
+
+ void GfxFontLoc::setPath(GooString *pathA)
+ {
+--- poppler/poppler/GfxFont.h.orig 2022-09-14 20:24:30.784608340 +0200
++++ poppler/poppler/GfxFont.h 2022-09-14 20:25:08.850586861 +0200
+@@ -124,7 +124,7 @@
+ GfxFontLoc(const GfxFontLoc &) = delete;
+ GfxFontLoc(GfxFontLoc &&) noexcept;
+ GfxFontLoc &operator=(const GfxFontLoc &) = delete;
+- GfxFontLoc &operator=(GfxFontLoc &&other) noexcept;
++ GfxFontLoc &operator=(GfxFontLoc &&other) /*noexcept*/;
+
+ // Set the 'path' string from a GooString on the heap.
+ // Ownership of the object is taken.
diff --git a/external/poppler/poppler-c++11.patch.1
b/external/poppler/poppler-c++11.patch.1
index 9e607b381de0..05b47bc91299 100644
--- a/external/poppler/poppler-c++11.patch.1
+++ b/external/poppler/poppler-c++11.patch.1
@@ -18,7 +18,7 @@ remove usage of newfangled C++ that baseline toolchains don't
support
- const std::string modeStr = mode + "e"s;
+ const std::string modeStr = mode + std::string("e");
FILE *file = fopen(path, modeStr.c_str());
- if (file != nullptr)
+ if (file != nullptr) {
return file;
--- poppler/goo/gmem.h.orig 2019-01-16 11:25:28.161920038 +0100
+++ poppler/goo/gmem.h 2019-01-16 11:25:53.756882295 +0100
@@ -29,3 +29,14 @@ remove usage of newfangled C++ that baseline toolchains
don't support
+#include <o3tl/make_unique.hxx>
+
#endif // GMEM_H
+--- poppler/goo/gfile.cc.orig2 2022-09-15 12:33:24.163562177 +0200
++++ poppler/goo/gfile.cc 2022-09-15 12:33:49.501547336 +0200
+@@ -50,6 +50,8 @@
+ #include "gfile.h"
+ #include "gdir.h"
+
++#include <o3tl/make_unique.hxx>
++
+ // Some systems don't define this, so just make it something reasonably
+ // large.
+ #ifndef PATH_MAX
diff --git a/external/poppler/poppler-config.patch.1
b/external/poppler/poppler-config.patch.1
index b902402ea4e7..93098cee1a06 100644
--- a/external/poppler/poppler-config.patch.1
+++ b/external/poppler/poppler-config.patch.1
@@ -16,7 +16,7 @@ new file mode 100644
index 0fbd336a..451213f8 100644
--- /dev/null
+++ b/config.h
-@@ -0,0 +1,221 @@
+@@ -0,0 +1,220 @@
+/* config.h. Generated from config.h.cmake by cmake. */
+
+/* Build against libcurl. */
@@ -105,9 +105,6 @@ index 0fbd336a..451213f8 100644
+#define HAVE_TIMEGM 1
+#endif
+
-+/* Define if you have the iconv() function and it works. */
-+/* #undef HAVE_ICONV */
-+
+/* Define to 1 if you have the `z' library (-lz). */
+/* #undef HAVE_LIBZ */
+
@@ -176,7 +173,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_NAME "poppler"
+
+/* Define to the full name and version of this package. */
-+#define PACKAGE_STRING "poppler 21.01.0"
++#define PACKAGE_STRING "poppler 22.09.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "poppler"
@@ -185,7 +182,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
-+#define PACKAGE_VERSION "21.01.0"
++#define PACKAGE_VERSION "22.09.0"
+
+/* Poppler data dir */
+#define POPPLER_DATADIR "/usr/local/share/poppler"
@@ -203,7 +200,7 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_FLOAT */
+
+/* Version number of package */
-+#define VERSION "21.01.0"
++#define VERSION "22.09.0"
+
+#if defined(__APPLE__)
+#elif defined (_WIN32)
@@ -228,6 +225,8 @@ index 0fbd336a..451213f8 100644
+#if defined(_MSC_VER) || defined(__BORLANDC__)
+#define popen _popen
+#define pclose _pclose
++#define strncasecmp _strnicmp
++#define strcasecmp _stricmp
+#endif
+
+/* Number of bits in a file offset, on hosts where this is settable. */
@@ -248,7 +247,7 @@ index 0fbd336a..451213f8 100644
+//
+// poppler-config.h
+//
-+// Copyright 1996-2011 Glyph & Cog, LLC
++// Copyright 1996-2011, 2022 Glyph & Cog, LLC
+//
+//========================================================================
+
@@ -282,7 +281,7 @@ index 0fbd336a..451213f8 100644
+
+/* Defines the poppler version. */
+#ifndef POPPLER_VERSION
-+#define POPPLER_VERSION "21.01.0"
++#define POPPLER_VERSION "22.09.0"
+#endif
+
+/* Use single precision arithmetic in the Splash backend */
@@ -379,8 +378,8 @@ index 0fbd336a..451213f8 100644
+//------------------------------------------------------------------------
+
+// copyright notice
-+#define popplerCopyright "Copyright 2005-2021 The Poppler Developers -
http://poppler.freedesktop.org";
-+#define xpdfCopyright "Copyright 1996-2011 Glyph & Cog, LLC"
++#define popplerCopyright "Copyright 2005-2022 The Poppler Developers -
http://poppler.freedesktop.org";
++#define xpdfCopyright "Copyright 1996-2011, 2022 Glyph & Cog, LLC"
+
+//------------------------------------------------------------------------
+// Win32 stuff
@@ -439,9 +438,9 @@ index 0fbd336a..451213f8 100644
+
+#include "poppler-global.h"
+
-+#define POPPLER_VERSION "21.01.0"
-+#define POPPLER_VERSION_MAJOR 21
-+#define POPPLER_VERSION_MINOR 1
++#define POPPLER_VERSION "22.09.0"
++#define POPPLER_VERSION_MAJOR 22
++#define POPPLER_VERSION_MINOR 9
+#define POPPLER_VERSION_MICRO 0
+
+namespace poppler
diff --git a/sdext/Executable_xpdfimport.mk b/sdext/Executable_xpdfimport.mk
index dde84963a1fb..fd07f7b43956 100644
--- a/sdext/Executable_xpdfimport.mk
+++ b/sdext/Executable_xpdfimport.mk
@@ -22,4 +22,8 @@ $(eval $(call gb_Executable_add_exception_objects,xpdfimport,\
sdext/source/pdfimport/xpdfwrapper/wrapper_gpl \
))
+$(eval $(call gb_Executable_use_system_win32_libs,xpdfimport,\
+ shell32 \
+))
+
# vim:set noet sw=4 ts=4:
commit 1b7644f13397d4f13331a47b9f56c0b1aa2ce805
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Sep 14 11:10:57 2022 +0200
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Fri Nov 4 03:05:49 2022 +0100
zlib: add patch for CVE-2022-37434
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139913
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 521e920dda79f44a0ad637b6062f3dcb574f884b)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139849
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
(cherry picked from commit 832e2a266005d8ef5f9bcc7f51b545d5dc4ce165)
Change-Id: If09c419ba00fc9be021249e4d4da27d1650b9080
diff --git a/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
b/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
new file mode 100644
index 000000000000..c5c95a92b28a
--- /dev/null
+++ b/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
@@ -0,0 +1,29 @@
+From 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d Mon Sep 17 00:00:00 2001
+From: Mark Adler <f...@madler.net>
+Date: Mon, 8 Aug 2022 10:50:09 -0700
+Subject: [PATCH] Fix extra field processing bug that dereferences NULL
+ state->head.
+
+The recent commit to fix a gzip header extra field processing bug
+introduced the new bug fixed here.
+---
+ inflate.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/inflate.c b/inflate.c
+index 7a7289749..2a3c4fe98 100644
+--- a/inflate.c
++++ b/inflate.c
+@@ -763,10 +763,10 @@ int flush;
+ copy = state->length;
+ if (copy > have) copy = have;
+ if (copy) {
+- len = state->head->extra_len - state->length;
+ if (state->head != Z_NULL &&
+ state->head->extra != Z_NULL &&
+- len < state->head->extra_max) {
++ (len = state->head->extra_len - state->length) <
++ state->head->extra_max) {
+ zmemcpy(state->head->extra + len, next,
+ len + copy > state->head->extra_max ?
+ state->head->extra_max - len : copy);
diff --git a/external/zlib/UnpackedTarball_zlib.mk
b/external/zlib/UnpackedTarball_zlib.mk
index fa476b918b7c..10ee74b9568a 100644
--- a/external/zlib/UnpackedTarball_zlib.mk
+++ b/external/zlib/UnpackedTarball_zlib.mk
@@ -16,4 +16,11 @@ $(eval $(call gb_UnpackedTarball_set_post_action,zlib,\
cp $(addsuffix .c,adler32 compress crc32 deflate inffast inflate
inftrees trees zutil) x64 \
))
+$(eval $(call gb_UnpackedTarball_set_patchlevel,zlib,1))
+
+$(eval $(call gb_UnpackedTarball_add_patches,zlib,\
+ external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch \
+ external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch \
+))
+
# vim: set noet sw=4 ts=4:
diff --git a/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
b/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
new file mode 100644
index 000000000000..dc84d3a1d385
--- /dev/null
+++ b/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
@@ -0,0 +1,32 @@
+From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001
+From: Mark Adler <f...@madler.net>
+Date: Sat, 30 Jul 2022 15:51:11 -0700
+Subject: [PATCH] Fix a bug when getting a gzip header extra field with
+ inflate().
+
+If the extra field was larger than the space the user provided with
+inflateGetHeader(), and if multiple calls of inflate() delivered
+the extra header data, then there could be a buffer overflow of the
+provided space. This commit assures that provided space is not
+exceeded.
+---
+ inflate.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/inflate.c b/inflate.c
+index 7be8c6366..7a7289749 100644
+--- a/inflate.c
++++ b/inflate.c
+@@ -763,9 +763,10 @@ int flush;
+ copy = state->length;
+ if (copy > have) copy = have;
+ if (copy) {
++ len = state->head->extra_len - state->length;
+ if (state->head != Z_NULL &&
+- state->head->extra != Z_NULL) {
+- len = state->head->extra_len - state->length;
++ state->head->extra != Z_NULL &&
++ len < state->head->extra_max) {
+ zmemcpy(state->head->extra + len, next,
+ len + copy > state->head->extra_max ?
+ state->head->extra_max - len : copy);
commit 2de47098d6f1ca507d0cf9b33293a8ea282168f3
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Sep 14 10:27:02 2022 +0200
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Fri Nov 4 03:05:49 2022 +0100
libxml2: upgrade to release 2.10.2
Fixes CVE-2022-2309
Change-Id: I180218be275d3b6d38f8f74aa51c57e50d2734ee
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139911
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit d621a8839cebf96fe3ac374026f344f8e68bf011)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139954
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
Conflicts:
download.lst
external/libxml2/ExternalPackage_libxml2.mk
test/source/xmltesttools.cxx
diff --git a/download.lst b/download.lst
index c68e5b6fdc70..54c7a693b7e2 100644
--- a/download.lst
+++ b/download.lst
@@ -139,9 +139,9 @@ export LIBTOMMATH_SHA256SUM :=
083daa92d8ee6f4af96a6143b12d7fc8fe1a547e14f862304
export LIBTOMMATH_TARBALL := ltm-1.0.zip
export LIBXMLSEC_SHA256SUM :=
99a8643f118bb1261a72162f83e2deba0f4f690893b4b90e1be4f708e8d481cc
export LIBXMLSEC_TARBALL := xmlsec1-1.2.24.tar.gz
-export LIBXML_SHA256SUM :=
60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee
-export LIBXML_VERSION_MICRO := 14
-export LIBXML_TARBALL := libxml2-2.9.$(LIBXML_VERSION_MICRO).tar.xz
+export LIBXML_SHA256SUM :=
d240abe6da9c65cb1900dd9bf3a3501ccf88b3c2a1cb98317d03f272dda5b265
+export LIBXML_VERSION_MICRO := 2
+export LIBXML_TARBALL := libxml2-2.10.$(LIBXML_VERSION_MICRO).tar.xz
export LIBXSLT_SHA256SUM :=
8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f34dd79
export LIBXSLT_VERSION_MICRO := 35
export LIBXSLT_TARBALL := libxslt-1.1.$(LIBXSLT_VERSION_MICRO).tar.xz
diff --git a/external/libxml2/ExternalPackage_xml2.mk
b/external/libxml2/ExternalPackage_xml2.mk
index 5830f36a776f..3bb5a928d304 100644
--- a/external/libxml2/ExternalPackage_xml2.mk
+++ b/external/libxml2/ExternalPackage_xml2.mk
@@ -21,7 +21,7 @@ else # COM=MSC
$(eval $(call
gb_ExternalPackage_add_file,xml2,$(LIBO_URE_LIB_FOLDER)/libxml2.dll,win32/bin.msvc/libxml2.dll))
endif
else # OS!=WNT
-$(eval $(call
gb_ExternalPackage_add_file,xml2,$(LIBO_URE_LIB_FOLDER)/libxml2.so.2,.libs/libxml2.so.2.9.$(LIBXML_VERSION_MICRO)))
+$(eval $(call
gb_ExternalPackage_add_file,xml2,$(LIBO_URE_LIB_FOLDER)/libxml2.so.2,.libs/libxml2.so.2.10.$(LIBXML_VERSION_MICRO)))
endif
endif # DISABLE_DYNLOADING
diff --git a/external/libxml2/libxml2-android.patch
b/external/libxml2/libxml2-android.patch
index 42af83274026..acf9b17e02db 100644
--- a/external/libxml2/libxml2-android.patch
+++ b/external/libxml2/libxml2-android.patch
@@ -2,9 +2,9 @@
+++ misc/build/libxml2-2.7.6/Makefile.in
@@ -1635,7 +1635,7 @@
$(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
- check: $(BUILT_SOURCES)
- $(MAKE) $(AM_MAKEFLAGS) check-recursive
--all-am: Makefile $(PROGRAMS) $(LTLIBRARIES) $(SCRIPTS) $(MANS) $(DATA) \
+ $(MAKE) $(AM_MAKEFLAGS) check-local
+ check: check-recursive
+-all-am: Makefile $(PROGRAMS) $(LTLIBRARIES) $(SCRIPTS) $(DATA) \
+all-am: Makefile $(LTLIBRARIES) \
config.h
install-binPROGRAMS: install-libLTLIBRARIES
diff --git a/sc/source/core/tool/interpr7.cxx b/sc/source/core/tool/interpr7.cxx
index 710bfa9483a0..5a811d881373 100644
--- a/sc/source/core/tool/interpr7.cxx
+++ b/sc/source/core/tool/interpr7.cxx
@@ -220,6 +220,7 @@ void ScInterpreter::ScFilterXML()
case XPATH_STRING:
PushString(OUString::createFromAscii(reinterpret_cast<char*>(pXPathObj->stringval)));
break;
+#if LIBXML_VERSION < 21000 || defined(LIBXML_XPTR_LOCS_ENABLED)
case XPATH_POINT:
PushNoValue();
break;
@@ -229,13 +230,13 @@ void ScInterpreter::ScFilterXML()
case XPATH_LOCATIONSET:
PushNoValue();
break;
+#endif
case XPATH_USERS:
PushNoValue();
break;
case XPATH_XSLT_TREE:
PushNoValue();
break;
-
}
}
}
diff --git a/unoxml/source/xpath/xpathobject.cxx
b/unoxml/source/xpath/xpathobject.cxx
index 000b3e55c35c..68d6c67ce0ca 100644
--- a/unoxml/source/xpath/xpathobject.cxx
+++ b/unoxml/source/xpath/xpathobject.cxx
@@ -44,12 +44,14 @@ namespace XPath
return XPathObjectType_XPATH_NUMBER;
case XPATH_STRING:
return XPathObjectType_XPATH_STRING;
+#if LIBXML_VERSION < 21000 || defined(LIBXML_XPTR_LOCS_ENABLED)
case XPATH_POINT:
return XPathObjectType_XPATH_POINT;
case XPATH_RANGE:
return XPathObjectType_XPATH_RANGE;
case XPATH_LOCATIONSET:
return XPathObjectType_XPATH_LOCATIONSET;
+#endif
case XPATH_USERS:
return XPathObjectType_XPATH_USERS;
case XPATH_XSLT_TREE:
