[meta-oe,15/64] lcms: upgrade 2.18 -> 2.19

Message ID	20260430104924.1106-15-wangmy@fujitsu.com
State	New
Headers	show Return-Path: <wangmy@fujitsu.com> ip: 139.138.36.223, mailfrom: wangmy@fujitsu.com) From: Wang Mingyu < wangmy@fujitsu.com> To: openembedded-devel@lists.openembedded.org Cc: Wang Mingyu <wangmy@fujitsu.com> Subject: [oe] [meta-oe] [PATCH 15/64] lcms: upgrade 2.18 -> 2.19 Date: Thu, 30 Apr 2026 18:48:34 +0800 Message-ID: <20260430104924.1106-15-wangmy@fujitsu.com> In-Reply-To: <20260430104924.1106-1-wangmy@fujitsu.com> References: <20260430104924.1106-1-wangmy@fujitsu.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[meta-oe,01/64] 7zip: upgrade 26.00 -> 26.01 \| expand [meta-oe,01/64] 7zip: upgrade 26.00 -> 26.01 [meta-gnome,02/64] appstream-glib: upgrade 0.8.2 -> 0.8.3 [meta-oe,03/64] bubblewrap: upgrade 0.11.1 -> 0.11.2 [meta-oe,04/64] ctags: upgrade 6.2.20260329.0 -> 6.2.20260426.0 [meta-oe,05/64] dash: upgrade 0.5.13.2 -> 0.5.13.3 [meta-oe,06/64] fastfetch: upgrade 2.61.0 -> 2.62.1 [meta-oe,07/64] fluentbit: upgrade 5.0.2 -> 5.0.3 [meta-oe,08/64] glaze: upgrade 7.3.3 -> 7.4.0 [meta-oe,09/64] highway: upgrade 1.3.0 -> 1.4.0 [meta-oe,10/64] iceauth: upgrade 1.0.10 -> 1.0.11 [meta-oe,11/64] imagemagick: upgrade 7.1.2-19 -> 7.1.2-21 [meta-oe,12/64] isocline: upgrade 1.0.9 -> 1.1.0 [meta-oe,13/64] jemalloc: upgrade 5.3.0 -> 5.3.1 [meta-oe,14/64] jsoncons: upgrade 1.6.0 -> 1.7.0 [meta-oe,15/64] lcms: upgrade 2.18 -> 2.19 [meta-oe,16/64] libblockdev: upgrade 3.4.0 -> 3.5.0 [meta-oe,17/64] libfido2: upgrade 1.16.0 -> 1.17.0 [meta-oe,18/64] libtorrent: upgrade 0.16.9 -> 0.16.10 [meta-oe,19/64] libtsm: upgrade 4.4.3 -> 4.5.0 [meta-gnome,20/64] localsearch: upgrade 3.11.0 -> 3.11.1 [meta-oe,21/64] md4c: upgrade 0.5.2 -> 0.5.3 [meta-networking,22/64] mdio-tools,mdio-netlink: upgrade 1.3.1 -> 1.3.2,1.3.1 -> 1.3.2 [meta-networking,23/64] nbdkit: upgrade 1.47.7 -> 1.47.8 [meta-oe,24/64] neatvnc: upgrade 0.9.5 -> 0.9.6 [meta-oe,25/64] nss: upgrade 3.122 -> 3.123.1 [meta-filesystems,26/64] ntfs-3g-ntfsprogs: upgrade 2022.10.3 -> 2026.2.25 [meta-oe,27/64] parallel: upgrade 20260322 -> 20260422 [meta-python,28/64] python3-asyncinotify: upgrade 4.4.2 -> 4.4.4 [meta-python,29/64] python3-bumble: upgrade 0.0.226 -> 0.0.228 [meta-python,30/64] python3-cmake: upgrade 4.3.1 -> 4.3.2 [meta-python,31/64] python3-cmd2: upgrade 3.4.0 -> 3.5.1 [meta-python,32/64] python3-faker: upgrade 40.13.0 -> 40.15.0 [meta-python,33/64] python3-fastapi: upgrade 0.135.3 -> 0.136.1 [meta-python,34/64] python3-filelock: upgrade 3.25.2 -> 3.29.0 [meta-python,35/64] python3-flask-marshmallow: upgrade 1.4.0 -> 1.5.0 [meta-python,36/64] python3-flask-wtf: upgrade 1.2.2 -> 1.3.0 [meta-python,37/64] python3-greenlet: upgrade 3.4.0 -> 3.5.0 [meta-python,38/64] python3-identify: upgrade 2.6.18 -> 2.6.19 [meta-python,39/64] python3-inline-snapshot: upgrade 0.32.6 -> 0.32.7 [meta-python,40/64] python3-ipython: upgrade 9.12.0 -> 9.13.0 [meta-python,41/64] python3-moteus: upgrade 0.3.100 -> 0.3.101 [meta-python,42/64] python3-pre-commit: upgrade 4.5.1 -> 4.6.0 [meta-python,43/64] python3-pymisp: upgrade 2.5.33.1 -> 2.5.33.2 [meta-python,44/64] python3-pymongo: upgrade 4.16.0 -> 4.17.0 [meta-python,45/64] python3-pyroute2: upgrade 0.9.5 -> 0.9.6 [meta-python,46/64] python3-pytest-codspeed: upgrade 4.3.0 -> 4.4.0 [meta-python,47/64] python3-python-multipart: upgrade 0.0.26 -> 0.0.27 [meta-python,48/64] python3-sentry-sdk: upgrade 2.57.0 -> 2.58.0 [meta-python,49/64] python3-simplejson: upgrade 3.20.2 -> 4.1.1 [meta-python,50/64] python3-tox: upgrade 4.52.1 -> 4.53.0 [meta-python,51/64] python3-typer: upgrade 0.24.1 -> 0.25.0 [meta-python,52/64] python3-tzdata: upgrade 2026.1 -> 2026.2 [meta-python,53/64] python3-virtualenv: upgrade 21.2.1 -> 21.3.0 [meta-python,54/64] python3-xxhash: upgrade 3.6.0 -> 3.7.0 [meta-python,55/64] python3-zopeinterface: upgrade 8.3 -> 8.4 [meta-oe,56/64] rtorrent: upgrade 0.16.9 -> 0.16.10 [meta-oe,57/64] spectre-meltdown-checker: upgrade 26.26.0404682 -> 26.33.0420460 [meta-networking,58/64] strongswan: upgrade 6.0.5 -> 6.0.6 [meta-webserver,59/64] swagger-ui: upgrade 5.32.2 -> 5.32.5 [meta-gnome,60/64] tinysparql: upgrade 3.11.0 -> 3.11.1 [meta-initramfs,61/64] ubi-utils-klibc: upgrade 2.3.0 -> 2.3.1 [meta-oe,62/64] uriparser: upgrade 1.0.0 -> 1.0.1 [meta-oe,63/64] xbitmaps: upgrade 1.1.3 -> 1.1.4 [meta-oe,64/64] xterm: upgrade 408 -> 409

Message ID

20260430104924.1106-15-wangmy@fujitsu.com

State

New

Headers

From: Wang Mingyu < wangmy@fujitsu.com>
To: openembedded-devel@lists.openembedded.org
Cc: Wang Mingyu <wangmy@fujitsu.com>
Subject: [oe] [meta-oe] [PATCH 15/64] lcms: upgrade 2.18 -> 2.19
Date: Thu, 30 Apr 2026 18:48:34 +0800
Message-ID: <20260430104924.1106-15-wangmy@fujitsu.com>
In-Reply-To: <20260430104924.1106-1-wangmy@fujitsu.com>
References: <20260430104924.1106-1-wangmy@fujitsu.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[meta-oe,01/64] 7zip: upgrade 26.00 -> 26.01 | expand

Commit Message

Wang Mingyu April 30, 2026, 10:48 a.m. UTC

From: Wang Mingyu <wangmy@fujitsu.com>

CVE-2026-41254_1.patch
CVE-2026-41254_2.patch
removed since they're included in 2.19

Changes:
========
- CMake build system. Thanks to Vlad Erium for the initial implementation and
  kmilos for improvements.
- Large files support to use profiles up to 4Gb
- Black point compensation works on multi-channel profiles
- Added more test platforms/architectures in GitHub tests, Cygwin and MSYS are
  now fully checked.
- jpgicc banner is not shown on normal operation, only when help is requested.
- Added a way to access internal transform pipelines. For read only.
- Add a way to retrieve the CMM signature
- Added extra checks on postscript undocumented functions
- Added guard on integer overflow when reading .cube files
- Added unneeded checks as a try to get rid of spam reports about
  "vulnerabilities" that are not real.
- Utility program names generated by Visual Studio 2026 are now same as all
  other platforms.
- Creating an output profile by cmsTransform2DeviceLink does not propagate
  correctly the colorant table. Fixed.
- Added some profile class definitions from iccMAX
- Deprecated uint16 and uint32 types removed from tifdiff
- fixed generation of tifdiff on Cmake and meson

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
---
 .../lcms/lcms/CVE-2026-41254_1.patch          | 28 ---------------
 .../lcms/lcms/CVE-2026-41254_2.patch          | 34 -------------------
 .../lcms/{lcms_2.18.bb => lcms_2.19.bb}       |  7 ++--
 3 files changed, 2 insertions(+), 67 deletions(-)
 delete mode 100644 meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_1.patch
 delete mode 100644 meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_2.patch
 rename meta-oe/recipes-support/lcms/{lcms_2.18.bb => lcms_2.19.bb} (60%)

diff --git a/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_1.patch b/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_1.patch
deleted file mode 100644
index 2ed8e9f587..0000000000
--- a/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_1.patch
+++ /dev/null
@@ -1,28 +0,0 @@ 
-From c83cfcd249d06950a307cee8d1e22b7f6a78a8a7 Mon Sep 17 00:00:00 2001
-From: Marti Maria <marti.maria@littlecms.com>
-Date: Thu, 19 Feb 2026 09:07:20 +0100
-Subject: [PATCH] Fix integer overflow in CubeSize()
-
-Thanks to @zerojackyi for reporting
-
-CVE: CVE-2026-41254
-Upstream-Status: Backport [https://github.com/mm2/Little-CMS/commit/da6110b1d14abc394633a388209abd5ebedd7ab0]
-Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
----
- src/cmslut.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/cmslut.c b/src/cmslut.c
-index 1089148..b245209 100644
---- a/src/cmslut.c
-+++ b/src/cmslut.c
-@@ -460,7 +460,8 @@ void EvaluateCLUTfloatIn16(const cmsFloat32Number In[], cmsFloat32Number Out[],
- static
- cmsUInt32Number CubeSize(const cmsUInt32Number Dims[], cmsUInt32Number b)
- {
--    cmsUInt32Number rv, dim;
-+    cmsUInt32Number dim;
-+    cmsUInt64Number rv;
- 
-     _cmsAssert(Dims != NULL);
- 
diff --git a/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_2.patch b/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_2.patch
deleted file mode 100644
index be8c759a6f..0000000000
--- a/meta-oe/recipes-support/lcms/lcms/CVE-2026-41254_2.patch
+++ /dev/null
@@ -1,34 +0,0 @@ 
-From f5994aea02d5620f3182cafdcf116ffe9d6c9fd2 Mon Sep 17 00:00:00 2001
-From: Marti Maria <marti.maria@littlecms.com>
-Date: Thu, 12 Mar 2026 22:57:35 +0100
-Subject: [PATCH] check for overflow
-
-Thanks to Guanni Qu for detecting & reporting the issue
-
-CVE: CVE-2026-41254
-Upstream-Status: Backport [https://github.com/mm2/Little-CMS/commit/e0641b1828d0a1af5ecb1b11fe22f24fceefd4bc]
-Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
----
- src/cmslut.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/src/cmslut.c b/src/cmslut.c
-index b245209..c1dbb32 100644
---- a/src/cmslut.c
-+++ b/src/cmslut.c
-@@ -468,12 +468,12 @@ cmsUInt32Number CubeSize(const cmsUInt32Number Dims[], cmsUInt32Number b)
-     for (rv = 1; b > 0; b--) {
- 
-         dim = Dims[b-1];
--        if (dim <= 1) return 0;  // Error
--
--        rv *= dim;
-+        if (dim <= 1) return 0;  
- 
-         // Check for overflow
-         if (rv > UINT_MAX / dim) return 0;
-+
-+        rv *= dim;
-     }
- 
-     // Again, prevent overflow
diff --git a/meta-oe/recipes-support/lcms/lcms_2.18.bb b/meta-oe/recipes-support/lcms/lcms_2.19.bb
similarity index 60%
rename from meta-oe/recipes-support/lcms/lcms_2.18.bb
rename to meta-oe/recipes-support/lcms/lcms_2.19.bb
index 1ff3b3908f..fa33678b18 100644
--- a/meta-oe/recipes-support/lcms/lcms_2.18.bb
+++ b/meta-oe/recipes-support/lcms/lcms_2.19.bb
@@ -3,11 +3,8 @@  SECTION = "libs"
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=e9ce323c4b71c943a785db90142b228a"
 
-SRC_URI = "${SOURCEFORGE_MIRROR}/lcms/lcms2-${PV}.tar.gz \
-           file://CVE-2026-41254_1.patch \
-           file://CVE-2026-41254_2.patch \
-           "
-SRC_URI[sha256sum] = "ee67be3566f459362c1ee094fde2c159d33fa0390aa4ed5f5af676f9e5004347"
+SRC_URI = "${SOURCEFORGE_MIRROR}/lcms/lcms2-${PV}.tar.gz"
+SRC_URI[sha256sum] = "49e7e134e4299733dd0eda434fa468997a28ab3d33fa397c642b03644f552216"
 
 DEPENDS = "tiff"

[meta-oe,15/64] lcms: upgrade 2.18 -> 2.19

Commit Message

Patch