← Back to team overview

kicad-developers team mailing list archive

Re: Potrace update (AGAIN)

 

I would prefer to use the system potrace rather than having to update
the potrace source embedded in the kicad source.  As for the outdated
version on msys2, I just submitted a pull request to update the potrace
package to version 1.15.  My only concern about doing this is how well
cmake find potrace (if there is one) works.  There always seems to be
issues with the cmake find dependency code on msys2 which requires us to
resolve.

On 11/27/2017 4:15 AM, Simon Wells wrote:
> And yet the files are also being modified unnecessarily making more
> effort when there is an update available,
> The potrace library is not large and so seems pointless to bundle the
> code with the source tree.
> 
> If the potrace library is out of date with the distributions that can be
> expressed to the distributions esspecially since its been security
> updates and I am not familiar with a distribution that is currently
> supported by the distromaker to not get security updates
> 
>> On 27/11/2017, at 9:37 PM, jp charras <jp.charras@xxxxxxxxxx
>> <mailto:jp.charras@xxxxxxxxxx>> wrote:
>>
>> Le 27/11/2017 à 09:00, Maciej Sumiński a écrit :
>>> I wonder why do we even keep potrace in the source tree. It is available
>>> in mingw, brew and major Linux distributions, so it does not need to be
>>> build manually.
>>>
>>> Regards,
>>> Orson
>>
>> We need only potrace library source files (only 200Kbytes).
>> They are not a lot ( 20 / 30 files).
>>
>> Using potrace lib coming with distros is obviously an option, but it
>> does not fix what is asked:
>> potrace update ( and it creates one more (minor) dependency for
>> compiling ).
>>
>> For instance
>> We are using currently potrace 1.13
>>
>> potrace 1.15 fixes a few issues of potrace 1.13,  but on mingw the
>> currently potrace version is 1.13
>>
>>>
>>> On 11/27/2017 03:58 AM, Simon Wells wrote:
>>>> Ummmm I *think* its jp who does the potrace stuff but there has been
>>>> another security update for pot race, while I realise we are in a
>>>> freeze I think that security updates should probably be included.
>>>>
>>>> "This release consists of bugfixes and minor portability
>>>> improvements. Some potential buffer overflows and arithmetic
>>>> overflows were fixed, including CVE-2017-12067. A bug triggered by
>>>> very large bitmaps has been fixed. A new configuration option
>>>> --enable-local-getopt was added. Thanks to Agostino Sarubbo, Daniel
>>>> Macks, and Michael Voříšek for reporting bugs and suggesting
>>>> improvements.”
>>>>
>>>> Simon
>>
>>
>> -- 
>> Jean-Pierre CHARRAS
>>
>> _______________________________________________
>> Mailing list: https://launchpad.net/~kicad-developers
>> Post to     : kicad-developers@xxxxxxxxxxxxxxxxxxx
>> <mailto:kicad-developers@xxxxxxxxxxxxxxxxxxx>
>> Unsubscribe : https://launchpad.net/~kicad-developers
>> More help   : https://help.launchpad.net/ListHelp
> 
> 
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~kicad-developers
> Post to     : kicad-developers@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~kicad-developers
> More help   : https://help.launchpad.net/ListHelp
> 


References