media-libs/libcaca: fix multiple CVEs and docs build failure

CVE fixed (using Debian patchset):
CVE-2018-20544, CVE-2018-20545, CVE-2018-20546,
CVE-2018-20547, CVE-2018-20549, CVE-2021-3410.

Fix docs build failure (doxygen and latex issues) using both Debian
patch and patch from bug 543870#c11.

Install docs into proper path.

Bug: https://bugs.gentoo.org/543870
Bug: https://bugs.gentoo.org/772317
Package-Manager: Portage-3.0.18, Repoman-3.0.3
Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>

8 files changed, 755 insertions, 0 deletions

diff --git a/media-libs/libcaca/files/100_doxygen.diff b/media-libs/libcaca/files/100_doxygen.diff
new file mode 100644
index 000000000000..f537f37b6d35
--- /dev/null
+++ b/media-libs/libcaca/files/100_doxygen.diff
@@ -0,0 +1,170 @@
+Description: Don't mess with Doxygen's output
+Author: Balint Reczey <balint@balintreczey.hu>
+Index: libcaca-0.99.beta19/doc/Makefile.am
+===================================================================
+--- libcaca-0.99.beta19.orig/doc/Makefile.am
++++ libcaca-0.99.beta19/doc/Makefile.am
+@@ -28,10 +28,7 @@ stamp-latex: stamp-doxygen
+ if BUILD_DOCUMENTATION
+ if USE_LATEX
+ 	rm -f latex/libcaca.tex latex/libcaca.pdf
+-	mv latex/refman.tex latex/libcaca.tex
+-	sed 's/setlength{/renewcommand{/' latex/libcaca.tex \
+-	  | sed 's/.*usepackage.*times.*//' > latex/refman.tex
+-	cd latex && $(MAKE) $(AM_CFLAGS) refman.pdf || (cat refman.log; exit 1)
++	(cd latex &&  pdflatex refman ; makeindex refman.idx ; pdflatex refman ; pdflatex refman ; pdflatex refman ; pdflatex refman ; pdflatex refman; echo "pdflatex exit code: $$?")
+ 	mv latex/refman.pdf latex/libcaca.pdf
+ 	touch stamp-latex
+ endif
+Index: libcaca-0.99.beta19/doc/doxygen.cfg.in
+===================================================================
+--- libcaca-0.99.beta19.orig/doc/doxygen.cfg.in
++++ libcaca-0.99.beta19/doc/doxygen.cfg.in
+@@ -1,4 +1,4 @@
+-# Doxyfile 1.8.6
++# Doxyfile 1.8.7
+ 
+ # This file describes the settings to be used by the documentation system
+ # doxygen (www.doxygen.org) for a project.
+@@ -70,6 +70,14 @@ OUTPUT_DIRECTORY       = .
+ 
+ CREATE_SUBDIRS         = NO
+ 
++# If the ALLOW_UNICODE_NAMES tag is set to YES, doxygen will allow non-ASCII
++# characters to appear in the names of generated files. If set to NO, non-ASCII
++# characters will be escaped, for example _xE3_x81_x84 will be used for Unicode
++# U+3044.
++# The default value is: NO.
++
++ALLOW_UNICODE_NAMES    = NO
++
+ # The OUTPUT_LANGUAGE tag is used to specify the language in which all
+ # documentation generated by doxygen is written. Doxygen will use this
+ # information to generate all constant output in the proper language.
+@@ -261,9 +269,12 @@ OPTIMIZE_OUTPUT_VHDL   = NO
+ # extension. Doxygen has a built-in mapping, but you can override or extend it
+ # using this tag. The format is ext=language, where ext is a file extension, and
+ # language is one of the parsers supported by doxygen: IDL, Java, Javascript,
+-# C#, C, C++, D, PHP, Objective-C, Python, Fortran, VHDL. For instance to make
+-# doxygen treat .inc files as Fortran files (default is PHP), and .f files as C
+-# (default is Fortran), use: inc=Fortran f=C.
++# C#, C, C++, D, PHP, Objective-C, Python, Fortran (fixed format Fortran:
++# FortranFixed, free formatted Fortran: FortranFree, unknown formatted Fortran:
++# Fortran. In the later case the parser tries to guess whether the code is fixed
++# or free formatted code, this is the default for Fortran type files), VHDL. For
++# instance to make doxygen treat .inc files as Fortran files (default is PHP),
++# and .f files as C (default is Fortran), use: inc=Fortran f=C.
+ #
+ # Note For files without extension you can use no_extension as a placeholder.
+ #
+@@ -1242,7 +1253,8 @@ GENERATE_CHI           = NO
+ CHM_INDEX_ENCODING     =
+ 
+ # The BINARY_TOC flag controls whether a binary table of contents is generated (
+-# YES) or a normal table of contents ( NO) in the .chm file.
++# YES) or a normal table of contents ( NO) in the .chm file. Furthermore it
++# enables the Previous and Next buttons.
+ # The default value is: NO.
+ # This tag requires that the tag GENERATE_HTMLHELP is set to YES.
+ 
+@@ -1482,11 +1494,11 @@ SEARCHENGINE           = NO
+ 
+ # When the SERVER_BASED_SEARCH tag is enabled the search engine will be
+ # implemented using a web server instead of a web client using Javascript. There
+-# are two flavours of web server based searching depending on the
+-# EXTERNAL_SEARCH setting. When disabled, doxygen will generate a PHP script for
+-# searching and an index file used by the script. When EXTERNAL_SEARCH is
+-# enabled the indexing and searching needs to be provided by external tools. See
+-# the section "External Indexing and Searching" for details.
++# are two flavors of web server based searching depending on the EXTERNAL_SEARCH
++# setting. When disabled, doxygen will generate a PHP script for searching and
++# an index file used by the script. When EXTERNAL_SEARCH is enabled the indexing
++# and searching needs to be provided by external tools. See the section
++# "External Indexing and Searching" for details.
+ # The default value is: NO.
+ # This tag requires that the tag SEARCHENGINE is set to YES.
+ 
+@@ -1774,6 +1786,13 @@ MAN_OUTPUT             = man
+ 
+ MAN_EXTENSION          = .3caca
+ 
++# The MAN_SUBDIR tag determines the name of the directory created within
++# MAN_OUTPUT in which the man pages are placed. If defaults to man followed by
++# MAN_EXTENSION with the initial . removed.
++# This tag requires that the tag GENERATE_MAN is set to YES.
++
++MAN_SUBDIR             =
++
+ # If the MAN_LINKS tag is set to YES and doxygen generates man output, then it
+ # will generate one additional man file for each entity documented in the real
+ # man page(s). These additional files only source the real man page, but without
+@@ -1801,18 +1820,6 @@ GENERATE_XML           = NO
+ 
+ XML_OUTPUT             = xml
+ 
+-# The XML_SCHEMA tag can be used to specify a XML schema, which can be used by a
+-# validating XML parser to check the syntax of the XML files.
+-# This tag requires that the tag GENERATE_XML is set to YES.
+-
+-XML_SCHEMA             =
+-
+-# The XML_DTD tag can be used to specify a XML DTD, which can be used by a
+-# validating XML parser to check the syntax of the XML files.
+-# This tag requires that the tag GENERATE_XML is set to YES.
+-
+-XML_DTD                =
+-
+ # If the XML_PROGRAMLISTING tag is set to YES doxygen will dump the program
+ # listings (including syntax highlighting and cross-referencing information) to
+ # the XML output. Note that enabling this will significantly increase the size
+@@ -1961,9 +1968,9 @@ EXPAND_AS_DEFINED      = __extern \
+                          __class
+ 
+ # If the SKIP_FUNCTION_MACROS tag is set to YES then doxygen's preprocessor will
+-# remove all refrences to function-like macros that are alone on a line, have an
+-# all uppercase name, and do not end with a semicolon. Such function macros are
+-# typically used for boiler-plate code, and will confuse the parser if not
++# remove all references to function-like macros that are alone on a line, have
++# an all uppercase name, and do not end with a semicolon. Such function macros
++# are typically used for boiler-plate code, and will confuse the parser if not
+ # removed.
+ # The default value is: YES.
+ # This tag requires that the tag ENABLE_PREPROCESSING is set to YES.
+@@ -1983,7 +1990,7 @@ SKIP_FUNCTION_MACROS   = YES
+ # where loc1 and loc2 can be relative or absolute paths or URLs. See the
+ # section "Linking to external documentation" for more information about the use
+ # of tag files.
+-# Note: Each tag file must have an unique name (where the name does NOT include
++# Note: Each tag file must have a unique name (where the name does NOT include
+ # the path). If a tag file is not located in the directory in which doxygen is
+ # run, you must also specify the path to the tagfile here.
+ 
+@@ -2061,7 +2068,7 @@ HIDE_UNDOC_RELATIONS   = YES
+ # http://www.graphviz.org/), a graph visualization toolkit from AT&T and Lucent
+ # Bell Labs. The other options in this section have no effect if this option is
+ # set to NO
+-# The default value is: NO.
++# The default value is: YES.
+ 
+ HAVE_DOT               = NO
+ 
+@@ -2083,7 +2090,7 @@ DOT_NUM_THREADS        = 0
+ # The default value is: Helvetica.
+ # This tag requires that the tag HAVE_DOT is set to YES.
+ 
+-#DOT_FONTNAME           = FreeSans
++DOT_FONTNAME           = Helvetica
+ 
+ # The DOT_FONTSIZE tag can be used to set the size (in points) of the font of
+ # dot graphs.
+@@ -2213,7 +2220,9 @@ DIRECTORY_GRAPH        = YES
+ # Note: If you choose svg you need to set HTML_FILE_EXTENSION to xhtml in order
+ # to make the SVG files visible in IE 9+ (other browsers do not have this
+ # requirement).
+-# Possible values are: png, jpg, gif and svg.
++# Possible values are: png, png:cairo, png:cairo:cairo, png:cairo:gd, png:gd,
++# png:gd:gd, jpg, jpg:cairo, jpg:cairo:gd, jpg:gd, jpg:gd:gd, gif, gif:cairo,
++# gif:cairo:gd, gif:gd, gif:gd:gd and svg.
+ # The default value is: png.
+ # This tag requires that the tag HAVE_DOT is set to YES.
+ 
diff --git a/media-libs/libcaca/files/CVE-2018-20544.patch b/media-libs/libcaca/files/CVE-2018-20544.patch
new file mode 100644
index 000000000000..072c1dda0502
--- /dev/null
+++ b/media-libs/libcaca/files/CVE-2018-20544.patch
@@ -0,0 +1,45 @@
+From 84bd155087b93ab2d8d7cb5b1ac94ecd4cf4f93c Mon Sep 17 00:00:00 2001
+From: Sam Hocevar <sam@hocevar.net>
+Date: Sat, 29 Dec 2018 22:13:56 +0100
+Subject: [PATCH] dither: fix integer overflows that were causing a division by
+ zero.
+
+Fixes: #36 (CVE-2018-20544)
+---
+ caca/dither.c | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/caca/dither.c b/caca/dither.c
+index 04b678e0..c6ebab1b 100644
+--- a/caca/dither.c
++++ b/caca/dither.c
+@@ -991,10 +991,10 @@ int caca_dither_bitmap(caca_canvas_t *cv, int x, int y, int w, int h,
+         /* First get RGB */
+         if(d->antialias)
+         {
+-            fromx = (x - x1) * w / deltax;
+-            fromy = (y - y1) * h / deltay;
+-            tox = (x - x1 + 1) * w / deltax;
+-            toy = (y - y1 + 1) * h / deltay;
++            fromx = (uint64_t)(x - x1) * w / deltax;
++            fromy = (uint64_t)(y - y1) * h / deltay;
++            tox = (uint64_t)(x - x1 + 1) * w / deltax;
++            toy = (uint64_t)(y - y1 + 1) * h / deltay;
+ 
+             /* We want at least one pixel */
+             if(tox == fromx) tox++;
+@@ -1017,10 +1017,10 @@ int caca_dither_bitmap(caca_canvas_t *cv, int x, int y, int w, int h,
+         }
+         else
+         {
+-            fromx = (x - x1) * w / deltax;
+-            fromy = (y - y1) * h / deltay;
+-            tox = (x - x1 + 1) * w / deltax;
+-            toy = (y - y1 + 1) * h / deltay;
++            fromx = (uint64_t)(x - x1) * w / deltax;
++            fromy = (uint64_t)(y - y1) * h / deltay;
++            tox = (uint64_t)(x - x1 + 1) * w / deltax;
++            toy = (uint64_t)(y - y1 + 1) * h / deltay;
+ 
+             /* tox and toy can overflow the canvas, but they cannot overflow
+              * when averaged with fromx and fromy because these are guaranteed
diff --git a/media-libs/libcaca/files/CVE-2018-20545+20547+20549.patch b/media-libs/libcaca/files/CVE-2018-20545+20547+20549.patch
new file mode 100644
index 000000000000..ff1ee48c6a67
--- /dev/null
+++ b/media-libs/libcaca/files/CVE-2018-20545+20547+20549.patch
@@ -0,0 +1,34 @@
+Description: img2txt: fix an integer overflow in the BMP loader.
+Origin: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
+Forwarded: not-needed
+Applied-Upstream: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
+Last-Update: 2019-04-06
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/src/common-image.h
++++ b/src/common-image.h
+@@ -1,19 +1,19 @@
+ /*
+  *  Imaging tools for cacaview and img2irc
+- *  Copyright (c) 2003-2012 Sam Hocevar <sam@hocevar.net>
+- *                All Rights Reserved
++ *  Copyright (c) 2003-2018 Sam Hocevar <sam@hocevar.net>
++ *              All Rights Reserved
+  *
+  *  This program is free software. It comes without any warranty, to
+  *  the extent permitted by applicable law. You can redistribute it
+  *  and/or modify it under the terms of the Do What the Fuck You Want
+- *  to Public License, Version 2, as published by Sam Hocevar. See
+- *  http://www.wtfpl.net/ for more details.
++ *  to Public License, Version 2, as published by the WTFPL Task Force.
++ *  See http://www.wtfpl.net/ for more details.
+  */
+ 
+ struct image
+ {
+     char *pixels;
+-    unsigned int w, h;
++    size_t w, h;
+     struct caca_dither *dither;
+     void *priv;
+ };
diff --git a/media-libs/libcaca/files/CVE-2018-20546+20547.patch b/media-libs/libcaca/files/CVE-2018-20546+20547.patch
new file mode 100644
index 000000000000..95b072bfc398
--- /dev/null
+++ b/media-libs/libcaca/files/CVE-2018-20546+20547.patch
@@ -0,0 +1,36 @@
+From 02a09ec9e5ed8981e7a810bfb6a0172dc24f0790 Mon Sep 17 00:00:00 2001
+From: Sam Hocevar <sam@hocevar.net>
+Date: Sun, 30 Dec 2018 13:18:27 +0100
+Subject: [PATCH] dither: fix integer multiplication overflow that caused
+ crashes.
+
+Fixes: #38 (CVE-2018-20546)
+Fixes: #39 (CVE-2018-20547)
+---
+ caca/dither.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/caca/dither.c b/caca/dither.c
+index c6ebab1b..b2e24e55 100644
+--- a/caca/dither.c
++++ b/caca/dither.c
+@@ -6,8 +6,8 @@
+  *  This library is free software. It comes without any warranty, to
+  *  the extent permitted by applicable law. You can redistribute it
+  *  and/or modify it under the terms of the Do What the Fuck You Want
+- *  to Public License, Version 2, as published by Sam Hocevar. See
+- *  http://www.wtfpl.net/ for more details.
++ *  to Public License, Version 2, as published by the WTFPL Task Force.
++ *  See http://www.wtfpl.net/ for more details.
+  */
+ 
+ /*
+@@ -116,7 +116,7 @@ enum color_mode
+ struct caca_dither
+ {
+     int bpp, has_palette, has_alpha;
+-    int w, h, pitch;
++    size_t w, h, pitch;
+     int rmask, gmask, bmask, amask;
+     int rright, gright, bright, aright;
+     int rleft, gleft, bleft, aleft;
diff --git a/media-libs/libcaca/files/Fix-a-problem-in-the-caca_resize-overflow-detection-.patch b/media-libs/libcaca/files/Fix-a-problem-in-the-caca_resize-overflow-detection-.patch
new file mode 100644
index 000000000000..5305a6bdf21c
--- /dev/null
+++ b/media-libs/libcaca/files/Fix-a-problem-in-the-caca_resize-overflow-detection-.patch
@@ -0,0 +1,135 @@
+From: Sam Hocevar <sam@hocevar.net>
+Date: Fri, 26 Feb 2021 12:40:06 +0100
+Subject: [2/2] Fix a problem in the caca_resize() overflow detection and add
+ several unit tests.
+Origin: https://github.com/cacalabs/libcaca/commit/e4968ba6e93e9fd35429eb16895c785c51072015
+Bug: https://github.com/cacalabs/libcaca/issues/52
+Bug-Debian: https://bugs.debian.org/983686
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-3410
+
+---
+ caca/canvas.c     | 16 ++++++++--------
+ test/canvas.cpp   | 18 +++++++++++++++---
+ tools/makefont.c  | 22 +++++++++++++++++++---
+ 3 files changed, 42 insertions(+), 14 deletions(-)
+
+--- a/caca/canvas.c
++++ b/caca/canvas.c
+@@ -367,6 +367,14 @@ int caca_resize(caca_canvas_t *cv, int w
+ {
+     int x, y, f, old_width, old_height, old_size;
+ 
++    /* Check for overflow */
++    int new_size = width * height;
++    if (new_size < 0 || (width > 0 && new_size / width != height))
++    {
++        seterrno(EOVERFLOW);
++        return -1;
++    }
++
+     old_width = cv->width;
+     old_height = cv->height;
+     old_size = old_width * old_height;
+@@ -377,14 +385,6 @@ int caca_resize(caca_canvas_t *cv, int w
+      * dirty rectangle handling */
+     cv->width = width;
+     cv->height = height;
+-    int new_size = width * height;
+-
+-    /* Check for overflow */
+-    if (new_size / width != height)
+-    {
+-        seterrno(EOVERFLOW);
+-        return -1;
+-    }
+ 
+     /* If width or height is smaller (or both), we have the opportunity to
+      * reduce or even remove dirty rectangles */
+--- a/test/canvas.cpp
++++ b/test/canvas.cpp
+@@ -16,6 +16,7 @@
+ #include <cppunit/TestCaller.h>
+ #include <cppunit/TestCase.h>
+ #include <cppunit/TestSuite.h>
++#include <climits>
+ 
+ #include "caca.h"
+ 
+@@ -53,18 +54,29 @@ public:
+         CPPUNIT_ASSERT_EQUAL(caca_get_canvas_width(cv), 0);
+         CPPUNIT_ASSERT_EQUAL(caca_get_canvas_height(cv), 0);
+ 
+-        caca_set_canvas_size(cv, 1, 1);
++        int ret = caca_set_canvas_size(cv, 1, 1);
++        CPPUNIT_ASSERT_EQUAL(ret, 0);
+         CPPUNIT_ASSERT_EQUAL(caca_get_canvas_width(cv), 1);
+         CPPUNIT_ASSERT_EQUAL(caca_get_canvas_height(cv), 1);
+ 
+-        caca_set_canvas_size(cv, 1234, 1001);
++        ret = caca_set_canvas_size(cv, 1234, 1001);
++        CPPUNIT_ASSERT_EQUAL(ret, 0);
+         CPPUNIT_ASSERT_EQUAL(caca_get_canvas_width(cv), 1234);
+         CPPUNIT_ASSERT_EQUAL(caca_get_canvas_height(cv), 1001);
+ 
+-        caca_set_canvas_size(cv, 0, 0);
++        ret = caca_set_canvas_size(cv, 0, 0);
++        CPPUNIT_ASSERT_EQUAL(ret, 0);
+         CPPUNIT_ASSERT_EQUAL(caca_get_canvas_width(cv), 0);
+         CPPUNIT_ASSERT_EQUAL(caca_get_canvas_height(cv), 0);
+ 
++        CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, -1, 50));
++        CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, 50, -1));
++        CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, -1, -1));
++        CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, INT_MAX / 2, 3));
++        CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, 3, INT_MAX / 2));
++        CPPUNIT_ASSERT_EQUAL(-1, caca_set_canvas_size(cv, INT_MAX / 2, INT_MAX / 2));
++        CPPUNIT_ASSERT_EQUAL(0, caca_set_canvas_size(cv, 0, 0));
++
+         caca_free_canvas(cv);
+     }
+ 
+--- a/tools/makefont.c
++++ b/tools/makefont.c
+@@ -40,7 +40,8 @@
+  * and the UTF-8 glyphs necessary for canvas rotation and mirroring. */
+ static unsigned int const blocklist[] =
+ {
+-    0x0000, 0x0080, /* Basic latin: A, B, C, a, b, c */
++    0x0020, 0x0080, /* Basic latin: A, B, C, a, b, c */
++#if 0
+     0x0080, 0x0100, /* Latin-1 Supplement: Ä, Ç, å, ß */
+     0x0100, 0x0180, /* Latin Extended-A: Ā č Ō œ */
+     0x0180, 0x0250, /* Latin Extended-B: Ǝ Ƹ */
+@@ -63,6 +64,7 @@ static unsigned int const blocklist[] =
+     0x30a0, 0x3100, /* Katakana: ロ ル */
+     0xff00, 0xfff0, /* Halfwidth and Fullwidth Forms: Ａ, Ｂ, Ｃ, ａ, ｂ, ｃ */
+     0x10400, 0x10450, /* Deseret: 𐐒 𐐋 */
++#endif
+     0, 0
+ };
+ 
+@@ -317,8 +319,22 @@ int main(int argc, char *argv[])
+             printf_unicode(&gtab[n]);
+ 
+             if(gtab[n].same_as == n)
+-                printf_hex(" */ %s\n",
+-                           glyph_data + gtab[n].data_offset, gtab[n].data_size);
++            {
++                char const *lut = " .:nmW@";
++                printf("\n");
++                for (int y = 0; y < height; ++y)
++                {
++                    for (int x = 0; x < gtab[n].data_width; ++x)
++                    {
++                        int val = glyph_data[gtab[n].data_offset + y * gtab[n].data_width + x];
++                        char ch = lut[val * val * 7 / 256 / 256];
++                        printf("%c%c", ch, ch);
++                    }
++                    printf("\n");
++                }
++                //printf_hex(" */ %s\n",
++                //           glyph_data + gtab[n].data_offset, gtab[n].data_size);
++            }
+             else
+             {
+                 printf(" is ");
diff --git a/media-libs/libcaca/files/canvas-fix-an-integer-overflow-in-caca_resize.patch b/media-libs/libcaca/files/canvas-fix-an-integer-overflow-in-caca_resize.patch
new file mode 100644
index 000000000000..020f1a3603d4
--- /dev/null
+++ b/media-libs/libcaca/files/canvas-fix-an-integer-overflow-in-caca_resize.patch
@@ -0,0 +1,141 @@
+From: Sam Hocevar <sam@hocevar.net>
+Date: Fri, 26 Feb 2021 10:55:38 +0100
+Subject: [1/2] canvas: fix an integer overflow in caca_resize().
+Origin: https://github.com/cacalabs/libcaca/commit/46b4ea7cea72d6b3ffe65d33e604b1774dcc2bbd
+Bug: https://github.com/cacalabs/libcaca/issues/52
+Bug-Debian: https://bugs.debian.org/983686
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2021-3410
+
+Fixes: #52 (CVE-2021-3410)
+---
+ caca/canvas.c       | 13 +++++++++++--
+ caca/codec/import.c |  1 +
+ caca/codec/text.c   | 21 ++++++++++++++-------
+ 3 files changed, 26 insertions(+), 9 deletions(-)
+
+diff --git a/caca/canvas.c b/caca/canvas.c
+index 3fdd37ae8ef9..d07153926c3a 100644
+--- a/caca/canvas.c
++++ b/caca/canvas.c
+@@ -45,6 +45,7 @@ static int caca_resize(caca_canvas_t *, int, int);
+  *
+  *  If an error occurs, NULL is returned and \b errno is set accordingly:
+  *  - \c EINVAL Specified width or height is invalid.
++ *  - \c EOVERFLOW Specified width and height overflowed.
+  *  - \c ENOMEM Not enough memory for the requested canvas size.
+  *
+  *  \param width The desired canvas width
+@@ -200,6 +201,7 @@ int caca_unmanage_canvas(caca_canvas_t *cv, int (*callback)(void *), void *p)
+  *
+  *  If an error occurs, -1 is returned and \b errno is set accordingly:
+  *  - \c EINVAL Specified width or height is invalid.
++ *  - \c EOVERFLOW Specified width and height overflowed.
+  *  - \c EBUSY The canvas is in use by a display driver and cannot be resized.
+  *  - \c ENOMEM Not enough memory for the requested canvas size. If this
+  *    happens, the canvas handle becomes invalid and should not be used.
+@@ -363,7 +365,7 @@ int caca_rand(int min, int max)
+ 
+ int caca_resize(caca_canvas_t *cv, int width, int height)
+ {
+-    int x, y, f, old_width, old_height, new_size, old_size;
++    int x, y, f, old_width, old_height, old_size;
+ 
+     old_width = cv->width;
+     old_height = cv->height;
+@@ -375,7 +377,14 @@ int caca_resize(caca_canvas_t *cv, int width, int height)
+      * dirty rectangle handling */
+     cv->width = width;
+     cv->height = height;
+-    new_size = width * height;
++    int new_size = width * height;
++
++    /* Check for overflow */
++    if (new_size / width != height)
++    {
++        seterrno(EOVERFLOW);
++        return -1;
++    }
+ 
+     /* If width or height is smaller (or both), we have the opportunity to
+      * reduce or even remove dirty rectangles */
+diff --git a/caca/codec/import.c b/caca/codec/import.c
+index 8836fd0893e3..2dafe3cf97c1 100644
+--- a/caca/codec/import.c
++++ b/caca/codec/import.c
+@@ -61,6 +61,7 @@ static ssize_t import_caca(caca_canvas_t *, void const *, size_t);
+  *
+  *  If an error occurs, -1 is returned and \b errno is set accordingly:
+  *  - \c ENOMEM Not enough memory to allocate canvas.
++ *  - \c EOVERFLOW Importing data caused a value overflow.
+  *  - \c EINVAL Invalid format requested.
+  *
+  *  \param cv A libcaca canvas in which to import the file.
+diff --git a/caca/codec/text.c b/caca/codec/text.c
+index 358b7224fe87..94a2a4d7bcdb 100644
+--- a/caca/codec/text.c
++++ b/caca/codec/text.c
+@@ -46,7 +46,7 @@ ssize_t _import_text(caca_canvas_t *cv, void const *data, size_t size)
+     char const *text = (char const *)data;
+     unsigned int width = 0, height = 0, x = 0, y = 0, i;
+ 
+-    caca_set_canvas_size(cv, width, height);
++    caca_set_canvas_size(cv, 0, 0);
+ 
+     for(i = 0; i < size; i++)
+     {
+@@ -70,15 +70,19 @@ ssize_t _import_text(caca_canvas_t *cv, void const *data, size_t size)
+             if(y >= height)
+                 height = y + 1;
+ 
+-            caca_set_canvas_size(cv, width, height);
++            if (caca_set_canvas_size(cv, width, height) < 0)
++                return -1;
+         }
+ 
+         caca_put_char(cv, x, y, ch);
+         x++;
+     }
+ 
+-    if(y > height)
+-        caca_set_canvas_size(cv, width, height = y);
++    if (y > height)
++    {
++        if (caca_set_canvas_size(cv, width, height = y) < 0)
++            return -1;
++    }
+ 
+     return (ssize_t)size;
+ }
+@@ -431,7 +435,8 @@ ssize_t _import_ansi(caca_canvas_t *cv, void const *data, size_t size, int utf8)
+             {
+                 savedattr = caca_get_attr(cv, -1, -1);
+                 caca_set_attr(cv, im.clearattr);
+-                caca_set_canvas_size(cv, width = x + wch, height);
++                if (caca_set_canvas_size(cv, width = x + wch, height) < 0)
++                    return -1;
+                 caca_set_attr(cv, savedattr);
+             }
+             else
+@@ -448,7 +453,8 @@ ssize_t _import_ansi(caca_canvas_t *cv, void const *data, size_t size, int utf8)
+             caca_set_attr(cv, im.clearattr);
+             if(growy)
+             {
+-                caca_set_canvas_size(cv, width, height = y + 1);
++                if (caca_set_canvas_size(cv, width, height = y + 1) < 0)
++                    return -1;
+             }
+             else
+             {
+@@ -480,7 +486,8 @@ ssize_t _import_ansi(caca_canvas_t *cv, void const *data, size_t size, int utf8)
+     {
+         savedattr = caca_get_attr(cv, -1, -1);
+         caca_set_attr(cv, im.clearattr);
+-        caca_set_canvas_size(cv, width, height = y);
++        if (caca_set_canvas_size(cv, width, height = y))
++            return -1;
+         caca_set_attr(cv, savedattr);
+     }
+ 
+-- 
+2.30.0
+
diff --git a/media-libs/libcaca/files/fix-css-path.patch b/media-libs/libcaca/files/fix-css-path.patch
new file mode 100644
index 000000000000..ce48e4fbda05
--- /dev/null
+++ b/media-libs/libcaca/files/fix-css-path.patch
@@ -0,0 +1,12 @@
+https://bugs.gentoo.org/543870#c11
+--- a/doc/doxygen.cfg.in	2014-05-16 21:19:51.000000000 +0200
++++ b/doc/doxygen.cfg.in	2016-12-22 13:31:00.181040572 +0100
+@@ -1069,7 +1069,7 @@
+ # obsolete.
+ # This tag requires that the tag GENERATE_HTML is set to YES.
+ 
+-HTML_STYLESHEET        = doxygen.css
++HTML_STYLESHEET        = @srcdir@/doxygen.css
+ 
+ # The HTML_EXTRA_STYLESHEET tag can be used to specify an additional user-
+ # defined cascading style sheet that is included after the standard style sheets
diff --git a/media-libs/libcaca/libcaca-0.99_beta19-r4.ebuild b/media-libs/libcaca/libcaca-0.99_beta19-r4.ebuild
new file mode 100644
index 000000000000..a84afaa8b835
--- /dev/null
+++ b/media-libs/libcaca/libcaca-0.99_beta19-r4.ebuild
@@ -0,0 +1,182 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+RUBY_OPTIONAL=yes
+#USE_RUBY=ruby20
+
+inherit autotools ruby-ng flag-o-matic java-pkg-opt-2 mono-env toolchain-funcs multilib-minimal
+
+MY_P=${P/_/.}
+DESCRIPTION="A library that creates colored ASCII-art graphics"
+HOMEPAGE="http://libcaca.zoy.org/"
+SRC_URI="http://libcaca.zoy.org/files/${PN}/${MY_P}.tar.gz"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="GPL-2 ISC LGPL-2.1 WTFPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE="cxx doc imlib java mono ncurses opengl ruby slang static-libs test truetype X"
+RESTRICT="!test? ( test )"
+
+# ruby? ( ruby_targets_${USE_RUBY} )
+REQUIRED_USE=""
+
+# ruby? (  $(ruby_implementations_depend) )
+DEPEND="
+	imlib? ( >=media-libs/imlib2-1.4.6-r2[${MULTILIB_USEDEP}] )
+	mono? ( dev-lang/mono )
+	ncurses? ( >=sys-libs/ncurses-5.9-r3:0=[${MULTILIB_USEDEP}] )
+	opengl? (
+		>=virtual/glu-9.0-r1[${MULTILIB_USEDEP}]
+		>=virtual/opengl-7.0-r1[${MULTILIB_USEDEP}]
+		>=media-libs/freeglut-2.8.1[${MULTILIB_USEDEP}]
+		truetype? ( >=media-libs/ftgl-2.1.3_rc5 )
+	)
+	slang? ( >=sys-libs/slang-2.2.4-r1[${MULTILIB_USEDEP}] )
+	X? (
+		>=x11-libs/libX11-1.6.2[${MULTILIB_USEDEP}]
+		>=x11-libs/libXt-1.1.4[${MULTILIB_USEDEP}]
+	)
+"
+RDEPEND="java? ( >=virtual/jre-1.5 )"
+BDEPEND="
+	virtual/pkgconfig
+	doc? (
+		app-doc/doxygen
+		virtual/latex-base
+		>=dev-texlive/texlive-fontsrecommended-2012
+		>=dev-texlive/texlive-latexextra-2012
+		dev-texlive/texlive-latexrecommended
+	)
+	java? ( >=virtual/jdk-1.5 )
+	test? ( dev-util/cppunit )
+"
+
+DOCS=( AUTHORS ChangeLog NEWS NOTES README THANKS )
+
+PATCHES=(
+	# Fix out of source tests
+	"${FILESDIR}"/${PN}-0.99_beta18-fix-tests.patch
+	# Debian patches
+	"${FILESDIR}/CVE-2018-20544.patch"
+	"${FILESDIR}/CVE-2018-20545+20547+20549.patch"
+	"${FILESDIR}/CVE-2018-20546+20547.patch"
+	"${FILESDIR}/canvas-fix-an-integer-overflow-in-caca_resize.patch"
+	"${FILESDIR}/Fix-a-problem-in-the-caca_resize-overflow-detection-.patch"
+	"${FILESDIR}/100_doxygen.diff"
+	# Fix doxygen docs install, bug 543870
+	"${FILESDIR}/fix-css-path.patch"
+)
+
+pkg_setup() {
+	java-pkg-opt-2_pkg_setup
+	use mono && mono-env_pkg_setup
+}
+
+src_unpack() {
+	default
+}
+
+src_prepare() {
+	# bug #339962
+	sed -i -e '/doxygen_tests = check-doxygen/d' test/Makefile.am || die
+
+	sed -i \
+		-e 's:-g -O2 -fno-strength-reduce -fomit-frame-pointer::' \
+		-e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:' \
+		configure.ac || die
+
+	sed -i \
+		-e 's:$(JAVAC):$(JAVAC) $(JAVACFLAGS):' \
+		-e 's:libcaca_java_la_CPPFLAGS =:libcaca_java_la_CPPFLAGS = -I$(top_srcdir)/caca:' \
+		java/Makefile.am || die
+
+	if ! use truetype; then
+		sed -i -e '/PKG_CHECK_MODULES/s:ftgl:dIsAbLe&:' configure.ac || die
+	fi
+
+	if use imlib && ! use X; then
+		append-cflags -DX_DISPLAY_MISSING
+	fi
+
+	# bug #653400
+	append-cxxflags -std=c++11
+
+	# bug #601902
+	append-libs "$($(tc-getPKG_CONFIG) --libs ncurses)"
+
+	# fix docs install path, bug 543870#c14
+	sed -i "s/libcaca-dev/${PF}/g" doc/Makefile.am || die
+
+	default
+	eautoreconf
+
+	java-pkg-opt-2_src_prepare
+}
+
+multilib_src_configure() {
+	if multilib_is_native_abi; then
+		if use java; then
+			export JAVACFLAGS="$(java-pkg_javac-args)"
+			export JAVA_CFLAGS="$(java-pkg_get-jni-cflags)"
+		fi
+
+		# bug #44128
+		export VARTEXFONTS="${T}/fonts"
+
+		# bug #329651
+		use mono && export CSC="$(type -P gmcs)"
+		use ruby && use ruby_targets_${USE_RUBY} && export RUBY=$(ruby_implementation_command ${USE_RUBY})
+	fi
+
+	local myeconfargs=(
+		$(use_enable static-libs static)
+		$(use_enable slang)
+		$(use_enable ncurses)
+		$(use_enable X x11)
+		$(use_with X x)
+		--x-libraries=/usr/$(get_libdir)
+		$(use_enable opengl gl)
+		$(use_enable cxx)
+		$(use_enable imlib imlib2)
+		$(use_enable test cppunit)
+		$(multilib_native_use_enable java)
+		$(multilib_native_use_enable ruby)
+		--disable-python
+		$(multilib_native_use_enable mono csharp)
+		$(multilib_native_use_enable doc)
+	)
+
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+}
+
+multilib_src_compile() {
+	local _java_makeopts
+
+	# bug #480864
+	use java && _java_makeopts="-j1"
+	emake V=1 ${_java_makeopts}
+}
+
+multilib_src_test() {
+	emake V=1 -j1 check
+}
+
+multilib_src_install() {
+	emake V=1 DESTDIR="${D}" install
+
+	# Note: broken, see bug #508564 and bug #773913
+	if multilib_is_native_abi && use java; then
+		java-pkg_newjar java/libjava.jar
+	fi
+}
+
+multilib_src_install_all() {
+	einstalldocs
+
+	rm -rf "${ED}"/usr/share/java || die
+
+	find "${ED}" -name '*.la' -delete || die
+}