pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/graphics/kdegraphics3 Fix for security problem:
details: https://anonhg.NetBSD.org/pkgsrc/rev/36e584156ed0
branches: trunk
changeset: 486118:36e584156ed0
user: markd <markd%pkgsrc.org@localhost>
date: Thu Dec 23 13:02:17 2004 +0000
description:
Fix for security problem:
http://www.kde.org/info/security/advisory-20041223-1.txt
Bump PKGREVISION.
diffstat:
graphics/kdegraphics3/Makefile | 3 ++-
graphics/kdegraphics3/distinfo | 4 +++-
graphics/kdegraphics3/patches/patch-aa | 15 +++++++++++++++
graphics/kdegraphics3/patches/patch-ab | 25 +++++++++++++++++++++++++
4 files changed, 45 insertions(+), 2 deletions(-)
diffs (71 lines):
diff -r 8216f4b2839e -r 36e584156ed0 graphics/kdegraphics3/Makefile
--- a/graphics/kdegraphics3/Makefile Thu Dec 23 12:58:51 2004 +0000
+++ b/graphics/kdegraphics3/Makefile Thu Dec 23 13:02:17 2004 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.42 2004/12/10 06:26:33 markd Exp $
+# $NetBSD: Makefile,v 1.43 2004/12/23 13:02:17 markd Exp $
DISTNAME= kdegraphics-${_KDE_VERSION}
+PKGREVISION= 1
CATEGORIES= graphics
COMMENT= Graphics programs for the KDE integrated X11 desktop
diff -r 8216f4b2839e -r 36e584156ed0 graphics/kdegraphics3/distinfo
--- a/graphics/kdegraphics3/distinfo Thu Dec 23 12:58:51 2004 +0000
+++ b/graphics/kdegraphics3/distinfo Thu Dec 23 13:02:17 2004 +0000
@@ -1,4 +1,6 @@
-$NetBSD: distinfo,v 1.23 2004/12/10 06:26:33 markd Exp $
+$NetBSD: distinfo,v 1.24 2004/12/23 13:02:17 markd Exp $
SHA1 (kdegraphics-3.3.2.tar.bz2) = 66193a69d3cf1dc332987f52e6f00ac2e9a3152e
Size (kdegraphics-3.3.2.tar.bz2) = 6234394 bytes
+SHA1 (patch-aa) = e47443fdb5c737eb7f06fb2ee3bfac2b5602a9dd
+SHA1 (patch-ab) = c8067b0dd514cd7376d6f02ffe3be2d2e705e439
diff -r 8216f4b2839e -r 36e584156ed0 graphics/kdegraphics3/patches/patch-aa
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/kdegraphics3/patches/patch-aa Thu Dec 23 13:02:17 2004 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-aa,v 1.5 2004/12/23 13:02:17 markd Exp $
+
+--- kpdf/xpdf/Gfx.cc.orig 2004-11-29 02:30:57.000000000 +1300
++++ kpdf/xpdf/Gfx.cc
+@@ -2654,7 +2654,9 @@ void Gfx::doImage(Object *ref, Stream *s
+ haveMask = gFalse;
+ dict->lookup("Mask", &maskObj);
+ if (maskObj.isArray()) {
+- for (i = 0; i < maskObj.arrayGetLength(); ++i) {
++ for (i = 0;
++ i < maskObj.arrayGetLength() && i < 2*gfxColorMaxComps;
++ ++i) {
+ maskObj.arrayGet(i, &obj1);
+ maskColors[i] = obj1.getInt();
+ obj1.free();
diff -r 8216f4b2839e -r 36e584156ed0 graphics/kdegraphics3/patches/patch-ab
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/kdegraphics3/patches/patch-ab Thu Dec 23 13:02:17 2004 +0000
@@ -0,0 +1,25 @@
+$NetBSD: patch-ab,v 1.5 2004/12/23 13:02:17 markd Exp $
+
+--- kpdf/xpdf/GfxState.cc.orig 2004-11-29 02:30:57.000000000 +1300
++++ kpdf/xpdf/GfxState.cc
+@@ -708,6 +708,11 @@ GfxColorSpace *GfxICCBasedColorSpace::pa
+ }
+ nCompsA = obj2.getInt();
+ obj2.free();
++ if (nCompsA > gfxColorMaxComps) {
++ error(-1, "ICCBased color space with too many (%d > %d) components",
++ nCompsA, gfxColorMaxComps);
++ nCompsA = gfxColorMaxComps;
++ }
+ if (dict->lookup("Alternate", &obj2)->isNull() ||
+ !(altA = GfxColorSpace::parse(&obj2))) {
+ switch (nCompsA) {
+@@ -1054,7 +1059,7 @@ GfxColorSpace *GfxDeviceNColorSpace::par
+ }
+ nCompsA = obj1.arrayGetLength();
+ if (nCompsA > gfxColorMaxComps) {
+- error(-1, "DeviceN color space with more than %d > %d components",
++ error(-1, "DeviceN color space with too many (%d > %d) components",
+ nCompsA, gfxColorMaxComps);
+ nCompsA = gfxColorMaxComps;
+ }
Home |
Main Index |
Thread Index |
Old Index