pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/graphics/tiff Security fix for CVE-2006-2193:



details:   https://anonhg.NetBSD.org/pkgsrc/rev/73669d62b298
branches:  trunk
changeset: 514148:73669d62b298
user:      salo <salo%pkgsrc.org@localhost>
date:      Thu Jun 08 11:05:14 2006 +0000

description:
Security fix for CVE-2006-2193:

"A vulnerability in LibTIFF can be exploited by malicious people to
 cause a DoS (Denial of Service) and potentially compromise a user's
 system.

 The vulnerability is caused due to a boundary error within tiff2pdf
 when handling a TIFF file with a "DocumentName" tag that contains
 UTF-8 characters.  This can be exploited to cause a stack-based buffer
 overflow and may allow arbitrary code execution."

http://secunia.com/advisories/20488/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2193

Patch from Ubuntu.

diffstat:

 graphics/tiff/Makefile         |   4 ++--
 graphics/tiff/distinfo         |   3 ++-
 graphics/tiff/patches/patch-au |  15 +++++++++++++++
 3 files changed, 19 insertions(+), 3 deletions(-)

diffs (46 lines):

diff -r 7c763f539159 -r 73669d62b298 graphics/tiff/Makefile
--- a/graphics/tiff/Makefile    Thu Jun 08 09:56:43 2006 +0000
+++ b/graphics/tiff/Makefile    Thu Jun 08 11:05:14 2006 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.81 2006/04/14 07:08:08 heinz Exp $
+# $NetBSD: Makefile,v 1.82 2006/06/08 11:05:14 salo Exp $
 
 DISTNAME=      tiff-3.8.2
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    graphics
 MASTER_SITES=  ftp://ftp.remotesensing.org/pub/libtiff/ \
                http://libtiff.maptools.org/dl/
diff -r 7c763f539159 -r 73669d62b298 graphics/tiff/distinfo
--- a/graphics/tiff/distinfo    Thu Jun 08 09:56:43 2006 +0000
+++ b/graphics/tiff/distinfo    Thu Jun 08 11:05:14 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.37 2006/03/31 14:31:03 drochner Exp $
+$NetBSD: distinfo,v 1.38 2006/06/08 11:05:14 salo Exp $
 
 SHA1 (tiff-3.8.2.tar.gz) = 549e67b6a15b42bfcd72fe17cda7c9a198a393eb
 RMD160 (tiff-3.8.2.tar.gz) = 1b4d825e3be08764e953fc58246d0c25ab4dd17d
@@ -6,3 +6,4 @@
 SHA1 (patch-aa) = edac79a6f3b61e9fc787fe14f750d88023a29bfa
 SHA1 (patch-ab) = b517cb8bc2212d3e6c5a70db1bdf45b85b78fc72
 SHA1 (patch-at) = 4006ed90f6ab88aff30e2537d613a1b44b5c7347
+SHA1 (patch-au) = c53ed7521c3918081526ad63cd0c1c45c9a0b9ff
diff -r 7c763f539159 -r 73669d62b298 graphics/tiff/patches/patch-au
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/tiff/patches/patch-au    Thu Jun 08 11:05:14 2006 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-au,v 1.5 2006/06/08 11:05:14 salo Exp $
+
+Security fix for CVE-2006-2193, from Ubuntu.
+
+--- tools/tiff2pdf.c.orig      2006-03-21 17:42:51.000000000 +0100
++++ tools/tiff2pdf.c   2006-06-08 12:39:11.000000000 +0200
+@@ -3668,7 +3668,7 @@
+       written += TIFFWriteFile(output, (tdata_t) "(", 1);
+       for (i=0;i<len;i++){
+               if((pdfstr[i]&0x80) || (pdfstr[i]==127) || (pdfstr[i]<32)){
+-                      sprintf(buffer, "\\%.3o", pdfstr[i]);
++                      sprintf(buffer, "\\%.3hho", pdfstr[i]);
+                       written += TIFFWriteFile(output, (tdata_t) buffer, 4);
+               } else {
+                       switch (pdfstr[i]){



Home | Main Index | Thread Index | Old Index