pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2012Q1]: pkgsrc/graphics/gdk-pixbuf Pullup ticket #3803 - requ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/001dfd4eefa4
branches: pkgsrc-2012Q1
changeset: 602128:001dfd4eefa4
user: tron <tron%pkgsrc.org@localhost>
date: Fri May 25 15:31:58 2012 +0000
description:
Pullup ticket #3803 - requested by he
graphics/gdk-pixbuf: security patch
Revisions pulled up:
- graphics/gdk-pixbuf/Makefile 1.45
- graphics/gdk-pixbuf/distinfo 1.23
- graphics/gdk-pixbuf/patches/patch-ao 1.1
---
Module Name: pkgsrc
Committed By: he
Date: Fri May 25 08:29:36 UTC 2012
Modified Files:
pkgsrc/graphics/gdk-pixbuf: Makefile distinfo
Log Message:
Add fix for http://secunia.com/advisories/49125/, taken from
http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
Bump pkgrevision.
---
Module Name: pkgsrc
Committed By: he
Date: Fri May 25 08:31:35 UTC 2012
Added Files:
pkgsrc/graphics/gdk-pixbuf/patches: patch-ao
Log Message:
Add fix for http://secunia.com/advisories/49125/, taken from
http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
diffstat:
graphics/gdk-pixbuf/Makefile | 4 ++--
graphics/gdk-pixbuf/distinfo | 3 ++-
graphics/gdk-pixbuf/patches/patch-ao | 35 +++++++++++++++++++++++++++++++++++
3 files changed, 39 insertions(+), 3 deletions(-)
diffs (69 lines):
diff -r f3d4a54f87b1 -r 001dfd4eefa4 graphics/gdk-pixbuf/Makefile
--- a/graphics/gdk-pixbuf/Makefile Wed May 23 17:58:15 2012 +0000
+++ b/graphics/gdk-pixbuf/Makefile Fri May 25 15:31:58 2012 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.44 2012/02/06 12:40:22 wiz Exp $
+# $NetBSD: Makefile,v 1.44.2.1 2012/05/25 15:31:58 tron Exp $
#
PKG_DESTDIR_SUPPORT= user-destdir
.include "Makefile.common"
-PKGREVISION= 16
+PKGREVISION= 17
COMMENT= The GNOME image loading library
# XXX hopefully there is no x.gnome-config.x in PATH
diff -r f3d4a54f87b1 -r 001dfd4eefa4 graphics/gdk-pixbuf/distinfo
--- a/graphics/gdk-pixbuf/distinfo Wed May 23 17:58:15 2012 +0000
+++ b/graphics/gdk-pixbuf/distinfo Fri May 25 15:31:58 2012 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.22 2011/08/03 10:01:25 drochner Exp $
+$NetBSD: distinfo,v 1.22.6.1 2012/05/25 15:31:58 tron Exp $
SHA1 (gdk-pixbuf-0.22.0.tar.bz2) = 495324afb5abebc14567ffd5a6cd72333bcc7f5b
RMD160 (gdk-pixbuf-0.22.0.tar.bz2) = 0e56a0f883fd8e3fb4d49b9a38f984b95cd96ece
@@ -17,3 +17,4 @@
SHA1 (patch-al) = cf05f283c7676c9fa51b822f5ced66524dfa487e
SHA1 (patch-am) = 44180cb58cba4b5cc5663acc0215978001f82fa0
SHA1 (patch-an) = ec341ab166c5ce98d1d0ba13b676646af50f7038
+SHA1 (patch-ao) = c4d76635d1a79ede36dfa9f11e4dc0922b1f461a
diff -r f3d4a54f87b1 -r 001dfd4eefa4 graphics/gdk-pixbuf/patches/patch-ao
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/gdk-pixbuf/patches/patch-ao Fri May 25 15:31:58 2012 +0000
@@ -0,0 +1,35 @@
+$NetBSD: patch-ao,v 1.1.2.2 2012/05/25 15:31:58 tron Exp $
+
+Add fix for http://secunia.com/advisories/49125/, taken from
+http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
+
+--- gdk-pixbuf/io-xbm.c.orig 2001-01-21 04:13:40.000000000 +0000
++++ gdk-pixbuf/io-xbm.c
+@@ -177,10 +177,16 @@ read_bitmap_file_data (FILE *fstream,
+ type++;
+ }
+
+- if (!strcmp ("width", type))
++ if (!strcmp ("width", type)) {
++ if (value <= 0)
++ RETURN (FALSE);
+ ww = (unsigned int) value;
+- if (!strcmp ("height", type))
++ }
++ if (!strcmp ("height", type)) {
++ if (value <= 0)
++ RETURN (FALSE);
+ hh = (unsigned int) value;
++ }
+ if (!strcmp ("hot", type)) {
+ if (type-- == name_and_type
+ || type-- == name_and_type)
+@@ -221,6 +227,8 @@ read_bitmap_file_data (FILE *fstream,
+ bytes_per_line = (ww+7)/8 + padding;
+
+ size = bytes_per_line * hh;
++ if (size / bytes_per_line != hh) /* overflow */
++ RETURN (FALSE);
+ bits = g_malloc (size);
+
+ if (version10p) {
Home |
Main Index |
Thread Index |
Old Index