CVS commit: [pkgsrc-2010Q1] pkgsrc/print/dvipsk

[Matthias Scheler <tron%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   tron
Date:           Tue Jun  8 18:22:06 UTC 2010

Modified Files:
        pkgsrc/print/dvipsk [pkgsrc-2010Q1]: Makefile distinfo
        pkgsrc/print/dvipsk/patches [pkgsrc-2010Q1]: patch-ab

Log Message:
Pullup ticket #3143 - requested by minskim
print/dvipsk: security patch

Revisions pulled up:
- print/dvipsk/Makefile                         1.6
- print/dvipsk/distinfo                         1.5
- print/dvipsk/patches/patch-ab                 1.4
---
Module Name:    pkgsrc
Committed By:   minskim
Date:           Tue Jun  8 15:17:05 UTC 2010

Modified Files:
        pkgsrc/print/dvipsk: Makefile distinfo
        pkgsrc/print/dvipsk/patches: patch-ab

Log Message:
Fix CVE-2010-1440.  Patch from TeX Live repository.

  Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX
  Live 2009 and earlier, and teTeX, allow remote attackers to cause a
  denial of service (application crash) or possibly execute arbitrary
  code via a special command in a DVI file, related to the (1)
  predospecial and (2) bbdospecial functions, a different
  vulnerability than CVE-2010-0739.


To generate a diff of this commit:
cvs rdiff -u -r1.4.2.1 -r1.4.2.2 pkgsrc/print/dvipsk/Makefile
cvs rdiff -u -r1.3.2.1 -r1.3.2.2 pkgsrc/print/dvipsk/distinfo
cvs rdiff -u -r1.3.2.2 -r1.3.2.3 pkgsrc/print/dvipsk/patches/patch-ab

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.