CVS commit: pkgsrc/www/firefox52

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/firefox52
From: "Maya Rashish" <maya%netbsd.org@localhost>
Date: Sat, 17 Mar 2018 00:23:15 +0000

Module Name:    pkgsrc
Committed By:   maya
Date:           Sat Mar 17 00:23:15 UTC 2018

Modified Files:
        pkgsrc/www/firefox52: Makefile distinfo
Added Files:
        pkgsrc/www/firefox52/patches: patch-CVE-2018-5147

Log Message:
firefox52: provide a patch for tremor as well
(ARM-specific)

upstream commit: https://hg.mozilla.org/releases/mozilla-esr52/rev/5cd5586a2f48

PKGREVISION++


To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/firefox52/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/firefox52/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/www/firefox52/patches/patch-CVE-2018-5147

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/firefox52/Makefile
diff -u pkgsrc/www/firefox52/Makefile:1.18 pkgsrc/www/firefox52/Makefile:1.19
--- pkgsrc/www/firefox52/Makefile:1.18  Fri Mar 16 22:53:19 2018
+++ pkgsrc/www/firefox52/Makefile       Sat Mar 17 00:23:15 2018
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.18 2018/03/16 22:53:19 maya Exp $
+# $NetBSD: Makefile,v 1.19 2018/03/17 00:23:15 maya Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
 MOZ_BRANCH=            52.7
@@ -6,6 +6,7 @@ MOZ_BRANCH_MINOR=       .2esr
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
 PKGNAME=       firefox52-${MOZ_BRANCH}${MOZ_BRANCH_MINOR:S/b/beta/:S/esr//}
+PKGREVISION=   1
 CATEGORIES=    www
 MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/}
 MASTER_SITES+= ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/}

Index: pkgsrc/www/firefox52/distinfo
diff -u pkgsrc/www/firefox52/distinfo:1.11 pkgsrc/www/firefox52/distinfo:1.12
--- pkgsrc/www/firefox52/distinfo:1.11  Fri Mar 16 22:53:19 2018
+++ pkgsrc/www/firefox52/distinfo       Sat Mar 17 00:23:15 2018
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.11 2018/03/16 22:53:19 maya Exp $
+$NetBSD: distinfo,v 1.12 2018/03/17 00:23:15 maya Exp $
 
 SHA1 (firefox-52.7.2esr.source.tar.xz) = 7895d445ee7fa7f51ce253483250c7915e74a45e
 RMD160 (firefox-52.7.2esr.source.tar.xz) = d8c6c6a7ee0dfe55bd87467aca5709ea82a0050a
 SHA512 (firefox-52.7.2esr.source.tar.xz) = e275fd10fd32a0dc237135af3395e3a1ae501844632c973ff3b9bca1456702ee36dbee99fc57300598403c924c0db63bd62a199845c8f4a2e29db5d1e5973395
 Size (firefox-52.7.2esr.source.tar.xz) = 212673520 bytes
+SHA1 (patch-CVE-2018-5147) = 04e45d580fde5a44dec4f2e4d617d5302bd3fa44
 SHA1 (patch-aa) = c1084caa275e57b716c3499301f7fc3f99ef5026
 SHA1 (patch-ao) = 8b7125ef3b193fca4d03386142887b2f8d5015c5
 SHA1 (patch-as) = 632ebd35287f8f97d18721d39a0514d4cdbb12cc

Added files:

Index: pkgsrc/www/firefox52/patches/patch-CVE-2018-5147
diff -u /dev/null pkgsrc/www/firefox52/patches/patch-CVE-2018-5147:1.1
--- /dev/null   Sat Mar 17 00:23:15 2018
+++ pkgsrc/www/firefox52/patches/patch-CVE-2018-5147    Sat Mar 17 00:23:15 2018
@@ -0,0 +1,79 @@
+$NetBSD: patch-CVE-2018-5147,v 1.1 2018/03/17 00:23:15 maya Exp $
+
+CVE-2018-5147: Prevent out-of-bounds write in codebook decoding.
+
+Codebooks that are not an exact divisor of the partition size are now
+truncated to fit within the partition.
+
+--- media/libtremor/lib/tremor_codebook.c.orig 2017-04-11 02:13:12.000000000 +0000
++++ media/libtremor/lib/tremor_codebook.c
+@@ -258,7 +258,7 @@ long vorbis_book_decodevs_add(codebook *
+       t[i] = book->valuelist+entry[i]*book->dim;
+       }
+       for(i=0,o=0;i<book->dim;i++,o+=step)
+-      for (j=0;j<step;j++)
++      for (j=0;o+j<n && j<step;j++)
+         a[o+j]+=t[j][i]>>shift;
+     }else{
+       for (i = 0; i < step; i++) {
+@@ -267,7 +267,7 @@ long vorbis_book_decodevs_add(codebook *
+       t[i] = book->valuelist+entry[i]*book->dim;
+       }
+       for(i=0,o=0;i<book->dim;i++,o+=step)
+-      for (j=0;j<step;j++)
++      for (j=0;o+j<n && j<step;j++)
+         a[o+j]+=t[j][i]<<-shift;
+     }
+   }
+@@ -287,7 +287,7 @@ long vorbis_book_decodev_add(codebook *b
+       entry = decode_packed_entry_number(book,b);
+       if(entry==-1)return(-1);
+       t     = book->valuelist+entry*book->dim;
+-      for (j=0;j<book->dim;)
++      for (j=0;i<n && j<book->dim;)
+         a[i++]+=t[j++]>>shift;
+       }
+     }else{
+@@ -295,7 +295,7 @@ long vorbis_book_decodev_add(codebook *b
+       entry = decode_packed_entry_number(book,b);
+       if(entry==-1)return(-1);
+       t     = book->valuelist+entry*book->dim;
+-      for (j=0;j<book->dim;)
++      for (j=0;i<n && j<book->dim;)
+         a[i++]+=t[j++]<<-shift;
+       }
+     }
+@@ -352,15 +352,15 @@ long vorbis_book_decodevv_add(codebook *
+     long i,j,entry;
+     int chptr=0;
+     int shift=point-book->binarypoint;
+-    
++    int m=offset+n;
+     if(shift>=0){
+       
+-      for(i=offset;i<offset+n;){
++      for(i=offset;i<m;){
+       entry = decode_packed_entry_number(book,b);
+       if(entry==-1)return(-1);
+       {
+         const ogg_int32_t *t = book->valuelist+entry*book->dim;
+-        for (j=0;j<book->dim;j++){
++        for (j=0;i<m && j<book->dim;j++){
+           a[chptr++][i]+=t[j]>>shift;
+           if(chptr==ch){
+             chptr=0;
+@@ -371,12 +371,12 @@ long vorbis_book_decodevv_add(codebook *
+       }
+     }else{
+       
+-      for(i=offset;i<offset+n;){
++      for(i=offset;i<m;){
+       entry = decode_packed_entry_number(book,b);
+       if(entry==-1)return(-1);
+       {
+         const ogg_int32_t *t = book->valuelist+entry*book->dim;
+-        for (j=0;j<book->dim;j++){
++        for (j=0;i<m && j<book->dim;j++){
+           a[chptr++][i]+=t[j]<<-shift;
+           if(chptr==ch){
+             chptr=0;

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index