diff options
author | snj <snj@pkgsrc.org> | 2005-03-11 06:08:38 +0000 |
---|---|---|
committer | snj <snj@pkgsrc.org> | 2005-03-11 06:08:38 +0000 |
commit | c6fa5aef222d574db002807fa1d57b322dc72dbf (patch) | |
tree | 3fec6cfd854b2d66933c950486dc3b2a3357b812 | |
parent | 0dee6b2b9d593842ef5856a140ae4fdd7679b459 (diff) | |
download | pkgsrc-c6fa5aef222d574db002807fa1d57b322dc72dbf.tar.gz |
Pullup ticket 349 - requested by Lubomir Sedlacik
security fix for libexif
Revisions pulled up:
- pkgsrc/graphics/libexif/Makefile 1.22
- pkgsrc/graphics/libexif/buildlink3.mk 1.6
- pkgsrc/graphics/libexif/distinfo 1.12
- pkgsrc/graphics/libexif/patches/patch-ab 1.1
Module Name: pkgsrc
Committed By: adam
Date: Thu Mar 10 19:22:22 UTC 2005
Modified Files:
pkgsrc/graphics/libexif: distinfo
Added Files:
pkgsrc/graphics/libexif/patches: patch-ab
Log Message:
Added a patch to fix buffer overflow:
* SECURITY UPDATE: Fix buffer overflow.
* libexif/exif-data.c: Add buffer size checks in several places before
trying to access it.
* Thanks to Sylvain Defresne for spotting this and the patch.
* References:
https://bugzilla.ubuntulinux.org/show_bug.cgi?id=7152
Thanks to wiz@ for heads-up. :)
----
Module Name: pkgsrc
Committed By: salo
Date: Thu Mar 10 22:21:56 UTC 2005
Modified Files:
pkgsrc/graphics/libexif: Makefile buildlink3.mk
Log Message:
Bump PKGREVISION and BUILDLINK_RECOMMENDED for the security fix. (hi adam!)
-rw-r--r-- | graphics/libexif/Makefile | 3 | ||||
-rw-r--r-- | graphics/libexif/buildlink3.mk | 3 | ||||
-rw-r--r-- | graphics/libexif/distinfo | 3 | ||||
-rw-r--r-- | graphics/libexif/patches/patch-ab | 32 |
4 files changed, 38 insertions, 3 deletions
diff --git a/graphics/libexif/Makefile b/graphics/libexif/Makefile index 9583a93014a..f7af9d7cb89 100644 --- a/graphics/libexif/Makefile +++ b/graphics/libexif/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.21 2004/10/27 19:30:23 drochner Exp $ +# $NetBSD: Makefile,v 1.21.2.1 2005/03/11 06:08:38 snj Exp $ DISTNAME= libexif-0.6.11 +PKGREVISION= 1 CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=libexif/} diff --git a/graphics/libexif/buildlink3.mk b/graphics/libexif/buildlink3.mk index cff675371e5..75adbf7863c 100644 --- a/graphics/libexif/buildlink3.mk +++ b/graphics/libexif/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.5 2004/10/30 00:59:02 minskim Exp $ +# $NetBSD: buildlink3.mk,v 1.5.2.1 2005/03/11 06:08:38 snj Exp $ BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+ LIBEXIF_BUILDLINK3_MK:= ${LIBEXIF_BUILDLINK3_MK}+ @@ -12,6 +12,7 @@ BUILDLINK_PACKAGES+= libexif .if !empty(LIBEXIF_BUILDLINK3_MK:M+) BUILDLINK_DEPENDS.libexif+= libexif>=0.6.11 +BUILDLINK_RECOMMENDED.libexif+= libexif>=0.6.11nb1 BUILDLINK_PKGSRCDIR.libexif?= ../../graphics/libexif .endif # LIBEXIF_BUILDLINK3_MK diff --git a/graphics/libexif/distinfo b/graphics/libexif/distinfo index 82c652abf77..d066cdab9bb 100644 --- a/graphics/libexif/distinfo +++ b/graphics/libexif/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.10 2004/10/27 19:30:23 drochner Exp $ +$NetBSD: distinfo,v 1.10.2.1 2005/03/11 06:08:38 snj Exp $ SHA1 (libexif-0.6.11.tar.gz) = f522e097edfccac420c7779209aafeebbf09aa7c Size (libexif-0.6.11.tar.gz) = 546277 bytes SHA1 (patch-aa) = bcbdc84fc26c64ecac62699ab11bf55afe6b65c7 +SHA1 (patch-ab) = d778a593bc70a4c3a1413a4bfa508e98fdf2f71a diff --git a/graphics/libexif/patches/patch-ab b/graphics/libexif/patches/patch-ab new file mode 100644 index 00000000000..17be639b012 --- /dev/null +++ b/graphics/libexif/patches/patch-ab @@ -0,0 +1,32 @@ +$NetBSD: patch-ab,v 1.1.2.2 2005/03/11 06:08:38 snj Exp $ + +--- libexif/exif-data.c.orig Tue Oct 5 21:10:04 2004 ++++ libexif/exif-data.c +@@ -628,7 +628,7 @@ exif_data_load_data (ExifData *data, con + "Found EXIF header."); + + /* Byte order (offset 6, length 2) */ +- if (ds < 12) ++ if (ds < 14) + return; + if (!memcmp (d + 6, "II", 2)) + data->priv->order = EXIF_BYTE_ORDER_INTEL; +@@ -646,12 +646,18 @@ exif_data_load_data (ExifData *data, con + exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", + "IFD 0 at %i.", (int) offset); + ++ if (ds < 6 + 4 + offset) ++ return; ++ + /* Parse the actual exif data (offset 14) */ + exif_data_load_data_content (data, data->ifd[EXIF_IFD_0], d + 6, + ds - 6, offset); + + /* IFD 1 offset */ + n = exif_get_short (d + 6 + offset, data->priv->order); ++ if (ds < 6 + offset + 2 + 12 * n + 4) ++ return; ++ + offset = exif_get_long (d + 6 + offset + 2 + 12 * n, data->priv->order); + if (offset) { + exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", |