diff options
author | ghen <ghen@pkgsrc.org> | 2007-09-15 17:27:06 +0000 |
---|---|---|
committer | ghen <ghen@pkgsrc.org> | 2007-09-15 17:27:06 +0000 |
commit | dd0636c2b2efdaeb5303c1101f2456855313f706 (patch) | |
tree | 5f3e621615d96831e3215a42761d8139c54627cd | |
parent | 9dcf6c69f3ecea391345a86b06e1cdae278cf66d (diff) | |
download | pkgsrc-dd0636c2b2efdaeb5303c1101f2456855313f706.tar.gz |
Pullup ticket 2189 - requested by tron
security fix for qt3-libs
- pkgsrc/x11/qt3-libs/Makefile 1.67 via patch
- pkgsrc/x11/qt3-libs/distinfo 1.46
- pkgsrc/x11/qt3-libs/patches/patch-aq 1.2
Module Name: pkgsrc
Committed By: tron
Date: Sat Sep 15 12:04:02 UTC 2007
Modified Files:
pkgsrc/x11/qt3-libs: Makefile distinfo
pkgsrc/x11/qt3-libs/patches: patch-aq
Log Message:
Fix security vulnerability reported in CVE-2007-4137.
Bump package revision.
-rw-r--r-- | x11/qt3-libs/Makefile | 4 | ||||
-rw-r--r-- | x11/qt3-libs/distinfo | 4 | ||||
-rw-r--r-- | x11/qt3-libs/patches/patch-aq | 17 |
3 files changed, 16 insertions, 9 deletions
diff --git a/x11/qt3-libs/Makefile b/x11/qt3-libs/Makefile index b2d8f04ead0..a1e16ea587e 100644 --- a/x11/qt3-libs/Makefile +++ b/x11/qt3-libs/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.63.4.1 2007/08/02 07:29:26 ghen Exp $ +# $NetBSD: Makefile,v 1.63.4.2 2007/09/15 17:27:06 ghen Exp $ PKGNAME= qt3-libs-${QTVERSION} -PKGREVISION= 3 +PKGREVISION= 5 MAINTAINER= adam@NetBSD.org COMMENT= C++ X GUI toolkit diff --git a/x11/qt3-libs/distinfo b/x11/qt3-libs/distinfo index fb0341e3f3b..1b4cf646902 100644 --- a/x11/qt3-libs/distinfo +++ b/x11/qt3-libs/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.44.4.1 2007/08/02 07:29:26 ghen Exp $ +$NetBSD: distinfo,v 1.44.4.2 2007/09/15 17:27:06 ghen Exp $ SHA1 (qt-x11-free-3.3.8.tar.bz2) = 91b192cb8e80679607d24ae35d6e20ed68d149d7 RMD160 (qt-x11-free-3.3.8.tar.bz2) = 7b8e4e35f49014eac4fcfe91b7ec0a45c5569cf4 @@ -19,7 +19,7 @@ SHA1 (patch-am) = d03608cc641edab382f0b6afc6f29b5d97a285a5 SHA1 (patch-an) = a710aee86198eea2def98cb776280819c4ec556f SHA1 (patch-ao) = 3aacba05b27314cadab7dceba3c21d65bab608d3 SHA1 (patch-ap) = 5040628324d271abfc662c5a6eeb4f1ecf0d4758 -SHA1 (patch-aq) = 5ab611a8f39a9a344777680a592b0aabc69229fc +SHA1 (patch-aq) = c17ff8b42901ae9a3cc51c33cffe4cffa64b4e4d SHA1 (patch-ar) = 736703bd8831a4fa5562690b9159d937b233fccf SHA1 (patch-bb) = b6a15a4b2b7b83b89bd3610cf2e48c242dbce2e5 SHA1 (patch-bc) = d8a84e1b66bf1953b53df57ae81d2c98cce69c41 diff --git a/x11/qt3-libs/patches/patch-aq b/x11/qt3-libs/patches/patch-aq index 9435b77513c..6e66706fa1f 100644 --- a/x11/qt3-libs/patches/patch-aq +++ b/x11/qt3-libs/patches/patch-aq @@ -1,7 +1,10 @@ -$NetBSD: patch-aq,v 1.1 2007/04/06 12:44:38 markd Exp $ +$NetBSD: patch-aq,v 1.1.4.1 2007/09/15 17:27:07 ghen Exp $ ---- src/codecs/qutfcodec.cpp -+++ src/codecs/qutfcodec.cpp +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0242 +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4137 + +--- src/codecs/qutfcodec.cpp.orig 2007-02-02 14:01:08.000000000 +0000 ++++ src/codecs/qutfcodec.cpp 2007-09-15 12:12:18.000000000 +0100 @@ -154,6 +154,7 @@ class QUtf8Decoder : public QTextDecoder { @@ -10,8 +13,12 @@ $NetBSD: patch-aq,v 1.1 2007/04/06 12:44:38 markd Exp $ int need; bool headerDone; public: -@@ -167,8 +168,9 @@ - result.setLength( len ); // worst case +@@ -164,11 +165,12 @@ + QString toUnicode(const char* chars, int len) + { + QString result; +- result.setLength( len ); // worst case ++ result.setLength( len + 1 ); // worst case QChar *qch = (QChar *)result.unicode(); uchar ch; + int error = -1; |