Pullup ticket 3029 - requested by taca

security patch

Revisions pulled up:
- pkgsrc/x11/wxGTK28/Makefile		1.8
- pkgsrc/x11/wxGTK28/Makefile.common	1.5
- pkgsrc/x11/wxGTK28/distinfo		1.8
- pkgsrc/x11/wxGTK28/patches/patch-ba	1.2
- pkgsrc/x11/wxGTK28/patches/patch-bb	1.2
- pkgsrc/x11/wxGTK28/patches/patch-ca	1.2

Files added:
pkgsrc/x11/wxGTK28/patches/patch-cb

   --------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   taca
   Date:           Tue Feb 16 17:38:14 UTC 2010

   Modified Files:
           pkgsrc/x11/wxGTK28: Makefile Makefile.common distinfo
           pkgsrc/x11/wxGTK28/patches: patch-ba patch-bb patch-ca
   Added Files:
           pkgsrc/x11/wxGTK28/patches: patch-cb

   Log Message:
   * Add patches for CVE-2009-2369 and CVE-2009-2625.
   * Use textproc/expat to fix CVE-2009-3720.

   Bump PKGREVISION.


   To generate a diff of this commit:
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/x11/wxGTK28/Makefile \
       pkgsrc/x11/wxGTK28/distinfo
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/x11/wxGTK28/Makefile.common
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/x11/wxGTK28/patches/patch-ba \
       pkgsrc/x11/wxGTK28/patches/patch-bb pkgsrc/x11/wxGTK28/patches/patch-ca
   cvs rdiff -u -r0 -r1.1 pkgsrc/x11/wxGTK28/patches/patch-cb

7 files changed, 34 insertions, 10 deletions

diff --git a/x11/wxGTK28/Makefile b/x11/wxGTK28/Makefile
index 3c653612e62..c7a1216cde8 100644
--- a/x11/wxGTK28/Makefile
+++ b/x11/wxGTK28/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.6 2009/08/26 20:24:12 sno Exp $
+# $NetBSD: Makefile,v 1.6.4.1 2010/02/28 14:14:23 spz Exp $
 #
 
 .include "../../x11/wxGTK28/Makefile.common"
 
-PKGREVISION=	3
+PKGREVISION=	5
 
 PKGNAME=		${DISTNAME:S/wxGTK/wxGTK28/}
 COMMENT=		GTK-based implementation of the wxWidgets GUI library
diff --git a/x11/wxGTK28/Makefile.common b/x11/wxGTK28/Makefile.common
index 889133be0fb..9ad49a4b91a 100644
--- a/x11/wxGTK28/Makefile.common
+++ b/x11/wxGTK28/Makefile.common
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.4 2009/09/21 17:48:46 tnn Exp $
+# $NetBSD: Makefile.common,v 1.4.4.1 2010/02/28 14:14:23 spz Exp $
 #
 # used by x11/wxGTK28/Makefile
 
@@ -30,6 +30,7 @@ CONFIGURE_ARGS+=	--with-libjpeg=sys
 CONFIGURE_ARGS+=	--with-libpng=sys
 CONFIGURE_ARGS+=	--with-libtiff=sys
 CONFIGURE_ARGS+=	--with-opengl
+CONFIGURE_ARGS+=	--with-expat=sys
 CONFIGURE_ARGS+=	--with-zlib=sys
 CONFIGURE_ARGS+=	--with-regex=builtin
 
@@ -64,6 +65,7 @@ pre-configure:
 .include "../../graphics/jpeg/buildlink3.mk"
 .include "../../graphics/png/buildlink3.mk"
 .include "../../graphics/tiff/buildlink3.mk"
+.include "../../textproc/expat/buildlink3.mk"
 .include "../../x11/gtk2/buildlink3.mk"
 .include "../../x11/libSM/buildlink3.mk"
 
diff --git a/x11/wxGTK28/distinfo b/x11/wxGTK28/distinfo
index 3d2aa0a2066..c0c768b7325 100644
--- a/x11/wxGTK28/distinfo
+++ b/x11/wxGTK28/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.7 2009/10/23 12:26:13 plunky Exp $
+$NetBSD: distinfo,v 1.7.2.1 2010/02/28 14:14:23 spz Exp $
 
 SHA1 (wxGTK-2.8.10-libtool.diff.bz2) = 62ff30c26efdd73252bed2d07b82a9b9d3ef890f
 RMD160 (wxGTK-2.8.10-libtool.diff.bz2) = 64e1c32caa4bd6a0503bce4764e3ddc1cba68f8a
@@ -10,6 +10,7 @@ SHA1 (patch-aa) = 1a30c79f07ea8ea5dff02fad9b5e1ba8dadde01a
 SHA1 (patch-ab) = 82960daef0616824718f3c04929871aeb0e258a2
 SHA1 (patch-ac) = 50cf253797f2dee8b9dab08d138d0070e25e7a8c
 SHA1 (patch-ad) = b07a55257347633edb8997201c82f83619d1d650
-SHA1 (patch-ba) = e47f8613835ce309daff09ae3265d44f37493579
-SHA1 (patch-bb) = 52df734a1df364dc5599a2b9252a15b87cae13b1
-SHA1 (patch-ca) = 4df0c2629c61fbf83a121eb16e490e9c2abb5ad8
+SHA1 (patch-ba) = 367553169526acd6c1c938b0f57c5b6a444d2b10
+SHA1 (patch-bb) = 27855267bd13a1db65cafc96eaba1ef7f71dc65f
+SHA1 (patch-ca) = 7da457e1dbafb42766aa87c1ca9baca675e211ed
+SHA1 (patch-cb) = 8e3ca3df50ef678656787201317a2d2b385c861e
diff --git a/x11/wxGTK28/patches/patch-ba b/x11/wxGTK28/patches/patch-ba
index 2b1b0022d01..a6c628fb12b 100644
--- a/x11/wxGTK28/patches/patch-ba
+++ b/x11/wxGTK28/patches/patch-ba
@@ -1,4 +1,6 @@
-$NetBSD: patch-ba,v 1.1 2009/08/01 14:03:19 drochner Exp $
+$NetBSD: patch-ba,v 1.1.4.1 2010/02/28 14:14:23 spz Exp $
+
+deal with CVE-2009-2369.
 
 --- src/common/imagpng.cpp.orig	2009-03-06 13:17:40.000000000 +0100
 +++ src/common/imagpng.cpp
diff --git a/x11/wxGTK28/patches/patch-bb b/x11/wxGTK28/patches/patch-bb
index 68753862039..49636a15fc8 100644
--- a/x11/wxGTK28/patches/patch-bb
+++ b/x11/wxGTK28/patches/patch-bb
@@ -1,4 +1,6 @@
-$NetBSD: patch-bb,v 1.1 2009/08/01 14:03:19 drochner Exp $
+$NetBSD: patch-bb,v 1.1.4.1 2010/02/28 14:14:23 spz Exp $
+
+deal with CVE-2009-2369.
 
 --- src/common/imagtiff.cpp.orig	2009-03-06 13:17:40.000000000 +0100
 +++ src/common/imagtiff.cpp
diff --git a/x11/wxGTK28/patches/patch-ca b/x11/wxGTK28/patches/patch-ca
index 4e807c87b51..74125c3c8eb 100644
--- a/x11/wxGTK28/patches/patch-ca
+++ b/x11/wxGTK28/patches/patch-ca
@@ -1,4 +1,6 @@
-$NetBSD: patch-ca,v 1.1 2009/08/05 20:58:56 drochner Exp $
+$NetBSD: patch-ca,v 1.1.4.1 2010/02/28 14:14:23 spz Exp $
+
+deal with CVE-2009-2369.
 
 --- src/common/image.cpp.orig	2009-03-06 13:17:40.000000000 +0100
 +++ src/common/image.cpp
diff --git a/x11/wxGTK28/patches/patch-cb b/x11/wxGTK28/patches/patch-cb
new file mode 100644
index 00000000000..bd316f938c3
--- /dev/null
+++ b/x11/wxGTK28/patches/patch-cb
@@ -0,0 +1,15 @@
+$NetBSD: patch-cb,v 1.1.2.2 2010/02/28 14:14:23 spz Exp $
+
+deal with CVE-2009-2625.
+
+--- src/expat/lib/xmltok_impl.c.orig	2009-03-06 12:17:57.000000000 +0000
++++ src/expat/lib/xmltok_impl.c
+@@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *e
+                        const char *end,
+                        POSITION *pos)
+ {
+-  while (ptr != end) {
++  while (ptr < end) {
+     switch (BYTE_TYPE(enc, ptr)) {
+ #define LEAD_CASE(n) \
+     case BT_LEAD ## n: \