diff options
| author | tron <tron@pkgsrc.org> | 2009-04-14 19:32:54 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2009-04-14 19:32:54 +0000 |
| commit | cb13421cf9121023d6a372b89cf6852a8a18f778 (patch) | |
| tree | 8d5e4de3aa2be476a264c65501c051b186fa3487 | |
| parent | a6ca85049fede56d2832b611f65689eb970f4853 (diff) | |
| download | pkgsrc-cb13421cf9121023d6a372b89cf6852a8a18f778.tar.gz | |
Add patch for the security vulnerability reported in CVE-2009-0196
taken from Redhat's Bugzilla.
| -rw-r--r-- | print/ghostscript/Makefile | 4 | ||||
| -rw-r--r-- | print/ghostscript/distinfo | 3 | ||||
| -rw-r--r-- | print/ghostscript/patches/patch-aa | 24 |
3 files changed, 28 insertions, 3 deletions
diff --git a/print/ghostscript/Makefile b/print/ghostscript/Makefile index c2970cdb5a5..02009bca22f 100644 --- a/print/ghostscript/Makefile +++ b/print/ghostscript/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.60 2009/03/25 10:42:13 drochner Exp $ +# $NetBSD: Makefile,v 1.61 2009/04/14 19:32:54 tron Exp $ DISTNAME= ghostscript-8.64 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= print MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ghostscript/} EXTRACT_SUFX= .tar.bz2 diff --git a/print/ghostscript/distinfo b/print/ghostscript/distinfo index debf9cd7d9f..deec4c3a97d 100644 --- a/print/ghostscript/distinfo +++ b/print/ghostscript/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.22 2009/03/25 10:42:13 drochner Exp $ +$NetBSD: distinfo,v 1.23 2009/04/14 19:32:54 tron Exp $ SHA1 (ghostscript-8.64.tar.bz2) = 4c2a6e04145428d35da73fbc4db9c66a75e336e0 RMD160 (ghostscript-8.64.tar.bz2) = 565134dcfe1e823b435c3761461c5eb394bd633c Size (ghostscript-8.64.tar.bz2) = 16921504 bytes +SHA1 (patch-aa) = 31d077502dba343c5834e5ee9fdb42102ef47668 SHA1 (patch-ab) = 7a98cad37f94394f172bdac23f5dd73fb1f08006 SHA1 (patch-ad) = 8b3b743b2d6405ea35bfb16970942ecd55702401 SHA1 (patch-ae) = 50335e72adebe95ab0cb5873d1c6dd00e971579a diff --git a/print/ghostscript/patches/patch-aa b/print/ghostscript/patches/patch-aa new file mode 100644 index 00000000000..1a7e7489722 --- /dev/null +++ b/print/ghostscript/patches/patch-aa @@ -0,0 +1,24 @@ +$NetBSD: patch-aa,v 1.4 2009/04/14 19:32:54 tron Exp $ + +Patch for CVE-2009-0196 taken from Redhat's Bugzilla: + +https://bugzilla.redhat.com/attachment.cgi?id=337747 + +--- jbig2dec/jbig2_symbol_dict.c.orig 2007-12-11 08:29:58.000000000 +0000 ++++ jbig2dec/jbig2_symbol_dict.c 2009-04-14 20:19:01.000000000 +0100 +@@ -699,6 +699,15 @@ + exrunlength = params->SDNUMEXSYMS; + else + code = jbig2_arith_int_decode(IAEX, as, &exrunlength); ++ if (exrunlength > params->SDNUMEXSYMS - j) { ++ jbig2_error(ctx, JBIG2_SEVERITY_FATAL, segment->number, ++ "runlength too large in export symbol table (%d > %d - %d)\n", ++ exrunlength, params->SDNUMEXSYMS, j); ++ jbig2_sd_release(ctx, SDEXSYMS); ++ /* skip to the cleanup code and return SDEXSYMS = NULL */ ++ SDEXSYMS = NULL; ++ break; ++ } + for(k = 0; k < exrunlength; k++) + if (exflag) { + SDEXSYMS->glyphs[j++] = (i < m) ? |