diff options
author | tron <tron> | 2012-05-25 15:31:58 +0000 |
---|---|---|
committer | tron <tron> | 2012-05-25 15:31:58 +0000 |
commit | 1aa4f9cba095b804b47eb4c6b992d6b530f0cb08 (patch) | |
tree | fd7f686a0890298caf44b28d7eb1f70e51681173 | |
parent | ea3fbd7e028fee201adc3e2822c05e733570155d (diff) | |
download | pkgsrc-1aa4f9cba095b804b47eb4c6b992d6b530f0cb08.tar.gz |
Pullup ticket #3803 - requested by he
graphics/gdk-pixbuf: security patch
Revisions pulled up:
- graphics/gdk-pixbuf/Makefile 1.45
- graphics/gdk-pixbuf/distinfo 1.23
- graphics/gdk-pixbuf/patches/patch-ao 1.1
---
Module Name: pkgsrc
Committed By: he
Date: Fri May 25 08:29:36 UTC 2012
Modified Files:
pkgsrc/graphics/gdk-pixbuf: Makefile distinfo
Log Message:
Add fix for http://secunia.com/advisories/49125/, taken from
http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
Bump pkgrevision.
---
Module Name: pkgsrc
Committed By: he
Date: Fri May 25 08:31:35 UTC 2012
Added Files:
pkgsrc/graphics/gdk-pixbuf/patches: patch-ao
Log Message:
Add fix for http://secunia.com/advisories/49125/, taken from
http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
-rw-r--r-- | graphics/gdk-pixbuf/Makefile | 4 | ||||
-rw-r--r-- | graphics/gdk-pixbuf/distinfo | 3 | ||||
-rw-r--r-- | graphics/gdk-pixbuf/patches/patch-ao | 35 |
3 files changed, 39 insertions, 3 deletions
diff --git a/graphics/gdk-pixbuf/Makefile b/graphics/gdk-pixbuf/Makefile index 82a2d0607cf..87be405e1fe 100644 --- a/graphics/gdk-pixbuf/Makefile +++ b/graphics/gdk-pixbuf/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.44 2012/02/06 12:40:22 wiz Exp $ +# $NetBSD: Makefile,v 1.44.2.1 2012/05/25 15:31:58 tron Exp $ # PKG_DESTDIR_SUPPORT= user-destdir .include "Makefile.common" -PKGREVISION= 16 +PKGREVISION= 17 COMMENT= The GNOME image loading library # XXX hopefully there is no x.gnome-config.x in PATH diff --git a/graphics/gdk-pixbuf/distinfo b/graphics/gdk-pixbuf/distinfo index 4be85736805..f5d6087196c 100644 --- a/graphics/gdk-pixbuf/distinfo +++ b/graphics/gdk-pixbuf/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.22 2011/08/03 10:01:25 drochner Exp $ +$NetBSD: distinfo,v 1.22.6.1 2012/05/25 15:31:58 tron Exp $ SHA1 (gdk-pixbuf-0.22.0.tar.bz2) = 495324afb5abebc14567ffd5a6cd72333bcc7f5b RMD160 (gdk-pixbuf-0.22.0.tar.bz2) = 0e56a0f883fd8e3fb4d49b9a38f984b95cd96ece @@ -17,3 +17,4 @@ SHA1 (patch-ak) = 123b32f70b0feb91bb3e0c2ca8e705ff2ae381bf SHA1 (patch-al) = cf05f283c7676c9fa51b822f5ced66524dfa487e SHA1 (patch-am) = 44180cb58cba4b5cc5663acc0215978001f82fa0 SHA1 (patch-an) = ec341ab166c5ce98d1d0ba13b676646af50f7038 +SHA1 (patch-ao) = c4d76635d1a79ede36dfa9f11e4dc0922b1f461a diff --git a/graphics/gdk-pixbuf/patches/patch-ao b/graphics/gdk-pixbuf/patches/patch-ao new file mode 100644 index 00000000000..a7ae35ce1b4 --- /dev/null +++ b/graphics/gdk-pixbuf/patches/patch-ao @@ -0,0 +1,35 @@ +$NetBSD: patch-ao,v 1.1.2.2 2012/05/25 15:31:58 tron Exp $ + +Add fix for http://secunia.com/advisories/49125/, taken from +http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053. + +--- gdk-pixbuf/io-xbm.c.orig 2001-01-21 04:13:40.000000000 +0000 ++++ gdk-pixbuf/io-xbm.c +@@ -177,10 +177,16 @@ read_bitmap_file_data (FILE *fstream, + type++; + } + +- if (!strcmp ("width", type)) ++ if (!strcmp ("width", type)) { ++ if (value <= 0) ++ RETURN (FALSE); + ww = (unsigned int) value; +- if (!strcmp ("height", type)) ++ } ++ if (!strcmp ("height", type)) { ++ if (value <= 0) ++ RETURN (FALSE); + hh = (unsigned int) value; ++ } + if (!strcmp ("hot", type)) { + if (type-- == name_and_type + || type-- == name_and_type) +@@ -221,6 +227,8 @@ read_bitmap_file_data (FILE *fstream, + bytes_per_line = (ww+7)/8 + padding; + + size = bytes_per_line * hh; ++ if (size / bytes_per_line != hh) /* overflow */ ++ RETURN (FALSE); + bits = g_malloc (size); + + if (version10p) { |