diff options
author | tron <tron> | 2014-02-20 12:23:28 +0000 |
---|---|---|
committer | tron <tron> | 2014-02-20 12:23:28 +0000 |
commit | 6e68f91e23cf1f6780bc5ff503599be5ddbef4d7 (patch) | |
tree | 3b39d164afee214d9a143938eaf6ef3742d5221d | |
parent | 009f5e642e7fcb03f66d0f11b8dc72a72db29519 (diff) | |
download | pkgsrc-6e68f91e23cf1f6780bc5ff503599be5ddbef4d7.tar.gz |
Pullup ticket #4330 - requested by drochner
print/mupdf: security patch
Revisions pulled up:
- print/mupdf/Makefile 1.21 via patch
- print/mupdf/distinfo 1.11 via patch
- print/mupdf/patches/patch-ba 1.1 via patch
- print/mupdf/patches/patch-bb 1.1 via patch
- print/mupdf/patches/patch-bc 1.1 via patch
- print/mupdf/patches/patch-bd 1.1 via patch
---
Module Name: pkgsrc
Committed By: drochner
Date: Fri Feb 14 17:49:41 UTC 2014
Modified Files:
pkgsrc/print/mupdf: Makefile distinfo
Added Files:
pkgsrc/print/mupdf/patches: patch-ba patch-bb patch-bc patch-bd
Log Message:
add patch from upstream to fix buffer overflow in xps_parse_color()
bump PKGREV
-rw-r--r-- | print/mupdf/Makefile | 4 | ||||
-rw-r--r-- | print/mupdf/distinfo | 6 | ||||
-rw-r--r-- | print/mupdf/patches/patch-ba | 27 | ||||
-rw-r--r-- | print/mupdf/patches/patch-bb | 13 | ||||
-rw-r--r-- | print/mupdf/patches/patch-bc | 13 | ||||
-rw-r--r-- | print/mupdf/patches/patch-bd | 13 |
6 files changed, 73 insertions, 3 deletions
diff --git a/print/mupdf/Makefile b/print/mupdf/Makefile index a623a58dc1f..941f926aa30 100644 --- a/print/mupdf/Makefile +++ b/print/mupdf/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.18 2013/06/04 22:16:59 tron Exp $ +# $NetBSD: Makefile,v 1.18.6.1 2014/02/20 12:23:28 tron Exp $ DISTNAME= mupdf-1.1-source PKGNAME= ${DISTNAME:S/-source//} -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= print MASTER_SITES= http://ccxvii.net/mupdf/download/ \ http://ccxvii.net/mupdf/download/archive/ diff --git a/print/mupdf/distinfo b/print/mupdf/distinfo index 6dfaf5b891d..1131c0a981c 100644 --- a/print/mupdf/distinfo +++ b/print/mupdf/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.9 2012/12/08 23:09:39 adam Exp $ +$NetBSD: distinfo,v 1.9.10.1 2014/02/20 12:23:28 tron Exp $ SHA1 (mupdf-1.1-source.tar.gz) = e2c2cd555d790ed97bd6507accf29817945dfe81 RMD160 (mupdf-1.1-source.tar.gz) = 7ebdbd3a1cc64a4de1de920d7b149a3682ba1431 @@ -6,4 +6,8 @@ Size (mupdf-1.1-source.tar.gz) = 4281735 bytes SHA1 (patch-ab) = fa8d1acb5ff8cf3562e0f27f0b2a0d27408d2542 SHA1 (patch-ac) = dbda8ee49ac4cfe43b09329d25a7d7e6b45ef164 SHA1 (patch-ae) = 792df3bea1f8c13230bfdce5495eaaf99c62cc12 +SHA1 (patch-ba) = 3f32975b0bbe280ae307778f4f6b52ec396dcdc3 +SHA1 (patch-bb) = fb2127cdd73c9652e76a0dfe9486f3eccfbf35ec +SHA1 (patch-bc) = bdf7f9a686336867136c6868a6d2579762baaf6a +SHA1 (patch-bd) = 1ceb59e7f6de3b44dffa8443fcfde92820c17f9a SHA1 (patch-fitz_image_jpx.c) = 6ca57a09c527b11f1b1bcf5364a5a2dfbe39f79d diff --git a/print/mupdf/patches/patch-ba b/print/mupdf/patches/patch-ba new file mode 100644 index 00000000000..d71e027f081 --- /dev/null +++ b/print/mupdf/patches/patch-ba @@ -0,0 +1,27 @@ +$NetBSD: patch-ba,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $ + +http://bugs.ghostscript.com/show_bug.cgi?id=694957 + +--- xps/xps_common.c.orig 2012-08-16 13:55:20.000000000 +0000 ++++ xps/xps_common.c +@@ -89,7 +89,7 @@ xps_begin_opacity(xps_document *doc, fz_ + if (scb_color_att) + { + fz_colorspace *colorspace; +- float samples[32]; ++ float samples[FZ_MAX_COLORS]; + xps_parse_color(doc, base_uri, scb_color_att, &colorspace, samples); + opacity = opacity * samples[0]; + } +@@ -273,6 +273,11 @@ xps_parse_color(xps_document *doc, char + + *p++ = 0; + n = count_commas(p) + 1; ++ if (n > FZ_MAX_COLORS) ++ { ++ fz_warn(doc->ctx, "ignoring %d color components (max %d allowed)", n - FZ_MAX_COLORS, FZ_MAX_COLORS); ++ n = FZ_MAX_COLORS; ++ } + i = 0; + while (i < n) + { diff --git a/print/mupdf/patches/patch-bb b/print/mupdf/patches/patch-bb new file mode 100644 index 00000000000..f33dd3270b6 --- /dev/null +++ b/print/mupdf/patches/patch-bb @@ -0,0 +1,13 @@ +$NetBSD: patch-bb,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $ + +--- xps/xps_glyphs.c.orig 2013-08-14 12:41:20.000000000 +0000 ++++ xps/xps_glyphs.c +@@ -591,7 +591,7 @@ xps_parse_glyphs(xps_document *doc, cons + + if (fill_att) + { +- float samples[32]; ++ float samples[FZ_MAX_COLORS]; + fz_colorspace *colorspace; + + xps_parse_color(doc, base_uri, fill_att, &colorspace, samples); diff --git a/print/mupdf/patches/patch-bc b/print/mupdf/patches/patch-bc new file mode 100644 index 00000000000..57840160351 --- /dev/null +++ b/print/mupdf/patches/patch-bc @@ -0,0 +1,13 @@ +$NetBSD: patch-bc,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $ + +--- xps/xps_gradient.c.orig 2013-08-14 12:41:20.000000000 +0000 ++++ xps/xps_gradient.c +@@ -38,7 +38,7 @@ xps_parse_gradient_stops(xps_document *d + struct stop *stops, int maxcount) + { + fz_colorspace *colorspace; +- float sample[8]; ++ float sample[FZ_MAX_COLORS]; + float rgb[3]; + int before, after; + int count; diff --git a/print/mupdf/patches/patch-bd b/print/mupdf/patches/patch-bd new file mode 100644 index 00000000000..4f446afa68a --- /dev/null +++ b/print/mupdf/patches/patch-bd @@ -0,0 +1,13 @@ +$NetBSD: patch-bd,v 1.1.2.2 2014/02/20 12:23:28 tron Exp $ + +--- xps/xps_path.c.orig 2012-08-16 13:55:20.000000000 +0000 ++++ xps/xps_path.c +@@ -825,7 +825,7 @@ xps_parse_path(xps_document *doc, fz_mat + + fz_stroke_state *stroke = NULL; + fz_matrix transform; +- float samples[32]; ++ float samples[FZ_MAX_COLORS]; + fz_colorspace *colorspace; + fz_path *path; + fz_path *stroke_path = NULL; |