diff options
author | snj <snj@pkgsrc.org> | 2004-12-30 22:24:47 +0000 |
---|---|---|
committer | snj <snj@pkgsrc.org> | 2004-12-30 22:24:47 +0000 |
commit | 2386dcaaa3817f1c91ca62c33f20201b94d3f85b (patch) | |
tree | 88701713d364c5406ba30526ac98a55a9b29246b | |
parent | 37aa02013db0b3e4fcd2103b5a3c5be5c9d7a51a (diff) | |
download | pkgsrc-2386dcaaa3817f1c91ca62c33f20201b94d3f85b.tar.gz |
Pullup ticket 199 - requested by Mark Davies
security fix for koffice
Module Name: pkgsrc
Committed By: markd
Date: Thu Dec 30 21:49:14 UTC 2004
Modified Files:
pkgsrc/misc/koffice: Makefile distinfo
Added Files:
pkgsrc/misc/koffice/patches: patch-ac patch-ad
Log Message:
Add patches to address the latest xpdf security issue in the PDF import
filter. Bump PKGREVISION.
-rw-r--r-- | misc/koffice/Makefile | 3 | ||||
-rw-r--r-- | misc/koffice/distinfo | 4 | ||||
-rw-r--r-- | misc/koffice/patches/patch-ac | 15 | ||||
-rw-r--r-- | misc/koffice/patches/patch-ad | 28 |
4 files changed, 48 insertions, 2 deletions
diff --git a/misc/koffice/Makefile b/misc/koffice/Makefile index d0430b898ed..636495cc3d2 100644 --- a/misc/koffice/Makefile +++ b/misc/koffice/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.48 2004/11/23 20:24:08 markd Exp $ +# $NetBSD: Makefile,v 1.48.2.1 2004/12/30 22:24:47 snj Exp $ DISTNAME= koffice-1.3.5 +PKGREVISION= 3 CATEGORIES= misc kde MASTER_SITES= ftp://ftp.kde.org/pub/kde/stable/koffice-1.3.5/src/ \ ftp://ftp.us.kde.org/pub/kde/stable/koffice-1.3.5/src/ \ diff --git a/misc/koffice/distinfo b/misc/koffice/distinfo index f9aa17a355a..5352e9d44b1 100644 --- a/misc/koffice/distinfo +++ b/misc/koffice/distinfo @@ -1,6 +1,8 @@ -$NetBSD: distinfo,v 1.18 2004/11/23 20:24:08 markd Exp $ +$NetBSD: distinfo,v 1.18.2.1 2004/12/30 22:24:47 snj Exp $ SHA1 (koffice-1.3.5.tar.bz2) = feccb391be8039514f23f0f9cde9b01e22625769 Size (koffice-1.3.5.tar.bz2) = 10778584 bytes SHA1 (patch-aa) = 64f32eaaa0f6e29f6ec3c9b92ecf4599cd11f178 SHA1 (patch-ab) = 6f253484f6c09877cca6b1d1d7610725c895e13a +SHA1 (patch-ac) = bd83be082e58c09630d97e26f21eacbc0ae028f9 +SHA1 (patch-ad) = 83f18c3d073027df62614f7e60035c13100682cf diff --git a/misc/koffice/patches/patch-ac b/misc/koffice/patches/patch-ac new file mode 100644 index 00000000000..4fa2417d214 --- /dev/null +++ b/misc/koffice/patches/patch-ac @@ -0,0 +1,15 @@ +$NetBSD: patch-ac,v 1.7.2.1 2004/12/30 22:24:47 snj Exp $ + +--- filters/kword/pdf/xpdf/xpdf/Gfx.cc.orig 2003-01-26 12:17:44.000000000 +1300 ++++ filters/kword/pdf/xpdf/xpdf/Gfx.cc +@@ -2379,7 +2379,9 @@ void Gfx::doImage(Object *ref, Stream *s + haveMask = gFalse; + dict->lookup("Mask", &maskObj); + if (maskObj.isArray()) { +- for (i = 0; i < maskObj.arrayGetLength(); ++i) { ++ for (i = 0; ++ i < maskObj.arrayGetLength() && i < 2*gfxColorMaxComps; ++ ++i) { + maskObj.arrayGet(i, &obj1); + maskColors[i] = obj1.getInt(); + obj1.free(); diff --git a/misc/koffice/patches/patch-ad b/misc/koffice/patches/patch-ad new file mode 100644 index 00000000000..d4abaa1158c --- /dev/null +++ b/misc/koffice/patches/patch-ad @@ -0,0 +1,28 @@ +$NetBSD: patch-ad,v 1.8.2.1 2004/12/30 22:24:47 snj Exp $ + +--- filters/kword/pdf/xpdf/xpdf/GfxState.cc.orig 2003-01-26 12:17:44.000000000 +1300 ++++ filters/kword/pdf/xpdf/xpdf/GfxState.cc +@@ -682,6 +682,11 @@ GfxColorSpace *GfxICCBasedColorSpace::pa + } + nCompsA = obj2.getInt(); + obj2.free(); ++ if (nCompsA > gfxColorMaxComps) { ++ error(-1, "ICCBased color space with too many (%d > %d) components", ++ nCompsA, gfxColorMaxComps); ++ nCompsA = gfxColorMaxComps; ++ } + if (dict->lookup("Alternate", &obj2)->isNull() || + !(altA = GfxColorSpace::parse(&obj2))) { + switch (nCompsA) { +@@ -1023,6 +1028,11 @@ GfxColorSpace *GfxDeviceNColorSpace::par + goto err2; + } + nCompsA = obj1.arrayGetLength(); ++ if (nCompsA > gfxColorMaxComps) { ++ error(-1, "DeviceN color space with too many (%d > %d) components", ++ nCompsA, gfxColorMaxComps); ++ nCompsA = gfxColorMaxComps; ++ } + for (i = 0; i < nCompsA; ++i) { + if (!obj1.arrayGet(i, &obj2)->isName()) { + error(-1, "Bad DeviceN color space (names)"); |