diff options
author | drochner <drochner@pkgsrc.org> | 2008-02-11 10:12:24 +0000 |
---|---|---|
committer | drochner <drochner@pkgsrc.org> | 2008-02-11 10:12:24 +0000 |
commit | 4e4afd7c30e47475a1236540b776225804c9d388 (patch) | |
tree | ed4e320f6e76249edf7ef09986c20d0fe7c8a1e4 | |
parent | 2daa80a6fd5969243ccd338e3ca4732cb5e8d0fb (diff) | |
download | pkgsrc-4e4afd7c30e47475a1236540b776225804c9d388.tar.gz |
also patch CVE-2007-6697 (buffer overflow in gif parser), from upstream
CVS, bump PKGREVISION
-rw-r--r-- | graphics/SDL_image/Makefile | 4 | ||||
-rw-r--r-- | graphics/SDL_image/distinfo | 3 | ||||
-rw-r--r-- | graphics/SDL_image/patches/patch-ab | 15 |
3 files changed, 19 insertions, 3 deletions
diff --git a/graphics/SDL_image/Makefile b/graphics/SDL_image/Makefile index b075e7285d2..bec47688848 100644 --- a/graphics/SDL_image/Makefile +++ b/graphics/SDL_image/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.29 2008/02/08 12:33:31 drochner Exp $ +# $NetBSD: Makefile,v 1.30 2008/02/11 10:12:24 drochner Exp $ DISTNAME= SDL_image-1.2.6 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= graphics devel MASTER_SITES= http://www.libsdl.org/projects/SDL_image/release/ diff --git a/graphics/SDL_image/distinfo b/graphics/SDL_image/distinfo index d55f2adc284..39155c50c3d 100644 --- a/graphics/SDL_image/distinfo +++ b/graphics/SDL_image/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.7 2008/02/08 12:33:31 drochner Exp $ +$NetBSD: distinfo,v 1.8 2008/02/11 10:12:24 drochner Exp $ SHA1 (SDL_image-1.2.6.tar.gz) = 5045df31e4db29d8890110fd18024c9d08efca30 RMD160 (SDL_image-1.2.6.tar.gz) = 8aea5f07216eb887f599c0908f8ea2c2f9eeac93 Size (SDL_image-1.2.6.tar.gz) = 1308812 bytes SHA1 (patch-aa) = eb852fd3c7218fe257ca40a6e90c81ec13dcaeb1 +SHA1 (patch-ab) = 5ddd8f064834a47b7ebda5b1bc1e473351b3e005 diff --git a/graphics/SDL_image/patches/patch-ab b/graphics/SDL_image/patches/patch-ab new file mode 100644 index 00000000000..fa629aaa855 --- /dev/null +++ b/graphics/SDL_image/patches/patch-ab @@ -0,0 +1,15 @@ +$NetBSD: patch-ab,v 1.1 2008/02/11 10:12:24 drochner Exp $ + +--- IMG_gif.c.orig 2007-07-02 04:03:48.000000000 +0200 ++++ IMG_gif.c +@@ -418,6 +418,10 @@ LWZReadByte(SDL_RWops *src, int flag, in + static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp; + register int i; + ++ /* Fixed buffer overflow found by Michael Skladnikiewicz */ ++ if (input_code_size > MAX_LWZ_BITS) ++ return -1; ++ + if (flag) { + set_code_size = input_code_size; + code_size = set_code_size + 1; |