diff options
| author | drochner <drochner@pkgsrc.org> | 2007-09-28 08:42:07 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2007-09-28 08:42:07 +0000 |
| commit | 0c89fa3fd0dc6022eb2d2fc9f4cc4c94b0521482 (patch) | |
| tree | c788e7417182c0fff965962bf2a88bdedd754037 /fonts | |
| parent | dc09ac5134cb0a2c05a415ab75754398e7955f8b (diff) | |
| download | pkgsrc-0c89fa3fd0dc6022eb2d2fc9f4cc4c94b0521482.tar.gz | |
add a patch from Ubuntu to fix CVE-2007-4033 (buffer overflow in
path handling), bump PKGREVISION
(from Martti Kuparinen)
Diffstat (limited to 'fonts')
| -rw-r--r-- | fonts/t1lib/Makefile | 4 | ||||
| -rw-r--r-- | fonts/t1lib/distinfo | 3 | ||||
| -rw-r--r-- | fonts/t1lib/patches/patch-ai | 17 |
3 files changed, 21 insertions, 3 deletions
diff --git a/fonts/t1lib/Makefile b/fonts/t1lib/Makefile index 84050029155..3bcf73ea573 100644 --- a/fonts/t1lib/Makefile +++ b/fonts/t1lib/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.33 2006/11/06 11:25:24 joerg Exp $ +# $NetBSD: Makefile,v 1.34 2007/09/28 08:42:07 drochner Exp $ DISTNAME= t1lib-5.1.0 -PKGREVISION= 5 +PKGREVISION= 6 CATEGORIES= fonts devel graphics MASTER_SITES= ${MASTER_SITE_SUNSITE:=libs/graphics/} diff --git a/fonts/t1lib/distinfo b/fonts/t1lib/distinfo index 77d2a6b621a..b56b5a6a8ac 100644 --- a/fonts/t1lib/distinfo +++ b/fonts/t1lib/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.17 2007/08/16 13:12:37 joerg Exp $ +$NetBSD: distinfo,v 1.18 2007/09/28 08:42:07 drochner Exp $ SHA1 (t1lib-5.1.0.tar.gz) = 6866561027aa32b0efb1a1aad0aa38cb5e01a299 RMD160 (t1lib-5.1.0.tar.gz) = f12710159aa8a92e8feb5d934dc45875d198bb58 @@ -10,3 +10,4 @@ SHA1 (patch-ad) = 29c530f6d363de31777ad45823b55e72208c4ccb SHA1 (patch-af) = e89df0d94e0748e468c7c3d40ce2fc0ccdb0116c SHA1 (patch-ag) = de43462ab574f557627ff3e35cde4ca574d23396 SHA1 (patch-ah) = 60ead43eeb6327cd3fd94755364633b6bf5d5d0d +SHA1 (patch-ai) = 52e99f7d71f64e46a87531289fc3e2fce76443c7 diff --git a/fonts/t1lib/patches/patch-ai b/fonts/t1lib/patches/patch-ai new file mode 100644 index 00000000000..ec76de470af --- /dev/null +++ b/fonts/t1lib/patches/patch-ai @@ -0,0 +1,17 @@ +$NetBSD: patch-ai,v 1.1 2007/09/28 08:42:08 drochner Exp $ + +--- lib/t1lib/t1env.c.orig 2007-09-28 10:35:07.000000000 +0200 ++++ lib/t1lib/t1env.c +@@ -611,6 +611,12 @@ char *intT1_Env_GetCompletePath( char *F + #endif + strcat( pathbuf, DIRECTORY_SEP); + /* And finally the filename: */ ++ /* If current pathbuf + StrippedName + 1 byte for NULL is bigger than pathbuf ++ let's try next pathbuf */ ++ if( strlen(pathbuf) + strlen(StrippedName) + 1 > sizeof(pathbuf) ) { ++ i++; ++ continue; ++ } + strcat( pathbuf, StrippedName); + + /* Check for existence of the path: */ |