diff options
author | taca <taca@pkgsrc.org> | 2012-03-30 03:50:47 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2012-03-30 03:50:47 +0000 |
commit | efe4b5b46f58a3014503e62585839ebcd10ca936 (patch) | |
tree | 245da1959b5eca76c9ae64fb889110e067d949d4 /graphics/ImageMagick | |
parent | e683dbbff246340332446e9bdfefdae0fe1ec6d1 (diff) | |
download | pkgsrc-efe4b5b46f58a3014503e62585839ebcd10ca936.tar.gz |
Add some security fix regarding to
http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629.
[CVE-2012-0259] JPEG EXIF tag crash.
[CVE-2012-0260] Excessive memory use with JPEG restart markers.
[CVE-2012-1798] Copying of invalid memory when reading TIFF EXIF IFD.
Bump PKGREVISION.
Diffstat (limited to 'graphics/ImageMagick')
-rw-r--r-- | graphics/ImageMagick/Makefile | 3 | ||||
-rw-r--r-- | graphics/ImageMagick/distinfo | 5 | ||||
-rw-r--r-- | graphics/ImageMagick/patches/patch-coders_jpeg.c | 29 | ||||
-rw-r--r-- | graphics/ImageMagick/patches/patch-coders_tiff.c | 15 | ||||
-rw-r--r-- | graphics/ImageMagick/patches/patch-magick_property.c | 15 |
5 files changed, 65 insertions, 2 deletions
diff --git a/graphics/ImageMagick/Makefile b/graphics/ImageMagick/Makefile index fdceb9d5b83..58bc5615be9 100644 --- a/graphics/ImageMagick/Makefile +++ b/graphics/ImageMagick/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.177 2012/03/21 18:12:42 drochner Exp $ +# $NetBSD: Makefile,v 1.178 2012/03/30 03:50:47 taca Exp $ .include "Makefile.common" PKGNAME= ImageMagick-${DISTVERSION} +PKGREVISION= 1 MAINTAINER= adam@NetBSD.org COMMENT= Package for display and interactive manipulation of images diff --git a/graphics/ImageMagick/distinfo b/graphics/ImageMagick/distinfo index 5373012040a..86166f4b124 100644 --- a/graphics/ImageMagick/distinfo +++ b/graphics/ImageMagick/distinfo @@ -1,5 +1,8 @@ -$NetBSD: distinfo,v 1.109 2012/03/21 18:12:42 drochner Exp $ +$NetBSD: distinfo,v 1.110 2012/03/30 03:50:47 taca Exp $ SHA1 (ImageMagick-6.7.5-10.tar.bz2) = e19d7d5148de58d56a02d68049bb5d3ba470f53c RMD160 (ImageMagick-6.7.5-10.tar.bz2) = 5ff5b7ddc773beb048773cc252c5d306eaf28e50 Size (ImageMagick-6.7.5-10.tar.bz2) = 10416791 bytes +SHA1 (patch-coders_jpeg.c) = 77e47f58ee3c46888f2edeafa1964e5145b65c25 +SHA1 (patch-coders_tiff.c) = ff11a7fe6f47cd3fb7afeab986851ac417366722 +SHA1 (patch-magick_property.c) = 19c345afac494a6599ef65a8a273f52095071127 diff --git a/graphics/ImageMagick/patches/patch-coders_jpeg.c b/graphics/ImageMagick/patches/patch-coders_jpeg.c new file mode 100644 index 00000000000..422f2cfa6b9 --- /dev/null +++ b/graphics/ImageMagick/patches/patch-coders_jpeg.c @@ -0,0 +1,29 @@ +$NetBSD: patch-coders_jpeg.c,v 1.1 2012/03/30 03:50:47 taca Exp $ + +* Fix for CVE-2012-0260. + +--- coders/jpeg.c.orig 2012-03-02 17:37:45.000000000 +0000 ++++ coders/jpeg.c +@@ -319,6 +319,8 @@ static void JPEGErrorHandler(j_common_pt + + static MagickBooleanType JPEGWarningHandler(j_common_ptr jpeg_info,int level) + { ++#define JPEGExcessiveWarnings 1000 ++ + char + message[JMSG_LENGTH_MAX]; + +@@ -337,11 +339,12 @@ static MagickBooleanType JPEGWarningHand + Process warning message. + */ + (jpeg_info->err->format_message)(jpeg_info,message); ++ if (jpeg_info->err->num_warnings++ > JPEGExcessiveWarnings) ++ JPEGErrorHandler(jpeg_info); + if ((jpeg_info->err->num_warnings == 0) || + (jpeg_info->err->trace_level >= 3)) + ThrowBinaryException(CorruptImageWarning,(char *) message, + image->filename); +- jpeg_info->err->num_warnings++; + } + else + if ((image->debug != MagickFalse) && diff --git a/graphics/ImageMagick/patches/patch-coders_tiff.c b/graphics/ImageMagick/patches/patch-coders_tiff.c new file mode 100644 index 00000000000..dd72af445da --- /dev/null +++ b/graphics/ImageMagick/patches/patch-coders_tiff.c @@ -0,0 +1,15 @@ +$NetBSD: patch-coders_tiff.c,v 1.1 2012/03/30 03:50:47 taca Exp $ + +* Fix for CVE-2012-1798. + +--- coders/tiff.c.orig 2012-02-14 00:43:58.000000000 +0000 ++++ coders/tiff.c +@@ -647,7 +647,7 @@ static void TIFFGetEXIFProperties(TIFF * + ascii=(char *) NULL; + if ((TIFFGetField(tiff,exif_info[i].tag,&ascii,&sans,&sans) != 0) && + (ascii != (char *) NULL) && (*ascii != '\0')) +- (void) CopyMagickMemory(value,ascii,MaxTextExtent); ++ (void) CopyMagickString(value,ascii,MaxTextExtent); + break; + } + case TIFF_SHORT: diff --git a/graphics/ImageMagick/patches/patch-magick_property.c b/graphics/ImageMagick/patches/patch-magick_property.c new file mode 100644 index 00000000000..6a515a40f6b --- /dev/null +++ b/graphics/ImageMagick/patches/patch-magick_property.c @@ -0,0 +1,15 @@ +$NetBSD: patch-magick_property.c,v 1.1 2012/03/30 03:50:47 taca Exp $ + +* Fix for CVE-2012-0259. + +--- magick/property.c.orig 2012-03-01 01:41:19.000000000 +0000 ++++ magick/property.c +@@ -1309,6 +1309,8 @@ static MagickBooleanType GetEXIFProperty + buffer[MaxTextExtent], + *value; + ++ value = NULL; ++ *buffer = '\0'; + switch (format) + { + case EXIF_FMT_BYTE: |