diff options
author | tonnerre <tonnerre@pkgsrc.org> | 2008-03-23 14:27:51 +0000 |
---|---|---|
committer | tonnerre <tonnerre@pkgsrc.org> | 2008-03-23 14:27:51 +0000 |
commit | 8148fc4658a459285a97e79d38d72894bc3c0e5d (patch) | |
tree | a4547ed5cc69202dd34ca0e612b19546a118d8c1 /graphics/gimp1-base | |
parent | 04373f73e3afb5629327133682055ab3364a67e3 (diff) | |
download | pkgsrc-8148fc4658a459285a97e79d38d72894bc3c0e5d.tar.gz |
Fix Sun RAS buffer overflow (CVE-2007-2356). This was fixed in gimp2 but
gimp1 was forgotten.
Approved-by: gdt, joerg
Diffstat (limited to 'graphics/gimp1-base')
-rw-r--r-- | graphics/gimp1-base/Makefile | 4 | ||||
-rw-r--r-- | graphics/gimp1-base/distinfo | 3 | ||||
-rw-r--r-- | graphics/gimp1-base/patches/patch-ab | 33 |
3 files changed, 37 insertions, 3 deletions
diff --git a/graphics/gimp1-base/Makefile b/graphics/gimp1-base/Makefile index 3c4cd2a0ac5..485b597f24f 100644 --- a/graphics/gimp1-base/Makefile +++ b/graphics/gimp1-base/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.23 2007/12/02 12:05:33 wiz Exp $ +# $NetBSD: Makefile,v 1.24 2008/03/23 14:27:51 tonnerre Exp $ # DISTNAME= gimp-1.2.5 PKGNAME= gimp-base-1.2.5 -PKGREVISION= 6 +PKGREVISION= 7 CATEGORIES= graphics MASTER_SITES= ftp://ftp.gimp.org/pub/gimp/v1.2/v1.2.5/ \ ftp://ftp.fu-berlin.de/unix/X11/graphics/gimp/v1.2/v1.2.5/ diff --git a/graphics/gimp1-base/distinfo b/graphics/gimp1-base/distinfo index 2ef4c9380bf..df73349a9e6 100644 --- a/graphics/gimp1-base/distinfo +++ b/graphics/gimp1-base/distinfo @@ -1,9 +1,10 @@ -$NetBSD: distinfo,v 1.4 2007/07/30 07:56:27 joerg Exp $ +$NetBSD: distinfo,v 1.5 2008/03/23 14:27:51 tonnerre Exp $ SHA1 (gimp-1.2.5.tar.bz2) = 1cb7fdbd4e6b191a62011c906e1b0aaef6e623ef RMD160 (gimp-1.2.5.tar.bz2) = d1be734271b763a22c0e8f5981c5c330a7744d31 Size (gimp-1.2.5.tar.bz2) = 10885324 bytes SHA1 (patch-aa) = 2d2f7ce110822522314aebfd86c06ebcbdbabb9d +SHA1 (patch-ab) = 80a207cc4b0df4b3616c0cdda6a63b4a72d5a125 SHA1 (patch-ac) = 9949ba730b031132a183cabf69025e36500c70f0 SHA1 (patch-ad) = 29c68f53be2d527661dcbaa38b2bf92626cb139c SHA1 (patch-ae) = cf58dd1f447ac147d6e263d8f309d7e86e1a2fb0 diff --git a/graphics/gimp1-base/patches/patch-ab b/graphics/gimp1-base/patches/patch-ab new file mode 100644 index 00000000000..53d2a09a568 --- /dev/null +++ b/graphics/gimp1-base/patches/patch-ab @@ -0,0 +1,33 @@ +$NetBSD: patch-ab,v 1.1 2008/03/23 14:27:51 tonnerre Exp $ + +Fix Sun RAS buffer overflow (CVE-2007-2356). + +--- plug-ins/common/sunras.c.orig 2003-01-15 03:04:01.000000000 +0100 ++++ plug-ins/common/sunras.c +@@ -101,7 +101,7 @@ static gint save_image (gchar *filen + gint32 image_ID, + gint32 drawable_ID); + +-static void set_color_table (gint32, L_SUNFILEHEADER *, unsigned char *); ++static void set_color_table (gint32, L_SUNFILEHEADER *, const guchar *); + + static gint32 create_new_image (char *filename, guint width, guint height, + GimpImageBaseType type, gint32 *layer_ID, GimpDrawable **drawable, +@@ -872,7 +872,7 @@ write_sun_cols (FILE *ofp, + static void + set_color_table (gint32 image_ID, + L_SUNFILEHEADER *sunhdr, +- guchar *suncolmap) ++ const guchar *suncolmap) + { + int ncols, j; + guchar ColorMap[256*3]; +@@ -880,7 +880,7 @@ set_color_table (gint32 image_ + ncols = sunhdr->l_ras_maplength / 3; + if (ncols <= 0) return; + +- for (j = 0; j < ncols; j++) ++ for (j = 0; j < MIN(ncols, 256); j++) + { + ColorMap[j*3] = suncolmap[j]; + ColorMap[j*3+1] = suncolmap[j+ncols]; |