diff options
| author | wiz <wiz@pkgsrc.org> | 2012-02-18 15:42:57 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2012-02-18 15:42:57 +0000 |
| commit | 7687326c6d2ac42d54e6beb9f6e71d8c728d4b4a (patch) | |
| tree | 4ae0c45cbbe3d047e82a082eda0061d44c4e6ddd /graphics/png | |
| parent | 63152061ecdcb4723fe18ee0b7811a1f19bb2273 (diff) | |
| download | pkgsrc-7687326c6d2ac42d54e6beb9f6e71d8c728d4b4a.tar.gz | |
Update to 1.5.9rc01, which includes the official patch for CVE-2011-3026.
Version 1.5.9beta01 [February 3, 2012]
Rebuilt configure scripts in the tar distributions.
Version 1.5.9beta02 [February 16, 2012]
Removed two unused definitions from scripts/pnglibconf.h.prebuilt
Removed some unused arrays (with #ifdef) from png_read_push_finish_row().
Removed tests for no-longer-used *_EMPTY_PLTE_SUPPORTED from pngstruct.h
Version 1.5.9rc01 [February 17, 2012]
Fixed CVE-2011-3026 buffer overrun bug. Deal more correctly with the test
on iCCP chunk length. Also removed spurious casts that may hide problems
on 16-bit systems.
Diffstat (limited to 'graphics/png')
| -rw-r--r-- | graphics/png/Makefile | 5 | ||||
| -rw-r--r-- | graphics/png/distinfo | 9 | ||||
| -rw-r--r-- | graphics/png/patches/patch-CVE-2011-3026 | 24 |
3 files changed, 6 insertions, 32 deletions
diff --git a/graphics/png/Makefile b/graphics/png/Makefile index 92836d5c5a7..283d79e18b8 100644 --- a/graphics/png/Makefile +++ b/graphics/png/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.144 2012/02/18 15:16:59 drochner Exp $ +# $NetBSD: Makefile,v 1.145 2012/02/18 15:42:57 wiz Exp $ -DISTNAME= libpng-1.5.8 +DISTNAME= libpng-1.5.9rc01 PKGNAME= ${DISTNAME:S/lib//} -PKGREVISION= 1 CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=libpng/} \ ftp://ftp.fu-berlin.de/unix/graphics/png/src/ diff --git a/graphics/png/distinfo b/graphics/png/distinfo index f428bb7c298..aa724b31122 100644 --- a/graphics/png/distinfo +++ b/graphics/png/distinfo @@ -1,7 +1,6 @@ -$NetBSD: distinfo,v 1.91 2012/02/18 15:16:59 drochner Exp $ +$NetBSD: distinfo,v 1.92 2012/02/18 15:42:57 wiz Exp $ -SHA1 (libpng-1.5.8.tar.bz2) = 46fdc2ab3fef9cf0949b1d7374cda9ea37ed5419 -RMD160 (libpng-1.5.8.tar.bz2) = 643ef6a0720e51a1dc326971db35846d02bbca10 -Size (libpng-1.5.8.tar.bz2) = 865525 bytes -SHA1 (patch-CVE-2011-3026) = d91733f3d3a7305eb530c7bc37955231bfda9a21 +SHA1 (libpng-1.5.9rc01.tar.bz2) = abe3df6f1a79cf9b2666431d00faeb8cb2c7a745 +RMD160 (libpng-1.5.9rc01.tar.bz2) = 2349ee7b0e516c4dc0da6e5c533c2fd14be99069 +Size (libpng-1.5.9rc01.tar.bz2) = 854693 bytes SHA1 (patch-aa) = aaf79ebb8a18448c096c17ae9b02da02bc537db2 diff --git a/graphics/png/patches/patch-CVE-2011-3026 b/graphics/png/patches/patch-CVE-2011-3026 deleted file mode 100644 index 513e6fc2543..00000000000 --- a/graphics/png/patches/patch-CVE-2011-3026 +++ /dev/null @@ -1,24 +0,0 @@ -$NetBSD: patch-CVE-2011-3026,v 1.1 2012/02/18 15:16:59 drochner Exp $ - -from chromium rev.121492 - ---- pngrutil.c.orig 2012-02-01 05:00:34.000000000 +0000 -+++ pngrutil.c -@@ -457,8 +457,15 @@ png_decompress_chunk(png_structp png_ptr - { - /* Success (maybe) - really uncompress the chunk. */ - png_size_t new_size = 0; -- png_charp text = (png_charp)png_malloc_warn(png_ptr, -- prefix_size + expanded_size + 1); -+ png_charp text = NULL; -+ /* Need to check for both truncation (64-bit platforms) and integer -+ * overflow. -+ */ -+ if (prefix_size + expanded_size > prefix_size && -+ prefix_size + expanded_size < 0xffffffffU) -+ { -+ text = png_malloc_warn(png_ptr, prefix_size + expanded_size + 1); -+ } - - if (text != NULL) - { |