diff options
author | salo <salo@pkgsrc.org> | 2006-06-08 11:05:14 +0000 |
---|---|---|
committer | salo <salo@pkgsrc.org> | 2006-06-08 11:05:14 +0000 |
commit | 0e195b20e3bb6817e6d33cbb344097ad32ef5972 (patch) | |
tree | 4b0ae7670683eba7301fccf2d91a16a5c5a924b2 /graphics/tiff/patches | |
parent | 76f42a3a9707eb09945994acbb64be06bceb0eb4 (diff) | |
download | pkgsrc-0e195b20e3bb6817e6d33cbb344097ad32ef5972.tar.gz |
Security fix for CVE-2006-2193:
"A vulnerability in LibTIFF can be exploited by malicious people to
cause a DoS (Denial of Service) and potentially compromise a user's
system.
The vulnerability is caused due to a boundary error within tiff2pdf
when handling a TIFF file with a "DocumentName" tag that contains
UTF-8 characters. This can be exploited to cause a stack-based buffer
overflow and may allow arbitrary code execution."
http://secunia.com/advisories/20488/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2193
Patch from Ubuntu.
Diffstat (limited to 'graphics/tiff/patches')
-rw-r--r-- | graphics/tiff/patches/patch-au | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/graphics/tiff/patches/patch-au b/graphics/tiff/patches/patch-au new file mode 100644 index 00000000000..822d33121a3 --- /dev/null +++ b/graphics/tiff/patches/patch-au @@ -0,0 +1,15 @@ +$NetBSD: patch-au,v 1.5 2006/06/08 11:05:14 salo Exp $ + +Security fix for CVE-2006-2193, from Ubuntu. + +--- tools/tiff2pdf.c.orig 2006-03-21 17:42:51.000000000 +0100 ++++ tools/tiff2pdf.c 2006-06-08 12:39:11.000000000 +0200 +@@ -3668,7 +3668,7 @@ + written += TIFFWriteFile(output, (tdata_t) "(", 1); + for (i=0;i<len;i++){ + if((pdfstr[i]&0x80) || (pdfstr[i]==127) || (pdfstr[i]<32)){ +- sprintf(buffer, "\\%.3o", pdfstr[i]); ++ sprintf(buffer, "\\%.3hho", pdfstr[i]); + written += TIFFWriteFile(output, (tdata_t) buffer, 4); + } else { + switch (pdfstr[i]){ |