diff options
| author | tez <tez@pkgsrc.org> | 2018-06-21 22:36:36 +0000 |
|---|---|---|
| committer | tez <tez@pkgsrc.org> | 2018-06-21 22:36:36 +0000 |
| commit | 0f0948561f5d88c17679595675b121f0552d39c1 (patch) | |
| tree | ab4ff7625b1da835b057b1518e4b5cc1860d5066 /graphics/xv | |
| parent | a48d6d74a6b01927bae8725339c47ded260c2391 (diff) | |
| download | pkgsrc-0f0948561f5d88c17679595675b121f0552d39c1.tar.gz | |
xv: fix for CVE-2017-18215
from https://bugzilla.suse.com/show_bug.cgi?id=1043479
Diffstat (limited to 'graphics/xv')
| -rw-r--r-- | graphics/xv/Makefile | 4 | ||||
| -rw-r--r-- | graphics/xv/distinfo | 4 | ||||
| -rw-r--r-- | graphics/xv/patches/patch-ae | 5 |
3 files changed, 7 insertions, 6 deletions
diff --git a/graphics/xv/Makefile b/graphics/xv/Makefile index bc688eacf04..9c01e1be3ae 100644 --- a/graphics/xv/Makefile +++ b/graphics/xv/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.91 2018/01/14 14:58:40 rillig Exp $ +# $NetBSD: Makefile,v 1.92 2018/06/21 22:36:36 tez Exp $ DISTNAME= xv-3.10a -PKGREVISION= 23 +PKGREVISION= 24 CATEGORIES= graphics x11 MASTER_SITES= ftp://ftp.cis.upenn.edu/pub/xv/ DISTFILES= ${DEFAULT_DISTFILES} ${JUMBO_PATCHES} diff --git a/graphics/xv/distinfo b/graphics/xv/distinfo index 5b6643af572..acc4fa2a06e 100644 --- a/graphics/xv/distinfo +++ b/graphics/xv/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.20 2015/11/22 19:17:01 tsutsui Exp $ +$NetBSD: distinfo,v 1.21 2018/06/21 22:36:36 tez Exp $ SHA1 (xv-3.10a-enhancements.20070520-20081216.diff) = 40bfb0889b820e0f9d3bd7d771144ec3458acc66 RMD160 (xv-3.10a-enhancements.20070520-20081216.diff) = dbd4ab25b5b62fb543befcf655d928db3a77e005 @@ -16,6 +16,6 @@ SHA1 (patch-aa) = bd6ef51bf962e1994e2e47ba5197c9729ec5221a SHA1 (patch-ab) = 5bfc8ae09b029e4661b27d94bba46540c7f320fb SHA1 (patch-ac) = a17b0095e6586b595190a07126ac58752d8a2562 SHA1 (patch-ad) = d1fa6ae4c432528148ebe37b7a8bef8bd2059997 -SHA1 (patch-ae) = f17f17ac49dafb233cc9f0629f2425120a6b5495 +SHA1 (patch-ae) = 2bda08bae67fcf127c49b9ed780b7a247579c088 SHA1 (patch-af) = 7f6e771788e04577d8db17bfe8fbcce8dca4a600 SHA1 (patch-ag) = 120d589f728fd32ea267fd46bcc16f27d9f08116 diff --git a/graphics/xv/patches/patch-ae b/graphics/xv/patches/patch-ae index 0fea13cf29a..276cdc3e842 100644 --- a/graphics/xv/patches/patch-ae +++ b/graphics/xv/patches/patch-ae @@ -1,6 +1,7 @@ -$NetBSD: patch-ae,v 1.4 2011/01/23 23:58:01 dholland Exp $ +$NetBSD: patch-ae,v 1.5 2018/06/21 22:36:36 tez Exp $ Fix build with libpng 1.5. +Fix CVE-2017-18215 from https://bugzilla.suse.com/show_bug.cgi?id=1043479 --- xvpng.c.orig 2007-05-14 00:53:28.000000000 +0000 +++ xvpng.c @@ -514,7 +515,7 @@ Fix build with libpng 1.5. - info_ptr->text[i].text_length + 2; + for (i = 0; i < num_text; i++) + commentsize += strlen(text[i].key) + 1 + -+ text[i].text_length + 2; ++ strlen(text[i].text) + 2; if ((pinfo->comment = malloc(commentsize)) == NULL) { png_warning(png_ptr,"can't allocate comment string"); |