diff options
| author | markd <markd@pkgsrc.org> | 2010-10-25 19:30:04 +0000 |
|---|---|---|
| committer | markd <markd@pkgsrc.org> | 2010-10-25 19:30:04 +0000 |
| commit | 1aeacb3a314da7bc160e832ac4137b278e8375eb (patch) | |
| tree | 82b23899a709c98dcd276b195d2d131161656d49 /graphics | |
| parent | a5e39bb90336bccdf83545a9eb9afbff0a9723d9 (diff) | |
| download | pkgsrc-1aeacb3a314da7bc160e832ac4137b278e8375eb.tar.gz | |
Fixes for CVE-2010-3702 and CVE-2010-3704 via the patches for xpdf.
Diffstat (limited to 'graphics')
| -rw-r--r-- | graphics/kdegraphics3/Makefile | 4 | ||||
| -rw-r--r-- | graphics/kdegraphics3/distinfo | 4 | ||||
| -rw-r--r-- | graphics/kdegraphics3/patches/patch-ad | 22 | ||||
| -rw-r--r-- | graphics/kdegraphics3/patches/patch-ae | 30 |
4 files changed, 57 insertions, 3 deletions
diff --git a/graphics/kdegraphics3/Makefile b/graphics/kdegraphics3/Makefile index 17e235ebb51..c5c7bfe1936 100644 --- a/graphics/kdegraphics3/Makefile +++ b/graphics/kdegraphics3/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.87 2010/07/14 11:11:15 sbd Exp $ +# $NetBSD: Makefile,v 1.88 2010/10/25 19:30:04 markd Exp $ DISTNAME= kdegraphics-${_KDE_VERSION} -PKGREVISION= 8 +PKGREVISION= 9 CATEGORIES= graphics COMMENT= Graphics programs for the KDE integrated X11 desktop diff --git a/graphics/kdegraphics3/distinfo b/graphics/kdegraphics3/distinfo index 3d123ad2edc..9142692ea84 100644 --- a/graphics/kdegraphics3/distinfo +++ b/graphics/kdegraphics3/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.51 2009/06/03 12:29:42 markd Exp $ +$NetBSD: distinfo,v 1.52 2010/10/25 19:30:04 markd Exp $ SHA1 (kdegraphics-3.5.10.tar.bz2) = 9634e3ab364d017152fb6d636efad8811aeec6c3 RMD160 (kdegraphics-3.5.10.tar.bz2) = 94278e4419ab99885fc9efae9b6ba5ba787f831e @@ -6,3 +6,5 @@ Size (kdegraphics-3.5.10.tar.bz2) = 7440912 bytes SHA1 (patch-aa) = e5817f29b7857575dbb375db2388b37214f5d8c6 SHA1 (patch-ab) = f2aa9e992904add4b95ecf2553a4e1bf9510913f SHA1 (patch-ac) = 3738313046fbb69ac527ae472fe5db24bdff3fff +SHA1 (patch-ad) = 39f9af23006d6b8d09d0ecbb83a382df6b125152 +SHA1 (patch-ae) = e1984e4441f2b96697ae7a17028bd59bacb7cc73 diff --git a/graphics/kdegraphics3/patches/patch-ad b/graphics/kdegraphics3/patches/patch-ad new file mode 100644 index 00000000000..f1319457558 --- /dev/null +++ b/graphics/kdegraphics3/patches/patch-ad @@ -0,0 +1,22 @@ +$NetBSD: patch-ad,v 1.8 2010/10/25 19:30:04 markd Exp $ + +Fix for CVE-2010-3702 + +--- kpdf/xpdf/xpdf/Gfx.cc.orig 2008-02-13 09:37:05.000000000 +0000 ++++ kpdf/xpdf/xpdf/Gfx.cc +@@ -443,6 +443,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, i + + xref = xrefA; + subPage = gFalse; ++ parser = NULL; + printCommands = globalParams->getPrintCommands(); + + // start the resource stack +@@ -485,6 +486,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, D + + xref = xrefA; + subPage = gTrue; ++ parser=NULL; + printCommands = globalParams->getPrintCommands(); + + // start the resource stack diff --git a/graphics/kdegraphics3/patches/patch-ae b/graphics/kdegraphics3/patches/patch-ae new file mode 100644 index 00000000000..cd77c9347f6 --- /dev/null +++ b/graphics/kdegraphics3/patches/patch-ae @@ -0,0 +1,30 @@ +$NetBSD: patch-ae,v 1.3 2010/10/25 19:30:04 markd Exp $ + +Fix for CVE-2010-3704 + +--- kpdf/xpdf/fofi/FoFiType1.cc.orig 2007-05-14 07:39:30.000000000 +0000 ++++ kpdf/xpdf/fofi/FoFiType1.cc +@@ -18,6 +18,14 @@ + #include "FoFiEncodings.h" + #include "FoFiType1.h" + ++#if defined(__GNUC__) && (__GNUC__ > 2) && defined(__OPTIMIZE__) ++# define likely(x) __builtin_expect((x), 1) ++# define unlikely(x) __builtin_expect((x), 0) ++#else ++# define likely(x) (x) ++# define unlikely(x) (x) ++#endif ++ + //------------------------------------------------------------------------ + // FoFiType1 + //------------------------------------------------------------------------ +@@ -224,7 +232,7 @@ void FoFiType1::parse() { + code = code * 8 + (*p2 - '0'); + } + } +- if (code < 256) { ++ if (likely(code < 256 && code >= 0)) { + for (p = p2; *p == ' ' || *p == '\t'; ++p) ; + if (*p == '/') { + ++p; |