Changes 2.0.34:

* 32-bit multiplication overflow vulnerabilities along with a number of similar issues * Memory allocation errors that were not checked * Multiple issues in the GIF loader. Corrupt gif images would cause a segfault or infinite loop * Malformed or empty PNG image also may have caused segfaults * gdImageFillToBorder segfaulted when the color was not opaque (alpha > 0) * Antialiased lines drawn on an images edge caused a segfault * gdImageFill segfaulted when used with patterns or invalid arguments * gdImageFilledEllipse did not respect transparency
author: adam <adam> 2007-02-16 20:37:52 +0000
committer: adam <adam> 2007-02-16 20:37:52 +0000
commit: 42c19eb29da2f1dc826ac1d80fbf2b376187e1a5 (patch)
tree: 3255ad767fdc6c4f80ab11ac80314cd676184412 /graphics
parent: 045a05cb9dd4b11bdc833ed8e346ef214a2cb62f (diff)
download: pkgsrc-42c19eb29da2f1dc826ac1d80fbf2b376187e1a5.tar.gz
3 files changed, 23 insertions, 25 deletions
diff --git a/graphics/gd/Makefile b/graphics/gd/Makefile
index 745fddd1e45..33b721f4631 100644
--- a/graphics/gd/Makefile
+++ b/graphics/gd/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.71 2007/02/07 20:28:49 wiz Exp $
+# $NetBSD: Makefile,v 1.72 2007/02/16 20:37:52 adam Exp $
 
-DISTNAME=	gd-2.0.33
-PKGREVISION=	5
+DISTNAME=	gd-2.0.34
 CATEGORIES=	graphics
-MASTER_SITES=	http://www.boutell.com/gd/http/
+MASTER_SITES=	http://www.libgd.org/releases/
+EXTRACT_SUFX=	.tar.bz2
 
 MAINTAINER=	adam@NetBSD.org
 HOMEPAGE=	http://www.libgd.org/
@@ -11,9 +11,9 @@ COMMENT=	Graphics library for the dynamic creation of images
 
 PKG_INSTALLATION_TYPES=	overwrite pkgviews
 
-USE_LIBTOOL=		YES
+USE_LIBTOOL=		yes
 USE_TOOLS+=		perl:run
-GNU_CONFIGURE=		YES
+GNU_CONFIGURE=		yes
 REPLACE_PERL+=		bdftogd
 PTHREAD_AUTO_VARS=	yes
 
diff --git a/graphics/gd/distinfo b/graphics/gd/distinfo
index a0933878d01..5005575d540 100644
--- a/graphics/gd/distinfo
+++ b/graphics/gd/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.23 2006/06/14 21:42:33 salo Exp $
+$NetBSD: distinfo,v 1.24 2007/02/16 20:37:52 adam Exp $
 
-SHA1 (gd-2.0.33.tar.gz) = 89548efb01116a740c796a8df80de16d19856811
-RMD160 (gd-2.0.33.tar.gz) = 6c573638387bb36044f3d4d480b10229445b9a6b
-Size (gd-2.0.33.tar.gz) = 587617 bytes
+SHA1 (gd-2.0.34.tar.bz2) = 7d735b2917f987dd71ddbb72e9e100b2f8951de7
+RMD160 (gd-2.0.34.tar.bz2) = 88b1d298e3392c5c05acf2cd01b387d7e0d2bfae
+Size (gd-2.0.34.tar.bz2) = 1135372 bytes
 SHA1 (patch-aa) = 38f0aa7043dba517405312d4eef59347e3c0185a
 SHA1 (patch-ab) = 082f5baa2c147fb62381c21ecb3ce11a1891a2aa
-SHA1 (patch-ac) = 154abdaff73099617a1b57f4d2f19358aaf2a043
+SHA1 (patch-ac) = 0a150afacef558692eb9925e354e1742dbc010cd
diff --git a/graphics/gd/patches/patch-ac b/graphics/gd/patches/patch-ac
index c24ea41f312..4dfb993b0c9 100644
--- a/graphics/gd/patches/patch-ac
+++ b/graphics/gd/patches/patch-ac
@@ -1,10 +1,8 @@
-$NetBSD: patch-ac,v 1.3 2006/06/14 21:42:33 salo Exp $
+$NetBSD: patch-ac,v 1.4 2007/02/16 20:37:52 adam Exp $
 
-Security fix for CVE-2006-2906, from Xavier Roche via Ubuntu.
-
---- gd_gif_in.c.orig	2004-11-01 19:28:56.000000000 +0100
-+++ gd_gif_in.c	2006-06-14 23:30:38.000000000 +0200
-@@ -118,6 +118,7 @@
+--- gd_gif_in.c.orig	2007-02-03 02:41:00.000000000 +0100
++++ gd_gif_in.c
+@@ -118,6 +118,7 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro
         char            version[4];
         /* 2.0.28: threadsafe storage */
         int ZeroDataBlock = FALSE;
@@ -12,7 +10,7 @@ Security fix for CVE-2006-2906, from Xavier Roche via Ubuntu.
  
         gdImagePtr im = 0;
         if (! ReadOK(fd,buf,6)) {
-@@ -164,6 +165,8 @@
+@@ -166,6 +167,8 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro
                 }
  
                 if (c != ',') {         /* Not a valid start character */
@@ -21,7 +19,7 @@ Security fix for CVE-2006-2906, from Xavier Roche via Ubuntu.
                         continue;
                 }
  
-@@ -242,6 +245,7 @@
+@@ -253,6 +256,7 @@ static int
  DoExtension(gdIOCtx *fd, int label, int *Transparent, int *ZeroDataBlockP)
  {
         static unsigned char     buf[256];
@@ -29,23 +27,23 @@ Security fix for CVE-2006-2906, from Xavier Roche via Ubuntu.
  
         switch (label) {
         case 0xf9:              /* Graphic Control Extension */
-@@ -254,13 +258,13 @@
+@@ -265,13 +269,13 @@ DoExtension(gdIOCtx *fd, int label, int 
                 if ((buf[0] & 0x1) != 0)
                         *Transparent = buf[3];
  
--               while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) != 0)
-+               while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) != 0 && --maxcount >= 0)
+-               while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) > 0)
++               while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) > 0 && --maxcount > 0)
                         ;
                 return FALSE;
         default:
                 break;
         }
--       while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) != 0)
-+       while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) != 0 && --maxcount >= 0)
+-       while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) > 0)
++       while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) > 0 && --maxcount > 0)
                 ;
  
         return FALSE;
-@@ -419,14 +423,15 @@
+@@ -430,14 +434,15 @@ LWZReadByte_(gdIOCtx *fd, int flag, int 
                 } else if (code == end_code) {
                         int             count;
                         unsigned char   buf[260];
author	adam <adam>	2007-02-16 20:37:52 +0000
committer	adam <adam>	2007-02-16 20:37:52 +0000
commit	42c19eb29da2f1dc826ac1d80fbf2b376187e1a5 (patch)
tree	3255ad767fdc6c4f80ab11ac80314cd676184412 /graphics
parent	045a05cb9dd4b11bdc833ed8e346ef214a2cb62f (diff)
download	pkgsrc-42c19eb29da2f1dc826ac1d80fbf2b376187e1a5.tar.gz