diff options
author | taca <taca> | 2009-10-22 14:37:47 +0000 |
---|---|---|
committer | taca <taca> | 2009-10-22 14:37:47 +0000 |
commit | f564701b268283b25307c37668fb7e7c342262c6 (patch) | |
tree | fbd614d53e5eeb63abe85172e16abab058456466 /lang/php5 | |
parent | 1e084e3db02202406c904910d72522bb03a2c65c (diff) | |
download | pkgsrc-f564701b268283b25307c37668fb7e7c342262c6.tar.gz |
Add a patch from PHP's SVN repositry to fix gd library security problem.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
Bump PKGREVISION of php-gd package.
(This fix is for php5 only and I don't know about php4.)
Diffstat (limited to 'lang/php5')
-rw-r--r-- | lang/php5/distinfo | 3 | ||||
-rw-r--r-- | lang/php5/patches/patch-ay | 17 |
2 files changed, 19 insertions, 1 deletions
diff --git a/lang/php5/distinfo b/lang/php5/distinfo index 595188d27a8..145435b15eb 100644 --- a/lang/php5/distinfo +++ b/lang/php5/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.67 2009/09/26 07:35:31 taca Exp $ +$NetBSD: distinfo,v 1.68 2009/10/22 14:37:47 taca Exp $ SHA1 (php-5.2.11/php-5.2.11.tar.bz2) = 819c853ce657ef260d4a73b5a21f961115b97eef RMD160 (php-5.2.11/php-5.2.11.tar.bz2) = 6aad53dee864ab89f794a9d3c2aa32d435ed5654 @@ -16,3 +16,4 @@ SHA1 (patch-ap) = 5eb0e0e4244a993da93e36f8fcb5553454207fce SHA1 (patch-aq) = 0c9d48547da2fa80aa8357d23ad8505d1c0330df SHA1 (patch-ar) = 2d74ec926cc00bfbb67d16210af78c33ad9ac38d SHA1 (patch-as) = f7ce5caffe2acdd1f8e9fc8ae6c7ba1d8c6a25c1 +SHA1 (patch-ay) = c2667dd398c1c58e55f459f2df02613dc028e9cc diff --git a/lang/php5/patches/patch-ay b/lang/php5/patches/patch-ay new file mode 100644 index 00000000000..1388c10dc5c --- /dev/null +++ b/lang/php5/patches/patch-ay @@ -0,0 +1,17 @@ +$NetBSD: patch-ay,v 1.1 2009/10/22 14:37:47 taca Exp $ + +* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 + from PHP's SVN repositry r289557. + +--- ext/gd/libgd/gd_gd.c.orig 2007-08-09 23:21:38.000000000 +0900 ++++ ext/gd/libgd/gd_gd.c +@@ -39,6 +39,9 @@ int _gdGetColors (gdIOCtx * in, gdImageP + if (!gdGetWord(&im->colorsTotal, in)) { + goto fail1; + } ++ if (im->colorsTotal > gdMaxColors) { ++ goto fail1; ++ } + } + /* Int to accommodate truecolor single-color transparency */ + if (!gdGetInt(&im->transparent, in)) { |