add patch from RedHat to fix integer overflow which can lead to

crashes or possible code injection (CVE-2012-4405)
bump PKGREV

1 files changed, 18 insertions, 0 deletions

diff --git a/print/ghostscript/patches/patch-CVE-2012-4405 b/print/ghostscript/patches/patch-CVE-2012-4405
new file mode 100644
index 00000000000..ff1acc8728d
--- /dev/null
+++ b/print/ghostscript/patches/patch-CVE-2012-4405
@@ -0,0 +1,18 @@
+$NetBSD: patch-CVE-2012-4405,v 1.1 2012/09/12 11:27:05 drochner Exp $
+
+from RedHat bug #854227
+
+--- icclib/icc.c.orig	2009-07-28 07:48:19.000000000 +0000
++++ icclib/icc.c
+@@ -5006,6 +5006,11 @@ static int icmLut_read(
+ 	p->clutPoints = read_UInt8Number(bp+10);
+ 
+ 	/* Sanity check */
++	if (p->inputChan < 1) {
++		sprintf(icp->err,"icmLut_read: No input channels!");
++		return icp->errc = 1;
++	}
++
+ 	if (p->inputChan > MAX_CHAN) {
+ 		sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN);
+ 		return icp->errc = 1;