diff options
| author | snj <snj> | 2005-08-13 05:27:41 +0000 |
|---|---|---|
| committer | snj <snj> | 2005-08-13 05:27:41 +0000 |
| commit | e27b9bf7946d9a0030788e3d49ee6b28eb60834c (patch) | |
| tree | e04e79fa3be022aed812a6463d9e43d8120f1d2b /print | |
| parent | f7a3d0c02caae863b7f33372296d86350665879a (diff) | |
| download | pkgsrc-e27b9bf7946d9a0030788e3d49ee6b28eb60834c.tar.gz | |
Pullup ticket 676 - requested by Lubomir Sedlacik
security fix for xpdf
Revisions pulled up:
- pkgsrc/print/xpdf/Makefile 1.38
- pkgsrc/print/xpdf/distinfo 1.20
- pkgsrc/print/xpdf/patches/patch-ar 1.1
- pkgsrc/print/xpdf/patches/patch-as 1.1
Module Name: pkgsrc
Committed By: salo
Date: Fri Aug 12 12:27:30 UTC 2005
Modified Files:
pkgsrc/print/xpdf: Makefile distinfo
Added Files:
pkgsrc/print/xpdf/patches: patch-ar patch-as
Log Message:
Security fix for CAN-2005-2097.
"A vulnerability has been reported in Xpdf, which can be exploited by
malicious people to cause a DoS (Denial of Service) on a vulnerable system."
http://secunia.com/advisories/16374/
Patches from Ubuntu and RedHat.
Diffstat (limited to 'print')
| -rw-r--r-- | print/xpdf/Makefile | 3 | ||||
| -rw-r--r-- | print/xpdf/distinfo | 4 | ||||
| -rw-r--r-- | print/xpdf/patches/patch-ar | 34 | ||||
| -rw-r--r-- | print/xpdf/patches/patch-as | 30 |
4 files changed, 69 insertions, 2 deletions
diff --git a/print/xpdf/Makefile b/print/xpdf/Makefile index 48478c2c780..68c65bc5a2e 100644 --- a/print/xpdf/Makefile +++ b/print/xpdf/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.37 2005/06/01 18:03:20 jlam Exp $ +# $NetBSD: Makefile,v 1.37.2.1 2005/08/13 05:27:41 snj Exp $ DISTNAME= xpdf-3.00 PKGNAME= ${DISTNAME}pl3 +PKGREVISION= 1 CATEGORIES= print MASTER_SITES= ftp://ftp.foolabs.com/pub/xpdf/ \ ${MASTER_SITE_SUNSITE:=apps/graphics/viewers/X/} \ diff --git a/print/xpdf/distinfo b/print/xpdf/distinfo index 4cc4e012d0f..ba7f8aa9a27 100644 --- a/print/xpdf/distinfo +++ b/print/xpdf/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.19 2005/02/24 12:51:45 agc Exp $ +$NetBSD: distinfo,v 1.19.4.1 2005/08/13 05:27:41 snj Exp $ SHA1 (xpdf-3.00.tar.gz) = 080317afce0851274fec2865131f59590b54eb99 RMD160 (xpdf-3.00.tar.gz) = d98668ac8cd059461107c4dfbd9b3fd3beff6176 @@ -28,3 +28,5 @@ SHA1 (patch-am) = 794ff952c749c8dab6f575d55602cdc7e7157fef SHA1 (patch-an) = bf579a07e9b9868ed8d6a6450484c47ce9acaef0 SHA1 (patch-ao) = fd25cab0255d24c4b55907b031f5f4ec68411576 SHA1 (patch-ap) = 51d05bb8978003308e14274fc1ada4f1ace6d766 +SHA1 (patch-ar) = bd66ea42d4ba11bdcefcfef2988d37559f21e629 +SHA1 (patch-as) = e76bc488bc533ef3784ed863c2c5d4b0967afc29 diff --git a/print/xpdf/patches/patch-ar b/print/xpdf/patches/patch-ar new file mode 100644 index 00000000000..21c40bf83d9 --- /dev/null +++ b/print/xpdf/patches/patch-ar @@ -0,0 +1,34 @@ +$NetBSD: patch-ar,v 1.1.2.2 2005/08/13 05:27:41 snj Exp $ + +Fix for CAN-2005-2097, from Ubuntu and RedHat. + +--- fofi/FoFiTrueType.cc.orig 2004-01-22 02:26:44.000000000 +0100 ++++ fofi/FoFiTrueType.cc 2005-08-12 13:49:51.000000000 +0200 +@@ -1343,6 +1343,27 @@ + return; + } + ++ // make sure the loca table is sane (correct length and entries are ++ // in bounds) ++ i = seekTable("loca"); ++ if (tables[i].len < (nGlyphs + 1) * (locaFmt ? 4 : 2)) { ++ parsedOk = gFalse; ++ return; ++ } ++ for (j = 0; j <= nGlyphs; ++j) { ++ if (locaFmt) { ++ pos = (int)getU32BE(tables[i].offset + j*4, &parsedOk); ++ } else { ++ pos = getU16BE(tables[i].offset + j*2, &parsedOk); ++ } ++ if (pos < 0 || pos > len) { ++ parsedOk = gFalse; ++ } ++ } ++ if (!parsedOk) { ++ return; ++ } ++ + // read the post table + readPostTable(); + if (!parsedOk) { diff --git a/print/xpdf/patches/patch-as b/print/xpdf/patches/patch-as new file mode 100644 index 00000000000..395db4394aa --- /dev/null +++ b/print/xpdf/patches/patch-as @@ -0,0 +1,30 @@ +$NetBSD: patch-as,v 1.1.2.2 2005/08/13 05:27:41 snj Exp $ + +Fix for CAN-2005-2097, from Ubuntu and RedHat. + +--- xpdf/SplashOutputDev.cc.orig 2004-01-22 02:26:45.000000000 +0100 ++++ xpdf/SplashOutputDev.cc 2005-08-12 13:54:26.000000000 +0200 +@@ -621,16 +621,19 @@ + } + break; + case fontTrueType: +- if (!(ff = FoFiTrueType::load(fileName->getCString()))) { +- goto err2; +- } ++ if ((ff = FoFiTrueType::load(fileName->getCString()))) { + codeToGID = ((Gfx8BitFont *)gfxFont)->getCodeToGIDMap(ff); ++ n = 256; + delete ff; ++ } else { ++ codeToGID = NULL; ++ n = 0; ++ } + if (!(fontFile = fontEngine->loadTrueTypeFont( + id, + fileName->getCString(), + fileName == tmpFileName, +- codeToGID, 256))) { ++ codeToGID, n))) { + error(-1, "Couldn't create a font for '%s'", + gfxFont->getName() ? gfxFont->getName()->getCString() + : "(unnamed)"); |