diff options
| author | sbd <sbd> | 2011-08-28 07:22:12 +0000 |
|---|---|---|
| committer | sbd <sbd> | 2011-08-28 07:22:12 +0000 |
| commit | 696e76041960b228276fd79b4086c2ff2bf03063 (patch) | |
| tree | 85c8699c8e614520052988288a072b7b8bbb54a0 /print | |
| parent | 9af1f3bb6b2a43242f6fc5ec567060362aa61a6e (diff) | |
| download | pkgsrc-696e76041960b228276fd79b4086c2ff2bf03063.tar.gz | |
Use str3914.patch from STR #3914 to fix CVE-2011-3170
Bump PKGREVISION
Diffstat (limited to 'print')
| -rw-r--r-- | print/cups/Makefile | 3 | ||||
| -rw-r--r-- | print/cups/distinfo | 3 | ||||
| -rw-r--r-- | print/cups/patches/patch-filter_image-gif.c | 36 |
3 files changed, 40 insertions, 2 deletions
diff --git a/print/cups/Makefile b/print/cups/Makefile index 1a73471cbae..5dd435e1659 100644 --- a/print/cups/Makefile +++ b/print/cups/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.177 2011/08/28 07:11:00 sbd Exp $ +# $NetBSD: Makefile,v 1.178 2011/08/28 07:22:12 sbd Exp $ # # The CUPS author is very good about taking back changes into the main # CUPS distribution. The correct place to send patches or bug-fixes is: @@ -8,6 +8,7 @@ DISTNAME= cups-${DIST_VERS}-source PKGNAME= cups-${DIST_VERS:S/-/./g} BASE_VERS= 1.4.8 DIST_VERS= ${BASE_VERS} +PKGREVISION= 1 CATEGORIES= print MASTER_SITES= http://ftp.easysw.com/pub/cups/${BASE_VERS}/ \ diff --git a/print/cups/distinfo b/print/cups/distinfo index aeab02bea49..7b631375b8f 100644 --- a/print/cups/distinfo +++ b/print/cups/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.81 2011/08/28 07:11:00 sbd Exp $ +$NetBSD: distinfo,v 1.82 2011/08/28 07:22:12 sbd Exp $ SHA1 (cups-1.4.8-source.tar.bz2) = 9167f556e78e0bc075f1eb2f695d79cc1f334007 RMD160 (cups-1.4.8-source.tar.bz2) = ee80e8d0b56dc0e2edf2a9aa9a43c4b92619f741 @@ -20,3 +20,4 @@ SHA1 (patch-ao) = 7fe50080b9a6fd4dac186020f9351ef6000373c7 SHA1 (patch-ap) = 70c5fa4a19ca2812818844180ca9db9cb7cfd601 SHA1 (patch-at) = aee1f0e8cbcd9e2dbcfa9af3fb675ea7ce1ce622 SHA1 (patch-au) = e4e976ccb4d7782e31f5b0e3ed175359bf95ba42 +SHA1 (patch-filter_image-gif.c) = 2269cbf7e42ec80ba91c27eda4871884775f4b7a diff --git a/print/cups/patches/patch-filter_image-gif.c b/print/cups/patches/patch-filter_image-gif.c new file mode 100644 index 00000000000..370e2c2504c --- /dev/null +++ b/print/cups/patches/patch-filter_image-gif.c @@ -0,0 +1,36 @@ +$NetBSD: patch-filter_image-gif.c,v 1.1 2011/08/28 07:22:12 sbd Exp $ + +Use str3914.patch from STR #3914 to fix CVE-2011-3170 + +--- filter/image-gif.c.orig 2011-06-20 20:37:51.000000000 +0000 ++++ filter/image-gif.c +@@ -648,11 +648,13 @@ gif_read_lzw(FILE *fp, /* I - File to + + if (code == max_code) + { +- *sp++ = firstcode; +- code = oldcode; ++ if (sp < (stack + 8192)) ++ *sp++ = firstcode; ++ ++ code = oldcode; + } + +- while (code >= clear_code) ++ while (code >= clear_code && sp < (stack + 8192)) + { + *sp++ = table[1][code]; + if (code == table[0][code]) +@@ -661,8 +663,10 @@ gif_read_lzw(FILE *fp, /* I - File to + code = table[0][code]; + } + +- *sp++ = firstcode = table[1][code]; +- code = max_code; ++ if (sp < (stack + 8192)) ++ *sp++ = firstcode = table[1][code]; ++ ++ code = max_code; + + if (code < 4096) + { |