diff options
| author | wiz <wiz@pkgsrc.org> | 2014-12-02 23:48:49 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2014-12-02 23:48:49 +0000 |
| commit | 8dc20b64685f341908128947712604bdf18045ea (patch) | |
| tree | 700d473f2b173ff19fbdbbffffcd2d683f76e02e /textproc/antiword | |
| parent | 11b258c9be777425bde2b7c9caf5466e01dafe33 (diff) | |
| download | pkgsrc-8dc20b64685f341908128947712604bdf18045ea.tar.gz | |
Add fix for CVE-2014-8123 from Fabian Keil.
Bump PKGREVISION.
Diffstat (limited to 'textproc/antiword')
| -rw-r--r-- | textproc/antiword/Makefile | 4 | ||||
| -rw-r--r-- | textproc/antiword/distinfo | 3 | ||||
| -rw-r--r-- | textproc/antiword/patches/patch-wordole.c | 18 |
3 files changed, 22 insertions, 3 deletions
diff --git a/textproc/antiword/Makefile b/textproc/antiword/Makefile index 2bfb0233ccf..d14f2f5d3b1 100644 --- a/textproc/antiword/Makefile +++ b/textproc/antiword/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.24 2013/12/23 11:57:06 wiz Exp $ +# $NetBSD: Makefile,v 1.25 2014/12/02 23:48:49 wiz Exp $ DISTNAME= antiword-0.37 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= textproc converters print MASTER_SITES= http://www.winfield.demon.nl/linux/ diff --git a/textproc/antiword/distinfo b/textproc/antiword/distinfo index 7d772a126e9..b1a8ef34319 100644 --- a/textproc/antiword/distinfo +++ b/textproc/antiword/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.20 2009/11/12 05:03:47 obache Exp $ +$NetBSD: distinfo,v 1.21 2014/12/02 23:48:49 wiz Exp $ SHA1 (antiword-0.37.tar.gz) = 4364f7f99cb2d37f7d1d5bc14a335ccc0c67292e RMD160 (antiword-0.37.tar.gz) = 506ca4a7a7fa9fd4574092798a7fffacd9a3a0a0 Size (antiword-0.37.tar.gz) = 317884 bytes SHA1 (patch-aa) = 2caa51e3364e7034443ded9fa56cdda4c4b74929 SHA1 (patch-ab) = d2cb15824b78346a8a5ae301b0618a81437ce971 +SHA1 (patch-wordole.c) = f2ab157173e4ff49e7983e836176cbdae537e46e diff --git a/textproc/antiword/patches/patch-wordole.c b/textproc/antiword/patches/patch-wordole.c new file mode 100644 index 00000000000..58afdad0c59 --- /dev/null +++ b/textproc/antiword/patches/patch-wordole.c @@ -0,0 +1,18 @@ +$NetBSD: patch-wordole.c,v 1.1 2014/12/02 23:48:49 wiz Exp $ + +Fix for CVE-2014-8123 from Fabian Keil. + +--- wordole.c.orig 2005-08-26 19:49:57.000000000 +0000 ++++ wordole.c +@@ -259,6 +259,11 @@ bGetPPS(FILE *pFile, + } + tNameSize = (size_t)usGetWord(0x40, aucBytes); + tNameSize = (tNameSize + 1) / 2; ++ if (tNameSize >= sizeof(atPPSlist[0].szName)) { ++ werr(0, "PPS %d appears to be invalid.", iIndex); ++ atPPSlist = xfree(atPPSlist); ++ return FALSE; ++ } + vName2String(atPPSlist[iIndex].szName, aucBytes, tNameSize); + atPPSlist[iIndex].ucType = ucGetByte(0x42, aucBytes); + if (atPPSlist[iIndex].ucType == 5) { |