diff options
| -rw-r--r-- | graphics/ImageMagick/Makefile | 4 | ||||
| -rw-r--r-- | graphics/ImageMagick/distinfo | 5 | ||||
| -rw-r--r-- | graphics/ImageMagick/patches/patch-magick_profile.c | 18 | ||||
| -rw-r--r-- | graphics/ImageMagick/patches/patch-magick_property.c | 14 |
4 files changed, 35 insertions, 6 deletions
diff --git a/graphics/ImageMagick/Makefile b/graphics/ImageMagick/Makefile index 58bc5615be9..f423b85817d 100644 --- a/graphics/ImageMagick/Makefile +++ b/graphics/ImageMagick/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.178 2012/03/30 03:50:47 taca Exp $ +# $NetBSD: Makefile,v 1.179 2012/04/09 15:56:21 tez Exp $ .include "Makefile.common" PKGNAME= ImageMagick-${DISTVERSION} -PKGREVISION= 1 +PKGREVISION= 2 MAINTAINER= adam@NetBSD.org COMMENT= Package for display and interactive manipulation of images diff --git a/graphics/ImageMagick/distinfo b/graphics/ImageMagick/distinfo index 86166f4b124..05839ec4bab 100644 --- a/graphics/ImageMagick/distinfo +++ b/graphics/ImageMagick/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.110 2012/03/30 03:50:47 taca Exp $ +$NetBSD: distinfo,v 1.111 2012/04/09 15:56:21 tez Exp $ SHA1 (ImageMagick-6.7.5-10.tar.bz2) = e19d7d5148de58d56a02d68049bb5d3ba470f53c RMD160 (ImageMagick-6.7.5-10.tar.bz2) = 5ff5b7ddc773beb048773cc252c5d306eaf28e50 Size (ImageMagick-6.7.5-10.tar.bz2) = 10416791 bytes SHA1 (patch-coders_jpeg.c) = 77e47f58ee3c46888f2edeafa1964e5145b65c25 SHA1 (patch-coders_tiff.c) = ff11a7fe6f47cd3fb7afeab986851ac417366722 -SHA1 (patch-magick_property.c) = 19c345afac494a6599ef65a8a273f52095071127 +SHA1 (patch-magick_profile.c) = e991adc22b072a967fc3459d68cd6ab1e91610c6 +SHA1 (patch-magick_property.c) = 105e9f3cfa3aa098296513c594e24759b1713c5b diff --git a/graphics/ImageMagick/patches/patch-magick_profile.c b/graphics/ImageMagick/patches/patch-magick_profile.c new file mode 100644 index 00000000000..8e1d74286df --- /dev/null +++ b/graphics/ImageMagick/patches/patch-magick_profile.c @@ -0,0 +1,18 @@ +$NetBSD: patch-magick_profile.c,v 1.1 2012/04/09 15:56:21 tez Exp $ + +* Fix for CVE-2012-1610. + +--- magick/profile.c.orig 2012-04-09 14:19:45.161695800 +0000 ++++ magick/profile.c +@@ -6727,8 +6727,10 @@ MagickExport MagickBooleanType SyncImage + format=(ssize_t) ReadProfileShort(endian,q+2); + if ((format-1) >= EXIF_NUM_FORMATS) + break; +- components=(int) ReadProfileLong(endian,q+4); ++ components=(ssize_t) ((int) ReadProfileLong(endian,q+4)); + number_bytes=(size_t) components*format_bytes[format]; ++ if (number_bytes < components) ++ break; /* prevent overflow */ + if (number_bytes <= 4) + p=q+8; + else diff --git a/graphics/ImageMagick/patches/patch-magick_property.c b/graphics/ImageMagick/patches/patch-magick_property.c index 6a515a40f6b..00ce1b3a82d 100644 --- a/graphics/ImageMagick/patches/patch-magick_property.c +++ b/graphics/ImageMagick/patches/patch-magick_property.c @@ -1,10 +1,20 @@ -$NetBSD: patch-magick_property.c,v 1.1 2012/03/30 03:50:47 taca Exp $ +$NetBSD: patch-magick_property.c,v 1.2 2012/04/09 15:56:21 tez Exp $ * Fix for CVE-2012-0259. +* Fix for CVE-2012-1610. --- magick/property.c.orig 2012-03-01 01:41:19.000000000 +0000 +++ magick/property.c -@@ -1309,6 +1309,8 @@ static MagickBooleanType GetEXIFProperty +@@ -1286,6 +1286,8 @@ static MagickBooleanType GetEXIFProperty + break; + components=(ssize_t) ((int) ReadPropertyLong(endian,q+4)); + number_bytes=(size_t) components*tag_bytes[format]; ++ if (number_bytes < components) ++ break; /* prevent overflow */ + if (number_bytes <= 4) + p=q+8; + else +@@ -1309,6 +1311,8 @@ static MagickBooleanType GetEXIFProperty buffer[MaxTextExtent], *value; |