From a173d15ed6529487c56b36e48ecb1818c634ed88 Mon Sep 17 00:00:00 2001 From: spz Date: Mon, 4 Apr 2016 18:28:38 +0000 Subject: Pullup ticket #4951 - requested by bsiegert sysutils/xfce4-thunar: security fix Revisions pulled up: - sysutils/xfce4-thunar/Makefile 1.44 - sysutils/xfce4-thunar/distinfo 1.12 - sysutils/xfce4-thunar/patches/patch-thunar_thunar-gdk-extensions.c 1.1 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: tnn Date: Sun Mar 13 03:45:53 UTC 2016 Modified Files: pkgsrc/sysutils/xfce4-thunar: Makefile distinfo Added Files: pkgsrc/sysutils/xfce4-thunar/patches: patch-thunar_thunar-gdk-extensions.c Log Message: patch CVE-2013-7447 To generate a diff of this commit: cvs rdiff -u -r1.43 -r1.44 pkgsrc/sysutils/xfce4-thunar/Makefile cvs rdiff -u -r1.11 -r1.12 pkgsrc/sysutils/xfce4-thunar/distinfo cvs rdiff -u -r0 -r1.1 \ pkgsrc/sysutils/xfce4-thunar/patches/patch-thunar_thunar-gdk-extensions.c --- sysutils/xfce4-thunar/Makefile | 4 ++-- sysutils/xfce4-thunar/distinfo | 3 ++- .../patches/patch-thunar_thunar-gdk-extensions.c | 15 +++++++++++++++ 3 files changed, 19 insertions(+), 3 deletions(-) create mode 100644 sysutils/xfce4-thunar/patches/patch-thunar_thunar-gdk-extensions.c diff --git a/sysutils/xfce4-thunar/Makefile b/sysutils/xfce4-thunar/Makefile index ef9d954f420..520e2a28623 100644 --- a/sysutils/xfce4-thunar/Makefile +++ b/sysutils/xfce4-thunar/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.43 2015/07/08 21:15:21 youri Exp $ +# $NetBSD: Makefile,v 1.43.4.1 2016/04/04 18:28:38 spz Exp $ .include "../../meta-pkgs/xfce4/Makefile.common" VERSION= 1.6.10 -PKGREVISION= 1 +PKGREVISION= 2 DISTNAME= Thunar-${VERSION} PKGNAME= xfce4-thunar-${VERSION} CATEGORIES= sysutils diff --git a/sysutils/xfce4-thunar/distinfo b/sysutils/xfce4-thunar/distinfo index 47ca0a68f5e..84aa883292f 100644 --- a/sysutils/xfce4-thunar/distinfo +++ b/sysutils/xfce4-thunar/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.11 2015/11/04 01:32:41 agc Exp $ +$NetBSD: distinfo,v 1.11.2.1 2016/04/04 18:28:38 spz Exp $ SHA1 (Thunar-1.6.10.tar.bz2) = 53e6a3208b643a0108dee2d985b45e9ee2b94a35 RMD160 (Thunar-1.6.10.tar.bz2) = d7a5207e3f9ef260804cb931ee737eb11f136ddf @@ -9,3 +9,4 @@ SHA1 (patch-ac) = c6e773b16f82ce4be2537642fd8401ab04c6a26e SHA1 (patch-org.xfce.FileManager.service.in) = 42adca65fe2e9dd5ea9615cac0431767b0c0fdab SHA1 (patch-org.xfce.Thunar.service.in) = 8687725857e57009782ad5f3abe0c6d8c097cbba SHA1 (patch-thunar_Makefile.in) = 68533f585813efd97531971a7643041a25bd0a80 +SHA1 (patch-thunar_thunar-gdk-extensions.c) = 8086ad1ebadbde65bd6a310619760d6f9b70d2c8 diff --git a/sysutils/xfce4-thunar/patches/patch-thunar_thunar-gdk-extensions.c b/sysutils/xfce4-thunar/patches/patch-thunar_thunar-gdk-extensions.c new file mode 100644 index 00000000000..ba17edf1169 --- /dev/null +++ b/sysutils/xfce4-thunar/patches/patch-thunar_thunar-gdk-extensions.c @@ -0,0 +1,15 @@ +$NetBSD: patch-thunar_thunar-gdk-extensions.c,v 1.1.2.2 2016/04/04 18:28:38 spz Exp $ + +Fix CVE-2013-7447. Via x11/gtk2/patches/patch-gdk_gdkcairo.c. + +--- thunar/thunar-gdk-extensions.c.orig 2015-05-22 13:25:36.000000000 +0000 ++++ thunar/thunar-gdk-extensions.c +@@ -75,7 +75,7 @@ thunar_gdk_cairo_create_surface (const G + + /* prepare pixel data and surface */ + cairo_stride = cairo_format_stride_for_width (format, width); +- cairo_pixels = g_malloc (height * cairo_stride); ++ cairo_pixels = g_malloc_n (height, cairo_stride); + surface = cairo_image_surface_create_for_data (cairo_pixels, format, + width, height, cairo_stride); + cairo_surface_set_user_data (surface, &cairo_key, cairo_pixels, g_free); -- cgit v1.2.3