From aa197b45249e6f3f9d245533dac6b055ab16344e Mon Sep 17 00:00:00 2001 From: lkundrak Date: Wed, 4 Jul 2007 13:17:11 +0000 Subject: Fix for CVE-2007-2949 heap overflow in PSD code. Bump PKGREVISION. --- graphics/gimp/Makefile | 4 ++-- graphics/gimp/distinfo | 3 ++- graphics/gimp/patches/patch-ae | 19 +++++++++++++++++++ 3 files changed, 23 insertions(+), 3 deletions(-) create mode 100644 graphics/gimp/patches/patch-ae diff --git a/graphics/gimp/Makefile b/graphics/gimp/Makefile index dd967bc9902..4b333ca7ec9 100644 --- a/graphics/gimp/Makefile +++ b/graphics/gimp/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.152.2.1 2007/05/26 17:36:01 ghen Exp $ +# $NetBSD: Makefile,v 1.152.2.2 2007/07/04 13:17:11 lkundrak Exp $ DISTNAME= gimp-2.2.13 -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= graphics MASTER_SITES= ftp://ftp.gimp.org/pub/gimp/v2.2/ \ ftp://ftp.cs.umn.edu/pub/gimp/v2.2/ \ diff --git a/graphics/gimp/distinfo b/graphics/gimp/distinfo index 80042c2f1ac..df5d216e302 100644 --- a/graphics/gimp/distinfo +++ b/graphics/gimp/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.31.6.1 2007/05/26 17:36:01 ghen Exp $ +$NetBSD: distinfo,v 1.31.6.2 2007/07/04 13:17:11 lkundrak Exp $ SHA1 (gimp-2.2.13.tar.bz2) = 7f215396c817b2a16ef62fc2d90f98881fc91c65 RMD160 (gimp-2.2.13.tar.bz2) = cebd438c778cae175c26ae4fc4c4914f24711a9b @@ -7,3 +7,4 @@ SHA1 (patch-aa) = 027e376c60279a561f55f22e55a8af09b6b3bd67 SHA1 (patch-ab) = ad4927755b7aff8299a9c8c2896742258b704cb3 SHA1 (patch-ac) = 48fbb6a3b486db6f05ac210c2915f9a06c9f6795 SHA1 (patch-ad) = 632c34e0fbeda69139b2b674d9c5ef80db40dcca +SHA1 (patch-ae) = 079b081e8eb0c19d18060d9c21ea9d12df9c5cc4 diff --git a/graphics/gimp/patches/patch-ae b/graphics/gimp/patches/patch-ae new file mode 100644 index 00000000000..f3e89842c19 --- /dev/null +++ b/graphics/gimp/patches/patch-ae @@ -0,0 +1,19 @@ +$NetBSD: patch-ae,v 1.6.6.1 2007/07/04 13:17:12 lkundrak Exp $ + +Fix for CVE-2007-2949 heap overflow from upstream. + +--- plug-ins/common/psd.c.orig 2007-07-04 15:11:22.000000000 +0200 ++++ plug-ins/common/psd.c +@@ -1202,6 +1202,12 @@ seek_to_and_unpack_pixeldata(FILE* fd, g + width = channel->width; + height = channel->height; + ++ if (width > G_MAXINT16 || height > G_MAXINT16) ++ { ++ g_message ("Error: Invalid channel dimensions"); ++ gimp_quit (); ++ } ++ + IFDBG + { + printf("\t\t\tLayer (%d) Channel (%d:%d) Compression: %d (%s)\n", -- cgit v1.2.3