From a37a1a60158fca3eaa96df2864e2c2a237cb7e00 Mon Sep 17 00:00:00 2001 From: salo Date: Sat, 16 Apr 2005 12:55:16 +0000 Subject: Pullup ticket 442 - requested by Michael Rauch security fix for openoffice Revisions pulled up: - pkgsrc/misc/openoffice/Makefile 1.63 - pkgsrc/misc/openoffice/distinfo 1.31 - pkgsrc/misc/openoffice/patches/patch-az 1.3 - pkgsrc/misc/openoffice-bin/Makefile 1.7 - pkgsrc/misc/openoffice-bin/distinfo 1.4 Module Name: pkgsrc Committed By: mrauch Date: Thu Apr 14 20:48:58 UTC 2005 Modified Files: pkgsrc/misc/openoffice: Makefile distinfo Added Files: pkgsrc/misc/openoffice/patches: patch-az Log Message: Apply fix for security problem CAN-2005-0941 from OOo CVS. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: mrauch Date: Thu Apr 14 21:06:44 UTC 2005 Modified Files: pkgsrc/misc/openoffice-bin: Makefile distinfo Log Message: Apply fix for security problem CAN-2005-0941 by installing patched library. Bump PKGREVISION. --- misc/openoffice-bin/Makefile | 9 ++++++++- misc/openoffice-bin/distinfo | 5 ++++- misc/openoffice/Makefile | 4 ++-- misc/openoffice/distinfo | 3 ++- misc/openoffice/patches/patch-az | 13 +++++++++++++ 5 files changed, 29 insertions(+), 5 deletions(-) create mode 100644 misc/openoffice/patches/patch-az (limited to 'misc') diff --git a/misc/openoffice-bin/Makefile b/misc/openoffice-bin/Makefile index f48cb4404c2..d4a0d830a6f 100644 --- a/misc/openoffice-bin/Makefile +++ b/misc/openoffice-bin/Makefile @@ -1,12 +1,17 @@ -# $NetBSD: Makefile,v 1.5 2005/03/16 18:33:41 wiz Exp $ +# $NetBSD: Makefile,v 1.5.2.1 2005/04/16 12:55:16 salo Exp $ PKGNAME= openoffice-bin-${OO_VER} +PKGREVISION= 1 CATEGORIES= misc MASTER_SITES= ${MASTER_SITE_OPENOFFICE:=stable/${OO_VER}/} DISTFILES= ${DISTNAME}${EXTRACT_SUFX} DISTFILES+= openoffice-linux-112-services.rdb.bz2 +DISTFILES+= libsot645li.so SITES_openoffice-linux-112-services.rdb.bz2=http://www.fs.tum.de/~mrauch/OpenOffice/download/\ ftp://ftp.NetBSD.org/pub/NetBSD/misc/mrauch/ +SITES_libsot645li.so= ${MASTER_SITE_OPENOFFICE:=stable/${OO_VER}secpatch/} +EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} \ + openoffice-linux-112-services.rdb.bz2 MAINTAINER= mrauch@NetBSD.org HOMEPAGE= http://www.openoffice.org/ @@ -77,6 +82,8 @@ do-install: ${INSTALL_DATA} ${WRKDIR}/openoffice-linux-112-services.rdb \ ${PREFIX}/OpenOffice.org${OO_VER}/program/services.rdb ${SH} -c "cd ${WRKSRC}; ./install --prefix=${PREFIX}" + ${INSTALL_LIB} ${DISTDIR}/libsot645li.so \ + ${PREFIX}/OpenOffice.org${OO_VER}/program/libsot645li.so ${RM} -f ${PREFIX}/bin/soffice.orig ${SED} -e "s|@@PREFIX@@|${PREFIX}|g" -e "s|@@OO_VER@@|${OO_VER}|g" \ < ${FILESDIR}/soffice > ${PREFIX}/bin/soffice diff --git a/misc/openoffice-bin/distinfo b/misc/openoffice-bin/distinfo index 69b23a6ef01..c25c6fd5f39 100644 --- a/misc/openoffice-bin/distinfo +++ b/misc/openoffice-bin/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.3 2005/02/26 01:22:16 dmcmahill Exp $ +$NetBSD: distinfo,v 1.3.2.1 2005/04/16 12:55:16 salo Exp $ SHA1 (OOo_1.1.4_LinuxIntel_install.tar.gz) = 769eada389dee1829a327ab791ec80d48da10422 RMD160 (OOo_1.1.4_LinuxIntel_install.tar.gz) = 6188beaa49d0998e011b24344333076b6f27e40a @@ -12,3 +12,6 @@ Size (OOo_1.1.4_SolarisSparc_install.tar.gz) = 90876883 bytes SHA1 (openoffice-linux-112-services.rdb.bz2) = c2a538eff450a50221baa212226807d0efd6b12e RMD160 (openoffice-linux-112-services.rdb.bz2) = 857b4ab16e9af2f58264953fdfde2e4bd1972d7b Size (openoffice-linux-112-services.rdb.bz2) = 61919 bytes +SHA1 (libsot645li.so) = 6c6b9995482da055c149c6c9870cc19efbf4bfc1 +RMD160 (libsot645li.so) = 3890f84fcdad6a245d1cdfaf980b884e5d0b8f90 +Size (libsot645li.so) = 305472 bytes diff --git a/misc/openoffice/Makefile b/misc/openoffice/Makefile index 751e004d749..9f37e865ff5 100644 --- a/misc/openoffice/Makefile +++ b/misc/openoffice/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.61 2005/02/26 16:07:46 mrauch Exp $ +# $NetBSD: Makefile,v 1.61.2.1 2005/04/16 12:55:16 salo Exp $ DISTNAME= openoffice-1.1.4 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= misc MASTER_SITES= ${MASTER_SITE_OPENOFFICE:=stable/1.1.4/} DISTFILES= OOo_1.1.4_source.tar.gz diff --git a/misc/openoffice/distinfo b/misc/openoffice/distinfo index df58eeb6bf6..598485b4a73 100644 --- a/misc/openoffice/distinfo +++ b/misc/openoffice/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.29 2005/02/26 16:07:46 mrauch Exp $ +$NetBSD: distinfo,v 1.29.2.1 2005/04/16 12:55:16 salo Exp $ SHA1 (openoffice-1.1.4/OOo_1.1.4_source.tar.gz) = 3161dbe53f6ec0b0d5a65790a2b1dd3d7331b430 RMD160 (openoffice-1.1.4/OOo_1.1.4_source.tar.gz) = 0e218792bb72106cd494532de373d0f40a5a9587 @@ -55,3 +55,4 @@ SHA1 (patch-av) = f6f0aa984f7d975c721d616b348a69cff6173ff8 SHA1 (patch-aw) = 15a27595dbf7599943ff9847e4841b1b62e792a6 SHA1 (patch-ax) = 4a918df6dfd058fd6abecfc4c9b85a21bfc18364 SHA1 (patch-ay) = f548c8c79d6ef9b1a0d1e521d295bf03cd8f8849 +SHA1 (patch-az) = 2c53d79f5d78aebefc4bc43a7f95b484cadd674a diff --git a/misc/openoffice/patches/patch-az b/misc/openoffice/patches/patch-az new file mode 100644 index 00000000000..fd3ad9fbb42 --- /dev/null +++ b/misc/openoffice/patches/patch-az @@ -0,0 +1,13 @@ +$NetBSD: patch-az,v 1.2.8.1 2005/04/16 12:55:16 salo Exp $ + +--- ../sot/source/sdstor/stgole.cxx.orig 2002-07-22 14:28:43.000000000 +0200 ++++ ../sot/source/sdstor/stgole.cxx +@@ -156,6 +156,8 @@ BOOL StgCompObjStream::Load() + *this >> aClsId; + INT32 nLen1 = 0; + *this >> nLen1; ++ // the higher bits are ignored ++ nLen1 &= 0xFFFF; + sal_Char* p = new sal_Char[ (USHORT) nLen1 ]; + if( Read( p, nLen1 ) == (ULONG) nLen1 ) + { -- cgit v1.2.3