From e5e737f7672395c50639fa12e1109a3ae2045377 Mon Sep 17 00:00:00 2001 From: mrauch Date: Thu, 14 Apr 2005 20:48:58 +0000 Subject: Apply fix for security problem CAN-2005-0941 from OOo CVS. Bump PKGREVISION. --- misc/openoffice/Makefile | 4 ++-- misc/openoffice/distinfo | 3 ++- misc/openoffice/patches/patch-az | 13 +++++++++++++ 3 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 misc/openoffice/patches/patch-az (limited to 'misc') diff --git a/misc/openoffice/Makefile b/misc/openoffice/Makefile index f06a6eceeb0..90163b5cf9a 100644 --- a/misc/openoffice/Makefile +++ b/misc/openoffice/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.62 2005/04/11 21:46:38 tv Exp $ +# $NetBSD: Makefile,v 1.63 2005/04/14 20:48:58 mrauch Exp $ DISTNAME= openoffice-1.1.4 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= misc MASTER_SITES= ${MASTER_SITE_OPENOFFICE:=stable/1.1.4/} DISTFILES= OOo_1.1.4_source.tar.gz diff --git a/misc/openoffice/distinfo b/misc/openoffice/distinfo index b516ec3d41c..2fff524e802 100644 --- a/misc/openoffice/distinfo +++ b/misc/openoffice/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.30 2005/04/12 01:10:45 rillig Exp $ +$NetBSD: distinfo,v 1.31 2005/04/14 20:48:58 mrauch Exp $ SHA1 (openoffice-1.1.4/OOo_1.1.4_source.tar.gz) = 3161dbe53f6ec0b0d5a65790a2b1dd3d7331b430 RMD160 (openoffice-1.1.4/OOo_1.1.4_source.tar.gz) = 0e218792bb72106cd494532de373d0f40a5a9587 @@ -55,3 +55,4 @@ SHA1 (patch-av) = f6f0aa984f7d975c721d616b348a69cff6173ff8 SHA1 (patch-aw) = f0decfe7d1bac881ec83b09328a6b863a9bed7b1 SHA1 (patch-ax) = 4a918df6dfd058fd6abecfc4c9b85a21bfc18364 SHA1 (patch-ay) = f548c8c79d6ef9b1a0d1e521d295bf03cd8f8849 +SHA1 (patch-az) = 2c53d79f5d78aebefc4bc43a7f95b484cadd674a diff --git a/misc/openoffice/patches/patch-az b/misc/openoffice/patches/patch-az new file mode 100644 index 00000000000..481e35c3be0 --- /dev/null +++ b/misc/openoffice/patches/patch-az @@ -0,0 +1,13 @@ +$NetBSD: patch-az,v 1.3 2005/04/14 20:48:58 mrauch Exp $ + +--- ../sot/source/sdstor/stgole.cxx.orig 2002-07-22 14:28:43.000000000 +0200 ++++ ../sot/source/sdstor/stgole.cxx +@@ -156,6 +156,8 @@ BOOL StgCompObjStream::Load() + *this >> aClsId; + INT32 nLen1 = 0; + *this >> nLen1; ++ // the higher bits are ignored ++ nLen1 &= 0xFFFF; + sal_Char* p = new sal_Char[ (USHORT) nLen1 ]; + if( Read( p, nLen1 ) == (ULONG) nLen1 ) + { -- cgit v1.2.3