From f3a3194a91a996b118bb5076ae1b21935fba8559 Mon Sep 17 00:00:00 2001
From: wiz <wiz>
Date: Wed, 6 Dec 2006 14:48:35 +0000
Subject: Fix CVE-2006-5864 using a patch from evince CVS. Bump PKGREVISION.

---
 print/evince/Makefile         |  3 ++-
 print/evince/distinfo         |  3 ++-
 print/evince/patches/patch-ac | 27 +++++++++++++++++++++++++++
 3 files changed, 31 insertions(+), 2 deletions(-)
 create mode 100644 print/evince/patches/patch-ac

(limited to 'print/evince')

diff --git a/print/evince/Makefile b/print/evince/Makefile
index 130f903fffa..318e128c8ee 100644
--- a/print/evince/Makefile
+++ b/print/evince/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.26 2006/10/12 14:16:22 drochner Exp $
+# $NetBSD: Makefile,v 1.27 2006/12/06 14:48:35 wiz Exp $
 #
 
 .include "../../print/evince/Makefile.common"
+PKGREVISION=		1
 
 COMMENT=		Document viewer for the GNOME Desktop
 
diff --git a/print/evince/distinfo b/print/evince/distinfo
index 045d5489eee..e7c931043a0 100644
--- a/print/evince/distinfo
+++ b/print/evince/distinfo
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.9 2006/10/12 14:16:22 drochner Exp $
+$NetBSD: distinfo,v 1.10 2006/12/06 14:48:35 wiz Exp $
 
 SHA1 (evince-0.6.1.tar.bz2) = bc314761ecc9c29d10d09294ad8e32bab3a5dbc6
 RMD160 (evince-0.6.1.tar.bz2) = ac94e1964f4f46e505fe945daa9de288c2587898
 Size (evince-0.6.1.tar.bz2) = 1212271 bytes
 SHA1 (patch-aa) = 65abdde02e6b72743d47e5c5d6156cbb4a74f0a6
 SHA1 (patch-ab) = 800d96b612b09976f8573b4caab40da1d5d838f6
+SHA1 (patch-ac) = a2f08a7d977b1e51a811c80c6abc8b8480dd3cda
diff --git a/print/evince/patches/patch-ac b/print/evince/patches/patch-ac
new file mode 100644
index 00000000000..4ac296d1a62
--- /dev/null
+++ b/print/evince/patches/patch-ac
@@ -0,0 +1,27 @@
+$NetBSD: patch-ac,v 1.1 2006/12/06 14:48:35 wiz Exp $
+
+Fix for CVE-2006-5864. From evince CVS
+http://cvs.gnome.org/viewcvs/evince/ps/ps.c?r1=1.6&r2=1.6.6.1
+
+--- ps/ps.c.orig	2006-01-07 00:03:44.000000000 +0100
++++ ps/ps.c
+@@ -1231,7 +1231,8 @@ get_next_text(line, next_char)
+     int level = 0;
+     quoted = 1;
+     line++;
+-    while(*line && !(*line == ')' && level == 0)) {
++    while(*line && !(*line == ')' && level == 0)
++	  && (cp - text) < PSLINELENGTH - 1) {
+       if(*line == '\\') {
+         if(*(line + 1) == 'n') {
+           *cp++ = '\n';
+@@ -1302,7 +1303,8 @@ get_next_text(line, next_char)
+     }
+   }
+   else {
+-    while(*line && !(*line == ' ' || *line == '\t' || *line == '\n'))
++    while(*line && !(*line == ' ' || *line == '\t' || *line == '\n')
++	  && (cp - text) < PSLINELENGTH - 1)
+       *cp++ = *line++;
+   }
+   *cp = '\0';
-- 
cgit v1.2.3