graphics libwmf.patch, NONE, 1.1 gimp2.info, 1.11, 1.12 libwmf.info, 1.3, 1.4

Alexander Strange Tue, 28 Aug 2007 11:39:39 -0700

Update of /cvsroot/fink/dists/10.4/unstable/main/finkinfo/graphics
In directory sc8-pr-cvs17:/tmp/cvs-serv32546


Modified Files:
        gimp2.info libwmf.info 
Added Files:
        libwmf.patch 
Log Message:
Debian security patches for gimp2/libwmf, via Tomoaki Okayama.

Index: libwmf.info
===================================================================
RCS file: /cvsroot/fink/dists/10.4/unstable/main/finkinfo/graphics/libwmf.info,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- libwmf.info 14 Aug 2007 22:04:48 -0000      1.3
+++ libwmf.info 28 Aug 2007 18:39:32 -0000      1.4
@@ -1,6 +1,6 @@
 Package: libwmf
 Version: 0.2.8.2
-Revision: 6
+Revision: 7
 
 Source: mirror:sourceforge:wvware/%n-%v.tar.gz
 Source-MD5: 1e0422026dd392651f0b8641fa33599d
@@ -13,6 +13,9 @@
 
 
 SetCPPFLAGS: -I/usr/X11R6/include/freetype2
+
+Patch: %n.patch
+
 PatchScript: <<
 perl -pi.bak -e 's;io_wmf_la_LIBADD =;io_wmf_la_LIBADD = libwmflite.la;' 
src/Makefile.in
 perl -pi.bak -e 's;DESTDIR =;;' fonts/Makefile.in

--- NEW FILE: libwmf.patch ---
--- libwmf-0.2.8.3.orig/src/font.c
+++ libwmf-0.2.8.3/src/font.c
@@ -199,7 +199,7 @@
        unsigned int i = 0;
 
        while (font_data->cache[i].name)
-       {       if (strcmp (font_data->cache[i].path,entry->path) == 0) break;
+       {       if (strcmp (font_data->cache[i].name,entry->name) == 0) break;
                i++;
        }
 
@@ -422,7 +422,6 @@
 
        fontmap_data->FD.FI = 0;
 
-       if (API->flags & WMF_OPT_SYS_FONTS)
        {       if (API->flags & WMF_OPT_SYS_FONTMAP)
                {       wmf_ipa_font_map_xml 
(API,&(fontmap_data->FD),options->sys_fontmap_file);
                }
--- libwmf-0.2.8.3.orig/src/player.c
+++ libwmf-0.2.8.3/src/player.c
@@ -23,6 +23,7 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <stdint.h>
 #include <string.h>
 #include <math.h>
 
@@ -132,8 +133,14 @@
                }
        }
 
-/*     P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) 
* 2 * sizeof (unsigned char));
- */    P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) 
* 2 * sizeof (unsigned char));
+       if (MAX_REC_SIZE(API) > UINT32_MAX / 2)
+       {
+               API->err = wmf_E_InsMem;
+               WMF_DEBUG (API,"bailing...");
+               return (API->err);
+       }
+
+       P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)  ) 
* 2 * sizeof (unsigned char));
 
        if (ERR (API))
        {       WMF_DEBUG (API,"bailing...");

Index: gimp2.info
===================================================================
RCS file: /cvsroot/fink/dists/10.4/unstable/main/finkinfo/graphics/gimp2.info,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- gimp2.info  25 Jan 2007 19:01:20 -0000      1.11
+++ gimp2.info  28 Aug 2007 18:39:31 -0000      1.12
@@ -3,12 +3,14 @@
 Type: -svg (boolean), -noprint (boolean)
 
 Version: 2.0.6
-Revision: 1004
+Revision: 1005
 # This package has OS X version-specific differences!
 # Do not blindly copy 10.3 <-> 10.4
 
 Source: mirror:gimp:v2.0/gimp-%v.tar.bz2
 Source2: mirror:gimp:help/testing/gimp-help-2-0.5.tar.gz
+Source3: http://astrange.ithinksw.net/fink/gimp-2.2.13-1etch4-debian.tar.bz2
+Source4: http://paq.osdn.org.ua/~mike/tmp/gimp-2.2.8-ubuntu-CVE-2006-3404.patch
 Depends: %N-shlibs (= %v-%r)
 Conflicts: gimp2,gimp2-svg,gimp2-noprint,gimp2-svg-noprint
 Replaces: gimp2,gimp2-svg,gimp2-noprint,gimp2-svg-noprint
@@ -35,6 +37,8 @@
 <<
 Source-MD5: 632b9ec629ba7c48d292069c37a1a6c1 
 Source2-MD5: 4b10833a545842ee4436a75eea68fd42
+Source3-MD5: d855405d3fde6c453fe55fd3b1cab835
+Source4-MD5: c5f49173063c776b7d7a908ec0889b05
 SetCC: gcc -I%p/lib/fontconfig2/include -L%p/lib/fontconfig2/lib 
-I%p/lib/freetype219/include -L%p/lib/freetype219/lib
 SetLIBS: -liconv -lintl -lexpat
 SetLDFLAGS: -Wl,-search_paths_first
@@ -43,6 +47,25 @@
 
 PatchScript: <<
 #!/bin/sh -ev
+########## Security Fixes ##########
+# Fix buffer overflow in XCF parser, imported from Ubuntu.
+patch -p1 < ../gimp-2.2.8-ubuntu-CVE-2006-3404.patch
+
+# Fix stack overflow in sunras plugin
+sed s/set_colormap/set_cmap/ ../debian/patches/06_CVE-2007-2356.patch | patch 
-p1
+
+# Avoid conflict with 07_CVE-2006-4519-CVE-2007-2949.patch
+perl -pi.bak0 -e "s/\t/        /g"                      app/xcf/xcf-load.c
+sed   -i.bak0 -e '/total = count;/d' \
+              -e '/gint  bytes;/d' \
+              -e 's/guint total;/guint total = count;/' app/xcf/xcf-read.c
+perl -pi.bak1 -e "s/(bytes =.*)/gint  \1\n/"            app/xcf/xcf-read.c
+perl -pi.bak2 -e "s/break;/break;\n/"                   app/xcf/xcf-read.c
+
+# Fix multiple buffer overflows and integer overflows
+patch -p1 < ../debian/patches/07_CVE-2006-4519-CVE-2007-2949.patch
+########## Security Fixes ##########
+
 if [ "%type_raw[-svg]" != "-svg" ]; then
  sed 's;SVG = @SVG@;SVG = ;' < plug-ins/common/Makefile.in > tmp
  mv tmp plug-ins/common/Makefile.in


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Fink-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fink-commits

[cvs] dists/10.4/unstable/main/finkinfo/graphics libwmf.patch, NONE, 1.1 gimp2.info, 1.11, 1.12 libwmf.info, 1.3, 1.4

Reply via email to