Darcsweb-Url:
http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20070809092230-e2957-a68d29fd33da2a1e1803c67991fcbd0d4ce12c1e.gz;
[kdegraphics-3.5.6-2terminus1-i686
VMiklos <[EMAIL PROTECTED]>**20070809092230
added post-3.5.6-kdegraphics-CVE-2007-3387.diff secfix
closes #2302
] {
hunk ./source/kde/kdegraphics/FrugalBuild 6
-pkgrel=1
+pkgrel=2terminus1
hunk ./source/kde/kdegraphics/FrugalBuild 16
+source=($source post-3.5.6-kdegraphics-CVE-2007-3387.diff)
hunk ./source/kde/kdegraphics/FrugalBuild 27
-sha1sums=('481d3f3733c042f7dfe7d9fc6620d17f8b945957')
+sha1sums=('481d3f3733c042f7dfe7d9fc6620d17f8b945957' \
+ 'cd403dcea659e9b4c700835c3a39ad3048f48533')
addfile ./source/kde/kdegraphics/post-3.5.6-kdegraphics-CVE-2007-3387.diff
hunk ./source/kde/kdegraphics/post-3.5.6-kdegraphics-CVE-2007-3387.diff 1
+diff -Naur kdegraphics-3.5.6.orig/kpdf/xpdf/xpdf/Stream.cc
kdegraphics-3.5.6/kpdf/xpdf/xpdf/Stream.cc
+--- kdegraphics-3.5.6.orig/kpdf/xpdf/xpdf/Stream.cc 2007-01-15
12:21:56.000000000 +0100
++++ kdegraphics-3.5.6/kpdf/xpdf/xpdf/Stream.cc 2007-08-09 09:45:03.000000000
+0200
+@@ -411,14 +411,11 @@
+ nBits = nBitsA;
+ predLine = NULL;
+ ok = gFalse;
+-
+- if (width <= 0 || nComps <= 0 || nBits <= 0 ||
+- nComps >= INT_MAX / nBits ||
+- width >= INT_MAX / nComps / nBits)
+- return;
+-
+ nVals = width * nComps;
+- if (nVals * nBits + 7 < 0)
++ if (width <= 0 || nComps <= 0 || nBits <= 0 ||
++ nComps > gfxColorMaxComps || nBits > 16 ||
++ width >= INT_MAX / nComps ||
++ nVals >= (INT_MAX - 7) / nBits)
+ return;
+ pixBytes = (nComps * nBits + 7) >> 3;
+ rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
}
_______________________________________________
Frugalware-darcs mailing list
Frugalware-darcs@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-darcs
