Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=faf37d0bb3e9e3d2ce35006c69f27a6b38523317

commit faf37d0bb3e9e3d2ce35006c69f27a6b38523317
Author: Miklos Vajna <vmik...@frugalware.org>
Date:   Tue Apr 13 00:08:32 2010 +0200

tetex-3.0-19-i686

- add texlive-CVE-2010-0739-int-overflow.patch

diff --git a/source/xapps-extra/tetex/FrugalBuild 
b/source/xapps-extra/tetex/FrugalBuild
index e0c9dcb..3fa9f1d 100644
--- a/source/xapps-extra/tetex/FrugalBuild
+++ b/source/xapps-extra/tetex/FrugalBuild
@@ -4,7 +4,7 @@

pkgname=tetex
pkgver=3.0
-pkgrel=18
+pkgrel=19
pkgdesc="teTeX is a complete TeX distribution for UNIX compatible systems - 
base files, libraries, fonts"
url="http://www.tug.org/teTeX/";
depends=('libstdc++' 'libxp>=1.0.0-3' 'libxmu' 'libxft' 'libxpm' 'freetype2' 
'fontconfig' 'expat' 'openmotif>=2.3.0' 'zlib' 'libpng' 'tetex-kpathsea')
@@ -14,15 +14,17 @@ archs=('i686' 'x86_64' 'ppc')
up2date="lynx --dump 
'ftp://dante.ctan.org/tex-archive/systems/unix/teTeX/current/distrib/'|grep 
\"tar.gz\" |sed -e 's/.*tetex-src-\(.*\).tar.*/\1/;q'"
source=(ftp://dante.ctan.org/tex-archive/systems/unix/teTeX/current/distrib/tetex-texmf-$pkgver.tar.gz
 
ftp://dante.ctan.org/tex-archive/systems/unix/teTeX/current/distrib/tetex-src-$pkgver.tar.gz
 \
tetex-3.0-CVE-2005-3193.patch tetex-3.0-CVE-2007-0650.patch 
tetex-3.0-CVE-2007-3387.patch \
-       tetex-3.0-CVE-2007-5935.patch tetex-3.0-CVE-2007-5936+5937.patch 
glibc210.diff)
-sha1sums=('1be97f57a26a6e9b72ebfd932e45914a959aff16' \
+       tetex-3.0-CVE-2007-5935.patch tetex-3.0-CVE-2007-5936+5937.patch 
glibc210.diff \
+       texlive-CVE-2010-0739-int-overflow.patch)
+sha1sums=('10f7d2fa007c95ca066d899fca0e9a8446108824' \
'7637789f7f4929694aed1b89820f5bad4753e8fc' \
'4a275b1d9a211e94bc13286d05ef619cdf873770' \
'28208eb13f493c1c9c6538f254f04fc0c2aaff1e' \
'3ad00a8f16dd16acc765953e10dc68f181e0a156' \
'f97712ef399a53c39c762883febc8c61d9ed3d46' \
'5bc76c08516bd3edc2b1bd23b743946b790b1e7e' \
-          'f675bcfa254bad6fb0262cd06e92c21631a097aa')
+          'f675bcfa254bad6fb0262cd06e92c21631a097aa' \
+          'b6b4712edbb89cdca22658a596ff2de7a90d864b')
backup=('/usr/share/texmf/web2c/texmf.cnf')
removes=('/usr/share/texmf/web2c/latex.fmt' '/usr/share/texmf/web2c/latex.log')
conflicts=('xdvik')
diff --git a/source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch 
b/source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch
new file mode 100644
index 0000000..83af28a
--- /dev/null
+++ b/source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch
@@ -0,0 +1,14 @@
+diff -up texlive-2007/texk/dvipsk/dospecial.c.int_overflow 
texlive-2007/texk/dvipsk/dospecial.c
+--- texlive-2007/texk/dvipsk/dospecial.c.int_overflow  2006-12-07 
23:39:19.000000000 +0100
++++ texlive-2007/texk/dvipsk/dospecial.c       2010-03-12 14:45:04.000000000 
+0100
+@@ -326,6 +326,10 @@ void predospecial P2C(integer, numbytes,
+    static int omega_specials = 0;
+
+    if (nextstring + numbytes > maxstring) {
++      if (numbytes < 0 || (numbytes > 0 && 2 > INT_MAX / numbytes) || 2 * 
numbytes > 1000 + 2 * numbytes) {
++         error("! Integer overflow");
++         exit(1);
++      }
+       p = nextstring = mymalloc(1000 + 2 * numbytes) ;
+       maxstring = nextstring + 2 * numbytes + 700 ;
+    }
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to