commit: 78f56defd00d1056babb584f8fec806b1c60c329 Author: NP-Hardass <NP-Hardass <AT> gentoo <DOT> org> AuthorDate: Tue May 10 22:31:51 2016 +0000 Commit: NP Hardass <np-hardass <AT> gentoo <DOT> org> CommitDate: Tue May 10 22:32:27 2016 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78f56def
media-gfx/eom: Revbump to 1.10.5-r2, resolves #574376 Package-Manager: portage-2.2.26 .../{eom-1.10.5-r1.ebuild => eom-1.10.5-r2.ebuild} | 1 + media-gfx/eom/files/eom-cve-2013-7447.patch | 28 ++++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/media-gfx/eom/eom-1.10.5-r1.ebuild b/media-gfx/eom/eom-1.10.5-r2.ebuild similarity index 97% rename from media-gfx/eom/eom-1.10.5-r1.ebuild rename to media-gfx/eom/eom-1.10.5-r2.ebuild index 731c3b3..67144a8 100644 --- a/media-gfx/eom/eom-1.10.5-r1.ebuild +++ b/media-gfx/eom/eom-1.10.5-r2.ebuild @@ -64,6 +64,7 @@ pkg_setup() { src_prepare() { epatch "${FILESDIR}/eom-1.10-fix-introspection.patch" + epatch "${FILESDIR}/eom-cve-2013-7447.patch" eautoreconf } diff --git a/media-gfx/eom/files/eom-cve-2013-7447.patch b/media-gfx/eom/files/eom-cve-2013-7447.patch new file mode 100644 index 0000000..410b433 --- /dev/null +++ b/media-gfx/eom/files/eom-cve-2013-7447.patch @@ -0,0 +1,28 @@ +From b7849cc5b6e7fd741ef04e334f586266a444ef8a Mon Sep 17 00:00:00 2001 +From: monsta <mon...@inbox.ru> +Date: Wed, 10 Feb 2016 14:52:54 +0300 +Subject: [PATCH] avoid integer overflow when allocating a large block of + memory + +it's the same issue as in gdk_cairo_set_source_pixbuf since the code +is apparently copied from there. + +fix is taken from +https://git.gnome.org/browse/gtk+/commit?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6 +--- + src/eom-print-preview.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/eom-print-preview.c b/src/eom-print-preview.c +index f9f005f..7dc2a8a 100644 +--- a/src/eom-print-preview.c ++++ b/src/eom-print-preview.c +@@ -732,7 +732,7 @@ create_surface_from_pixbuf (GdkPixbuf *pixbuf) + format = CAIRO_FORMAT_ARGB32; + + cairo_stride = cairo_format_stride_for_width (format, width); +- cairo_pixels = g_malloc (height * cairo_stride); ++ cairo_pixels = g_malloc_n (height, cairo_stride); + surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels, + format, + width, height, cairo_stride);