commit:     50d9a00ce8479638672bc7938ce9dc388172a82f
Author:     NP-Hardass <NP-Hardass <AT> gentoo <DOT> org>
AuthorDate: Fri Feb 23 20:19:06 2018 +0000
Commit:     NP Hardass <np-hardass <AT> gentoo <DOT> org>
CommitDate: Fri Feb 23 20:22:55 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=50d9a00c

app-text/atril: Fix CVE-2017-1000083

Bug: https://bugs.gentoo.org/624880
Package-Manager: Portage-2.3.24, Repoman-2.3.6

 ...ril-1.12.2-r4.ebuild => atril-1.12.2-r5.ebuild} |  4 +++-
 ...ril-1.14.2-r1.ebuild => atril-1.14.2-r2.ebuild} |  4 +++-
 ...ril-1.16.1-r1.ebuild => atril-1.16.1-r2.ebuild} |  4 +++-
 app-text/atril/files/atril-cve-2017-1000083.patch  | 28 ++++++++++++++++++++++
 4 files changed, 37 insertions(+), 3 deletions(-)

diff --git a/app-text/atril/atril-1.12.2-r4.ebuild 
b/app-text/atril/atril-1.12.2-r5.ebuild
similarity index 96%
rename from app-text/atril/atril-1.12.2-r4.ebuild
rename to app-text/atril/atril-1.12.2-r5.ebuild
index aa353029fbd..360dac80db2 100644
--- a/app-text/atril/atril-1.12.2-r4.ebuild
+++ b/app-text/atril/atril-1.12.2-r5.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=6
@@ -67,6 +67,8 @@ DEPEND="${RDEPEND}
 # Tests use dogtail which is not available on Gentoo.
 RESTRICT="test"
 
+FILES=( "${FILESDIR}/${PN}-cve-2017-1000083.patch" )
+
 src_configure() {
        # Passing --disable-help would drop offline help, that would be 
inconsistent
        # with helps of the most of GNOME apps that doesn't require network for 
that.

diff --git a/app-text/atril/atril-1.14.2-r1.ebuild 
b/app-text/atril/atril-1.14.2-r2.ebuild
similarity index 96%
rename from app-text/atril/atril-1.14.2-r1.ebuild
rename to app-text/atril/atril-1.14.2-r2.ebuild
index 12e1ae529a2..792c2c2e6a0 100644
--- a/app-text/atril/atril-1.14.2-r1.ebuild
+++ b/app-text/atril/atril-1.14.2-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=6
@@ -69,6 +69,8 @@ DEPEND="${COMMON_DEPEND}
 # Tests use dogtail which is not available on Gentoo.
 RESTRICT="test"
 
+FILES=( "${FILESDIR}/${PN}-cve-2017-1000083.patch" )
+
 src_configure() {
        # Passing --disable-help would drop offline help, that would be 
inconsistent
        # with helps of the most of GNOME apps that doesn't require network for 
that.

diff --git a/app-text/atril/atril-1.16.1-r1.ebuild 
b/app-text/atril/atril-1.16.1-r2.ebuild
similarity index 96%
rename from app-text/atril/atril-1.16.1-r1.ebuild
rename to app-text/atril/atril-1.16.1-r2.ebuild
index 4259cddf89b..24aad9d4f3c 100644
--- a/app-text/atril/atril-1.16.1-r1.ebuild
+++ b/app-text/atril/atril-1.16.1-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 Gentoo Foundation
+# Copyright 1999-2018 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=6
@@ -68,6 +68,8 @@ DEPEND="${COMMON_DEPEND}
 # Tests use dogtail which is not available on Gentoo.
 RESTRICT="test"
 
+FILES=( "${FILESDIR}/${PN}-cve-2017-1000083.patch" )
+
 src_configure() {
        # Passing --disable-help would drop offline help, that would be 
inconsistent
        # with helps of the most of GNOME apps that doesn't require network for 
that.

diff --git a/app-text/atril/files/atril-cve-2017-1000083.patch 
b/app-text/atril/files/atril-cve-2017-1000083.patch
new file mode 100644
index 00000000000..29c81f7e542
--- /dev/null
+++ b/app-text/atril/files/atril-cve-2017-1000083.patch
@@ -0,0 +1,28 @@
+From f4291fd62f7dfe6460d2406a979ccfac0c68dd59 Mon Sep 17 00:00:00 2001
+From: ZenWalker <s...@riseup.net>
+Date: Wed, 19 Jul 2017 11:00:09 +0200
+Subject: [PATCH] comics: make the files containing "--checkpoint-action="
+ unsupported
+
+Fixes #257
+---
+ backend/comics/comics-document.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/backend/comics/comics-document.c 
b/backend/comics/comics-document.c
+index 9f945c6..4d4d293 100644
+--- a/backend/comics/comics-document.c
++++ b/backend/comics/comics-document.c
+@@ -983,6 +983,12 @@ extract_argv (EvDocument *document, gint page)
+       char *command_line, *quoted_archive, *quoted_filename;
+       GError *err = NULL;
+ 
++      if (g_strrstr (comics_document->page_names->pdata[page], 
"--checkpoint-action="))
++      {
++              g_warning ("File unsupported\n");
++              gtk_main_quit ();
++      }
++
+         if (page >= comics_document->page_names->len)
+                 return NULL;
+ 

Reply via email to