OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 06-Mar-2005 19:32:41
Branch: HEAD Handle: 2005030618324100
Modified files:
openpkg-src/kde-qt kde-qt.patch kde-qt.spec
Log:
upgrading package: kde-qt 3.3.3 -> 3.3.4
Summary:
Revision Changes Path
1.5 +4 -346 openpkg-src/kde-qt/kde-qt.patch
1.19 +2 -2 openpkg-src/kde-qt/kde-qt.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/kde-qt/kde-qt.patch
============================================================================
$ cvs diff -u -r1.4 -r1.5 kde-qt.patch
--- openpkg-src/kde-qt/kde-qt.patch 2 Oct 2004 08:11:29 -0000 1.4
+++ openpkg-src/kde-qt/kde-qt.patch 6 Mar 2005 18:32:41 -0000 1.5
@@ -2,7 +2,7 @@
diff -Nau configure.orig configure
--- configure.orig 2004-06-14 11:18:55 +0200
+++ configure 2004-08-11 16:13:39 +0200
-@@ -1782,21 +1782,6 @@
+@@ -1783,21 +1783,6 @@
CFG_FREETYPE=yes
fi
fi
@@ -24,7 +24,7 @@
# auto-detect Session Management support
if [ "$CFG_SM" = "auto" ]; then
if $x11tests/sm.test $XQMAKESPEC $OPT_VERBOSE $L_FLAGS $I_FLAGS; then
-@@ -2926,6 +2911,21 @@
+@@ -2927,6 +2912,21 @@
if [ "$CFG_XKB" = "yes" ]; then
QMAKE_CONFIG="$QMAKE_CONFIG xkb"
fi
@@ -96,61 +96,13 @@
+ len = 63;
buffer[iout++] = ':';
buffer[iout++] = ' ';
-- png_memcpy(buffer+iout, error_message, 64);
+- png_strncpy(buffer+iout, error_message, 63);
- buffer[iout+63] = 0;
-+ png_memcpy(buffer+iout, error_message, len);
++ png_strncpy(buffer+iout, error_message, len);
+ buffer[iout+len] = 0;
}
}
-Index: src/3rdparty/libpng/pngrtran.c
-diff -Nau src/3rdparty/libpng/pngrtran.c.orig src/3rdparty/libpng/pngrtran.c
---- src/3rdparty/libpng/pngrtran.c.orig 2003-05-27 17:19:23 +0200
-+++ src/3rdparty/libpng/pngrtran.c 2004-08-11 16:26:04 +0200
-@@ -1889,8 +1889,8 @@
- /* This changes the data from GG to GGXX */
- if (flags & PNG_FLAG_FILLER_AFTER)
- {
-- png_bytep sp = row + (png_size_t)row_width;
-- png_bytep dp = sp + (png_size_t)row_width;
-+ png_bytep sp = row + (png_size_t)row_width * 2;
-+ png_bytep dp = sp + (png_size_t)row_width * 2;
- for (i = 1; i < row_width; i++)
- {
- *(--dp) = hi_filler;
-@@ -1907,8 +1907,8 @@
- /* This changes the data from GG to XXGG */
- else
- {
-- png_bytep sp = row + (png_size_t)row_width;
-- png_bytep dp = sp + (png_size_t)row_width;
-+ png_bytep sp = row + (png_size_t)row_width * 2;
-+ png_bytep dp = sp + (png_size_t)row_width * 2;
- for (i = 0; i < row_width; i++)
- {
- *(--dp) = *(--sp);
-@@ -1965,8 +1965,8 @@
- /* This changes the data from RRGGBB to RRGGBBXX */
- if (flags & PNG_FLAG_FILLER_AFTER)
- {
-- png_bytep sp = row + (png_size_t)row_width * 3;
-- png_bytep dp = sp + (png_size_t)row_width;
-+ png_bytep sp = row + (png_size_t)row_width * 6;
-+ png_bytep dp = sp + (png_size_t)row_width * 2;
- for (i = 1; i < row_width; i++)
- {
- *(--dp) = hi_filler;
-@@ -1987,8 +1987,8 @@
- /* This changes the data from RRGGBB to XXRRGGBB */
- else
- {
-- png_bytep sp = row + (png_size_t)row_width * 3;
-- png_bytep dp = sp + (png_size_t)row_width;
-+ png_bytep sp = row + (png_size_t)row_width * 6;
-+ png_bytep dp = sp + (png_size_t)row_width * 2;
- for (i = 0; i < row_width; i++)
- {
- *(--dp) = *(--sp);
http://www.graphicsmagick.org/libpng/beta/patches/INFO.txt
@@ -174,300 +126,6 @@
Use to patch libpng-1.0.9 through 1.2.5
This fixes the most dangerous of the newly reported vulnerabilities
-Index: src/3rdparty/libpng/pngrutil.c
-diff -Nau src/3rdparty/libpng/pngrutil.c.orig src/3rdparty/libpng/pngrutil.c
---- src/3rdparty/libpng/pngrutil.c.orig 2004-08-11 16:29:37 +0200
-+++ src/3rdparty/libpng/pngrutil.c 2004-08-11 16:30:11 +0200
-@@ -1241,7 +1241,8 @@
- /* Should be an error, but we can cope with it */
- png_warning(png_ptr, "Missing PLTE before tRNS");
- }
-- if (length > (png_uint_32)png_ptr->num_palette)
-+ if (length > (png_uint_32)png_ptr->num_palette ||
-+ length > PNG_MAX_PALETTE_LENGTH)
- {
- png_warning(png_ptr, "Incorrect tRNS chunk length");
- png_crc_finish(png_ptr, length);
-
-http://www.graphicsmagick.org/libpng/beta/patches/libpng-patch04-get-uint-31.txt
- Use to patch libpng-1.0.6 through 1.2.5
- This patch defines PNG_UINT_31_MAX, PNG_UINT_32_MAX, PNG_SIZE_MAX,
- and png_get_uint_31(), which are needed by patches 05-08.
-
-Index: src/3rdparty/libpng/png.h
-diff -Nau src/3rdparty/libpng/png.h.orig src/3rdparty/libpng/png.h
---- src/3rdparty/libpng/png.h.orig 2003-05-27 17:19:23 +0200
-+++ src/3rdparty/libpng/png.h 2004-08-11 16:31:06 +0200
-@@ -833,7 +833,11 @@
- typedef png_info FAR * FAR * png_infopp;
-
- /* Maximum positive integer used in PNG is (2^31)-1 */
--#define PNG_MAX_UINT ((png_uint_32)0x7fffffffL)
-+#define PNG_UINT_31_MAX ((png_uint_32)0x7fffffffL)
-+#define PNG_UINT_32_MAX (~((png_uint_32)0))
-+#define PNG_SIZE_MAX (~((png_size_t)0))
-+/* PNG_MAX_UINT is deprecated; use PNG_UINT_31_MAX instead. */
-+#define PNG_MAX_UINT PNG_UINT_31_MAX
-
- /* These describe the color_type field in png_info. */
- /* color type masks */
-@@ -2655,6 +2659,8 @@
- PNG_EXTERN png_uint_32 png_get_uint_32 PNGARG((png_bytep buf));
- PNG_EXTERN png_uint_16 png_get_uint_16 PNGARG((png_bytep buf));
- #endif /* !PNG_READ_BIG_ENDIAN_SUPPORTED */
-+PNG_EXTERN png_uint_32 png_get_uint_31 PNGARG((png_structp png_ptr,
-+ png_bytep buf));
-
- /* Initialize png_ptr struct for reading, and allocate any other memory.
- * (old interface - DEPRECATED - use png_create_read_struct instead).
-Index: src/3rdparty/libpng/pngrutil.c
-diff -Nau src/3rdparty/libpng/pngrutil.c.orig src/3rdparty/libpng/pngrutil.c
---- src/3rdparty/libpng/pngrutil.c.orig 2004-08-11 16:29:37 +0200
-+++ src/3rdparty/libpng/pngrutil.c 2004-08-11 16:32:11 +0200
-@@ -38,6 +38,14 @@
- # endif
- #endif
-
-+png_uint_32 /* PRIVATE */
-+png_get_uint_31(png_structp png_ptr, png_bytep buf)
-+{
-+ png_uint_32 i = png_get_uint_32(buf);
-+ if (i > PNG_UINT_31_MAX)
-+ png_error(png_ptr, "PNG unsigned integer out of range.\n");
-+ return (i);
-+}
- #ifndef PNG_READ_BIG_ENDIAN_SUPPORTED
- /* Grab an unsigned 32-bit integer from a buffer in big-endian format. */
- png_uint_32 /* PRIVATE */
-
-http://www.graphicsmagick.org/libpng/beta/patches/libpng-patch05-pngpread-chunklength.txt
- Use to patch libpng-1.0.0 through 1.2.5
- Requires one of libpng-patch04*
-
-Index: src/3rdparty/libpng/pngpread.c
-diff -Nau src/3rdparty/libpng/pngpread.c.orig src/3rdparty/libpng/pngpread.c
---- src/3rdparty/libpng/pngpread.c.orig 2003-05-27 17:19:23 +0200
-+++ src/3rdparty/libpng/pngpread.c 2004-08-11 16:34:45 +0200
-@@ -208,7 +208,7 @@
- }
-
- png_push_fill_buffer(png_ptr, chunk_length, 4);
-- png_ptr->push_length = png_get_uint_32(chunk_length);
-+ png_ptr->push_length = png_get_uint_31(png_ptr,chunk_length);
- png_reset_crc(png_ptr);
- png_crc_read(png_ptr, png_ptr->chunk_name, 4);
- png_ptr->mode |= PNG_HAVE_CHUNK_HEADER;
-@@ -591,6 +591,11 @@
- png_size_t new_max;
- png_bytep old_buffer;
-
-+ if (png_ptr->save_buffer_size > PNG_SIZE_MAX -
-+ (png_ptr->current_buffer_size + 256))
-+ {
-+ png_error(png_ptr, "Potential overflow of save_buffer");
-+ }
- new_max = png_ptr->save_buffer_size + png_ptr->current_buffer_size +
256;
- old_buffer = png_ptr->save_buffer;
- png_ptr->save_buffer = (png_bytep)png_malloc(png_ptr,
-@@ -637,8 +642,7 @@
- }
-
- png_push_fill_buffer(png_ptr, chunk_length, 4);
-- png_ptr->push_length = png_get_uint_32(chunk_length);
--
-+ png_ptr->push_length = png_get_uint_31(png_ptr,chunk_length);
- png_reset_crc(png_ptr);
- png_crc_read(png_ptr, png_ptr->chunk_name, 4);
- png_ptr->mode |= PNG_HAVE_CHUNK_HEADER;
-
-http://www.graphicsmagick.org/libpng/beta/patches/libpng-patch06-pngread-chunklength.txt
- Use to patch libpng-1.0.13 through 1.0.15 and 1.2.2 through 1.2.5.
- Requires libpng-patch04-*
-
-Index: src/3rdparty/libpng/pngpread.c
-diff -Nau src/3rdparty/libpng/pngread.c.orig src/3rdparty/libpng/pngread.c
---- src/3rdparty/libpng/pngread.c.orig 2003-05-27 17:19:23 +0200
-+++ src/3rdparty/libpng/pngread.c 2004-08-11 16:36:04 +0200
-@@ -384,7 +384,7 @@
- png_uint_32 length;
-
- png_read_data(png_ptr, chunk_length, 4);
-- length = png_get_uint_32(chunk_length);
-+ length = png_get_uint_31(png_ptr,chunk_length);
-
- png_reset_crc(png_ptr);
- png_crc_read(png_ptr, png_ptr->chunk_name, 4);
-@@ -392,9 +392,6 @@
- png_debug2(0, "Reading %s chunk, length=%lu.\n", png_ptr->chunk_name,
- length);
-
-- if (length > PNG_MAX_UINT)
-- png_error(png_ptr, "Invalid chunk length.");
--
- /* This should be a binary subdivision search or a hash for
- * matching the chunk name rather than a linear search.
- */
-@@ -673,10 +670,7 @@
- png_crc_finish(png_ptr, 0);
-
- png_read_data(png_ptr, chunk_length, 4);
-- png_ptr->idat_size = png_get_uint_32(chunk_length);
--
-- if (png_ptr->idat_size > PNG_MAX_UINT)
-- png_error(png_ptr, "Invalid chunk length.");
-+ png_ptr->idat_size = png_get_uint_31(png_ptr,chunk_length);
-
- png_reset_crc(png_ptr);
- png_crc_read(png_ptr, png_ptr->chunk_name, 4);
-@@ -946,16 +940,13 @@
- #endif /* PNG_GLOBAL_ARRAYS */
-
- png_read_data(png_ptr, chunk_length, 4);
-- length = png_get_uint_32(chunk_length);
-+ length = png_get_uint_31(png_ptr,chunk_length);
-
- png_reset_crc(png_ptr);
- png_crc_read(png_ptr, png_ptr->chunk_name, 4);
-
- png_debug1(0, "Reading %s chunk.\n", png_ptr->chunk_name);
-
-- if (length > PNG_MAX_UINT)
-- png_error(png_ptr, "Invalid chunk length.");
--
- if (!png_memcmp(png_ptr->chunk_name, png_IHDR, 4))
- png_handle_IHDR(png_ptr, info_ptr, length);
- else if (!png_memcmp(png_ptr->chunk_name, png_IEND, 4))
-
-http://www.graphicsmagick.org/libpng/beta/patches/libpng-patch07-png-read-png-overflow.txt
- Use to patch libpng-1.0.6 through 1.2.5. Libpng-1.0.5 and earlier didn't
implement png_read_png().
- Requires libpng-patch04-*
-
-Index: src/3rdparty/libpng/pngread.c
-diff -Nau src/3rdparty/libpng/pngread.c.orig src/3rdparty/libpng/pngread.c
---- src/3rdparty/libpng/pngread.c.orig 2004-08-11 16:36:04 +0200
-+++ src/3rdparty/libpng/pngread.c 2004-08-11 16:37:39 +0200
-@@ -1290,6 +1290,9 @@
- */
- png_read_info(png_ptr, info_ptr);
-
-+ if (info_ptr->height > PNG_UINT_32_MAX/sizeof(png_bytep))
-+ png_error(png_ptr,"Image is too high to process with png_read_png()");
-+
- /* -------------- image transformations start here ------------------- */
-
- #if defined(PNG_READ_16_TO_8_SUPPORTED)
-
-http://www.graphicsmagick.org/libpng/beta/patches/libpng-patch08-splt-buffer-overflow.txt
- Use to patch libpng-1.0.6 through 1.2.5. Libpng-1.0.5 and earlier didn't
implement png_read_png().
- Requires libpng-patch04-*
-
-The "sPLT chunk too long" check from Matthias Clasen (RedHat libpng package
maintainer)
-
-Index: src/3rdparty/libpng/pngrutil.c
-diff -Nau src/3rdparty/libpng/pngrutil.c.orig src/3rdparty/libpng/pngrutil.c
---- src/3rdparty/libpng/pngrutil.c.orig 2004-08-05 15:27:41 +0200
-+++ src/3rdparty/libpng/pngrutil.c 2004-08-11 16:38:53 +0200
-@@ -1154,8 +1162,18 @@
- }
-
- new_palette.nentries = data_length / entry_size;
-- new_palette.entries = (png_sPLT_entryp)png_malloc(
-+ if (new_palette.nentries > PNG_SIZE_MAX / sizeof(png_sPLT_entry))
-+ {
-+ png_warning(png_ptr, "sPLT chunk too long");
-+ return;
-+ }
-+ new_palette.entries = (png_sPLT_entryp)png_malloc_warn(
- png_ptr, new_palette.nentries * sizeof(png_sPLT_entry));
-+ if (new_palette.entries == NULL)
-+ {
-+ png_warning(png_ptr, "sPLT chunk requires too much memory");
-+ return;
-+ }
-
- #ifndef PNG_NO_POINTER_INDEXING
- for (i = 0; i < new_palette.nentries; i++)
-
-http://www.graphicsmagick.org/libpng/beta/patches/libpng-patch09-null-iccp-profile.txt
- Use to patch libpng-1.0.9 through 1.2.5. Does not work with
libpng-1.0.6-1.0.8.
- Libpng-1.0.5 and earlier didn't implement iCCP chunk reading.
-
-Index: src/3rdparty/libpng/pngrutil.c
-diff -Nau src/3rdparty/libpng/pngrutil.c.orig src/3rdparty/libpng/pngrutil.c
---- src/3rdparty/libpng/pngrutil.c.orig 2004-08-05 15:27:41 +0200
-+++ src/3rdparty/libpng/pngrutil.c 2004-08-11 16:40:46 +0200
-@@ -977,8 +985,7 @@
- png_bytep pC;
- png_charp profile;
- png_uint_32 skip = 0;
-- png_uint_32 profile_size = 0;
-- png_uint_32 profile_length = 0;
-+ png_uint_32 profile_size, profile_length;
- png_size_t slength, prefix_length, data_length;
-
- png_debug(1, "in png_handle_iCCP\n");
-
-http://www.graphicsmagick.org/libpng/beta/patches/libpng-patch10-find-duplicate-chunk.txt
- Use to patch libpng-1.0.6 through 1.2.5 Does not work with libpng-1.0.5
and earlier.
- No security problem. The bugs are similar to the one fixed in patch
- 03, but the only effect is that libpng will fail to detect misplaced
- harmless duplicate chunks.
-
-Index: src/3rdparty/libpng/pngrutil.c
-diff -Nau src/3rdparty/libpng/pngrutil.c.orig src/3rdparty/libpng/pngrutil.c
---- src/3rdparty/libpng/pngrutil.c.orig 2004-08-11 16:40:46 +0200
-+++ src/3rdparty/libpng/pngrutil.c 2004-08-11 16:42:31 +0200
-@@ -587,7 +587,7 @@
- /* Should be an error, but we can cope with it */
- png_warning(png_ptr, "Out of place gAMA chunk");
-
-- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_gAMA)
-+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_gAMA)
- #if defined(PNG_READ_sRGB_SUPPORTED)
- && !(info_ptr->valid & PNG_INFO_sRGB)
- #endif
-@@ -668,7 +668,7 @@
- /* Should be an error, but we can cope with it */
- png_warning(png_ptr, "Out of place sBIT chunk");
- }
-- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sBIT))
-+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sBIT))
- {
- png_warning(png_ptr, "Duplicate sBIT chunk");
- png_crc_finish(png_ptr, length);
-@@ -737,7 +737,7 @@
- /* Should be an error, but we can cope with it */
- png_warning(png_ptr, "Missing PLTE before cHRM");
-
-- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_cHRM)
-+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_cHRM)
- #if defined(PNG_READ_sRGB_SUPPORTED)
- && !(info_ptr->valid & PNG_INFO_sRGB)
- #endif
-@@ -899,7 +899,7 @@
- /* Should be an error, but we can cope with it */
- png_warning(png_ptr, "Out of place sRGB chunk");
-
-- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sRGB))
-+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_sRGB))
- {
- png_warning(png_ptr, "Duplicate sRGB chunk");
- png_crc_finish(png_ptr, length);
-@@ -1002,7 +1002,7 @@
- /* Should be an error, but we can cope with it */
- png_warning(png_ptr, "Out of place iCCP chunk");
-
-- else if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_iCCP))
-+ if (info_ptr != NULL && (info_ptr->valid & PNG_INFO_iCCP))
- {
- png_warning(png_ptr, "Duplicate iCCP chunk");
- png_crc_finish(png_ptr, length);
-
-This patch from Chris Evans avoids a host of security problems related
-to buffer overflows that might occur when processing very large images.
-It causes the reader to reject any images claiming to have more rows or
-columns the png format supports.
-
Index: src/3rdparty/libpng/png.h
diff -Nau src/3rdparty/libpng/png.h.orig src/3rdparty/libpng/png.h
--- src/3rdparty/libpng/png.h.orig 2004-08-11 16:31:06 +0200
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/kde-qt/kde-qt.spec
============================================================================
$ cvs diff -u -r1.18 -r1.19 kde-qt.spec
--- openpkg-src/kde-qt/kde-qt.spec 1 Jan 2005 10:51:00 -0000 1.18
+++ openpkg-src/kde-qt/kde-qt.spec 6 Mar 2005 18:32:41 -0000 1.19
@@ -33,8 +33,8 @@
Class: EVAL
Group: KDE
License: GPL
-Version: 3.3.3
-Release: 20041109
+Version: 3.3.4
+Release: 20050306
# list of sources
Source0:
ftp://ftp.trolltech.com/pub/qt/source/qt-x11-free-%{version}.tar.bz2
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
