Author: ag Date: 2008-12-26 23:50:13 -0700 (Fri, 26 Dec 2008) New Revision: 2023
Added: trunk/imlib2/imlib2-1.4.2-CVE-2008-5187.patch Log: Add imlib2 patch to fix CVE-2008-5187 Added: trunk/imlib2/imlib2-1.4.2-CVE-2008-5187.patch =================================================================== --- trunk/imlib2/imlib2-1.4.2-CVE-2008-5187.patch (rev 0) +++ trunk/imlib2/imlib2-1.4.2-CVE-2008-5187.patch 2008-12-27 06:50:13 UTC (rev 2023) @@ -0,0 +1,21 @@ +Submitted By: Agathoklis Hatzimanikas (ag at linuxfromscratch dot org) +Date: 2008-12-27 +Initial Package Version: 1.4.2 +Origin: Upstream +Upstream Status: Applied +Description: Fixes CVE-2008-5187 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5187 + http://trac.enlightenment.org/e/ticket/136 + +diff -Naur imlib2-1.4.2.orig/src/modules/loaders/loader_xpm.c imlib2-1.4.2/src/modules/loaders/loader_xpm.c +--- imlib2-1.4.2.orig/src/modules/loaders/loader_xpm.c 2008-10-21 05:32:51.000000000 +0300 ++++ imlib2-1.4.2/src/modules/loaders/loader_xpm.c 2008-12-27 08:26:56.245650373 +0200 +@@ -253,7 +253,7 @@ + return 0; + } + ptr = im->data; +- end = ptr + (sizeof(DATA32) * w * h); ++ end = ptr + (pixels); + pixels = w * h; + } + else -- http://linuxfromscratch.org/mailman/listinfo/patches FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
