Author: gotar Date: Sun Jun 5 13:58:07 2011 GMT Module: packages Tag: HEAD ---- Log message: - added CVE-2010-2642 patch from t1lib-5.1.2-10.1.src.rpm (OpenSuSE), rel. 4
---- Files affected: packages/t1lib: t1lib.spec (1.82 -> 1.83) , t1lib-5.1.2-CVE-2010-2642.patch (NONE -> 1.1) (NEW) ---- Diffs: ================================================================ Index: packages/t1lib/t1lib.spec diff -u packages/t1lib/t1lib.spec:1.82 packages/t1lib/t1lib.spec:1.83 --- packages/t1lib/t1lib.spec:1.82 Thu Jun 3 23:23:00 2010 +++ packages/t1lib/t1lib.spec Sun Jun 5 15:58:02 2011 @@ -10,7 +10,7 @@ Summary(uk.UTF-8): Растеризатор шрифтів Type 1 Name: t1lib Version: 5.1.2 -Release: 3 +Release: 4 License: GPL v2 Group: Libraries Source0: ftp://sunsite.unc.edu/pub/Linux/libs/graphics/%{name}-%{version}.tar.gz @@ -26,6 +26,7 @@ Patch4: %{name}-xglyph.patch Patch5: %{name}-aclocal.patch Patch6: %{name}-link.patch +Patch7: %{name}-5.1.2-CVE-2010-2642.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: libtool @@ -246,6 +247,7 @@ %patch4 -p1 %patch5 -p1 %patch6 -p1 +%patch7 -p1 rm -f ac-tools/aclocal.m4 @@ -359,6 +361,9 @@ All persons listed below can be reached at <cvs_login>@pld-linux.org $Log$ +Revision 1.83 2011/06/05 13:58:02 gotar +- added CVE-2010-2642 patch from t1lib-5.1.2-10.1.src.rpm (OpenSuSE), rel. 4 + Revision 1.82 2010/06/03 21:23:00 glen - rpm is stupid, require fontpostins (postun is not enough); rel 3 @@ -631,4 +636,3 @@ Revision 1.8 1999/07/12 23:06:15 kloczek - added using CVS keywords in %changelog (for automating them). - ================================================================ Index: packages/t1lib/t1lib-5.1.2-CVE-2010-2642.patch diff -u /dev/null packages/t1lib/t1lib-5.1.2-CVE-2010-2642.patch:1.1 --- /dev/null Sun Jun 5 15:58:07 2011 +++ packages/t1lib/t1lib-5.1.2-CVE-2010-2642.patch Sun Jun 5 15:58:02 2011 @@ -0,0 +1,13 @@ +Index: t1lib-5.1.2/lib/t1lib/parseAFM.c +=================================================================== +--- t1lib-5.1.2.orig/lib/t1lib/parseAFM.c 2007-12-23 16:49:42.000000000 +0100 ++++ t1lib-5.1.2/lib/t1lib/parseAFM.c 2011-01-07 10:52:38.953106681 +0100 +@@ -199,7 +199,7 @@ + idx = 0; + + while (ch != EOF && ch != ' ' && ch != CR && ch != LF && +- ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'){ ++ ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';' && idx < MAX_NAME){ + ident[idx++] = ch; + ch = fgetc(stream); + } /* while */ ================================================================ ---- CVS-web: http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/t1lib/t1lib.spec?r1=1.82&r2=1.83&f=u _______________________________________________ pld-cvs-commit mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
