OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /e/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 29-Jun-2004 10:18:10 Branch: OPENPKG_1_3_SOLID Handle: -NONE- Modified files: (Branch: OPENPKG_1_3_SOLID) openpkg-src/png png.patch png.spec Log: apply extended security fix and a cleanup patch from CURRENT Summary: Revision Changes Path 1.1.10.2 +45 -4 openpkg-src/png/png.patch 1.29.2.2.2.3+1 -1 openpkg-src/png/png.spec ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-src/png/png.patch ============================================================================ $ cvs diff -u -r1.1.10.1 -r1.1.10.2 png.patch --- openpkg-src/png/png.patch 29 Apr 2004 19:56:26 -0000 1.1.10.1 +++ openpkg-src/png/png.patch 29 Jun 2004 08:18:09 -0000 1.1.10.2 @@ -1,5 +1,31 @@ ---- pngrtran.c.orig Wed Oct 2 20:20:24 2002 -+++ pngrtran.c Wed Jan 15 11:30:23 2003 +Security Fix (CAN-2002-1363): +Possible buffer overflows. + +Index: pngrtran.c +--- pngrtran.c.orig 2002-10-03 13:32:29 +0200 ++++ pngrtran.c 2004-06-29 10:06:10 +0200 +@@ -1889,8 +1889,8 @@ + /* This changes the data from GG to GGXX */ + if (flags & PNG_FLAG_FILLER_AFTER) + { +- png_bytep sp = row + (png_size_t)row_width; +- png_bytep dp = sp + (png_size_t)row_width; ++ png_bytep sp = row + (png_size_t)row_width * 2; ++ png_bytep dp = sp + (png_size_t)row_width * 2; + for (i = 1; i < row_width; i++) + { + *(--dp) = hi_filler; +@@ -1907,8 +1907,8 @@ + /* This changes the data from GG to XXGG */ + else + { +- png_bytep sp = row + (png_size_t)row_width; +- png_bytep dp = sp + (png_size_t)row_width; ++ png_bytep sp = row + (png_size_t)row_width * 2; ++ png_bytep dp = sp + (png_size_t)row_width * 2; + for (i = 0; i < row_width; i++) + { + *(--dp) = *(--sp); @@ -1965,8 +1965,8 @@ /* This changes the data from RRGGBB to RRGGBBXX */ if (flags & PNG_FLAG_FILLER_AFTER) @@ -23,8 +49,10 @@ { *(--dp) = *(--sp); -Steve G <[EMAIL PROTECTED]> -Libpng accesses memory that is out of bounds when creating an error message +----------------------------------------------------------------------------- + +Security Fix (Steve G <[EMAIL PROTECTED]>): +Access to memory that is out of bounds when creating an error message. Index: pngerror.c --- pngerror.c.orig 2002-10-03 13:32:27.000000000 +0200 @@ -45,3 +73,16 @@ } } +--- pngconf.h.orig 2004-05-27 09:42:21.000000000 +0200 ++++ pngconf.h 2004-05-27 09:43:22.000000000 +0200 +@@ -251,10 +251,6 @@ + # define PNG_SAVE_BSD_SOURCE + # undef _BSD_SOURCE + # endif +-# ifdef _SETJMP_H +- __png.h__ already includes setjmp.h; +- __dont__ include it again.; +-# endif + # endif /* __linux__ */ + + /* include setjmp.h for error handling */ @@ . patch -p0 <<'@@ .' Index: openpkg-src/png/png.spec ============================================================================ $ cvs diff -u -r1.29.2.2.2.2 -r1.29.2.2.2.3 png.spec --- openpkg-src/png/png.spec 29 Apr 2004 19:56:26 -0000 1.29.2.2.2.2 +++ openpkg-src/png/png.spec 29 Jun 2004 08:18:09 -0000 1.29.2.2.2.3 @@ -33,7 +33,7 @@ Group: Graphics License: BSD Version: 1.2.5 -Release: 1.3.1 +Release: 1.3.2 # list of sources Source0: http://osdn.dl.sourceforge.net/sourceforge/libpng/libpng-%{version}.tar.gz @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List [EMAIL PROTECTED]