[prev in list] [next in list] [prev in thread] [next in thread]
List: openpkg-cvs
Subject: [CVS] OpenPKG: openpkg-src/ghostscript/ ghostscript.patch ghostscript....
From: "Torsten Homeyer" <tho () openpkg ! org>
Date: 2004-06-30 14:23:14
Message-ID: 20040630142314.E50A72FF07D () mail ! openpkg ! org
[Download RAW message or body]
OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Torsten Homeyer
Root: /e/openpkg/cvs Email: tho@openpkg.org
Module: openpkg-src Date: 30-Jun-2004 16:23:14
Branch: HEAD Handle: -NONE-
Modified files:
openpkg-src/ghostscript ghostscript.patch ghostscript.spec
Log:
added Security Fix (CAN-2004-0421) for png
Summary:
Revision Changes Path
1.7 +72 -25 openpkg-src/ghostscript/ghostscript.patch
1.58 +2 -2 openpkg-src/ghostscript/ghostscript.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/ghostscript/ghostscript.patch
============================================================================
$ cvs diff -u -r1.6 -r1.7 ghostscript.patch
--- openpkg-src/ghostscript/ghostscript.patch 29 Apr 2004 15:06:54 -0000 1.6
+++ openpkg-src/ghostscript/ghostscript.patch 30 Jun 2004 14:23:14 -0000 1.7
@@ -49,8 +49,78 @@
$(ZGEN)zlibd_0.dev : $(ZLIB_MAK) $(ECHOGS_XE) $(ZGEN)zlibc.dev $(zlibd_)
$(SETMOD) $(ZGEN)zlibd_0 $(zlibd1_)
---- ../libpng-1.2.5/pngrtran.c.orig Wed Oct 2 20:20:24 2002
-+++ ../libpng-1.2.5/pngrtran.c Wed Jan 15 11:30:23 2003
+Index: libpng/pngconf.h
+--- libpng/pngconf.h.orig 2002-10-03 13:32:27 +0200
++++ libpng/pngconf.h 2004-06-30 15:40:45 +0200
+@@ -251,10 +251,6 @@
+ # define PNG_SAVE_BSD_SOURCE
+ # undef _BSD_SOURCE
+ # endif
+-# ifdef _SETJMP_H
+- __png.h__ already includes setjmp.h;
+- __dont__ include it again.;
+-# endif
+ # endif /* __linux__ */
+
+ /* include setjmp.h for error handling */
+Steve G <linux_4ever@yahoo.com>
+Libpng accesses memory that is out of bounds when creating an error message
+
+Index: libpng/pngerror.c
+--- libpng/pngerror.c.orig 2002-10-03 13:32:27 +0200
++++ libpng/pngerror.c 2004-06-30 15:11:51 +0200
+@@ -135,10 +135,13 @@
+ buffer[iout] = 0;
+ else
+ {
++ png_size_t len;
++ if ((len = png_strlen(error_message)) > 63)
++ len = 63;
+ buffer[iout++] = ':';
+ buffer[iout++] = ' ';
+- png_memcpy(buffer+iout, error_message, 64);
+- buffer[iout+63] = 0;
++ png_memcpy(buffer+iout, error_message, len);
++ buffer[iout+len] = 0;
+ }
+ }
+
+Index: libpng/pngrtran.c
+--- libpng/pngrtran.c.orig 2004-06-30 15:42:18 +0200
++++ libpng/pngrtran.c 2004-06-30 15:40:24 +0200
+@@ -1889,8 +1889,8 @@
+ /* This changes the data from GG to GGXX */
+ if (flags & PNG_FLAG_FILLER_AFTER)
+ {
+- png_bytep sp = row + (png_size_t)row_width;
+- png_bytep dp = sp + (png_size_t)row_width;
++ png_bytep sp = row + (png_size_t)row_width * 2;
++ png_bytep dp = sp + (png_size_t)row_width * 2;
+ for (i = 1; i < row_width; i++)
+ {
+ *(--dp) = hi_filler;
+@@ -1907,8 +1907,8 @@
+ /* This changes the data from GG to XXGG */
+ else
+ {
+- png_bytep sp = row + (png_size_t)row_width;
+- png_bytep dp = sp + (png_size_t)row_width;
++ png_bytep sp = row + (png_size_t)row_width * 2;
++ png_bytep dp = sp + (png_size_t)row_width * 2;
+ for (i = 0; i < row_width; i++)
+ {
+ *(--dp) = *(--sp);
+@@ -1929,8 +1929,8 @@
+ /* This changes the data from RGB to RGBX */
+ if (flags & PNG_FLAG_FILLER_AFTER)
+ {
+- png_bytep sp = row + (png_size_t)row_width * 3;
+- png_bytep dp = sp + (png_size_t)row_width;
++ png_bytep sp = row + (png_size_t)row_width * 6;
++ png_bytep dp = sp + (png_size_t)row_width * 2;
+ for (i = 1; i < row_width; i++)
+ {
+ *(--dp) = lo_filler;
@@ -1965,8 +1965,8 @@
/* This changes the data from RRGGBB to RRGGBBXX */
if (flags & PNG_FLAG_FILLER_AFTER)
@@ -73,26 +143,3 @@
for (i = 0; i < row_width; i++)
{
*(--dp) = *(--sp);
-
-Steve G <linux_4ever@yahoo.com>
-Libpng accesses memory that is out of bounds when creating an error message
-
-Index: pngerror.c
---- ../libpng-1.2.5/pngerror.c.orig 2002-10-03 13:32:27.000000000 +0200
-+++ ../libpng-1.2.5/pngerror.c 2004-04-28 13:24:22.000000000 +0200
-@@ -135,10 +135,13 @@
- buffer[iout] = 0;
- else
- {
-+ png_size_t len;
-+ if ((len = png_strlen(error_message)) > 63)
-+ len = 63;
- buffer[iout++] = ':';
- buffer[iout++] = ' ';
-- png_memcpy(buffer+iout, error_message, 64);
-- buffer[iout+63] = 0;
-+ png_memcpy(buffer+iout, error_message, len);
-+ buffer[iout+len] = 0;
- }
- }
-
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/ghostscript/ghostscript.spec
============================================================================
$ cvs diff -u -r1.57 -r1.58 ghostscript.spec
--- openpkg-src/ghostscript/ghostscript.spec 4 Jun 2004 14:49:46 -0000 1.57
+++ openpkg-src/ghostscript/ghostscript.spec 30 Jun 2004 14:23:14 -0000 1.58
@@ -43,7 +43,7 @@
Group: Graphics
License: Aladdin
Version: %{V_real}
-Release: 20040604
+Release: 20040630
# package options
%option with_x11 yes
@@ -109,10 +109,10 @@
%setup -q -T -D -a 3
%setup -q -T -D -a 4
%setup -q -T -D -a 5
- %patch -p0 -d ghostscript-%{version}
mv jpeg-%{V_jpeg} ghostscript-%{version}/jpeg
mv libpng-%{V_png} ghostscript-%{version}/libpng
mv zlib-%{V_zlib} ghostscript-%{version}/zlib
+ %patch -p0 -d ghostscript-%{version}
%build
mtcflags=""
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic