Subject: pkg/26833: imlib2 update -> v 1.1.2 (vulnaribility fix)
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <Peter.Bex@student.kun.nl>
List: pkgsrc-bugs
Date: 09/02/2004 15:06:22
>Number: 26833
>Category: pkg
>Synopsis: Update of imlib2 to version 1.1.2, patch included
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: pkg-manager
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Thu Sep 02 13:06:00 UTC 2004
>Closed-Date:
>Last-Modified:
>Originator:
>Release: NetBSD 2.0_BETA
>Organization:
>Environment:
System: NetBSD frohike.nvie.com 2.0_BETA NetBSD 2.0_BETA (FROHIKE) #0: Tue Aug 24 22:02:00 CEST 2004 sjamaan@frohike.nvie.com:/usr/src/sys/arch/i386/compile/FROHIKE i386
Architecture: i386
Machine: i386
>Description:
This update of imlib2 is needed because all imlib2 versions <= 1 .1.1
have a vulnerability in the bmp loader.
See
http://www.vuxml.org/freebsd/ba005226-fb5b-11d8-9837-000c41e2cdad.html
for info on the vulnerability.
>How-To-Repeat:
n/a
>Fix:
Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/graphics/imlib2/Makefile,v
retrieving revision 1.21
diff -u -r1.21 Makefile
--- Makefile 26 Aug 2004 20:21:58 -0000 1.21
+++ Makefile 2 Sep 2004 12:57:52 -0000
@@ -1,7 +1,7 @@
# $NetBSD: Makefile,v 1.21 2004/08/26 20:21:58 recht Exp $
#
-DISTNAME= imlib2-1.1.1
+DISTNAME= imlib2-1.1.2
CATEGORIES= graphics
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=enlightenment/}
Index: PLIST
===================================================================
RCS file: /cvsroot/pkgsrc/graphics/imlib2/PLIST,v
retrieving revision 1.4
diff -u -r1.4 PLIST
--- PLIST 26 Aug 2004 20:21:58 -0000 1.4
+++ PLIST 2 Sep 2004 12:57:52 -0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.4 2004/08/26 20:21:58 recht Exp $
+@comment $NetBSD$
bin/bumpmaptest
bin/color_spaces
bin/imconvert
@@ -32,6 +32,9 @@
lib/imlib2_loaders/image/jpeg.a
lib/imlib2_loaders/image/jpeg.la
lib/imlib2_loaders/image/jpeg.so
+lib/imlib2_loaders/image/lbm.a
+lib/imlib2_loaders/image/lbm.la
+lib/imlib2_loaders/image/lbm.so
lib/imlib2_loaders/image/png.a
lib/imlib2_loaders/image/png.la
lib/imlib2_loaders/image/png.so
@@ -54,7 +57,7 @@
lib/libImlib2.la
lib/libImlib2.so
lib/libImlib2.so.2
-lib/libImlib2.so.2.1
+lib/libImlib2.so.2.2
lib/pkgconfig/imlib2.pc
@dirrm lib/imlib2_loaders/image
@dirrm lib/imlib2_loaders/filter
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/graphics/imlib2/distinfo,v
retrieving revision 1.5
diff -u -r1.5 distinfo
--- distinfo 26 Aug 2004 20:21:58 -0000 1.5
+++ distinfo 2 Sep 2004 12:57:52 -0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.5 2004/08/26 20:21:58 recht Exp $
+$NetBSD$
-SHA1 (imlib2-1.1.1.tar.gz) = 3ed59dbba286ac0a8b0f375467b7d662e765b5c3
-Size (imlib2-1.1.1.tar.gz) = 871202 bytes
-SHA1 (patch-aa) = 5fd7a62f2424b87ce750e0f7700135f51f3bf9da
-SHA1 (patch-ab) = a6756a42c87562df34516a05ca2bd616b9562ba8
-SHA1 (patch-ac) = d65999f9b844db4a20dcd5bd47ff1127df54af15
-SHA1 (patch-ad) = 062c1359e98aafd30379699db4ab041d8f170bdb
-SHA1 (patch-ae) = 02bd5ca5c130fd02143199137f5108a8123f8112
+SHA1 (imlib2-1.1.2.tar.gz) = ac26760d09aed5eb200101a9846c7647cf991dff
+Size (imlib2-1.1.2.tar.gz) = 875843 bytes
+SHA1 (patch-aa) = c17ca68d6335814d2d36330f61b2bd65a1af9f9c
+SHA1 (patch-ab) = 7d62dace61a3c39a93e642edfcf66beaa80fa184
+SHA1 (patch-ac) = 988d5962f10c3ff843f259bc4029465b0c85e21f
+SHA1 (patch-ad) = 622dfb1c2666dad4f216e78191ec186cb8d6f657
+SHA1 (patch-ae) = 9858eccea874a1574fc472b025968c847bd1d3bd
Index: patches/patch-aa
===================================================================
RCS file: /cvsroot/pkgsrc/graphics/imlib2/patches/patch-aa,v
retrieving revision 1.3
diff -u -r1.3 patch-aa
--- patches/patch-aa 26 Aug 2004 20:21:58 -0000 1.3
+++ patches/patch-aa 2 Sep 2004 12:57:52 -0000
@@ -1,13 +1,13 @@
-$NetBSD: patch-aa,v 1.3 2004/08/26 20:21:58 recht Exp $
+$NetBSD$
---- src/Makefile.in.orig 2004-07-30 05:06:53.000000000 +0200
-+++ src/Makefile.in 2004-08-26 20:28:32.000000000 +0200
-@@ -113,7 +113,7 @@
+--- demo/Makefile.in.orig 2004-08-31 05:23:11.000000000 +0200
++++ demo/Makefile.in
+@@ -114,7 +114,7 @@ AUTOMAKE_OPTIONS = 1.4 foreign
# A list of all the files in the current directory which can be regenerated
- MAINTAINERCLEANFILES = Makefile.in
+ MAINTAINERCLEANFILES = Makefile.in
-LDFLAGS = -L/usr/X11R6/lib
+LDFLAGS = @LDFLAGS@
- INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_builddir)/src -I$(top_srcdir)/loaders $(freetype_cflags) -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir) @XMISS@
+ INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/loaders -I$(top_srcdir)/libltdl -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir)
+
- MMX_SRCS = asm_blend.S asm_rgba.S asm_scale.S asm_rotate.S asm_blend_cmod.S
Index: patches/patch-ab
===================================================================
RCS file: /cvsroot/pkgsrc/graphics/imlib2/patches/patch-ab,v
retrieving revision 1.4
diff -u -r1.4 patch-ab
--- patches/patch-ab 26 Aug 2004 20:21:58 -0000 1.4
+++ patches/patch-ab 2 Sep 2004 12:57:52 -0000
@@ -1,13 +1,13 @@
-$NetBSD: patch-ab,v 1.4 2004/08/26 20:21:58 recht Exp $
+$NetBSD$
---- loaders/Makefile.in.orig 2004-07-30 05:06:54.000000000 +0200
-+++ loaders/Makefile.in 2004-08-26 20:29:16.000000000 +0200
-@@ -113,7 +113,7 @@
+--- filters/Makefile.in.orig 2004-08-31 05:23:10.000000000 +0200
++++ filters/Makefile.in
+@@ -114,7 +114,7 @@ AUTOMAKE_OPTIONS = 1.4 foreign
# A list of all the files in the current directory which can be regenerated
MAINTAINERCLEANFILES = Makefile.in
--LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs -L/usr/X11R6/lib
+-LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs -L/usr/X11R6/lib
+LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs @LDFLAGS@
- INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/loaders -I$(top_srcdir)/libltdl -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir)
+ INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/loaders -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir)
Index: patches/patch-ac
===================================================================
RCS file: /cvsroot/pkgsrc/graphics/imlib2/patches/patch-ac,v
retrieving revision 1.1
diff -u -r1.1 patch-ac
--- patches/patch-ac 26 Aug 2004 20:21:58 -0000 1.1
+++ patches/patch-ac 2 Sep 2004 12:57:52 -0000
@@ -1,13 +1,13 @@
-$NetBSD: patch-ac,v 1.1 2004/08/26 20:21:58 recht Exp $
+$NetBSD$
---- filters/Makefile.in.orig 2004-08-26 20:30:16.000000000 +0200
-+++ filters/Makefile.in 2004-08-26 20:30:32.000000000 +0200
-@@ -113,7 +113,7 @@
+--- loaders/Makefile.in.orig 2004-08-31 05:23:11.000000000 +0200
++++ loaders/Makefile.in
+@@ -114,7 +114,7 @@ AUTOMAKE_OPTIONS = 1.4 foreign
# A list of all the files in the current directory which can be regenerated
MAINTAINERCLEANFILES = Makefile.in
--LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs -L/usr/X11R6/lib
+-LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs -L/usr/X11R6/lib
+LDFLAGS = -L$(top_builddir)/src -L$(top_builddir)/src/.libs @LDFLAGS@
- INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/loaders -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir)
+ INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/loaders -I$(top_srcdir)/libltdl -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir)
Index: patches/patch-ad
===================================================================
RCS file: /cvsroot/pkgsrc/graphics/imlib2/patches/patch-ad,v
retrieving revision 1.1
diff -u -r1.1 patch-ad
--- patches/patch-ad 26 Aug 2004 20:21:58 -0000 1.1
+++ patches/patch-ad 2 Sep 2004 12:57:53 -0000
@@ -1,13 +1,13 @@
-$NetBSD: patch-ad,v 1.1 2004/08/26 20:21:58 recht Exp $
+$NetBSD$
---- test/Makefile.in.orig 2004-08-26 20:32:09.000000000 +0200
-+++ test/Makefile.in 2004-08-26 20:32:23.000000000 +0200
-@@ -113,7 +113,7 @@
+--- src/Makefile.in.orig 2004-08-31 05:23:10.000000000 +0200
++++ src/Makefile.in
+@@ -114,7 +114,7 @@ AUTOMAKE_OPTIONS = 1.4 foreign
# A list of all the files in the current directory which can be regenerated
- MAINTAINERCLEANFILES = Makefile.in
+ MAINTAINERCLEANFILES = Makefile.in
-LDFLAGS = -L/usr/X11R6/lib
+LDFLAGS = @LDFLAGS@
- INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/loaders -I$(top_srcdir)/libltdl -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir)
-
+ INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_builddir)/src -I$(top_srcdir)/loaders $(freetype_cflags) -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir) @XMISS@
+ MMX_SRCS = asm_blend.S asm_rgba.S asm_scale.S asm_rotate.S asm_blend_cmod.S
Index: patches/patch-ae
===================================================================
RCS file: /cvsroot/pkgsrc/graphics/imlib2/patches/patch-ae,v
retrieving revision 1.1
diff -u -r1.1 patch-ae
--- patches/patch-ae 26 Aug 2004 20:21:58 -0000 1.1
+++ patches/patch-ae 2 Sep 2004 12:57:53 -0000
@@ -1,13 +1,13 @@
-$NetBSD: patch-ae,v 1.1 2004/08/26 20:21:58 recht Exp $
+$NetBSD$
---- demo/Makefile.in.orig 2004-08-26 20:43:34.000000000 +0200
-+++ demo/Makefile.in 2004-08-26 20:43:49.000000000 +0200
-@@ -113,7 +113,7 @@
+--- test/Makefile.in.orig 2004-08-31 05:23:11.000000000 +0200
++++ test/Makefile.in
+@@ -114,7 +114,7 @@ AUTOMAKE_OPTIONS = 1.4 foreign
# A list of all the files in the current directory which can be regenerated
MAINTAINERCLEANFILES = Makefile.in
-LDFLAGS = -L/usr/X11R6/lib
+LDFLAGS = @LDFLAGS@
- INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/loaders -I$(top_srcdir)/libltdl -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir)
+ INCLUDES = -I. -I$(top_srcdir) -I$(top_srcdir)/src -I$(top_srcdir)/loaders -I$(top_srcdir)/libltdl -I/usr/X11R6/include $(X_CFLAGS) -I$(prefix)/include -I$(includedir)
>Release-Note:
>Audit-Trail:
>Unformatted: