[pkgsrc/trunk]: pkgsrc/lang/mono apply a patch from Debian for CVE-2007-5197:

[drochner <drochner%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/186d8a1249c3
branches:  trunk
changeset: 534992:186d8a1249c3
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Mon Nov 05 11:28:50 2007 +0000

description:
apply a patch from Debian for CVE-2007-5197:
Buffer overflow in the Mono.Math.BigInteger class in Mono allows
context-dependent attackers to execute arbitrary code via
unspecified vectors

diffstat:

 lang/mono/Makefile         |   4 ++--
 lang/mono/distinfo         |   4 +++-
 lang/mono/patches/patch-ca |  13 +++++++++++++
 lang/mono/patches/patch-cb |  13 +++++++++++++
 4 files changed, 31 insertions(+), 3 deletions(-)

diffs (62 lines):

diff -r 9d1730af4932 -r 186d8a1249c3 lang/mono/Makefile
--- a/lang/mono/Makefile        Mon Nov 05 09:39:38 2007 +0000
+++ b/lang/mono/Makefile        Mon Nov 05 11:28:50 2007 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.58 2007/08/13 16:41:34 taca Exp $
+# $NetBSD: Makefile,v 1.59 2007/11/05 11:28:50 drochner Exp $
 
 DISTNAME=      mono-1.1.13.8.1
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    lang
 MASTER_SITES=  http://go-mono.com/sources/mono-1.1/
 
diff -r 9d1730af4932 -r 186d8a1249c3 lang/mono/distinfo
--- a/lang/mono/distinfo        Mon Nov 05 09:39:38 2007 +0000
+++ b/lang/mono/distinfo        Mon Nov 05 11:28:50 2007 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.30 2007/08/13 16:41:34 taca Exp $
+$NetBSD: distinfo,v 1.31 2007/11/05 11:28:50 drochner Exp $
 
 SHA1 (mono-1.1.13.8.1.tar.gz) = f2cb79844073694859b1fb92eb770e3705239a3d
 RMD160 (mono-1.1.13.8.1.tar.gz) = a100a96b19300b253c12a2ad70caf65721418209
@@ -24,3 +24,5 @@
 SHA1 (patch-bd) = a52007ae22f8b23d20abf4a56e5b9d57ccd1fbbe
 SHA1 (patch-be) = d7a6232690ecd15c32ed44dcc498e596c248f332
 SHA1 (patch-bf) = cbe6c7a401a183eccc73ffb45120486c1cbc75b8
+SHA1 (patch-ca) = 46c16c507f0b1f127561f03d95711c91b6b26820
+SHA1 (patch-cb) = c99543e4a5d2c968871d51780500731e31d4ea36
diff -r 9d1730af4932 -r 186d8a1249c3 lang/mono/patches/patch-ca
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/mono/patches/patch-ca        Mon Nov 05 11:28:50 2007 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ca,v 1.1 2007/11/05 11:28:50 drochner Exp $
+
+--- mcs/class/Mono.Security/Mono.Math/BigInteger.cs.orig       2007-11-05 11:47:52.000000000 +0100
++++ mcs/class/Mono.Security/Mono.Math/BigInteger.cs
+@@ -1574,7 +1574,7 @@ namespace Mono.Math {
+                                               uint j = 1;
+ 
+                                               // Multiply and add
+-                                              for (; j < m.length; j++) {
++                                              for (; j < m.length && j < A.length; j++) {
+                                                       c += (ulong)u_i * (ulong)*(mP++) + *(aSP++);
+                                                       *(aDP++) = (uint)c;
+                                                       c >>= 32;
diff -r 9d1730af4932 -r 186d8a1249c3 lang/mono/patches/patch-cb
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/mono/patches/patch-cb        Mon Nov 05 11:28:50 2007 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-cb,v 1.1 2007/11/05 11:28:51 drochner Exp $
+
+--- mcs/class/corlib/Mono.Math/BigInteger.cs.orig      2007-11-05 11:48:57.000000000 +0100
++++ mcs/class/corlib/Mono.Math/BigInteger.cs
+@@ -1574,7 +1574,7 @@ namespace Mono.Math {
+                                               uint j = 1;
+ 
+                                               // Multiply and add
+-                                              for (; j < m.length; j++) {
++                                              for (; j < m.length && j < A.length; j++) {
+                                                       c += (ulong)u_i * (ulong)*(mP++) + *(aSP++);
+                                                       *(aDP++) = (uint)c;
+                                                       c >>= 32;