pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2006Q4]: pkgsrc/graphics/gd Pullup ticket 2022 - requested by ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/510282b91875
branches: pkgsrc-2006Q4
changeset: 523015:510282b91875
user: ghen <ghen%pkgsrc.org@localhost>
date: Sun Feb 18 12:09:24 2007 +0000
description:
Pullup ticket 2022 - requested by salo
security update for gd
- pkgsrc/graphics/gd/Makefile 1.71-1.72
- pkgsrc/graphics/gd/distinfo 1.24-1.25
- pkgsrc/graphics/gd/patches/patch-ac 1.4-1.5
Module Name: pkgsrc
Committed By: wiz
Date: Wed Feb 7 20:28:49 UTC 2007
Modified Files:
pkgsrc/graphics/gd: Makefile
Log Message:
Update HOMEPAGE.
---
Module Name: pkgsrc
Committed By: adam
Date: Fri Feb 16 20:37:52 UTC 2007
Modified Files:
pkgsrc/graphics/gd: Makefile distinfo
pkgsrc/graphics/gd/patches: patch-ac
Log Message:
Changes 2.0.34:
* 32-bit multiplication overflow vulnerabilities along with a number of similar
issues
* Memory allocation errors that were not checked
* Multiple issues in the GIF loader. Corrupt gif images would cause a segfault
or infinite loop
* Malformed or empty PNG image also may have caused segfaults
* gdImageFillToBorder segfaulted when the color was not opaque (alpha > 0)
* Antialiased lines drawn on an images edge caused a segfault
* gdImageFill segfaulted when used with patterns or invalid arguments
* gdImageFilledEllipse did not respect transparency
---
Module Name: pkgsrc
Committed By: adam
Date: Sat Feb 17 07:04:45 UTC 2007
Modified Files:
pkgsrc/graphics/gd: distinfo
pkgsrc/graphics/gd/patches: patch-ac
Log Message:
Patch patch-ac
diffstat:
graphics/gd/Makefile | 14 +++++++-------
graphics/gd/distinfo | 10 +++++-----
graphics/gd/patches/patch-ac | 26 ++++++++++++--------------
3 files changed, 24 insertions(+), 26 deletions(-)
diffs (113 lines):
diff -r 6e057e56bafc -r 510282b91875 graphics/gd/Makefile
--- a/graphics/gd/Makefile Sun Feb 18 12:01:11 2007 +0000
+++ b/graphics/gd/Makefile Sun Feb 18 12:09:24 2007 +0000
@@ -1,19 +1,19 @@
-# $NetBSD: Makefile,v 1.70 2006/06/14 21:42:33 salo Exp $
+# $NetBSD: Makefile,v 1.70.6.1 2007/02/18 12:09:24 ghen Exp $
-DISTNAME= gd-2.0.33
-PKGREVISION= 5
+DISTNAME= gd-2.0.34
CATEGORIES= graphics
-MASTER_SITES= http://www.boutell.com/gd/http/
+MASTER_SITES= http://www.libgd.org/releases/
+EXTRACT_SUFX= .tar.bz2
MAINTAINER= adam%NetBSD.org@localhost
-HOMEPAGE= http://www.boutell.com/gd/
+HOMEPAGE= http://www.libgd.org/
COMMENT= Graphics library for the dynamic creation of images
PKG_INSTALLATION_TYPES= overwrite pkgviews
-USE_LIBTOOL= YES
+USE_LIBTOOL= yes
USE_TOOLS+= perl:run
-GNU_CONFIGURE= YES
+GNU_CONFIGURE= yes
REPLACE_PERL+= bdftogd
PTHREAD_AUTO_VARS= yes
diff -r 6e057e56bafc -r 510282b91875 graphics/gd/distinfo
--- a/graphics/gd/distinfo Sun Feb 18 12:01:11 2007 +0000
+++ b/graphics/gd/distinfo Sun Feb 18 12:09:24 2007 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.23 2006/06/14 21:42:33 salo Exp $
+$NetBSD: distinfo,v 1.23.6.1 2007/02/18 12:09:25 ghen Exp $
-SHA1 (gd-2.0.33.tar.gz) = 89548efb01116a740c796a8df80de16d19856811
-RMD160 (gd-2.0.33.tar.gz) = 6c573638387bb36044f3d4d480b10229445b9a6b
-Size (gd-2.0.33.tar.gz) = 587617 bytes
+SHA1 (gd-2.0.34.tar.bz2) = 7d735b2917f987dd71ddbb72e9e100b2f8951de7
+RMD160 (gd-2.0.34.tar.bz2) = 88b1d298e3392c5c05acf2cd01b387d7e0d2bfae
+Size (gd-2.0.34.tar.bz2) = 1135372 bytes
SHA1 (patch-aa) = 38f0aa7043dba517405312d4eef59347e3c0185a
SHA1 (patch-ab) = 082f5baa2c147fb62381c21ecb3ce11a1891a2aa
-SHA1 (patch-ac) = 154abdaff73099617a1b57f4d2f19358aaf2a043
+SHA1 (patch-ac) = 1e0dbdc6a2ad56ec947cd694749049ff26014e82
diff -r 6e057e56bafc -r 510282b91875 graphics/gd/patches/patch-ac
--- a/graphics/gd/patches/patch-ac Sun Feb 18 12:01:11 2007 +0000
+++ b/graphics/gd/patches/patch-ac Sun Feb 18 12:09:24 2007 +0000
@@ -1,10 +1,8 @@
-$NetBSD: patch-ac,v 1.3 2006/06/14 21:42:33 salo Exp $
-
-Security fix for CVE-2006-2906, from Xavier Roche via Ubuntu.
+$NetBSD: patch-ac,v 1.3.6.1 2007/02/18 12:09:25 ghen Exp $
---- gd_gif_in.c.orig 2004-11-01 19:28:56.000000000 +0100
-+++ gd_gif_in.c 2006-06-14 23:30:38.000000000 +0200
-@@ -118,6 +118,7 @@
+--- gd_gif_in.c.orig 2007-02-03 02:41:00.000000000 +0100
++++ gd_gif_in.c
+@@ -118,6 +118,7 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro
char version[4];
/* 2.0.28: threadsafe storage */
int ZeroDataBlock = FALSE;
@@ -12,7 +10,7 @@
gdImagePtr im = 0;
if (! ReadOK(fd,buf,6)) {
-@@ -164,6 +165,8 @@
+@@ -166,6 +167,8 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFro
}
if (c != ',') { /* Not a valid start character */
@@ -21,7 +19,7 @@
continue;
}
-@@ -242,6 +245,7 @@
+@@ -253,6 +256,7 @@ static int
DoExtension(gdIOCtx *fd, int label, int *Transparent, int *ZeroDataBlockP)
{
static unsigned char buf[256];
@@ -29,23 +27,23 @@
switch (label) {
case 0xf9: /* Graphic Control Extension */
-@@ -254,13 +258,13 @@
+@@ -265,13 +269,13 @@ DoExtension(gdIOCtx *fd, int label, int
if ((buf[0] & 0x1) != 0)
*Transparent = buf[3];
-- while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) != 0)
-+ while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) != 0 && --maxcount >= 0)
+- while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) > 0)
++ while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) > 0 && --maxcount >= 0)
;
return FALSE;
default:
break;
}
-- while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) != 0)
-+ while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) != 0 && --maxcount >= 0)
+- while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) > 0)
++ while (GetDataBlock(fd, (unsigned char*) buf, ZeroDataBlockP) > 0 && --maxcount >= 0)
;
return FALSE;
-@@ -419,14 +423,15 @@
+@@ -430,14 +434,15 @@ LWZReadByte_(gdIOCtx *fd, int flag, int
} else if (code == end_code) {
int count;
unsigned char buf[260];
Home |
Main Index |
Thread Index |
Old Index