pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/graphics/SDL_image also patch CVE-2007-6697 (buffer ov...
details: https://anonhg.NetBSD.org/pkgsrc/rev/47ba69d2ea5e
branches: trunk
changeset: 538507:47ba69d2ea5e
user: drochner <drochner%pkgsrc.org@localhost>
date: Mon Feb 11 10:12:24 2008 +0000
description:
also patch CVE-2007-6697 (buffer overflow in gif parser), from upstream
CVS, bump PKGREVISION
diffstat:
graphics/SDL_image/Makefile | 4 ++--
graphics/SDL_image/distinfo | 3 ++-
graphics/SDL_image/patches/patch-ab | 15 +++++++++++++++
3 files changed, 19 insertions(+), 3 deletions(-)
diffs (44 lines):
diff -r 4ff17a38923d -r 47ba69d2ea5e graphics/SDL_image/Makefile
--- a/graphics/SDL_image/Makefile Mon Feb 11 02:22:32 2008 +0000
+++ b/graphics/SDL_image/Makefile Mon Feb 11 10:12:24 2008 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.29 2008/02/08 12:33:31 drochner Exp $
+# $NetBSD: Makefile,v 1.30 2008/02/11 10:12:24 drochner Exp $
DISTNAME= SDL_image-1.2.6
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= graphics devel
MASTER_SITES= http://www.libsdl.org/projects/SDL_image/release/
diff -r 4ff17a38923d -r 47ba69d2ea5e graphics/SDL_image/distinfo
--- a/graphics/SDL_image/distinfo Mon Feb 11 02:22:32 2008 +0000
+++ b/graphics/SDL_image/distinfo Mon Feb 11 10:12:24 2008 +0000
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.7 2008/02/08 12:33:31 drochner Exp $
+$NetBSD: distinfo,v 1.8 2008/02/11 10:12:24 drochner Exp $
SHA1 (SDL_image-1.2.6.tar.gz) = 5045df31e4db29d8890110fd18024c9d08efca30
RMD160 (SDL_image-1.2.6.tar.gz) = 8aea5f07216eb887f599c0908f8ea2c2f9eeac93
Size (SDL_image-1.2.6.tar.gz) = 1308812 bytes
SHA1 (patch-aa) = eb852fd3c7218fe257ca40a6e90c81ec13dcaeb1
+SHA1 (patch-ab) = 5ddd8f064834a47b7ebda5b1bc1e473351b3e005
diff -r 4ff17a38923d -r 47ba69d2ea5e graphics/SDL_image/patches/patch-ab
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/SDL_image/patches/patch-ab Mon Feb 11 10:12:24 2008 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-ab,v 1.1 2008/02/11 10:12:24 drochner Exp $
+
+--- IMG_gif.c.orig 2007-07-02 04:03:48.000000000 +0200
++++ IMG_gif.c
+@@ -418,6 +418,10 @@ LWZReadByte(SDL_RWops *src, int flag, in
+ static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp;
+ register int i;
+
++ /* Fixed buffer overflow found by Michael Skladnikiewicz */
++ if (input_code_size > MAX_LWZ_BITS)
++ return -1;
++
+ if (flag) {
+ set_code_size = input_code_size;
+ code_size = set_code_size + 1;
Home |
Main Index |
Thread Index |
Old Index