[pkgsrc/pkgsrc-2008Q1]: pkgsrc/graphics/imlib2 Pullup ticket 2411 - requested...

[ghen <ghen%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/f62290c7093f
branches:  pkgsrc-2008Q1
changeset: 540398:f62290c7093f
user:      ghen <ghen%pkgsrc.org@localhost>
date:      Tue Jun 03 11:21:03 2008 +0000

description:
Pullup ticket 2411 - requested by drochner
security fix for imlib2

- pkgsrc/graphics/imlib2/Makefile                       1.46
- pkgsrc/graphics/imlib2/distinfo                       1.21
- pkgsrc/graphics/imlib2/patches/patch-cf               1.3

   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Mon Jun  2 10:05:50 UTC 2008

   Modified Files:
           pkgsrc/graphics/imlib2: Makefile distinfo
   Added Files:
           pkgsrc/graphics/imlib2/patches: patch-cf

   Log Message:
   add a patch from redhat bugzilla (#449073) to fix the xpm half
   of CVE-2008-2426, the pnm half was fixed in pkgsrc in 2006
   bump PKGREVISION

diffstat:

 graphics/imlib2/Makefile         |   4 ++--
 graphics/imlib2/distinfo         |   3 ++-
 graphics/imlib2/patches/patch-cf |  13 +++++++++++++
 3 files changed, 17 insertions(+), 3 deletions(-)

diffs (44 lines):

diff -r 64735397c58d -r f62290c7093f graphics/imlib2/Makefile
--- a/graphics/imlib2/Makefile  Mon Jun 02 11:55:21 2008 +0000
+++ b/graphics/imlib2/Makefile  Tue Jun 03 11:21:03 2008 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.44 2007/11/17 01:40:50 obache Exp $
+# $NetBSD: Makefile,v 1.44.4.1 2008/06/03 11:21:03 ghen Exp $
 
 DISTNAME=      imlib2-1.4.0
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    graphics
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=enlightenment/}
 
diff -r 64735397c58d -r f62290c7093f graphics/imlib2/distinfo
--- a/graphics/imlib2/distinfo  Mon Jun 02 11:55:21 2008 +0000
+++ b/graphics/imlib2/distinfo  Tue Jun 03 11:21:03 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.20 2007/09/18 19:18:10 drochner Exp $
+$NetBSD: distinfo,v 1.20.6.1 2008/06/03 11:21:04 ghen Exp $
 
 SHA1 (imlib2-1.4.0.tar.gz) = 2bbd65b82a690d21dab2bfeb33cc370f6bb49393
 RMD160 (imlib2-1.4.0.tar.gz) = 5b663a420e1008ddc047665912cad473323803da
@@ -10,3 +10,4 @@
 SHA1 (patch-ca) = c2150a4c1ad3ccccaf37961e2f301cd7f2ba2044
 SHA1 (patch-cb) = da837b92a1a4cfd139fe2d9ed319d1cd6e0fb703
 SHA1 (patch-ce) = 2a6d3fd704885d56b3ed4c2a19d2800f29c7c9a0
+SHA1 (patch-cf) = 25e8616cebc2983b51d1230339d17620a25cc156
diff -r 64735397c58d -r f62290c7093f graphics/imlib2/patches/patch-cf
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/imlib2/patches/patch-cf  Tue Jun 03 11:21:03 2008 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-cf,v 1.2.6.1 2008/06/03 11:21:04 ghen Exp $
+
+--- src/modules/loaders/loader_xpm.c.orig      2008-06-02 11:44:35.000000000 +0200
++++ src/modules/loaders/loader_xpm.c
+@@ -284,7 +284,7 @@ load(ImlibImage * im, ImlibProgressFunct
+                                  if (line[k] != ' ')
+                                    {
+                                       s[0] = 0;
+-                                      sscanf(&line[k], "%65535s", s);
++                                      sscanf(&line[k], "%255s", s);
+                                       slen = strlen(s);
+                                       k += slen;
+                                       if (!strcmp(s, "c"))