[pkgsrc/trunk]: pkgsrc/graphics/lcms Add patch for the security vulnerability...

[tron <tron%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/ce218c3bd6d8
branches:  trunk
changeset: 557389:ce218c3bd6d8
user:      tron <tron%pkgsrc.org@localhost>
date:      Tue Apr 14 18:54:38 2009 +0000

description:
Add patch for the security vulnerability reported in SA34634/CVE-2009-0793
taken from Redhat's Bugzilla.

diffstat:

 graphics/lcms/Makefile         |   4 ++--
 graphics/lcms/distinfo         |   3 ++-
 graphics/lcms/patches/patch-aa |  28 ++++++++++++++++++++++++++++
 3 files changed, 32 insertions(+), 3 deletions(-)

diffs (56 lines):

diff -r 978ab75ef1d8 -r ce218c3bd6d8 graphics/lcms/Makefile
--- a/graphics/lcms/Makefile    Tue Apr 14 18:34:07 2009 +0000
+++ b/graphics/lcms/Makefile    Tue Apr 14 18:54:38 2009 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.28 2009/03/22 18:17:15 gdt Exp $
+# $NetBSD: Makefile,v 1.29 2009/04/14 18:54:38 tron Exp $
 
 DISTNAME=      lcms-1.18
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    graphics
 MASTER_SITES=  http://www.littlecms.com/
 
diff -r 978ab75ef1d8 -r ce218c3bd6d8 graphics/lcms/distinfo
--- a/graphics/lcms/distinfo    Tue Apr 14 18:34:07 2009 +0000
+++ b/graphics/lcms/distinfo    Tue Apr 14 18:54:38 2009 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.19 2009/03/22 18:17:15 gdt Exp $
+$NetBSD: distinfo,v 1.20 2009/04/14 18:54:38 tron Exp $
 
 SHA1 (lcms-1.18.tar.gz) = 7001badb14b2e9cb89e2637bdc56f23ebff2d40e
 RMD160 (lcms-1.18.tar.gz) = 76c37ac029f733bbb9a850234e62bfd2a4a04bf4
 Size (lcms-1.18.tar.gz) = 915536 bytes
+SHA1 (patch-aa) = f28cf7682b8731d8729058a51ad6d5ccc86ba1c6
diff -r 978ab75ef1d8 -r ce218c3bd6d8 graphics/lcms/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/lcms/patches/patch-aa    Tue Apr 14 18:54:38 2009 +0000
@@ -0,0 +1,28 @@
+$NetBSD: patch-aa,v 1.10 2009/04/14 18:54:38 tron Exp $
+
+Patch for SA34634/CVE-2009-0793 taken for Redhat's Bugzilla:
+
+https://bugzilla.redhat.com/attachment.cgi?id=337279
+
+--- src/cmsxform.c.orig        2009-03-21 15:31:52.000000000 +0000
++++ src/cmsxform.c     2009-04-14 19:18:05.000000000 +0100
+@@ -660,6 +660,9 @@
+                 GrayTRC = cmsReadICCGamma(hProfile, icSigGrayTRCTag);
+                 FromLstarToXYZ(GrayTRC, Shapes1);
+ 
++              if (GrayTRC == NULL)
++                      return NULL;
++
+                 // Reversing must be done after curve translation
+ 
+                 Shapes[0] = cmsReverseGamma(Shapes1[0]->nEntries, Shapes1[0]);
+@@ -675,6 +678,9 @@
+ 
+                 GrayTRC = cmsReadICCGammaReversed(hProfile, icSigGrayTRCTag);   // Y
+ 
++              if (GrayTRC == NULL)
++                      return NULL;
++
+                 Shapes[0] = cmsDupGamma(GrayTRC);
+                 Shapes[1] = cmsDupGamma(GrayTRC);
+                 Shapes[2] = cmsDupGamma(GrayTRC);