pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/www/seamonkey
Module Name: pkgsrc
Committed By: maya
Date: Sat Mar 17 00:06:17 UTC 2018
Modified Files:
pkgsrc/www/seamonkey: Makefile distinfo
Added Files:
pkgsrc/www/seamonkey/patches: patch-CVE-2018-5147
Log Message:
seamonkey: also provide patch for tremor (i.e. relevant for ARM) vulnerability
Also backported upstream after the release:
https://hg.mozilla.org/releases/mozilla-esr52/rev/5cd5586a2f48
PKGREVISION++
To generate a diff of this commit:
cvs rdiff -u -r1.172 -r1.173 pkgsrc/www/seamonkey/Makefile
cvs rdiff -u -r1.149 -r1.150 pkgsrc/www/seamonkey/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/www/seamonkey/patches/patch-CVE-2018-5147
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/www/seamonkey/Makefile
diff -u pkgsrc/www/seamonkey/Makefile:1.172 pkgsrc/www/seamonkey/Makefile:1.173
--- pkgsrc/www/seamonkey/Makefile:1.172 Fri Mar 16 23:25:56 2018
+++ pkgsrc/www/seamonkey/Makefile Sat Mar 17 00:06:17 2018
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.172 2018/03/16 23:25:56 maya Exp $
+# $NetBSD: Makefile,v 1.173 2018/03/17 00:06:17 maya Exp $
DISTNAME= seamonkey-${SM_VER}.source
PKGNAME= seamonkey-${SM_VER:S/b/beta/}
-PKGREVISION= 2
+PKGREVISION= 3
SM_VER= 2.49.2
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_MOZILLA:=seamonkey/releases/${SM_VER}/source/}
Index: pkgsrc/www/seamonkey/distinfo
diff -u pkgsrc/www/seamonkey/distinfo:1.149 pkgsrc/www/seamonkey/distinfo:1.150
--- pkgsrc/www/seamonkey/distinfo:1.149 Fri Mar 16 23:25:56 2018
+++ pkgsrc/www/seamonkey/distinfo Sat Mar 17 00:06:17 2018
@@ -1,10 +1,11 @@
-$NetBSD: distinfo,v 1.149 2018/03/16 23:25:56 maya Exp $
+$NetBSD: distinfo,v 1.150 2018/03/17 00:06:17 maya Exp $
SHA1 (seamonkey-2.49.2.source.tar.xz) = 843ff7e74e488d03bdbf72237a1973c50887494b
RMD160 (seamonkey-2.49.2.source.tar.xz) = 9f79789a5d44985d96f8549f537ad01f23c1fc2c
SHA512 (seamonkey-2.49.2.source.tar.xz) = 6f69f7fb0a2de8086231b615b62b350edf6c903d2fde90ee4c79e316cfcf5a413097df9afe1397dbfe680e264f6be14c2c147be7ba11c5dbd73a1e9e01b8857e
Size (seamonkey-2.49.2.source.tar.xz) = 229980312 bytes
SHA1 (patch-CVE-2018-5146) = 121d8511b4aef0a784ae12d12c35cd4282c9ab83
+SHA1 (patch-CVE-2018-5147) = 1c44a5e2f0a81b58ebc8343028019e4681ee246c
SHA1 (patch-ao) = e466058ed1899a64a9ab5b57290ff2baad1ea03c
SHA1 (patch-ldap_c-sdk_include_portable.h) = ce0b643fa031b74bf7d74eedc4f3729807aef799
SHA1 (patch-mail_app_Makefile.in) = da6ac87ffdcff733f11218cb11f8ef316bb1bc18
Added files:
Index: pkgsrc/www/seamonkey/patches/patch-CVE-2018-5147
diff -u /dev/null pkgsrc/www/seamonkey/patches/patch-CVE-2018-5147:1.1
--- /dev/null Sat Mar 17 00:06:17 2018
+++ pkgsrc/www/seamonkey/patches/patch-CVE-2018-5147 Sat Mar 17 00:06:17 2018
@@ -0,0 +1,79 @@
+$NetBSD: patch-CVE-2018-5147,v 1.1 2018/03/17 00:06:17 maya Exp $
+
+CVE-2018-5147: Prevent out-of-bounds write in codebook decoding.
+
+Codebooks that are not an exact divisor of the partition size are now
+truncated to fit within the partition.
+
+--- mozilla/media/libtremor/lib/tremor_codebook.c.orig 2018-02-05 11:49:21.000000000 +0000
++++ mozilla/media/libtremor/lib/tremor_codebook.c
+@@ -258,7 +258,7 @@ long vorbis_book_decodevs_add(codebook *
+ t[i] = book->valuelist+entry[i]*book->dim;
+ }
+ for(i=0,o=0;i<book->dim;i++,o+=step)
+- for (j=0;j<step;j++)
++ for (j=0;o+j<n && j<step;j++)
+ a[o+j]+=t[j][i]>>shift;
+ }else{
+ for (i = 0; i < step; i++) {
+@@ -267,7 +267,7 @@ long vorbis_book_decodevs_add(codebook *
+ t[i] = book->valuelist+entry[i]*book->dim;
+ }
+ for(i=0,o=0;i<book->dim;i++,o+=step)
+- for (j=0;j<step;j++)
++ for (j=0;o+j<n && j<step;j++)
+ a[o+j]+=t[j][i]<<-shift;
+ }
+ }
+@@ -287,7 +287,7 @@ long vorbis_book_decodev_add(codebook *b
+ entry = decode_packed_entry_number(book,b);
+ if(entry==-1)return(-1);
+ t = book->valuelist+entry*book->dim;
+- for (j=0;j<book->dim;)
++ for (j=0;i<n && j<book->dim;)
+ a[i++]+=t[j++]>>shift;
+ }
+ }else{
+@@ -295,7 +295,7 @@ long vorbis_book_decodev_add(codebook *b
+ entry = decode_packed_entry_number(book,b);
+ if(entry==-1)return(-1);
+ t = book->valuelist+entry*book->dim;
+- for (j=0;j<book->dim;)
++ for (j=0;i<n && j<book->dim;)
+ a[i++]+=t[j++]<<-shift;
+ }
+ }
+@@ -352,15 +352,15 @@ long vorbis_book_decodevv_add(codebook *
+ long i,j,entry;
+ int chptr=0;
+ int shift=point-book->binarypoint;
+-
++ int m=offset+n;
+ if(shift>=0){
+
+- for(i=offset;i<offset+n;){
++ for(i=offset;i<m;){
+ entry = decode_packed_entry_number(book,b);
+ if(entry==-1)return(-1);
+ {
+ const ogg_int32_t *t = book->valuelist+entry*book->dim;
+- for (j=0;j<book->dim;j++){
++ for (j=0;i<m && j<book->dim;j++){
+ a[chptr++][i]+=t[j]>>shift;
+ if(chptr==ch){
+ chptr=0;
+@@ -371,12 +371,12 @@ long vorbis_book_decodevv_add(codebook *
+ }
+ }else{
+
+- for(i=offset;i<offset+n;){
++ for(i=offset;i<m;){
+ entry = decode_packed_entry_number(book,b);
+ if(entry==-1)return(-1);
+ {
+ const ogg_int32_t *t = book->valuelist+entry*book->dim;
+- for (j=0;j<book->dim;j++){
++ for (j=0;i<m && j<book->dim;j++){
+ a[chptr++][i]+=t[j]<<-shift;
+ if(chptr==ch){
+ chptr=0;
Home |
Main Index |
Thread Index |
Old Index