diff options
author | Marinus Schraal <foser@gentoo.org> | 2004-11-01 23:27:27 +0000 |
---|---|---|
committer | Marinus Schraal <foser@gentoo.org> | 2004-11-01 23:27:27 +0000 |
commit | 566f61c91418a82979c14d79936e33249604ac97 (patch) | |
tree | b6b5f9dc06f77ee82b8deef087bcae159dd574a5 /app-text/gpdf | |
parent | Version bumped. Closes 69723. (diff) | |
download | historical-566f61c91418a82979c14d79936e33249604ac97.tar.gz historical-566f61c91418a82979c14d79936e33249604ac97.tar.bz2 historical-566f61c91418a82979c14d79936e33249604ac97.zip |
add sec fixes
Diffstat (limited to 'app-text/gpdf')
-rw-r--r-- | app-text/gpdf/ChangeLog | 8 | ||||
-rw-r--r-- | app-text/gpdf/Manifest | 32 | ||||
-rw-r--r-- | app-text/gpdf/files/digest-gpdf-0.112 | 1 | ||||
-rw-r--r-- | app-text/gpdf/files/digest-gpdf-0.131 | 1 | ||||
-rw-r--r-- | app-text/gpdf/files/digest-gpdf-0.132-r2 | 1 | ||||
-rw-r--r-- | app-text/gpdf/files/digest-gpdf-2.8.0-r2 | 1 | ||||
-rw-r--r-- | app-text/gpdf/files/gpdf-xpdf2_underflow.patch | 81 | ||||
-rw-r--r-- | app-text/gpdf/files/gpdf-xpdf_goo_sizet.patch | 57 | ||||
-rw-r--r-- | app-text/gpdf/gpdf-0.112.ebuild | 42 | ||||
-rw-r--r-- | app-text/gpdf/gpdf-0.132-r2.ebuild | 46 | ||||
-rw-r--r-- | app-text/gpdf/gpdf-2.8.0-r2.ebuild (renamed from app-text/gpdf/gpdf-0.131.ebuild) | 18 |
11 files changed, 217 insertions, 71 deletions
diff --git a/app-text/gpdf/ChangeLog b/app-text/gpdf/ChangeLog index 1cfd43192288..6b510e03fa6c 100644 --- a/app-text/gpdf/ChangeLog +++ b/app-text/gpdf/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-text/gpdf # Copyright 2000-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/gpdf/ChangeLog,v 1.51 2004/10/26 07:04:01 sejo Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-text/gpdf/ChangeLog,v 1.52 2004/11/01 23:27:27 foser Exp $ + +*gpdf-2.8.0-r2 (02 Nov 2004) +*gpdf-0.132-r2 (02 Nov 2004) + + 02 Nov 2004; foser <foser@gentoo.org> gpdf-0.132-r2.ebuild, gpdf-2.8.0-r2.ebuild : + More sec patches added (#69662) 26 Oct 2004; <SeJo@gentoo.org> gpdf-0.132-r1.ebuild, gpdf-2.8.0-r1.ebuild: stable on ppc gsla: 68571 diff --git a/app-text/gpdf/Manifest b/app-text/gpdf/Manifest index e61c362a7c1f..2b376901a2bc 100644 --- a/app-text/gpdf/Manifest +++ b/app-text/gpdf/Manifest @@ -1,25 +1,17 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 5f94881a4020d363767a598dedda5a07 ChangeLog 5338 -MD5 feb7fdf2f480631492191491302c0812 gpdf-0.112.ebuild 925 -MD5 38550e0c3c0410b03f5dde6dd1f0b3ce gpdf-0.131.ebuild 925 +MD5 2c904e5e026038c1dda1f0c8923b56fa gpdf-2.8.0-r1.ebuild 1010 +MD5 72d3635551080ebc17aecb791a8b75d1 gpdf-0.132-r2.ebuild 1169 MD5 5907625e80bdb0965456f467553857e6 gpdf-0.132.ebuild 872 -MD5 03ad2e6c4ab41244af1015a8bbb0b39f metadata.xml 158 MD5 9972193424743258f4594915e2fb3797 gpdf-0.132-r1.ebuild 1021 -MD5 2c904e5e026038c1dda1f0c8923b56fa gpdf-2.8.0-r1.ebuild 1010 -MD5 a257b05533ebd7ecff92c22511880be3 files/digest-gpdf-0.112 63 -MD5 cee45d187382024b10b02c4c577a7546 files/digest-gpdf-0.131 64 +MD5 7c294205a50ca249187a32c959e260e3 gpdf-2.8.0-r2.ebuild 1086 +MD5 aafb33cdac852d12c7da77704d0c9d05 ChangeLog 5518 +MD5 03ad2e6c4ab41244af1015a8bbb0b39f metadata.xml 158 +MD5 362296e34a1a04a6e5e2a7d9e97547c6 files/gpdf-xpdf2_underflow.patch 2363 MD5 167bcfd9a6e435acc241c07dc522b562 files/digest-gpdf-0.132 64 -MD5 9336bbbfbb54ba88fb5e4aba2da1833f files/gpdf-0.112-remove_gtk24_call.patch 607 +MD5 2fce5bedd61300fad1566a41f991a782 files/gpdf-xpdf_goo_sizet.patch 1424 +MD5 5e63c86e19a1c1387cab38b7e2902c9e files/gpdf-xpdf_3_CAN-2004-0889.patch 8115 MD5 167bcfd9a6e435acc241c07dc522b562 files/digest-gpdf-0.132-r1 64 -MD5 f61386d00d5674f3bbb80b181e8cea3a files/digest-gpdf-2.8.0-r1 64 +MD5 167bcfd9a6e435acc241c07dc522b562 files/digest-gpdf-0.132-r2 64 MD5 b32f90fc9249d1f7434659642b36f9d9 files/gpdf-xpdf_2_CAN-2004-0888.patch 2716 -MD5 5e63c86e19a1c1387cab38b7e2902c9e files/gpdf-xpdf_3_CAN-2004-0889.patch 8115 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.9.10 (GNU/Linux) - -iD8DBQFBfhCoI1lqEGTUzyQRAvn7AJ9l29G7Vqj8POP5LhZrSnqTeJcMSwCffDlx -UchmwbVUfpgUY/Xf+L7qMWw= -=JsP3 ------END PGP SIGNATURE----- +MD5 f61386d00d5674f3bbb80b181e8cea3a files/digest-gpdf-2.8.0-r1 64 +MD5 f61386d00d5674f3bbb80b181e8cea3a files/digest-gpdf-2.8.0-r2 64 +MD5 9336bbbfbb54ba88fb5e4aba2da1833f files/gpdf-0.112-remove_gtk24_call.patch 607 diff --git a/app-text/gpdf/files/digest-gpdf-0.112 b/app-text/gpdf/files/digest-gpdf-0.112 deleted file mode 100644 index 8c740aa49965..000000000000 --- a/app-text/gpdf/files/digest-gpdf-0.112 +++ /dev/null @@ -1 +0,0 @@ -MD5 4df88fb2d9998807c05ce6cc395c022f gpdf-0.112.tar.bz2 841415 diff --git a/app-text/gpdf/files/digest-gpdf-0.131 b/app-text/gpdf/files/digest-gpdf-0.131 deleted file mode 100644 index b69356630e2a..000000000000 --- a/app-text/gpdf/files/digest-gpdf-0.131 +++ /dev/null @@ -1 +0,0 @@ -MD5 95eeb0a33d37fbb5c56cf9260656d86d gpdf-0.131.tar.bz2 1101285 diff --git a/app-text/gpdf/files/digest-gpdf-0.132-r2 b/app-text/gpdf/files/digest-gpdf-0.132-r2 new file mode 100644 index 000000000000..dfe43a4d0e99 --- /dev/null +++ b/app-text/gpdf/files/digest-gpdf-0.132-r2 @@ -0,0 +1 @@ +MD5 1b8ba3384210b89a3628281e6aa5edaa gpdf-0.132.tar.bz2 1109005 diff --git a/app-text/gpdf/files/digest-gpdf-2.8.0-r2 b/app-text/gpdf/files/digest-gpdf-2.8.0-r2 new file mode 100644 index 000000000000..09584962edfd --- /dev/null +++ b/app-text/gpdf/files/digest-gpdf-2.8.0-r2 @@ -0,0 +1 @@ +MD5 a1c054d5de1d5ef361006975c57b45f5 gpdf-2.8.0.tar.bz2 1046763 diff --git a/app-text/gpdf/files/gpdf-xpdf2_underflow.patch b/app-text/gpdf/files/gpdf-xpdf2_underflow.patch new file mode 100644 index 000000000000..9371be84352e --- /dev/null +++ b/app-text/gpdf/files/gpdf-xpdf2_underflow.patch @@ -0,0 +1,81 @@ +diff -ru xpdf-2.02pl1/xpdf/XRef.cc xpdf-2.02pl1/xpdf/XRef.cc +--- xpdf-2.02pl1/xpdf/XRef.cc 2004-10-29 15:16:45.790089001 +0200 ++++ xpdf-2.02pl1/xpdf/XRef.cc 2004-10-29 15:11:54.132168025 +0200 +@@ -66,6 +66,8 @@ + start = str->getStart(); + pos = readTrailer(); + ++ entries = NULL; ++ + // if there was a problem with the trailer, + // try to reconstruct the xref table + if (pos == 0) { +@@ -76,7 +78,7 @@ + + // trailer is ok - read the xref table + } else { +- if (size*sizeof(XRefEntry)/sizeof(XRefEntry) != size) { ++ if ((size < 0) || (size*sizeof(XRefEntry)/sizeof(XRefEntry) != size)) { + error(-1, "Invalid 'size' inside xref table."); + ok = gFalse; + errCode = errDamaged; +@@ -181,7 +183,7 @@ + n = atoi(p); + while ('0' <= *p && *p <= '9') ++p; + while (isspace(*p)) ++p; +- if (p == buf) ++ if ((p == buf) || (n < 0)) /* must make progress */ + return 0; + pos1 += (p - buf) + n * 20; + } +@@ -255,6 +257,10 @@ + } + s[i] = '\0'; + first = atoi(s); ++ if (first < 0) { ++ error(-1, "Invalid 'first'"); ++ goto err2; ++ } + while ((c = str->lookChar()) != EOF && isspace(c)) { + str->getChar(); + } +@@ -266,6 +272,10 @@ + } + s[i] = '\0'; + n = atoi(s); ++ if (n<=0) { ++ error(-1, "Invalid 'n'"); ++ goto err2; ++ } + while ((c = str->lookChar()) != EOF && isspace(c)) { + str->getChar(); + } +@@ -273,7 +283,7 @@ + // table size + if (first + n > size) { + newSize = size + 256; +- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) { ++ if ((newSize < 0) || (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize)) { + error(-1, "Invalid 'newSize'"); + goto err2; + } +@@ -406,6 +416,10 @@ + // look for object + } else if (isdigit(*p)) { + num = atoi(p); ++ if (num < 0) { ++ error(-1, "Invalid 'num' parameters."); ++ return gFalse; ++ } + do { + ++p; + } while (*p && isdigit(*p)); +@@ -425,7 +439,7 @@ + if (!strncmp(p, "obj", 3)) { + if (num >= size) { + newSize = (num + 1 + 255) & ~255; +- if (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize) { ++ if ((newSize < 0) || (newSize*sizeof(XRefEntry)/sizeof(XRefEntry) != newSize)) { + error(-1, "Invalid 'obj' parameters."); + return gFalse; + } diff --git a/app-text/gpdf/files/gpdf-xpdf_goo_sizet.patch b/app-text/gpdf/files/gpdf-xpdf_goo_sizet.patch new file mode 100644 index 000000000000..5d90c5120bd4 --- /dev/null +++ b/app-text/gpdf/files/gpdf-xpdf_goo_sizet.patch @@ -0,0 +1,57 @@ +diff -ru xpdf-2.02pl1/goo/gmem.c xpdf-2.02pl1/goo/gmem.c +--- xpdf-2.02pl1/goo/gmem.c 2003-06-16 22:01:26.000000000 +0200 ++++ xpdf-2.02pl1/goo/gmem.c 2004-10-29 15:13:34.866919791 +0200 +@@ -53,9 +53,9 @@ + + #endif /* DEBUG_MEM */ + +-void *gmalloc(int size) { ++void *gmalloc(size_t size) { + #ifdef DEBUG_MEM +- int size1; ++ size_t size1; + char *mem; + GMemHdr *hdr; + void *data; +@@ -94,11 +94,11 @@ + #endif + } + +-void *grealloc(void *p, int size) { ++void *grealloc(void *p, size_t size) { + #ifdef DEBUG_MEM + GMemHdr *hdr; + void *q; +- int oldSize; ++ size_t oldSize; + + if (size == 0) { + if (p) +@@ -137,7 +137,7 @@ + + void gfree(void *p) { + #ifdef DEBUG_MEM +- int size; ++ size_t size; + GMemHdr *hdr; + GMemHdr *prevHdr, *q; + int lst; +diff -ru xpdf-2.02pl1/goo/gmem.h xpdf-2.02pl1/goo/gmem.h +--- xpdf-2.02pl1/goo/gmem.h 2003-06-16 22:01:26.000000000 +0200 ++++ xpdf-2.02pl1/goo/gmem.h 2004-10-29 15:13:50.864027201 +0200 +@@ -19,13 +19,13 @@ + * Same as malloc, but prints error message and exits if malloc() + * returns NULL. + */ +-extern void *gmalloc(int size); ++extern void *gmalloc(size_t size); + + /* + * Same as realloc, but prints error message and exits if realloc() + * returns NULL. If <p> is NULL, calls malloc instead of realloc(). + */ +-extern void *grealloc(void *p, int size); ++extern void *grealloc(void *p, size_t size); + + /* + * Same as free, but checks for and ignores NULL pointers. diff --git a/app-text/gpdf/gpdf-0.112.ebuild b/app-text/gpdf/gpdf-0.112.ebuild deleted file mode 100644 index a4de589210e5..000000000000 --- a/app-text/gpdf/gpdf-0.112.ebuild +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/gpdf/gpdf-0.112.ebuild,v 1.7 2004/10/25 07:32:56 usata Exp $ - -inherit gnome2 flag-o-matic eutils - -DESCRIPTION="your favourite pdf previewer" -HOMEPAGE="http://www.gnome.org/" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="x86 ppc alpha sparc hppa ~amd64 ia64" -IUSE="" - -RDEPEND=">=gnome-base/libgnomeui-2 - >=gnome-base/libbonobo-2.2.1 - >=gnome-base/libbonoboui-2 - >=gnome-base/gnome-vfs-2 - >=gnome-base/libgnomeprint-2.3 - >=gnome-base/libgnomeprintui-2.2 - >=gnome-base/libglade-2" - -DEPEND="${RDEPEND} - >=dev-util/pkgconfig-0.12.0" - -PROVIDE="virtual/pdfviewer" - -DOCS="AUTHORS CHANGES ChangeLog COPYING INSTALL NEWS README*" - -src_unpack() { - - unpack ${A} - - cd ${S} - epatch ${FILESDIR}/${P}-remove_gtk24_call.patch - -} - -src_compile() { - use alpha && append-flags -fPIC - gnome2_src_compile -} diff --git a/app-text/gpdf/gpdf-0.132-r2.ebuild b/app-text/gpdf/gpdf-0.132-r2.ebuild new file mode 100644 index 000000000000..b82c57db9fdf --- /dev/null +++ b/app-text/gpdf/gpdf-0.132-r2.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-text/gpdf/gpdf-0.132-r2.ebuild,v 1.1 2004/11/01 23:27:27 foser Exp $ + +inherit gnome2 flag-o-matic eutils + +DESCRIPTION="Viewer for Portable Document Format (PDF) files" +HOMEPAGE="http://www.gnome.org/" +LICENSE="GPL-2" + +IUSE="" +SLOT="0" +KEYWORDS="x86 ~ppc ~alpha ~sparc ~hppa ~amd64 ~ia64 ~mips" + +RDEPEND=">=x11-libs/gtk+-2.3 + >=gnome-base/gconf-2 + >=gnome-base/libgnomeui-2 + >=gnome-base/libbonobo-2.2.1 + >=gnome-base/libbonoboui-2 + >=gnome-base/gnome-vfs-2 + >=gnome-base/libgnomeprint-2.6 + >=gnome-base/libgnomeprintui-2.2 + >=gnome-base/libglade-2" + +DEPEND="${RDEPEND} + app-text/scrollkeeper + >=dev-util/intltool-0.29 + >=dev-util/pkgconfig-0.12.0" + +PROVIDE="virtual/pdfviewer" + +DOCS="AUTHORS CHANGES ChangeLog COPYING INSTALL NEWS README*" + +src_unpack() { + + unpack ${A} + + cd ${S}/xpdf + # fix security vulnerability (#68571) + epatch ${FILESDIR}/${PN}-xpdf_2_CAN-2004-0888.patch + # fix security vulnerabilities (#69662) + cd ${S} + epatch ${FILESDIR}/gpdf-xpdf2_underflow.patch + epatch ${FILESDIR}/gpdf-xpdf_goo_sizet.patch + +} diff --git a/app-text/gpdf/gpdf-0.131.ebuild b/app-text/gpdf/gpdf-2.8.0-r2.ebuild index 15a36ba6e6fa..51e389c17550 100644 --- a/app-text/gpdf/gpdf-0.131.ebuild +++ b/app-text/gpdf/gpdf-2.8.0-r2.ebuild @@ -1,16 +1,16 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/gpdf/gpdf-0.131.ebuild,v 1.10 2004/10/25 07:32:56 usata Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-text/gpdf/gpdf-2.8.0-r2.ebuild,v 1.1 2004/11/01 23:27:27 foser Exp $ inherit gnome2 flag-o-matic -DESCRIPTION="A viewer for Portable Document Format (PDF) files" +DESCRIPTION="Viewer for Portable Document Format (PDF) files" HOMEPAGE="http://www.gnome.org/" LICENSE="GPL-2" IUSE="" SLOT="0" -KEYWORDS="x86 ppc alpha ~sparc hppa amd64 ~ia64 mips" +KEYWORDS="x86 ~ppc ~alpha ~sparc ~hppa ~amd64 ~ia64 ~mips" RDEPEND=">=x11-libs/gtk+-2.3 >=gnome-base/gconf-2 @@ -23,6 +23,7 @@ RDEPEND=">=x11-libs/gtk+-2.3 >=gnome-base/libglade-2" DEPEND="${RDEPEND} + app-text/scrollkeeper >=dev-util/intltool-0.29 >=dev-util/pkgconfig-0.12.0" @@ -30,9 +31,14 @@ PROVIDE="virtual/pdfviewer" DOCS="AUTHORS CHANGES ChangeLog COPYING INSTALL NEWS README*" -src_compile() { +src_unpack() { - use alpha && append-flags -fPIC - gnome2_src_compile + unpack ${A} + + cd ${S} + # fix security vulnerability (#68571) + epatch ${FILESDIR}/${PN}-xpdf_3_CAN-2004-0889.patch + # fix sec vuln (#69662) + epatch ${FILESDIR}/${PN}-xpdf_goo_sizet.patch } |