OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 04-Nov-2006 19:55:01
Branch: HEAD Handle: 2006110418550000
Added files:
openpkg-src/libwmf libwmf.patch
Modified files:
openpkg-src/libwmf libwmf.spec
Log:
apply two bugfixes from Debian, a security fix and cleanup the
installation hierarchy by removing useless files
Summary:
Revision Changes Path
1.1 +46 -0 openpkg-src/libwmf/libwmf.patch
1.32 +4 -1 openpkg-src/libwmf/libwmf.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/libwmf/libwmf.patch
============================================================================
$ cvs diff -u -r0 -r1.1 libwmf.patch
--- /dev/null 2006-11-04 19:55:00 +0100
+++ libwmf.patch 2006-11-04 19:55:01 +0100
@@ -0,0 +1,46 @@
+Index: src/font.c
+--- src/font.c.orig 2005-07-27 22:35:06 +0200
++++ src/font.c 2006-11-04 19:20:55 +0100
+@@ -199,7 +199,7 @@
+ unsigned int i = 0;
+
+ while (font_data->cache[i].name)
+- { if (strcmp (font_data->cache[i].path,entry->path) == 0) break;
++ { if (strcmp (font_data->cache[i].name,entry->name) == 0) break;
+ i++;
+ }
+
+@@ -422,7 +422,6 @@
+
+ fontmap_data->FD.FI = 0;
+
+- if (API->flags & WMF_OPT_SYS_FONTS)
+ { if (API->flags & WMF_OPT_SYS_FONTMAP)
+ { wmf_ipa_font_map_xml
(API,&(fontmap_data->FD),options->sys_fontmap_file);
+ }
+
+-----------------------------------------------------------------------------
+
+Security Fix (CVE-2006-3376)
+
+Integer overflow allowing remote attackers to execute arbitrary code
+via the MaxRecordSize header field in a WMF file.
+
+Index: src/player.c
+--- src/player.c.orig 2002-12-10 20:30:26 +0100
++++ src/player.c 2006-11-04 19:50:32 +0100
+@@ -132,6 +132,14 @@
+ }
+ }
+
++#define WMF_SIZE_MAX ((size_t)(~((size_t)0))) /* portable version of
SIZE_MAX */
++ if (MAX_REC_SIZE(API) > WMF_SIZE_MAX / 2)
++ {
++ API->err = wmf_E_InsMem;
++ WMF_DEBUG (API,"bailing...");
++ return (API->err);
++ }
++
+ /* P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3)
* 2 * sizeof (unsigned char));
+ */ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) )
* 2 * sizeof (unsigned char));
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/libwmf/libwmf.spec
============================================================================
$ cvs diff -u -r1.31 -r1.32 libwmf.spec
--- openpkg-src/libwmf/libwmf.spec 16 Oct 2006 12:47:46 -0000 1.31
+++ openpkg-src/libwmf/libwmf.spec 4 Nov 2006 18:55:00 -0000 1.32
@@ -33,13 +33,14 @@
Group: Graphics
License: LGPL
Version: 0.2.8.4
-Release: 20061016
+Release: 20061104
# package options
%option with_x11 no
# list of sources
Source0:
http://switch.dl.sourceforge.net/sourceforge/wvware/libwmf-%{version}.tar.gz
+Patch0: libwmf.patch
# build information
Prefix: %{l_prefix}
@@ -67,6 +68,7 @@
%prep
%setup -q
+ %patch -p0
%{l_shtool} subst \
-e 's;-lfreetype;-lfreetype -lz;' \
-e '/LINENO: error: C[+]* preprocessor/{N;N;N;N;s/.*/:/;}' \
@@ -103,6 +105,7 @@
rm -rf $RPM_BUILD_ROOT
%{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT"
strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true
+ rm -rf $RPM_BUILD_ROOT%{l_prefix}/lib/gtk-2.0
rm -rf $RPM_BUILD_ROOT%{l_prefix}/share/libwmf/html
rm -rf $RPM_BUILD_ROOT%{l_prefix}/share/libwmf/caolan
rm -f $RPM_BUILD_ROOT%{l_prefix}/share/libwmf/*.html
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
