[CVS] OpenPKG: OPENPKG_2_3_SOLID: openpkg-src/ghostscript/ ghostscript...
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 28-Jul-2005 08:35:13
Branch: OPENPKG_2_3_SOLIDHandle: 2005072807351300
Modified files: (Branch: OPENPKG_2_3_SOLID)
openpkg-src/ghostscript ghostscript.patch ghostscript.spec
Log:
Security Bugfix (OpenPKG-SA-2005.014-zlib; CAN-2005-1849)
Summary:
RevisionChanges Path
1.10.4.2+25 -1 openpkg-src/ghostscript/ghostscript.patch
1.66.2.4+1 -1 openpkg-src/ghostscript/ghostscript.spec
patch -p0 '@@ .'
Index: openpkg-src/ghostscript/ghostscript.patch
$ cvs diff -u -r1.10.4.1 -r1.10.4.2 ghostscript.patch
--- openpkg-src/ghostscript/ghostscript.patch 6 Jul 2005 18:04:00 -
1.10.4.1
+++ openpkg-src/ghostscript/ghostscript.patch 28 Jul 2005 06:35:13 -
1.10.4.2
@@ -87,7 +87,7 @@
-
-Security Bugfixes (CAN-2005-2096, OpenPKG-SA-2005.013)
+Security Bugfix (OpenPKG-SA-2005.013-zlib; CAN-2005-2096)
Index: zlib/inftrees.c
--- zlib/inftrees.c.orig 2004-09-15 16:30:06 +0200
@@ -102,3 +102,27 @@
/* generate offsets into symbol table for each length for sorting */
+-
+
+Security Bugfix (OpenPKG-SA-2005.014-zlib; CAN-2005-1849)
+
+Index: zlib/inftrees.h
+--- zlib/inftrees.h.orig 2003-08-11 00:15:50 +0200
zlib/inftrees.h 2005-07-11 08:50:37 +0200
+@@ -36,12 +36,12 @@
+ */
+
+ /* Maximum size of dynamic tree. The maximum found in a long but non-
+- exhaustive search was 1004 code structures (850 for length/literals
+- and 154 for distances, the latter actually the result of an
++ exhaustive search was 1444 code structures (852 for length/literals
++ and 592 for distances, the latter actually the result of an
+exhaustive search). The true maximum is not known, but the value
+below is more than safe. */
+-#define ENOUGH 1440
+-#define MAXD 154
++#define ENOUGH 2048
++#define MAXD 592
+
+ /* Type of code to build for inftable() */
+ typedef enum {
@@ .
patch -p0 '@@ .'
Index: openpkg-src/ghostscript/ghostscript.spec
$ cvs diff -u -r1.66.2.3 -r1.66.2.4 ghostscript.spec
--- openpkg-src/ghostscript/ghostscript.spec 6 Jul 2005 18:04:03 -
1.66.2.3
+++ openpkg-src/ghostscript/ghostscript.spec 28 Jul 2005 06:35:13 -
1.66.2.4
@@ -43,7 +43,7 @@
Group:Graphics
License: Aladdin
Version: %{V_real}
-Release: 2.3.1
+Release: 2.3.2
# package options
%option with_x11 yes
@@ .
__
The OpenPKG Projectwww.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
[CVS] OpenPKG: OPENPKG_2_3_SOLID: openpkg-src/ghostscript/ ghostscript...
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 06-Jul-2005 20:04:03
Branch: OPENPKG_2_3_SOLIDHandle: 2005070619040003
Modified files: (Branch: OPENPKG_2_3_SOLID)
openpkg-src/ghostscript ghostscript.patch ghostscript.spec
Log:
Fix zlib security issue (OpenPKG-SA-2005.013, CAN-2005-2096)
Summary:
RevisionChanges Path
1.10.4.1+17 -0 openpkg-src/ghostscript/ghostscript.patch
1.66.2.3+1 -1 openpkg-src/ghostscript/ghostscript.spec
patch -p0 '@@ .'
Index: openpkg-src/ghostscript/ghostscript.patch
$ cvs diff -u -r1.10 -r1.10.4.1 ghostscript.patch
--- openpkg-src/ghostscript/ghostscript.patch 25 Aug 2004 11:20:26 -
1.10
+++ openpkg-src/ghostscript/ghostscript.patch 6 Jul 2005 18:04:00 -
1.10.4.1
@@ -85,3 +85,20 @@
state-next = state-codes;
state-lencode = (code const FAR *)(state-next);
+-
+
+Security Bugfixes (CAN-2005-2096, OpenPKG-SA-2005.013)
+
+Index: zlib/inftrees.c
+--- zlib/inftrees.c.orig 2004-09-15 16:30:06 +0200
zlib/inftrees.c 2005-07-06 18:31:14 +0200
+@@ -134,7 +134,7 @@
+ left -= count[len];
+ if (left 0) return -1;/* over-subscribed */
+ }
+-if (left 0 (type == CODES || (codes - count[0] != 1)))
++if (left 0 (type == CODES || max != 1))
+ return -1; /* incomplete set */
+
+ /* generate offsets into symbol table for each length for sorting */
+
@@ .
patch -p0 '@@ .'
Index: openpkg-src/ghostscript/ghostscript.spec
$ cvs diff -u -r1.66.2.2 -r1.66.2.3 ghostscript.spec
--- openpkg-src/ghostscript/ghostscript.spec 21 Feb 2005 18:57:56 -
1.66.2.2
+++ openpkg-src/ghostscript/ghostscript.spec 6 Jul 2005 18:04:03 -
1.66.2.3
@@ -43,7 +43,7 @@
Group:Graphics
License: Aladdin
Version: %{V_real}
-Release: 2.3.0
+Release: 2.3.1
# package options
%option with_x11 yes
@@ .
__
The OpenPKG Projectwww.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
[CVS] OpenPKG: OPENPKG_2_3_SOLID: openpkg-src/ghostscript/ ghostscript...
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 21-Feb-2005 19:57:56
Branch: OPENPKG_2_3_SOLIDHandle: 2005022118575600
Modified files: (Branch: OPENPKG_2_3_SOLID)
openpkg-src/ghostscript ghostscript.spec
Log:
MFC: switch to URLs of zlib package
Summary:
RevisionChanges Path
1.66.2.2+2 -2 openpkg-src/ghostscript/ghostscript.spec
patch -p0 '@@ .'
Index: openpkg-src/ghostscript/ghostscript.spec
$ cvs diff -u -r1.66.2.1 -r1.66.2.2 ghostscript.spec
--- openpkg-src/ghostscript/ghostscript.spec 21 Feb 2005 17:06:49 -
1.66.2.1
+++ openpkg-src/ghostscript/ghostscript.spec 21 Feb 2005 18:57:56 -
1.66.2.2
@@ -53,7 +53,7 @@
Source0:
ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/AFPL/gs%{V_comp}/ghostscript-%{V_real}.tar.bz2
Source1: ftp://ftp.uu.net/graphics/jpeg/jpegsrc.v%{V_jpeg}.tar.gz
Source2:
http://osdn.dl.sourceforge.net/sourceforge/libpng/libpng-%{V_png}.tar.gz
-Source3: http://www.gzip.org/zlib/zlib-%{V_zlib}.tar.gz
+Source3: http://www.zlib.net/zlib-%{V_zlib}.tar.gz
Source4:
ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/AFPL/fonts/ghostscript-fonts-std-%{V_font_std}.tar.gz
Source5:
ftp://mirror.cs.wisc.edu/pub/mirrors/ghost/AFPL/fonts/ghostscript-fonts-other-%{V_font_other}.tar.gz
Patch0: ghostscript.patch
@@ -98,7 +98,7 @@
}
prog ghostscript:zlib = {
version = %{V_zlib}
-url = http://www.gzip.org/zlib/
+url = http://www.zlib.net/
regex = zlib-(__VER__)\.tar\.gz
}
@@ .
__
The OpenPKG Projectwww.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
