diff options
author | Carsten Lohrke <carlo@gentoo.org> | 2007-07-30 18:05:53 +0000 |
---|---|---|
committer | Carsten Lohrke <carlo@gentoo.org> | 2007-07-30 18:05:53 +0000 |
commit | 8fd540117c7ff62b7bec2a29f5b2de38ba777066 (patch) | |
tree | 44b50febba4ccdb0a07741a4d091522b2a2815f4 /kde-base | |
parent | Stable for HPPA (bug #187057). (diff) | |
download | historical-8fd540117c7ff62b7bec2a29f5b2de38ba777066.tar.gz historical-8fd540117c7ff62b7bec2a29f5b2de38ba777066.tar.bz2 historical-8fd540117c7ff62b7bec2a29f5b2de38ba777066.zip |
Fix for bug 187139.
Package-Manager: portage-2.1.3_rc9
Diffstat (limited to 'kde-base')
-rw-r--r-- | kde-base/kdegraphics/ChangeLog | 9 | ||||
-rw-r--r-- | kde-base/kdegraphics/files/digest-kdegraphics-3.5.7-r1 | 3 | ||||
-rw-r--r-- | kde-base/kdegraphics/files/post-3.5.7-kdegraphics-CVE-2007-3387.diff | 17 | ||||
-rw-r--r-- | kde-base/kdegraphics/kdegraphics-3.5.7-r1.ebuild | 66 | ||||
-rw-r--r-- | kde-base/kpdf/ChangeLog | 8 | ||||
-rw-r--r-- | kde-base/kpdf/files/digest-kpdf-3.5.7-r1 | 3 | ||||
-rw-r--r-- | kde-base/kpdf/files/post-3.5.7-kdegraphics-CVE-2007-3387.diff | 17 | ||||
-rw-r--r-- | kde-base/kpdf/kpdf-3.5.7-r1.ebuild | 38 |
8 files changed, 159 insertions, 2 deletions
diff --git a/kde-base/kdegraphics/ChangeLog b/kde-base/kdegraphics/ChangeLog index cf977d55117c..43bf05322eff 100644 --- a/kde-base/kdegraphics/ChangeLog +++ b/kde-base/kdegraphics/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for kde-base/kdegraphics # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/ChangeLog,v 1.305 2007/06/04 00:31:45 kumba Exp $ +# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/ChangeLog,v 1.306 2007/07/30 18:05:53 carlo Exp $ + +*kdegraphics-3.5.7-r1 (30 Jul 2007) + + 30 Jul 2007; Carsten Lohrke <carlo@gentoo.org> + +files/post-3.5.7-kdegraphics-CVE-2007-3387.diff, + +kdegraphics-3.5.7-r1.ebuild: + Fix for bug 187139. 04 Jun 2007; Joshua Kinard <kumba@gentoo.org> kdegraphics-3.5.6-r2.ebuild: Marked unstable on mips. diff --git a/kde-base/kdegraphics/files/digest-kdegraphics-3.5.7-r1 b/kde-base/kdegraphics/files/digest-kdegraphics-3.5.7-r1 new file mode 100644 index 000000000000..ba24610e2ca5 --- /dev/null +++ b/kde-base/kdegraphics/files/digest-kdegraphics-3.5.7-r1 @@ -0,0 +1,3 @@ +MD5 eae753e80c5f8dd304e7fd0dca84ae67 kdegraphics-3.5.7.tar.bz2 7424976 +RMD160 ccf36f5c34a1d484f0878a42a51dc620c2bdfa71 kdegraphics-3.5.7.tar.bz2 7424976 +SHA256 5689882ade29d0f56e95783f1c3e443fd512ca8291bcb81aac60ac719a8dcdcc kdegraphics-3.5.7.tar.bz2 7424976 diff --git a/kde-base/kdegraphics/files/post-3.5.7-kdegraphics-CVE-2007-3387.diff b/kde-base/kdegraphics/files/post-3.5.7-kdegraphics-CVE-2007-3387.diff new file mode 100644 index 000000000000..e28add87e275 --- /dev/null +++ b/kde-base/kdegraphics/files/post-3.5.7-kdegraphics-CVE-2007-3387.diff @@ -0,0 +1,17 @@ +Index: kpdf/xpdf/xpdf/Stream.cc +=================================================================== +--- kpdf/xpdf/xpdf/Stream.cc (revision 689574) ++++ kpdf/xpdf/xpdf/Stream.cc (working copy) +@@ -411,9 +411,9 @@ StreamPredictor::StreamPredictor(Stream + + nVals = width * nComps; + if (width <= 0 || nComps <= 0 || nBits <= 0 || +- nComps >= INT_MAX / nBits || +- width >= INT_MAX / nComps / nBits || +- nVals * nBits + 7 < 0) { ++ nComps > gfxColorMaxComps || nBits > 16 || ++ width >= INT_MAX / nComps || ++ nVals >= (INT_MAX - 7) / nBits) { + return; + } + pixBytes = (nComps * nBits + 7) >> 3; diff --git a/kde-base/kdegraphics/kdegraphics-3.5.7-r1.ebuild b/kde-base/kdegraphics/kdegraphics-3.5.7-r1.ebuild new file mode 100644 index 000000000000..3f68b6cdba24 --- /dev/null +++ b/kde-base/kdegraphics/kdegraphics-3.5.7-r1.ebuild @@ -0,0 +1,66 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/kde-base/kdegraphics/kdegraphics-3.5.7-r1.ebuild,v 1.1 2007/07/30 18:05:53 carlo Exp $ + +inherit kde-dist eutils + +DESCRIPTION="KDE graphics-related apps" + +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" +IUSE="gphoto2 imlib openexr opengl pdf povray scanner tetex" + +DEPEND="~kde-base/kdebase-${PV} + >=media-libs/freetype-2 + media-libs/fontconfig + gphoto2? ( media-libs/libgphoto2 ) + scanner? ( media-gfx/sane-backends ) + media-libs/libart_lgpl + media-libs/lcms + dev-libs/fribidi + imlib? ( media-libs/imlib ) + virtual/ghostscript + media-libs/tiff + openexr? ( >=media-libs/openexr-1.2 ) + povray? ( media-gfx/povray + virtual/opengl ) + pdf? ( >=app-text/poppler-0.5.1 + >=app-text/poppler-bindings-0.5.1 )" + +RDEPEND="${DEPEND} + tetex? ( + || ( >=app-text/tetex-2 + app-text/ptex + app-text/cstetex + app-text/dvipdfm ) )" + + +PATCHES="${FILESDIR}/post-3.5.7-kdegraphics-CVE-2007-3387.diff" + +pkg_setup() { + kde_pkg_setup + for ghostscript in app-text/ghostscript-{gnu,esp,afpl}; do + if has_version ${ghostscript} && ! built_with_use ${ghostscript} X; then + eerror "This package requires ${ghostscript} compiled with X11 support." + eerror "Please reemerge ${ghostscript} with USE=\"X\"." + die "Please reemerge ${ghostscript} with USE=\"X\"." + fi + done + if use pdf && ! built_with_use app-text/poppler-bindings qt3; then + eerror "This package requires app-text/poppler-bindings compiled with Qt 3.x support." + eerror "Please reemerge app-text/poppler-bindings with USE=\"qt3\"." + die "Please reemerge app-text/poppler-bindings with USE=\"qt3\"." + fi +} + +src_compile() { + local myconf="$(use_with openexr) $(use_with pdf poppler) + $(use_with gphoto2 kamera)" + + use imlib || export DO_NOT_COMPILE="${DO_NOT_COMPILE} kuickshow" + use scanner || export DO_NOT_COMPILE="${DO_NOT_COMPILE} kooka libkscan" + use povray || export DO_NOT_COMPILE="${DO_NOT_COMPILE} kpovmodeler" + use pdf || export DO_NOT_COMPILE="${DO_NOT_COMPILE} kpdf" + + rm -f "${S}/configure" # ask rebuilding + kde_src_compile +} diff --git a/kde-base/kpdf/ChangeLog b/kde-base/kpdf/ChangeLog index c4c11d71cca2..85ceaca4a64e 100644 --- a/kde-base/kpdf/ChangeLog +++ b/kde-base/kpdf/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for kde-base/kpdf # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/kde-base/kpdf/ChangeLog,v 1.130 2007/05/23 01:01:12 carlo Exp $ +# $Header: /var/cvsroot/gentoo-x86/kde-base/kpdf/ChangeLog,v 1.131 2007/07/30 18:05:10 carlo Exp $ + +*kpdf-3.5.7-r1 (30 Jul 2007) + + 30 Jul 2007; Carsten Lohrke <carlo@gentoo.org> + +files/post-3.5.7-kdegraphics-CVE-2007-3387.diff, +kpdf-3.5.7-r1.ebuild: + Fix for bug 187139. *kpdf-3.5.7 (23 May 2007) diff --git a/kde-base/kpdf/files/digest-kpdf-3.5.7-r1 b/kde-base/kpdf/files/digest-kpdf-3.5.7-r1 new file mode 100644 index 000000000000..ba24610e2ca5 --- /dev/null +++ b/kde-base/kpdf/files/digest-kpdf-3.5.7-r1 @@ -0,0 +1,3 @@ +MD5 eae753e80c5f8dd304e7fd0dca84ae67 kdegraphics-3.5.7.tar.bz2 7424976 +RMD160 ccf36f5c34a1d484f0878a42a51dc620c2bdfa71 kdegraphics-3.5.7.tar.bz2 7424976 +SHA256 5689882ade29d0f56e95783f1c3e443fd512ca8291bcb81aac60ac719a8dcdcc kdegraphics-3.5.7.tar.bz2 7424976 diff --git a/kde-base/kpdf/files/post-3.5.7-kdegraphics-CVE-2007-3387.diff b/kde-base/kpdf/files/post-3.5.7-kdegraphics-CVE-2007-3387.diff new file mode 100644 index 000000000000..e28add87e275 --- /dev/null +++ b/kde-base/kpdf/files/post-3.5.7-kdegraphics-CVE-2007-3387.diff @@ -0,0 +1,17 @@ +Index: kpdf/xpdf/xpdf/Stream.cc +=================================================================== +--- kpdf/xpdf/xpdf/Stream.cc (revision 689574) ++++ kpdf/xpdf/xpdf/Stream.cc (working copy) +@@ -411,9 +411,9 @@ StreamPredictor::StreamPredictor(Stream + + nVals = width * nComps; + if (width <= 0 || nComps <= 0 || nBits <= 0 || +- nComps >= INT_MAX / nBits || +- width >= INT_MAX / nComps / nBits || +- nVals * nBits + 7 < 0) { ++ nComps > gfxColorMaxComps || nBits > 16 || ++ width >= INT_MAX / nComps || ++ nVals >= (INT_MAX - 7) / nBits) { + return; + } + pixBytes = (nComps * nBits + 7) >> 3; diff --git a/kde-base/kpdf/kpdf-3.5.7-r1.ebuild b/kde-base/kpdf/kpdf-3.5.7-r1.ebuild new file mode 100644 index 000000000000..12b3839d78f0 --- /dev/null +++ b/kde-base/kpdf/kpdf-3.5.7-r1.ebuild @@ -0,0 +1,38 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/kde-base/kpdf/kpdf-3.5.7-r1.ebuild,v 1.1 2007/07/30 18:05:10 carlo Exp $ + +KMNAME=kdegraphics +MAXKDEVER=$PV +KM_DEPRANGE="$PV $MAXKDEVER" +inherit kde-meta flag-o-matic + +DESCRIPTION="kpdf, a kde pdf viewer based on xpdf" +KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="" +KMEXTRA="kfile-plugins/pdf" + +DEPEND=">=media-libs/freetype-2.0.5 + media-libs/t1lib + >=app-text/poppler-0.5.1 + >=app-text/poppler-bindings-0.5.1" +RDEPEND="${DEPEND} + $(deprange-dual $PV $MAXKDEVER kde-base/kdeprint)" + +PATCHES="${FILESDIR}/post-3.5.7-kdegraphics-CVE-2007-3387.diff" + +pkg_setup() { + kde_pkg_setup + # check for qt still until it had a revision bump in both ~arch and stable. + if ! built_with_use app-text/poppler-bindings qt3; then + eerror "This package requires app-text/poppler-bindings compiled with Qt 3.x support." + eerror "Please reemerge app-text/poppler-bindings with USE=\"qt3\"." + die "Please reemerge app-text/poppler-bindings with USE=\"qt3\"." + fi +} + +src_compile() { + local myconf="--with-poppler" + replace-flags "-Os" "-O2" # see bug 114822 + kde-meta_src_compile +} |