diff options
| author |   Peter Volkov <pva@gentoo.org> | 2010-12-20 17:45:22 +0000 |
|---|---|---|
| committer | Peter Volkov <pva@gentoo.org> | 2010-12-20 17:45:22 +0000 |
| commit | 68d7a32b3859162630f9a68fb504ec74729e71b1 (patch) | |
| tree | b6c541a9af32d612f9263ac843f561d9aea63941 /media-gfx/xfig | |
| parent | Marking eselect-php-0.6.1 ~ppc64 for bug 343597 (diff) | |
| download | historical-68d7a32b3859162630f9a68fb504ec74729e71b1.tar.gz historical-68d7a32b3859162630f9a68fb504ec74729e71b1.tar.bz2 historical-68d7a32b3859162630f9a68fb504ec74729e71b1.zip | |
Add patch to address stack-based buffer overflow, bug #348344, thank Tim Sammut for report. Drop old.
Package-Manager: portage-2.1.9.25/cvs/Linux x86_64
Diffstat (limited to 'media-gfx/xfig')
| -rw-r--r-- | media-gfx/xfig/ChangeLog | 9 | ||||
| -rw-r--r-- | media-gfx/xfig/Manifest | 6 | ||||
| -rw-r--r-- | media-gfx/xfig/files/xfig-3.2.5b-CVE-2010-4262.patch | 22 | ||||
| -rw-r--r-- | media-gfx/xfig/xfig-3.2.5-r3.ebuild | 79 | ||||
| -rw-r--r-- | media-gfx/xfig/xfig-3.2.5b-r1.ebuild | 95 |
5 files changed, 128 insertions, 83 deletions
diff --git a/media-gfx/xfig/ChangeLog b/media-gfx/xfig/ChangeLog index 6f8c615d1a32..78360eae2aec 100644 --- a/media-gfx/xfig/ChangeLog +++ b/media-gfx/xfig/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for media-gfx/xfig # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-gfx/xfig/ChangeLog,v 1.66 2010/11/24 12:16:59 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-gfx/xfig/ChangeLog,v 1.67 2010/12/20 17:45:22 pva Exp $ + +*xfig-3.2.5b-r1 (20 Dec 2010) + + 20 Dec 2010; Peter Volkov <pva@gentoo.org> -xfig-3.2.5-r3.ebuild, + +xfig-3.2.5b-r1.ebuild, +files/xfig-3.2.5b-CVE-2010-4262.patch: + Add patch to address stack-based buffer overflow, bug #348344, thank Tim + Sammut for report. Drop old. 24 Nov 2010; Peter Volkov <pva@gentoo.org> xfig-3.2.5-r3.ebuild, xfig-3.2.5b.ebuild: diff --git a/media-gfx/xfig/Manifest b/media-gfx/xfig/Manifest index af078a17e871..659cd82367cf 100644 --- a/media-gfx/xfig/Manifest +++ b/media-gfx/xfig/Manifest @@ -1,3 +1,4 @@ +AUX xfig-3.2.5b-CVE-2010-4262.patch 619 RMD160 12bdb2b859d2fe21f95a3c9fc3f74141191b3344 SHA1 4620fd44f6231038c3bb66fde33a793437fe82ca SHA256 694ea1b3bfd73272c861cb51a0180bfa8915166302636684e8b4561a8b1afb3b AUX xfig-3.2.5b-app-defaults.patch 601 RMD160 1f7b5998decfe729a266ac0e6a1219708cd9cc28 SHA1 ddb1afddb568aa8df602b55387fcf12080b67420 SHA256 e475edf793fb74ccf07c52d864c7d8e1f89fcc5c8204b69b60b1e7431d13311b AUX xfig-3.2.5b-figparserstack.patch 1787 RMD160 1885fdc4f9955a8658c8895f8df37beb7cc86d17 SHA1 55e9d2b4ee43965b9469015adbf213d8239f0064 SHA256 334ccd66978934defed3e060b324db1fd729fb2fc02e6606149a3ec28f12c71d AUX xfig-3.2.5b-mkstemp.patch 979 RMD160 1c49878335af15a0d40db55ac38112ddf9923f78 SHA1 8ac04a8ae496dceb988c8dff582a03036baa76d4 SHA256 0881185381976aaad5b62d54baf7df96981b41a54a74c24710971b175e9e520c @@ -7,9 +8,8 @@ AUX xfig-3.2.5b-pdfimport_mediabox.patch 1245 RMD160 2ad6e3bf0092a0e3025d797cb49 AUX xfig-3.2.5b-spelling.patch 898 RMD160 e34cf50c1cc0bf8c3395999366fb990713a46505 SHA1 8279fb927062f772a2dae1d2db23b65807d53d3f SHA256 792f6dd9dc785e2deadf8691bd667612953b8ba6b0b4f6177984226b7590ddb2 AUX xfig-3.2.5b-urwfonts.patch 4921 RMD160 0f706460c4bbdfa3ad9c766423f72d74d1ca491c SHA1 4630587f030e05eb5a4a384fb593bb006dc630c5 SHA256 84d4d179088b5384c848acbf34e3b040e9648e838b080df8af54d73161a13f19 AUX xfig-3.2.5b-zoom-during-edit.patch 691 RMD160 8f12f1b632a57c74ab6d05a159dbcfe30f434f9e SHA1 6881b529345b655d5cf8b8087c3f7ae2de36e082 SHA256 922c8dd8d3949caca71be28043889db6359eb7ecd4509ce339f216df11b41e5b -DIST xfig.3.2.5.full.tar.gz 5794801 RMD160 0d5ada9e4b7f1dbd8dab8a09fd5946ec0211904c SHA1 ce09d1a74dbddf0bc6b20fe9c558db584fbfed17 SHA256 62e43d5ef483acdb74d0b6dcdf5f8a12e545201048db33ffb5d573d74ae72c9a DIST xfig.3.2.5b.full.tar.gz 5821049 RMD160 aad4cfd808c116d34218e9890a898652e4f52ab6 SHA1 0730d7e6bc217c0de02682efb0078821512bb542 SHA256 5c01cf6d79f4de04e3d9efc9f3e4ea046e880d6610f210c8551bb0a713e985c2 -EBUILD xfig-3.2.5-r3.ebuild 1913 RMD160 97bd7096181936717f8c599cd46eb03a9e9729da SHA1 802d7d721d7cfaacca1750171d13cfa955583616 SHA256 3f7d2eb224071f6bdbc13f8b0b2190ef63e2d5fc96c89e3edac6c8e0b9abc73f +EBUILD xfig-3.2.5b-r1.ebuild 2728 RMD160 0d4969863f5160f5e849d16f7b55cd7ff1382786 SHA1 e37d088ef0f3d04cb50b71b78eb8ca4325a26d5a SHA256 be7b828a382de3435e1d0be5e4dc73b0c9d4251a392ead66ef3a5ecd8557f6a0 EBUILD xfig-3.2.5b.ebuild 2663 RMD160 65362ad025c625c72eb44cda387a2a6f10627cf8 SHA1 b0663ca61650046c97953c1c81683dd07946dec3 SHA256 3effe6196ac021d45be2c517e039ae4dc3920e1c78491bfdc06bb2c2c02807e1 -MISC ChangeLog 9979 RMD160 aeedbc2a0c5f25bc44c9b265d28e1f16bc8604dc SHA1 25ce9dac3b94b01c9a430e3d96046dd7476645d5 SHA256 1ee15530d1b9c2d1e53a069a929af09c7c061c0d857aac4c2e274ace67a04283 +MISC ChangeLog 10251 RMD160 8cce57220e722f89da95471672219488ddf2ca6b SHA1 e672b57392c2e99c9eba28ba751bdac480b2edd3 SHA256 3bc81a17514540db314814686c285fd8920a8efcc0d45eefab5be8c8ef55e2e6 MISC metadata.xml 250 RMD160 f27bc8272125f15d03c2bfc87e961842bdb303ae SHA1 c4991bbfca89085d81f56ed53f8b0c827a35a4f1 SHA256 68999dde540491efec63a8f47366dbc2d5f2c9f2c1211709d92366a56b6cd27d diff --git a/media-gfx/xfig/files/xfig-3.2.5b-CVE-2010-4262.patch b/media-gfx/xfig/files/xfig-3.2.5b-CVE-2010-4262.patch new file mode 100644 index 000000000000..eb85513ef69d --- /dev/null +++ b/media-gfx/xfig/files/xfig-3.2.5b-CVE-2010-4262.patch @@ -0,0 +1,22 @@ +--- w_msgpanel.c ++++ w_msgpanel.c 2010-12-03 14:21:07.931926127 +0000 +@@ -60,7 +60,7 @@ DeclareStaticArgs(12); + /* for the popup message (file_msg) window */ + + static int file_msg_length=0; +-static char tmpstr[300]; ++static char tmpstr[512]; + static Widget file_msg_panel, + file_msg_win, file_msg_dismiss; + +@@ -582,8 +582,8 @@ file_msg(char *format,...) + } + + va_start(ap, format); +- /* format the string */ +- vsprintf(tmpstr, format, ap); ++ /* format the string (but leave room for \n and \0) */ ++ vsnprintf(tmpstr, sizeof(tmpstr)-2, format, ap); + va_end(ap); + + strcat(tmpstr,"\n"); diff --git a/media-gfx/xfig/xfig-3.2.5-r3.ebuild b/media-gfx/xfig/xfig-3.2.5-r3.ebuild deleted file mode 100644 index 70ac3066029c..000000000000 --- a/media-gfx/xfig/xfig-3.2.5-r3.ebuild +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/media-gfx/xfig/xfig-3.2.5-r3.ebuild,v 1.7 2010/11/24 12:16:59 pva Exp $ - -inherit eutils multilib - -MY_P=${PN}.${PV} -DESCRIPTION="A menu-driven tool to draw and manipulate objects interactively in an X window." -HOMEPAGE="http://www.xfig.org" -SRC_URI="http://www.xfig.org/software/xfig/3.2.5/${MY_P}.full.tar.gz" - -LICENSE="BSD" -SLOT="0" -KEYWORDS="alpha amd64 hppa ppc ppc64 sparc x86" -IUSE="" - -RDEPEND="x11-libs/libXaw - x11-libs/libXp - x11-libs/Xaw3d - virtual/jpeg - media-libs/libpng - >=media-gfx/transfig-3.2.5-r1 - media-libs/netpbm" -DEPEND="${RDEPEND} - x11-misc/imake - app-text/rman - x11-proto/xproto - x11-proto/inputproto - x11-libs/libXi" - -S="${WORKDIR}"/${MY_P} - -src_unpack() { - unpack ${A} - cd "${S}" - - # We do not have nescape. Let's use firefox instead... - sed -i "s+netscape+firefox+g" Fig.ad - find "${S}" -type f -exec chmod -x \{\} \; -} - -sed_Imakefile() { - # see Imakefile for details - vars2subs="BINDIR=/usr/bin - PNGINC=-I/usr/include - JPEGLIBDIR=/usr/$(get_libdir) - JPEGINC=-I/usr/include - XPMLIBDIR=/usr/$(get_libdir) - XPMINC=-I/usr/include/X11 - USEINLINE=-DUSE_INLINE - XFIGLIBDIR=/usr/share/xfig - XFIGDOCDIR=/usr/share/doc/${P} - MANDIR=/usr/share/man/man\$\(MANSUFFIX\) - CC=$(tc-getCC)" - - for variable in ${vars2subs} ; do - varname=${variable%%=*} - varval=${variable##*=} - sed -i "s:^\(XCOMM\)*[[:space:]]*${varname}[[:space:]]*=.*$:${varname} = ${varval}:" "$@" - done -} - -src_compile() { - sed_Imakefile Imakefile - - xmkmf || die - emake CC="$(tc-getCC)" LOCAL_LDFLAGS="${LDFLAGS}" CDEBUGFLAGS="${CFLAGS}" \ - USRLIBDIR=/usr/$(get_libdir) || die -} - -src_install() { - emake -j1 DESTDIR="${D}" install.all || die - - insinto /usr/share/doc/${P} - doins README FIGAPPS CHANGES LATEX.AND.XFIG - - doicon xfig.png - make_desktop_entry xfig Xfig xfig -} diff --git a/media-gfx/xfig/xfig-3.2.5b-r1.ebuild b/media-gfx/xfig/xfig-3.2.5b-r1.ebuild new file mode 100644 index 000000000000..5c3b53461055 --- /dev/null +++ b/media-gfx/xfig/xfig-3.2.5b-r1.ebuild @@ -0,0 +1,95 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-gfx/xfig/xfig-3.2.5b-r1.ebuild,v 1.1 2010/12/20 17:45:22 pva Exp $ + +EAPI="2" +inherit eutils multilib + +MY_P=${PN}.${PV} + +DESCRIPTION="A menu-driven tool to draw and manipulate objects interactively in an X window." +HOMEPAGE="http://www.xfig.org" +SRC_URI="mirror://sourceforge/mcj/${MY_P}.full.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" +IUSE="" + +RDEPEND="x11-libs/libXaw + x11-libs/libXp + x11-libs/Xaw3d + x11-libs/libXi + virtual/jpeg + media-libs/libpng + media-fonts/font-misc-misc + media-fonts/urw-fonts + >=media-gfx/transfig-3.2.5-r1 + media-libs/netpbm" +DEPEND="${RDEPEND} + x11-misc/imake + x11-proto/xproto + x11-proto/inputproto" + +S=${WORKDIR}/${MY_P} + +sed_Imakefile() { + # see Imakefile for details + vars2subs=( BINDIR=/usr/bin + PNGINC=-I/usr/include + JPEGLIBDIR="/usr/$(get_libdir)" + JPEGINC=-I/usr/include + XPMLIBDIR="/usr/$(get_libdir)" + XPMINC=-I/usr/include/X11 + "USEINLINE = -DUSE_INLINE" + XFIGLIBDIR=/usr/share/xfig + XFIGDOCDIR="/usr/share/doc/${PF}" + MANDIR="/usr/share/man/man\$\(MANSUFFIX\)" + "CC=$(tc-getCC)" ) + + for variable in "${vars2subs[@]}" ; do + varname=${variable%%=*} + varval=${variable##*=} + sed -i "s:^\(XCOMM\)*[[:space:]]*${varname}[[:space:]]*=.*$:${varname} = ${varval}:" "$@" + done + sed -i "s:^\(XCOMM\)*[[:space:]]*\(#define I18N\).*$:\2:" "$@" + if has_version '>=x11-libs/Xaw3d-1.5e'; then + einfo "x11-libs/Xaw3d 1.5e and abover installed" + sed -i "s:^\(XCOMM\)*[[:space:]]*\(#define XAW3D1_5E\).*$:\2:" "$@" + fi +} + +src_prepare() { + # Permissions are really crazy here + chmod -R go+rX . + find . -type f -exec chmod a-x '{}' \; + epatch "${FILESDIR}/${P}-figparserstack.patch" #297379 + epatch "${FILESDIR}/${P}-spelling.patch" + epatch "${FILESDIR}/${P}-papersize_b1.patch" + epatch "${FILESDIR}/${P}-pdfimport_mediabox.patch" + epatch "${FILESDIR}/${P}-network_images.patch" + epatch "${FILESDIR}/${P}-app-defaults.patch" + epatch "${FILESDIR}/${P}-zoom-during-edit.patch" + epatch "${FILESDIR}/${P}-urwfonts.patch" + epatch "${FILESDIR}/${P}-mkstemp.patch" #264575 + epatch "${FILESDIR}/${P}-CVE-2010-4262.patch" #348344 + sed_Imakefile Imakefile + sed -e "s:/usr/lib/X11/xfig:/usr/share/doc/${PF}:" \ + -i Doc/xfig.man -i Doc/xfig_man.html || die +} + +src_compile() { + xmkmf || die + emake CC="$(tc-getCC)" LOCAL_LDFLAGS="${LDFLAGS}" CDEBUGFLAGS="${CFLAGS}" \ + USRLIBDIR=/usr/$(get_libdir) || die +} + +src_install() { + emake -j1 DESTDIR="${D}" install.all || die + + insinto /usr/share/doc/${PF} + doins README FIGAPPS CHANGES LATEX.AND.XFIG + + doicon xfig.png + make_desktop_entry xfig Xfig xfig +} |