Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-libs/devil/files
diff options
context:
space:
mode:
authorSamuli Suominen <ssuominen@gentoo.org>2010-05-10 20:50:06 +0000
committerSamuli Suominen <ssuominen@gentoo.org>2010-05-10 20:50:06 +0000
commit7caae851748caae1be1e2a55023250478c7f9ae2 (patch)
tree6b522e440f7947cee09a0c40ea260b3fc661a4d4 /media-libs/devil/files
parentStable for HPPA (bug #318935). (diff)
downloadhistorical-7caae851748caae1be1e2a55023250478c7f9ae2.tar.gz
historical-7caae851748caae1be1e2a55023250478c7f9ae2.tar.bz2
historical-7caae851748caae1be1e2a55023250478c7f9ae2.zip
Version bump wrt #297760 (Karl-Robert Ernst) with CVE-2009-3994 patch (Christopher Harvey) and libpng14 compability (Marcin Baczyński)
Package-Manager: portage-2.2_rc67/cvs/Linux x86_64
Diffstat (limited to 'media-libs/devil/files')
-rw-r--r--media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch17
-rw-r--r--media-libs/devil/files/devil-1.7.8-libpng14.patch33
2 files changed, 50 insertions, 0 deletions
diff --git a/media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch b/media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch
new file mode 100644
index 000000000000..6c9f2db1d270
--- /dev/null
+++ b/media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch
@@ -0,0 +1,17 @@
+http://bugs.gentoo.org/297760
+
+--- src-IL/src/il_dicom.c
++++ src-IL/src/il_dicom.c
+@@ -427,9 +427,11 @@ ILboolean GetUID(ILubyte *UID)
+ return IL_FALSE;
+
+ ValLen = GetLittleUShort();
++ if (ValLen > 64)
++ return IL_FALSE;
+ if (iread(UID, ValLen, 1) != 1)
+ return IL_FALSE;
+- UID[64] = 0; // Just to make sure that our string is terminated.
++ UID[ValLen] = 0; // Just to make sure that our string is terminated.
+
+ return IL_TRUE;
+ }
diff --git a/media-libs/devil/files/devil-1.7.8-libpng14.patch b/media-libs/devil/files/devil-1.7.8-libpng14.patch
new file mode 100644
index 000000000000..b8434692b8bd
--- /dev/null
+++ b/media-libs/devil/files/devil-1.7.8-libpng14.patch
@@ -0,0 +1,33 @@
+diff -Nur devil-1.7.8.orig/src-IL/src/il_icon.c devil-1.7.8/src-IL/src/il_icon.c
+--- devil-1.7.8.orig/src-IL/src/il_icon.c 2009-03-08 09:10:09.000000000 +0200
++++ devil-1.7.8/src-IL/src/il_icon.c 2010-01-17 00:54:09.000000000 +0200
+@@ -525,7 +525,7 @@
+
+ // Expand low-bit-depth grayscale images to 8 bits
+ if (ico_color_type == PNG_COLOR_TYPE_GRAY && bit_depth < 8) {
+- png_set_gray_1_2_4_to_8(ico_png_ptr);
++ png_set_expand_gray_1_2_4_to_8(ico_png_ptr);
+ }
+
+ // Expand RGB images with transparency to full alpha channels
+diff -Nur devil-1.7.8.orig/src-IL/src/il_png.c devil-1.7.8/src-IL/src/il_png.c
+--- devil-1.7.8.orig/src-IL/src/il_png.c 2009-03-08 09:10:09.000000000 +0200
++++ devil-1.7.8/src-IL/src/il_png.c 2010-01-17 00:55:26.000000000 +0200
+@@ -105,7 +105,7 @@
+ Read = iread(Signature, 1, 8);
+ iseek(-Read, IL_SEEK_CUR);
+
+- return png_check_sig(Signature, 8);
++ return png_sig_cmp(Signature, 0, 8) == 0;
+ }
+
+
+@@ -278,7 +278,7 @@
+
+ // Expand low-bit-depth grayscale images to 8 bits
+ if (png_color_type == PNG_COLOR_TYPE_GRAY && bit_depth < 8) {
+- png_set_gray_1_2_4_to_8(png_ptr);
++ png_set_expand_gray_1_2_4_to_8(png_ptr);
+ }
+
+ // Expand RGB images with transparency to full alpha channels