1 |
commit: 41d04b8d7079876adcf13bf3792a5c9701686ca6 |
2 |
Author: Pacho Ramos <pacho <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Mar 28 18:22:37 2018 +0000 |
4 |
Commit: Pacho Ramos <pacho <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Mar 28 18:23:31 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41d04b8d |
7 |
|
8 |
app-office/pinpoint: Fix CVE-2013-7447 (#574384) |
9 |
|
10 |
Package-Manager: Portage-2.3.24, Repoman-2.3.6 |
11 |
|
12 |
.../files/pinpoint-0.1.8-CVE-2013-7447.patch | 33 ++++++++++++++ |
13 |
app-office/pinpoint/pinpoint-0.1.8-r1.ebuild | 50 ++++++++++++++++++++++ |
14 |
2 files changed, 83 insertions(+) |
15 |
|
16 |
diff --git a/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch b/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch |
17 |
new file mode 100644 |
18 |
index 00000000000..b9c39ad7206 |
19 |
--- /dev/null |
20 |
+++ b/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch |
21 |
@@ -0,0 +1,33 @@ |
22 |
+From f90483245250456d6306b4fff2f68f445ef33864 Mon Sep 17 00:00:00 2001 |
23 |
+From: RyuzakiKK <aasonykk@×××××.com> |
24 |
+Date: Sat, 5 Aug 2017 20:00:30 +0200 |
25 |
+Subject: [PATCH] Avoid integer overflow |
26 |
+ |
27 |
+pinpoint is affected by a possible integer overflow, that was also |
28 |
+found and patched upstream in gtk+ |
29 |
+https://git.gnome.org/browse/gtk+/commit/?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6 |
30 |
+ |
31 |
+With g_malloc_m we can avoid the integer overflow. |
32 |
+ |
33 |
+As pointed out by Pacho Ramos in |
34 |
+https://bugzilla.gnome.org/show_bug.cgi?id=762029 |
35 |
+--- |
36 |
+ pp-cairo.c | 2 +- |
37 |
+ 1 file changed, 1 insertion(+), 1 deletion(-) |
38 |
+ |
39 |
+diff --git a/pp-cairo.c b/pp-cairo.c |
40 |
+index 8afb362..dc0a452 100644 |
41 |
+--- a/pp-cairo.c |
42 |
++++ b/pp-cairo.c |
43 |
+@@ -120,7 +120,7 @@ _cairo_new_surface_from_pixbuf (const GdkPixbuf *pixbuf) |
44 |
+ format = CAIRO_FORMAT_ARGB32; |
45 |
+ |
46 |
+ cairo_stride = cairo_format_stride_for_width (format, width); |
47 |
+- cairo_pixels = g_malloc (height * cairo_stride); |
48 |
++ cairo_pixels = g_malloc_n (height, cairo_stride); |
49 |
+ surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels, |
50 |
+ format, |
51 |
+ width, height, cairo_stride); |
52 |
+-- |
53 |
+2.13.4 |
54 |
+ |
55 |
|
56 |
diff --git a/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild b/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild |
57 |
new file mode 100644 |
58 |
index 00000000000..7bf59666c4c |
59 |
--- /dev/null |
60 |
+++ b/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild |
61 |
@@ -0,0 +1,50 @@ |
62 |
+# Copyright 1999-2018 Gentoo Foundation |
63 |
+# Distributed under the terms of the GNU General Public License v2 |
64 |
+ |
65 |
+EAPI=6 |
66 |
+inherit gnome2 |
67 |
+ |
68 |
+DESCRIPTION="A tool for making hackers do excellent presentations" |
69 |
+HOMEPAGE="https://wiki.gnome.org/Apps/Pinpoint" |
70 |
+ |
71 |
+LICENSE="LGPL-2.1" |
72 |
+SLOT="0" |
73 |
+KEYWORDS="~amd64 ~x86" |
74 |
+IUSE="+gstreamer +pdf" |
75 |
+ |
76 |
+# rsvg is used for svg-in-pdf -- clubbing it under pdf for now |
77 |
+RDEPEND=" |
78 |
+ >=media-libs/clutter-1.23.7:1.0 |
79 |
+ >=media-libs/clutter-gtk-1.6:1.0 |
80 |
+ >=dev-libs/glib-2.28:2 |
81 |
+ >=x11-libs/cairo-1.9.4 |
82 |
+ x11-libs/pango |
83 |
+ x11-libs/gdk-pixbuf:2 |
84 |
+ gstreamer? ( media-libs/clutter-gst:3.0 ) |
85 |
+ pdf? ( gnome-base/librsvg:2 ) |
86 |
+" |
87 |
+DEPEND="${RDEPEND} |
88 |
+ virtual/pkgconfig |
89 |
+" |
90 |
+ |
91 |
+PATCHES=( |
92 |
+ # Fix CVE-2013-7447, bug #574384, https://bugzilla.gnome.org/show_bug.cgi?id=762029 |
93 |
+ "${FILESDIR}"/${P}-CVE-2013-7447.patch |
94 |
+) |
95 |
+ |
96 |
+src_configure() { |
97 |
+ # dax support is disabled because we don't have it in tree yet and it's |
98 |
+ # experimental |
99 |
+ gnome2_src_configure \ |
100 |
+ --disable-dax \ |
101 |
+ $(use_enable gstreamer cluttergst) \ |
102 |
+ $(use_enable pdf rsvg) |
103 |
+} |
104 |
+ |
105 |
+src_install() { |
106 |
+ gnome2_src_install |
107 |
+ |
108 |
+ docompress -x /usr/share/doc/${PF}/examples |
109 |
+ insinto "/usr/share/doc/${PF}/examples" |
110 |
+ doins introduction.pin bg.jpg bowls.jpg linus.jpg |
111 |
+} |