1 |
ssuominen 10/05/10 20:50:06 |
2 |
|
3 |
Added: devil-1.7.8-CVE-2009-3994.patch |
4 |
devil-1.7.8-libpng14.patch |
5 |
Log: |
6 |
Version bump wrt #297760 (Karl-Robert Ernst) with CVE-2009-3994 patch (Christopher Harvey) and libpng14 compability (Marcin BaczyĆski) |
7 |
(Portage version: 2.2_rc67/cvs/Linux x86_64) |
8 |
|
9 |
Revision Changes Path |
10 |
1.1 media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch |
11 |
|
12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch?rev=1.1&view=markup |
13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/devil/files/devil-1.7.8-CVE-2009-3994.patch?rev=1.1&content-type=text/plain |
14 |
|
15 |
Index: devil-1.7.8-CVE-2009-3994.patch |
16 |
=================================================================== |
17 |
http://bugs.gentoo.org/297760 |
18 |
|
19 |
--- src-IL/src/il_dicom.c |
20 |
+++ src-IL/src/il_dicom.c |
21 |
@@ -427,9 +427,11 @@ ILboolean GetUID(ILubyte *UID) |
22 |
return IL_FALSE; |
23 |
|
24 |
ValLen = GetLittleUShort(); |
25 |
+ if (ValLen > 64) |
26 |
+ return IL_FALSE; |
27 |
if (iread(UID, ValLen, 1) != 1) |
28 |
return IL_FALSE; |
29 |
- UID[64] = 0; // Just to make sure that our string is terminated. |
30 |
+ UID[ValLen] = 0; // Just to make sure that our string is terminated. |
31 |
|
32 |
return IL_TRUE; |
33 |
} |
34 |
|
35 |
|
36 |
|
37 |
1.1 media-libs/devil/files/devil-1.7.8-libpng14.patch |
38 |
|
39 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/devil/files/devil-1.7.8-libpng14.patch?rev=1.1&view=markup |
40 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-libs/devil/files/devil-1.7.8-libpng14.patch?rev=1.1&content-type=text/plain |
41 |
|
42 |
Index: devil-1.7.8-libpng14.patch |
43 |
=================================================================== |
44 |
diff -Nur devil-1.7.8.orig/src-IL/src/il_icon.c devil-1.7.8/src-IL/src/il_icon.c |
45 |
--- devil-1.7.8.orig/src-IL/src/il_icon.c 2009-03-08 09:10:09.000000000 +0200 |
46 |
+++ devil-1.7.8/src-IL/src/il_icon.c 2010-01-17 00:54:09.000000000 +0200 |
47 |
@@ -525,7 +525,7 @@ |
48 |
|
49 |
// Expand low-bit-depth grayscale images to 8 bits |
50 |
if (ico_color_type == PNG_COLOR_TYPE_GRAY && bit_depth < 8) { |
51 |
- png_set_gray_1_2_4_to_8(ico_png_ptr); |
52 |
+ png_set_expand_gray_1_2_4_to_8(ico_png_ptr); |
53 |
} |
54 |
|
55 |
// Expand RGB images with transparency to full alpha channels |
56 |
diff -Nur devil-1.7.8.orig/src-IL/src/il_png.c devil-1.7.8/src-IL/src/il_png.c |
57 |
--- devil-1.7.8.orig/src-IL/src/il_png.c 2009-03-08 09:10:09.000000000 +0200 |
58 |
+++ devil-1.7.8/src-IL/src/il_png.c 2010-01-17 00:55:26.000000000 +0200 |
59 |
@@ -105,7 +105,7 @@ |
60 |
Read = iread(Signature, 1, 8); |
61 |
iseek(-Read, IL_SEEK_CUR); |
62 |
|
63 |
- return png_check_sig(Signature, 8); |
64 |
+ return png_sig_cmp(Signature, 0, 8) == 0; |
65 |
} |
66 |
|
67 |
|
68 |
@@ -278,7 +278,7 @@ |
69 |
|
70 |
// Expand low-bit-depth grayscale images to 8 bits |
71 |
if (png_color_type == PNG_COLOR_TYPE_GRAY && bit_depth < 8) { |
72 |
- png_set_gray_1_2_4_to_8(png_ptr); |
73 |
+ png_set_expand_gray_1_2_4_to_8(png_ptr); |
74 |
} |
75 |
|
76 |
// Expand RGB images with transparency to full alpha channels |