| 1 |
commit: dfa7924ea685a59ebb1afb94775e8fe9f08b6739 |
| 2 |
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Mon Jun 26 20:57:36 2017 +0000 |
| 4 |
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Mon Jun 26 20:58:10 2017 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=dfa7924e |
| 7 |
|
| 8 |
app-text/libmwaw: Fix CVE-2017-9433 |
| 9 |
|
| 10 |
Also drop unused RDEPEND. |
| 11 |
|
| 12 |
Gentoo-bug: 621880 |
| 13 |
|
| 14 |
Package-Manager: Portage-2.3.6, Repoman-2.3.1 |
| 15 |
|
| 16 |
.../libmwaw/files/libmwaw-0.3.11-CVE-2017-9433.patch | 19 +++++++++++++++++++ |
| 17 |
.../{libmwaw-9999.ebuild => libmwaw-0.3.11-r1.ebuild} | 3 ++- |
| 18 |
app-text/libmwaw/libmwaw-9999.ebuild | 1 - |
| 19 |
3 files changed, 21 insertions(+), 2 deletions(-) |
| 20 |
|
| 21 |
diff --git a/app-text/libmwaw/files/libmwaw-0.3.11-CVE-2017-9433.patch b/app-text/libmwaw/files/libmwaw-0.3.11-CVE-2017-9433.patch |
| 22 |
new file mode 100644 |
| 23 |
index 00000000000..4918fd4b651 |
| 24 |
--- /dev/null |
| 25 |
+++ b/app-text/libmwaw/files/libmwaw-0.3.11-CVE-2017-9433.patch |
| 26 |
@@ -0,0 +1,19 @@ |
| 27 |
+commit 68b3b74569881248bfb6cbb4266177cc253b292f |
| 28 |
+Author: David Tardon <dtardon@××××××.com> |
| 29 |
+Date: Sat Apr 8 14:03:29 2017 +0200 |
| 30 |
+ |
| 31 |
+ ofz#1037 resize vector correctly |
| 32 |
+ |
| 33 |
+diff --git a/src/lib/MsWrd1Parser.cxx b/src/lib/MsWrd1Parser.cxx |
| 34 |
+index 63547e6..3626064 100644 |
| 35 |
+--- a/src/lib/MsWrd1Parser.cxx |
| 36 |
++++ b/src/lib/MsWrd1Parser.cxx |
| 37 |
+@@ -902,7 +902,7 @@ bool MsWrd1Parser::readFootnoteCorrespondance(MWAWVec2i limits) |
| 38 |
+ int id = fIt++->second; |
| 39 |
+ fPos[1] = fIt==footnoteMap.end() ? m_state->m_eot : fIt->first; |
| 40 |
+ if (id >= int(m_state->m_footnotesList.size())) |
| 41 |
+- m_state->m_footnotesList.resize(size_t(id),MWAWVec2l(0,0)); |
| 42 |
++ m_state->m_footnotesList.resize(size_t(id)+1,MWAWVec2l(0,0)); |
| 43 |
+ m_state->m_footnotesList[size_t(id)]=fPos; |
| 44 |
+ } |
| 45 |
+ ascii().addDelimiter(input->tell(),'|'); |
| 46 |
|
| 47 |
diff --git a/app-text/libmwaw/libmwaw-9999.ebuild b/app-text/libmwaw/libmwaw-0.3.11-r1.ebuild |
| 48 |
similarity index 95% |
| 49 |
copy from app-text/libmwaw/libmwaw-9999.ebuild |
| 50 |
copy to app-text/libmwaw/libmwaw-0.3.11-r1.ebuild |
| 51 |
index ed8c879dc73..8be0198bd0f 100644 |
| 52 |
--- a/app-text/libmwaw/libmwaw-9999.ebuild |
| 53 |
+++ b/app-text/libmwaw/libmwaw-0.3.11-r1.ebuild |
| 54 |
@@ -20,7 +20,6 @@ IUSE="doc static-libs tools" |
| 55 |
|
| 56 |
RDEPEND=" |
| 57 |
dev-libs/librevenge |
| 58 |
- dev-libs/libxml2 |
| 59 |
sys-libs/zlib |
| 60 |
" |
| 61 |
DEPEND="${RDEPEND} |
| 62 |
@@ -29,6 +28,8 @@ DEPEND="${RDEPEND} |
| 63 |
doc? ( app-doc/doxygen ) |
| 64 |
" |
| 65 |
|
| 66 |
+PATCHES=( "${FILESDIR}/${P}-CVE-2017-9433.patch" ) |
| 67 |
+ |
| 68 |
src_prepare() { |
| 69 |
default |
| 70 |
[[ ${PV} == 9999 ]] && eautoreconf |
| 71 |
|
| 72 |
diff --git a/app-text/libmwaw/libmwaw-9999.ebuild b/app-text/libmwaw/libmwaw-9999.ebuild |
| 73 |
index ed8c879dc73..b0434c260bc 100644 |
| 74 |
--- a/app-text/libmwaw/libmwaw-9999.ebuild |
| 75 |
+++ b/app-text/libmwaw/libmwaw-9999.ebuild |
| 76 |
@@ -20,7 +20,6 @@ IUSE="doc static-libs tools" |
| 77 |
|
| 78 |
RDEPEND=" |
| 79 |
dev-libs/librevenge |
| 80 |
- dev-libs/libxml2 |
| 81 |
sys-libs/zlib |
| 82 |
" |
| 83 |
DEPEND="${RDEPEND} |
Archives