Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Peter Volkov (pva)" <pva@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in app-text/ghostscript-gnu/files: ghostscript-8.60-CVE-2008-0411.diff
Date: Fri, 29 Feb 2008 12:02:44
Message-Id: E1JV3wn-0003aj-61@stork.gentoo.org
1 pva 08/02/29 12:02:41
2
3 Added: ghostscript-8.60-CVE-2008-0411.diff
4 Log:
5 Fixed security issue (CVE-2008-0411), bug #208999, thank Robert Buchholz for report and coordination.
6 (Portage version: 2.1.4.4, RepoMan options: --force)
7
8 Revision Changes Path
9 1.1 app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff
10
11 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff?rev=1.1&view=markup
12 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff?rev=1.1&content-type=text/plain
13
14 Index: ghostscript-8.60-CVE-2008-0411.diff
15 ===================================================================
16 --- src/zicc.c
17 +++ src/zicc.c 2008-02-05 16:11:59.000000000 +0000
18 @@ -77,6 +77,9 @@ zseticcspace(i_ctx_t * i_ctx_p)
19 dict_find_string(op, "N", &pnval);
20 ncomps = pnval->value.intval;
21
22 + if (2*ncomps > sizeof(range_buff)/sizeof(float))
23 + return_error(e_rangecheck);
24 +
25 /* verify the DataSource entry */
26 if (dict_find_string(op, "DataSource", &pstrmval) <= 0)
27 return_error(e_undefined);
28
29
30
31 --
32 gentoo-commits@l.g.o mailing list
Report Message
Find on MARC Find on Google Groups