1 |
commit: d0b5a9d997ee762c077790a87a48bc611d765d74 |
2 |
Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Jan 27 20:58:11 2017 +0000 |
4 |
Commit: Andreas Hüttel <dilfridge <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Jan 27 20:58:34 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d0b5a9d9 |
7 |
|
8 |
media-libs/lcms: Add patch for out-of-bounds read in Type_MLU_Read() (CVE-2016-10165), bug 591452 |
9 |
|
10 |
Package-Manager: Portage-2.3.3, Repoman-2.3.1 |
11 |
|
12 |
.../lcms/files/lcms-2.8-CVE-2016-10165.patch | 22 ++++++++++ |
13 |
media-libs/lcms/lcms-2.8-r1.ebuild | 51 ++++++++++++++++++++++ |
14 |
2 files changed, 73 insertions(+) |
15 |
|
16 |
diff --git a/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch b/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch |
17 |
new file mode 100644 |
18 |
index 00000000..b380cf4 |
19 |
--- /dev/null |
20 |
+++ b/media-libs/lcms/files/lcms-2.8-CVE-2016-10165.patch |
21 |
@@ -0,0 +1,22 @@ |
22 |
+From 5ca71a7bc18b6897ab21d815d15e218e204581e2 Mon Sep 17 00:00:00 2001 |
23 |
+From: Marti <marti.maria@×××××××××××××.com> |
24 |
+Date: Mon, 15 Aug 2016 23:31:39 +0200 |
25 |
+Subject: [PATCH] Added an extra check to MLU bounds |
26 |
+ |
27 |
+Thanks to Ibrahim el-sayed for spotting the bug |
28 |
+--- |
29 |
+ src/cmstypes.c | 1 + |
30 |
+ 1 file changed, 1 insertion(+) |
31 |
+ |
32 |
+diff --git a/src/cmstypes.c b/src/cmstypes.c |
33 |
+index cb61860..c7328b9 100644 |
34 |
+--- a/src/cmstypes.c |
35 |
++++ b/src/cmstypes.c |
36 |
+@@ -1460,6 +1460,7 @@ void *Type_MLU_Read(struct _cms_typehandler_struct* self, cmsIOHANDLER* io, cmsU |
37 |
+ |
38 |
+ // Check for overflow |
39 |
+ if (Offset < (SizeOfHeader + 8)) goto Error; |
40 |
++ if ((Offset + Len) > SizeOfTag + 8) goto Error; |
41 |
+ |
42 |
+ // True begin of the string |
43 |
+ BeginOfThisString = Offset - SizeOfHeader - 8; |
44 |
|
45 |
diff --git a/media-libs/lcms/lcms-2.8-r1.ebuild b/media-libs/lcms/lcms-2.8-r1.ebuild |
46 |
new file mode 100644 |
47 |
index 00000000..10208ae |
48 |
--- /dev/null |
49 |
+++ b/media-libs/lcms/lcms-2.8-r1.ebuild |
50 |
@@ -0,0 +1,51 @@ |
51 |
+# Copyright 1999-2017 Gentoo Foundation |
52 |
+# Distributed under the terms of the GNU General Public License v2 |
53 |
+# $Id$ |
54 |
+ |
55 |
+EAPI=6 |
56 |
+AUTOTOOLS_PRUNE_LIBTOOL_FILES="modules" |
57 |
+inherit eutils multilib-minimal |
58 |
+ |
59 |
+DESCRIPTION="A lightweight, speed optimized color management engine" |
60 |
+HOMEPAGE="http://www.littlecms.com/" |
61 |
+SRC_URI="mirror://sourceforge/${PN}/lcms2-${PV}.tar.gz" |
62 |
+ |
63 |
+LICENSE="MIT" |
64 |
+SLOT="2" |
65 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~x64-solaris ~x86-solaris" |
66 |
+IUSE="doc jpeg static-libs +threads test tiff zlib" |
67 |
+ |
68 |
+RDEPEND="jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] ) |
69 |
+ tiff? ( >=media-libs/tiff-4.0.3-r6:0=[${MULTILIB_USEDEP}] ) |
70 |
+ zlib? ( >=sys-libs/zlib-1.2.8-r1:=[${MULTILIB_USEDEP}] ) |
71 |
+ abi_x86_32? ( |
72 |
+ !<=app-emulation/emul-linux-x86-baselibs-20130224-r10 |
73 |
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] |
74 |
+ )" |
75 |
+DEPEND="${RDEPEND}" |
76 |
+ |
77 |
+S=${WORKDIR}/lcms2-${PV} |
78 |
+ |
79 |
+PATCHES=( |
80 |
+ "${FILESDIR}/${P}-CVE-2016-10165.patch" |
81 |
+) |
82 |
+ |
83 |
+multilib_src_configure() { |
84 |
+ local myeconfargs=( |
85 |
+ $(use_with jpeg) |
86 |
+ $(use_with tiff) |
87 |
+ $(use_with zlib) |
88 |
+ $(use_with threads) |
89 |
+ ) |
90 |
+ ECONF_SOURCE="${S}" \ |
91 |
+ econf ${myeconfargs[@]} |
92 |
+} |
93 |
+ |
94 |
+multilib_src_install_all() { |
95 |
+ find "${ED}" \( -name "*.la" -o -name "*.a" \) -delete || die |
96 |
+ |
97 |
+ if use doc; then |
98 |
+ docinto pdf |
99 |
+ dodoc doc/*.pdf |
100 |
+ fi |
101 |
+} |