[Frugalware-darcs] frugalware-0.6: kdegraphics-3.5.6-2terminus1-i686

VMiklos vmiklos at frugalware.org
Thu Aug 9 11:23:19 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20070809092230-e2957-a68d29fd33da2a1e1803c67991fcbd0d4ce12c1e.gz;

[kdegraphics-3.5.6-2terminus1-i686
VMiklos <vmiklos at frugalware.org>**20070809092230
 added post-3.5.6-kdegraphics-CVE-2007-3387.diff secfix
 closes #2302
] {
hunk ./source/kde/kdegraphics/FrugalBuild 6
-pkgrel=1
+pkgrel=2terminus1
hunk ./source/kde/kdegraphics/FrugalBuild 16
+source=($source post-3.5.6-kdegraphics-CVE-2007-3387.diff)
hunk ./source/kde/kdegraphics/FrugalBuild 27
-sha1sums=('481d3f3733c042f7dfe7d9fc6620d17f8b945957')
+sha1sums=('481d3f3733c042f7dfe7d9fc6620d17f8b945957' \
+          'cd403dcea659e9b4c700835c3a39ad3048f48533')
addfile ./source/kde/kdegraphics/post-3.5.6-kdegraphics-CVE-2007-3387.diff
hunk ./source/kde/kdegraphics/post-3.5.6-kdegraphics-CVE-2007-3387.diff 1
+diff -Naur kdegraphics-3.5.6.orig/kpdf/xpdf/xpdf/Stream.cc kdegraphics-3.5.6/kpdf/xpdf/xpdf/Stream.cc
+--- kdegraphics-3.5.6.orig/kpdf/xpdf/xpdf/Stream.cc	2007-01-15 12:21:56.000000000 +0100
++++ kdegraphics-3.5.6/kpdf/xpdf/xpdf/Stream.cc	2007-08-09 09:45:03.000000000 +0200
+@@ -411,14 +411,11 @@
+   nBits = nBitsA;
+   predLine = NULL;
+   ok = gFalse;
+-
+-  if (width <= 0 || nComps <= 0 || nBits <= 0 ||
+-      nComps >= INT_MAX / nBits ||
+-      width >= INT_MAX / nComps / nBits)
+-    return;
+-
+   nVals = width * nComps;
+-  if (nVals * nBits + 7 < 0)
++  if (width <= 0 || nComps <= 0 || nBits <= 0 ||
++      nComps > gfxColorMaxComps || nBits > 16 ||
++      width >= INT_MAX / nComps ||
++      nVals >= (INT_MAX - 7) / nBits)
+     return;
+   pixBytes = (nComps * nBits + 7) >> 3;
+   rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
}


More information about the Frugalware-darcs mailing list