[Frugalware-darcs] frugalware-0.6: gimp-2.2.13-2terminus2-i686

VMiklos vmiklos at frugalware.org
Tue Jul 31 10:24:49 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20070731082348-e2957-c4ea12891f966481e5aad1df30c4b9868bc436d3.gz;

[gimp-2.2.13-2terminus2-i686
VMiklos <vmiklos at frugalware.org>**20070731082348
 added CVE-2007-2949.diff secfix
 closes #2237
] {
addfile ./source/xapps/gimp/CVE-2007-2949.diff
hunk ./source/xapps/gimp/CVE-2007-2949.diff 1
+diff -Nur gimp-2.2.13/plug-ins/common/psd.c gimp-2.2.13.new/plug-ins/common/psd.c
+--- gimp-2.2.13/plug-ins/common/psd.c	2006-03-02 00:50:16.000000000 -0800
++++ gimp-2.2.13.new/plug-ins/common/psd.c	2007-07-04 06:10:25.749012431 -0700
+@@ -1202,6 +1202,12 @@
+   width = channel->width;
+   height = channel->height;
+ 
++  if (width > G_MAXINT16 || height > G_MAXINT16)
++    {
++      g_message ("Error: Invalid channel dimensions");
++      gimp_quit ();
++    }
++
+   IFDBG
+     {
+       printf("\t\t\tLayer (%d) Channel (%d:%d) Compression: %d (%s)\n",
hunk ./source/xapps/gimp/FrugalBuild 7
-pkgrel=2terminus1
+pkgrel=2terminus2
hunk ./source/xapps/gimp/FrugalBuild 16
-source=(ftp://ftp.gimp.org/pub/gimp/v2.2/$pkgname-$pkgver.tar.bz2 gimp-sunras-bufferoverflow.diff)
+source=(ftp://ftp.gimp.org/pub/gimp/v2.2/$pkgname-$pkgver.tar.bz2 gimp-sunras-bufferoverflow.diff \
+	CVE-2007-2949.diff)
hunk ./source/xapps/gimp/FrugalBuild 34
-sha1sums=('7f215396c817b2a16ef62fc2d90f98881fc91c65'\
-          '4c6263b35b7a7324fb896a12cf8fa7bdb8aced94')
+sha1sums=('7f215396c817b2a16ef62fc2d90f98881fc91c65' \
+          '4c6263b35b7a7324fb896a12cf8fa7bdb8aced94' \
+          '56657c7081ce7a96cb1bc1a93579284e104965d3')
}


More information about the Frugalware-darcs mailing list