[Frugalware-darcs] frugalware-current: gd-2.0.35-1-i686

crazy crazy at frugalware.org
Tue Jun 26 14:19:03 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-current;a=darcs_commitdiff;h=20070626121712-f6986-6c44c4e2824b85f7383633d5d70666cd1ff4bec2.gz;

[gd-2.0.35-1-i686
crazy <crazy at frugalware.org>**20070626121712
 * Version bump
] {
hunk ./source/lib/gd/CVE-2007-2756.patch 1
-Index: gd_png.c
-===================================================================
-RCS file: /repository/gd/libgd/gd_png.c,v
-retrieving revision 1.21.2.1
-diff -u -p -r1.21.2.1 gd_png.c
---- gd_png.c	1 Apr 2007 20:41:01 -0000	1.21.2.1
-+++ gd_png.c	16 May 2007 19:06:11 -0000
-@@ -81,7 +81,11 @@ gdPngErrorHandler (png_structp png_ptr, 
- static void
- gdPngReadData (png_structp png_ptr, png_bytep data, png_size_t length)
- {
--  gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr));
-+  int check;
-+  check = gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr));
-+  if (check != length) {
-+    png_error(png_ptr, "Read Error: truncated data");
-+  }
- }
- 
- static void
rmfile ./source/lib/gd/CVE-2007-2756.patch
hunk ./source/lib/gd/FrugalBuild 5
-pkgver=2.0.34
-pkgrel=2
+pkgver=2.0.35
+pkgrel=1
hunk ./source/lib/gd/FrugalBuild 13
-source=($url/releases/$pkgname-$pkgver.tar.bz2 gd-2.0.33-secfix.diff CVE-2007-2756.patch)
-sha1sums=('7d735b2917f987dd71ddbb72e9e100b2f8951de7'\
-          'cbb8431bc5ee54452eb968f35e687591f86f9f92'\
-          '78824cc6ecf186c12f3a8d5345a5b69d3f3ee294')
+source=($url/releases/$pkgname-$pkgver.tar.bz2)
+sha1sums=('ccf34a610abff2dbf133a20c4d2a4aa94939018a')
+
+build()
+{
+	Fcd
+	Fautoreconf
+	Fbuild
+}
hunk ./source/lib/gd/gd-2.0.33-secfix.diff 1
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906
-diff -Naur gd-2.0.33.orig/gd_gif_in.c gd-2.0.33/gd_gif_in.c
---- gd-2.0.33.orig/gd_gif_in.c	2004-11-01 19:28:56.000000000 +0100
-+++ gd-2.0.33/gd_gif_in.c	2006-08-06 13:12:04.000000000 +0200
-@@ -417,16 +417,17 @@
-                                        GetCode(fd, code_size, FALSE, ZeroDataBlockP);
-                        return firstcode;
-                } else if (code == end_code) {
-+                       int             maxcount = 1024;
-                        int             count;
-                        unsigned char   buf[260];
- 
-                        if (*ZeroDataBlockP)
-                                return -2;
- 
--                       while ((count = GetDataBlock(fd, buf, ZeroDataBlockP)) > 0)
-+                       while ((count = GetDataBlock(fd, buf, ZeroDataBlockP)) > 0 && --maxcount >= 0)
-                                ;
- 
--                       if (count != 0)
-+                       if (count != 0 || maxcount < 0)
-                        return -2;
-                }
- 
rmfile ./source/lib/gd/gd-2.0.33-secfix.diff
}


More information about the Frugalware-darcs mailing list