diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-18 09:16:09 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-18 09:16:09 +0000 |
commit | 31a7d0b0da6860482019514690b7d121980e5fb5 (patch) | |
tree | a74f25578ac8d7172a9d5b7ac101317e699fdab4 | |
parent | 57891484d139952b27f898bb87e79a2ea73261bb (diff) | |
download | aports-31a7d0b0da6860482019514690b7d121980e5fb5.tar.bz2 aports-31a7d0b0da6860482019514690b7d121980e5fb5.tar.xz |
main/ghostscript: upgrade to 9.06 and fix CVE-2012-4405
fixes #1566
-rw-r--r-- | main/ghostscript/APKBUILD | 21 | ||||
-rw-r--r-- | main/ghostscript/CVE-2012-4405.patch | 15 |
2 files changed, 27 insertions, 9 deletions
diff --git a/main/ghostscript/APKBUILD b/main/ghostscript/APKBUILD index 7674f26681..283777d079 100644 --- a/main/ghostscript/APKBUILD +++ b/main/ghostscript/APKBUILD @@ -1,26 +1,29 @@ # Contributor: Cameron Banta <cbanta@gmail.com> # Maintainer: Cameron Banta <cbanta@gmail.com> pkgname=ghostscript -pkgver=9.00 -pkgrel=1 +pkgver=9.06 +pkgrel=0 pkgdesc="An interpreter for the PostScript language and for PDF" url="http://ghostscript.com/" arch="all" license="GPL" makedepends="autoconf automake jpeg-dev libpng-dev jasper-dev expat-dev zlib-dev tiff-dev libiconv-dev" subpackages="$pkgname-doc $pkgname-dev" -source="http://ghostscript.com/releases/$pkgname-$pkgver.tar.gz - ghostscript-system-jasper.patch" +patches="CVE-2012-4405.patch" +source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz + $patches" prepare() { cd "$srcdir/$pkgname-$pkgver" + for i in $patches; do + msg $i + patch -p1 -i "$srcdir"/$i || return 1 + done + # force it to use system-libs rm -rf jpeg libpng jasper expat tiff zlib - # fix build with systems jasper - patch -Np1 -i "${srcdir}"/ghostscript-system-jasper.patch || return 1 - # fix parallel builds sed -i -e 's/ECHO_XE/ECHOGS_XE/g' \ -e 's/^\($(GLOBJ)md5.$(OBJ) :.*\)/\1 $(ECHOGS_XE)/' \ @@ -68,5 +71,5 @@ package() { mv "$pkgdir/usr/share/$pkgname/$pkgver/examples" "$pkgdir/usr/share/doc/$pkgname" } -md5sums="a402462478b4cdda3e1816899227b845 ghostscript-9.00.tar.gz -f5bc029b0ed05ac8d602bff0e1c021bd ghostscript-system-jasper.patch" +md5sums="153ddb0622cb155d2f600146f1e28d84 ghostscript-9.06.tar.gz +9b77fb067f77c15116bd9c5b2ab58805 CVE-2012-4405.patch" diff --git a/main/ghostscript/CVE-2012-4405.patch b/main/ghostscript/CVE-2012-4405.patch new file mode 100644 index 0000000000..a589992aee --- /dev/null +++ b/main/ghostscript/CVE-2012-4405.patch @@ -0,0 +1,15 @@ +--- ./icclib/icc.c.orig ++++ ./icclib/icc.c +@@ -4996,6 +4996,11 @@ + p->clutPoints = read_UInt8Number(bp+10); + + /* Sanity check */ ++ if (p->inputChan < 1) { ++ sprintf(icp->err,"icmLut_read: No input channels!"); ++ return icp->errc = 1; ++ } ++ + if (p->inputChan > MAX_CHAN) { + sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN); + return icp->errc = 1; + |