aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2016-06-02 07:46:42 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2016-06-02 07:46:42 +0000
commitee7386dfccc758da1707e7e22da5664f8fafc62e (patch)
tree1377e06d336504a566f251b75cdc7f7a332c6f68
parentbb0c450ee6bb7a95291723179e07be9cab71246d (diff)
downloadaports-ee7386dfccc758da1707e7e22da5664f8fafc62e.tar.bz2
aports-ee7386dfccc758da1707e7e22da5664f8fafc62e.tar.xz
main/poppler: security fix (CVE-2015-8868). Fixes #5537
-rw-r--r--main/poppler/APKBUILD15
-rw-r--r--main/poppler/CVE-2015-8868.patch25
2 files changed, 35 insertions, 5 deletions
diff --git a/main/poppler/APKBUILD b/main/poppler/APKBUILD
index 1156819d27..3a3b17001d 100644
--- a/main/poppler/APKBUILD
+++ b/main/poppler/APKBUILD
@@ -5,7 +5,7 @@
# So we build qt support in separate package poppler-qt4
pkgname=poppler
pkgver=0.24.5
-pkgrel=0
+pkgrel=1
pkgdesc="PDF rendering library based on xpdf 3.0"
url="http://poppler.freedesktop.org/"
arch="all"
@@ -16,7 +16,9 @@ makedepends="$depends_dev libjpeg-turbo-dev cairo-dev libxml2-dev
fontconfig-dev libiconv-dev lcms2-dev gobject-introspection-dev"
subpackages="$pkgname-dev $pkgname-doc $pkgname-utils $pkgname-glib
"
-source="http://poppler.freedesktop.org/poppler-$pkgver.tar.xz"
+source="http://poppler.freedesktop.org/poppler-$pkgver.tar.xz
+ CVE-2015-8868.patch
+ "
_builddir="$srcdir/$pkgname-$pkgver"
@@ -71,6 +73,9 @@ _cpp() {
"$subpkgdir"/usr/lib/ || return 1
}
-md5sums="334f2ac95cc8039f2a57fe63e4a81c69 poppler-0.24.5.tar.xz"
-sha256sums="a2654910100c923c44e366242495e226db2798254f2fa2781138867348759f84 poppler-0.24.5.tar.xz"
-sha512sums="dfb40f7d864614f4ad7e8729334931c4b40c48c0dc3d7a8c33b14134cf13c61f8a562cc790a08bee4a43c2c29e587a9d26330437858d465e18ceafd69521250c poppler-0.24.5.tar.xz"
+md5sums="334f2ac95cc8039f2a57fe63e4a81c69 poppler-0.24.5.tar.xz
+f501a21c01e9316856d7c4ed3c78609a CVE-2015-8868.patch"
+sha256sums="a2654910100c923c44e366242495e226db2798254f2fa2781138867348759f84 poppler-0.24.5.tar.xz
+f8d2c4174837c1508b2923fea39042676caf210bd8e44589d54c2062d54672e3 CVE-2015-8868.patch"
+sha512sums="dfb40f7d864614f4ad7e8729334931c4b40c48c0dc3d7a8c33b14134cf13c61f8a562cc790a08bee4a43c2c29e587a9d26330437858d465e18ceafd69521250c poppler-0.24.5.tar.xz
+d50f123c424b20af2285664e545941b6e17c4ff22e2aed5c184362c69d8d623acd26fdeb55a61d01116eebc66d8a7ddcfa1df0b110e0249119766a9efe8cad43 CVE-2015-8868.patch"
diff --git a/main/poppler/CVE-2015-8868.patch b/main/poppler/CVE-2015-8868.patch
new file mode 100644
index 0000000000..99b8cb5cdc
--- /dev/null
+++ b/main/poppler/CVE-2015-8868.patch
@@ -0,0 +1,25 @@
+From b3425dd3261679958cd56c0f71995c15d2124433 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Tue, 22 Dec 2015 22:50:33 +0100
+Subject: Do not crash on invalid files
+
+Bug #93476
+
+diff --git a/poppler/Function.cc b/poppler/Function.cc
+index 67283df..ee5afc1 100644
+--- a/poppler/Function.cc
++++ b/poppler/Function.cc
+@@ -577,6 +577,10 @@ ExponentialFunction::ExponentialFunction(Object *funcObj, Dict *dict) {
+ goto err2;
+ }
+ n = obj1.arrayGetLength();
++ if (unlikely(n > funcMaxOutputs)) {
++ error(errSyntaxError, -1, "Function's C0 array is wrong length");
++ n = funcMaxOutputs;
++ }
+ for (i = 0; i < n; ++i) {
+ obj1.arrayGet(i, &obj2);
+ if (!obj2.isNum()) {
+--
+cgit v0.10.2
+