main/ghostscript: upgrade to 9.06 and fix CVE-2012-4405

fixes #1564
author: Natanael Copa <ncopa@alpinelinux.org> 2012-11-05 14:57:31 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2013-01-17 16:00:55 +0000
commit: f2e91c10d670b6976c938af80d07d60ad0ed3193 (patch)
tree: 706dcae6dda205ef13923549b0c88261069f7610
parent: eda2e96a21e8586530375f6ef00d01bff0a8519b (diff)
download: aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.bz2
aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.xz
2 files changed, 27 insertions, 2 deletions
diff --git a/main/ghostscript/APKBUILD b/main/ghostscript/APKBUILD
index d6abc5c38d..0d24b13fcd 100644
--- a/main/ghostscript/APKBUILD
+++ b/main/ghostscript/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Cameron Banta <cbanta@gmail.com>
 # Maintainer: Cameron Banta <cbanta@gmail.com>
 pkgname=ghostscript
-pkgver=9.04
+pkgver=9.06
 pkgrel=0
 pkgdesc="An interpreter for the PostScript language and for PDF"
 url="http://ghostscript.com/"
@@ -11,10 +11,19 @@ makedepends="autoconf automake jpeg-dev libpng-dev jasper-dev expat-dev zlib-dev
              freetype-dev libiconv-dev lcms-dev"
 subpackages="$pkgname-doc $pkgname-dev"
 source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz"
+subpackages="$pkgname-doc $pkgname-dev"
+patches="CVE-2012-4405.patch"
+source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz
+	$patches"
 
 prepare() {
 	cd "$srcdir/$pkgname-$pkgver"
 
+	for i in $patches; do
+		msg $i
+		patch -p1 -i "$srcdir"/$i || return 1
+	done
+
 	# force it to use system-libs
 	rm -rf jpeg libpng zlib jasper expat tiff lcms
 
@@ -65,4 +74,5 @@ package() {
 	mv "$pkgdir/usr/share/$pkgname/$pkgver/examples" "$pkgdir/usr/share/doc/$pkgname"
 }
 
-md5sums="9c2fb4af1eb609d09dba5bb0fa76173a  ghostscript-9.04.tar.gz"
+md5sums="153ddb0622cb155d2f600146f1e28d84  ghostscript-9.06.tar.gz
+9b77fb067f77c15116bd9c5b2ab58805  CVE-2012-4405.patch"
diff --git a/main/ghostscript/CVE-2012-4405.patch b/main/ghostscript/CVE-2012-4405.patch
new file mode 100644
index 0000000000..a589992aee
--- /dev/null
+++ b/main/ghostscript/CVE-2012-4405.patch
@@ -0,0 +1,15 @@
+--- ./icclib/icc.c.orig
++++ ./icclib/icc.c
+@@ -4996,6 +4996,11 @@
+         p->clutPoints = read_UInt8Number(bp+10);
+ 
+         /* Sanity check */
++	if (p->inputChan < 1) {
++		sprintf(icp->err,"icmLut_read: No input channels!");
++		return icp->errc = 1;
++	}
++
+         if (p->inputChan > MAX_CHAN) {
+                 sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN);
+                 return icp->errc = 1;
+
author	Natanael Copa <ncopa@alpinelinux.org>	2012-11-05 14:57:31 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2013-01-17 16:00:55 +0000
commit	f2e91c10d670b6976c938af80d07d60ad0ed3193 (patch)
tree	706dcae6dda205ef13923549b0c88261069f7610
parent	eda2e96a21e8586530375f6ef00d01bff0a8519b (diff)
download	aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.bz2 aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.xz