diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2012-11-05 14:57:31 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-01-17 16:00:55 +0000 |
commit | f2e91c10d670b6976c938af80d07d60ad0ed3193 (patch) | |
tree | 706dcae6dda205ef13923549b0c88261069f7610 | |
parent | eda2e96a21e8586530375f6ef00d01bff0a8519b (diff) | |
download | aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.bz2 aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.xz |
main/ghostscript: upgrade to 9.06 and fix CVE-2012-4405
fixes #1564
-rw-r--r-- | main/ghostscript/APKBUILD | 14 | ||||
-rw-r--r-- | main/ghostscript/CVE-2012-4405.patch | 15 |
2 files changed, 27 insertions, 2 deletions
diff --git a/main/ghostscript/APKBUILD b/main/ghostscript/APKBUILD index d6abc5c38d..0d24b13fcd 100644 --- a/main/ghostscript/APKBUILD +++ b/main/ghostscript/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Cameron Banta <cbanta@gmail.com> # Maintainer: Cameron Banta <cbanta@gmail.com> pkgname=ghostscript -pkgver=9.04 +pkgver=9.06 pkgrel=0 pkgdesc="An interpreter for the PostScript language and for PDF" url="http://ghostscript.com/" @@ -11,10 +11,19 @@ makedepends="autoconf automake jpeg-dev libpng-dev jasper-dev expat-dev zlib-dev freetype-dev libiconv-dev lcms-dev" subpackages="$pkgname-doc $pkgname-dev" source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz" +subpackages="$pkgname-doc $pkgname-dev" +patches="CVE-2012-4405.patch" +source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz + $patches" prepare() { cd "$srcdir/$pkgname-$pkgver" + for i in $patches; do + msg $i + patch -p1 -i "$srcdir"/$i || return 1 + done + # force it to use system-libs rm -rf jpeg libpng zlib jasper expat tiff lcms @@ -65,4 +74,5 @@ package() { mv "$pkgdir/usr/share/$pkgname/$pkgver/examples" "$pkgdir/usr/share/doc/$pkgname" } -md5sums="9c2fb4af1eb609d09dba5bb0fa76173a ghostscript-9.04.tar.gz" +md5sums="153ddb0622cb155d2f600146f1e28d84 ghostscript-9.06.tar.gz +9b77fb067f77c15116bd9c5b2ab58805 CVE-2012-4405.patch" diff --git a/main/ghostscript/CVE-2012-4405.patch b/main/ghostscript/CVE-2012-4405.patch new file mode 100644 index 0000000000..a589992aee --- /dev/null +++ b/main/ghostscript/CVE-2012-4405.patch @@ -0,0 +1,15 @@ +--- ./icclib/icc.c.orig ++++ ./icclib/icc.c +@@ -4996,6 +4996,11 @@ + p->clutPoints = read_UInt8Number(bp+10); + + /* Sanity check */ ++ if (p->inputChan < 1) { ++ sprintf(icp->err,"icmLut_read: No input channels!"); ++ return icp->errc = 1; ++ } ++ + if (p->inputChan > MAX_CHAN) { + sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN); + return icp->errc = 1; + |