diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2012-11-05 14:57:31 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2012-11-05 14:57:31 +0000 |
| commit | 4c4a1e42e1f2a126e50259f639ea0ed8d038e71e (patch) | |
| tree | e9d5950f60301aa1602348986907b7a6a2349d9d /main/ghostscript | |
| parent | d2390d6b7b42530de318fbede75fa502b1c0539f (diff) | |
| download | aports-4c4a1e42e1f2a126e50259f639ea0ed8d038e71e.tar.bz2 aports-4c4a1e42e1f2a126e50259f639ea0ed8d038e71e.tar.xz | |
main/ghostscript: fix CVE-2012-4405
fixes #1427
Diffstat (limited to 'main/ghostscript')
| -rw-r--r-- | main/ghostscript/APKBUILD | 14 | ||||
| -rw-r--r-- | main/ghostscript/CVE-2012-4405.patch | 15 |
2 files changed, 26 insertions, 3 deletions
diff --git a/main/ghostscript/APKBUILD b/main/ghostscript/APKBUILD index a06102733c..ebc8f1e63c 100644 --- a/main/ghostscript/APKBUILD +++ b/main/ghostscript/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Cameron Banta <cbanta@gmail.com> pkgname=ghostscript pkgver=9.06 -pkgrel=1 +pkgrel=2 pkgdesc="An interpreter for the PostScript language and for PDF" url="http://ghostscript.com/" arch="all" @@ -11,12 +11,19 @@ makedepends="autoconf automake jpeg-dev libpng-dev jasper-dev expat-dev zlib-dev tiff-dev freetype-dev libiconv-dev lcms-dev gtk+3.0-dev libtool" subpackages="$pkgname-doc $pkgname-dev $pkgname-gtk" -source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz" +patches="CVE-2012-4405.patch" +source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz + $patches" _builddir="$srcdir/ghostscript-$pkgver" prepare() { cd "$_builddir" + for i in $patches; do + msg $i + patch -p1 -i "$srcdir"/$i || return 1 + done + # force it to use system-libs rm -rf jpeg libpng zlib jasper expat tiff lcms cups/libs @@ -84,4 +91,5 @@ gtk() { mv "$pkgdir"/usr/bin/gsx "$subpkgdir"/usr/bin/ } -md5sums="153ddb0622cb155d2f600146f1e28d84 ghostscript-9.06.tar.gz" +md5sums="153ddb0622cb155d2f600146f1e28d84 ghostscript-9.06.tar.gz +9b77fb067f77c15116bd9c5b2ab58805 CVE-2012-4405.patch" diff --git a/main/ghostscript/CVE-2012-4405.patch b/main/ghostscript/CVE-2012-4405.patch new file mode 100644 index 0000000000..a589992aee --- /dev/null +++ b/main/ghostscript/CVE-2012-4405.patch @@ -0,0 +1,15 @@ +--- ./icclib/icc.c.orig ++++ ./icclib/icc.c +@@ -4996,6 +4996,11 @@ + p->clutPoints = read_UInt8Number(bp+10); + + /* Sanity check */ ++ if (p->inputChan < 1) { ++ sprintf(icp->err,"icmLut_read: No input channels!"); ++ return icp->errc = 1; ++ } ++ + if (p->inputChan > MAX_CHAN) { + sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN); + return icp->errc = 1; + |