diff options
| author | Daniel Sabogal <dsabogalcc@gmail.com> | 2017-05-01 00:07:24 -0400 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-05-03 10:00:31 +0000 |
| commit | 5b598aecd1e0174b9debbf49c0eea825b7a50c98 (patch) | |
| tree | cad8c0dd14669c8cef3c6883c27090f3390f6eeb /main/mupdf | |
| parent | 24c4f944adcd54a00ee44ed7942e1aa5b97578e9 (diff) | |
| download | aports-5b598aecd1e0174b9debbf49c0eea825b7a50c98.tar.bz2 aports-5b598aecd1e0174b9debbf49c0eea825b7a50c98.tar.xz | |
main/mupdf: security fix for CVE-2017-6060
Diffstat (limited to 'main/mupdf')
| -rw-r--r-- | main/mupdf/APKBUILD | 8 | ||||
| -rw-r--r-- | main/mupdf/CVE-2017-6060.patch | 41 |
2 files changed, 47 insertions, 2 deletions
diff --git a/main/mupdf/APKBUILD b/main/mupdf/APKBUILD index b98896dd7c..d6c76afd88 100644 --- a/main/mupdf/APKBUILD +++ b/main/mupdf/APKBUILD @@ -3,7 +3,7 @@ # Maintainer: Daniel Sabogal <dsabogalcc@gmail.com> pkgname=mupdf pkgver=1.11 -pkgrel=0 +pkgrel=1 pkgdesc="A lightweight PDF and XPS viewer" url="http://mupdf.com" arch="all" @@ -17,9 +17,12 @@ options="!check" source="http://mupdf.com/downloads/archive/$pkgname-$pkgver-source.tar.gz shared-lib.patch openjpeg-2.1.patch + CVE-2017-6060.patch " # secfixes: +# 1.11-r1: +# - CVE-2017-6060 # 1.10a-r2: # - CVE-2017-5991 # 1.10a-r1: @@ -84,4 +87,5 @@ _tools() { sha512sums="501670f540e298a8126806ebbd9db8b29866f663b7bbf26c9ade1933e42f0c00ad410b9d93f3ddbfb3e45c38722869095de28d832fe3fb3703c55cc9a01dbf63 mupdf-1.11-source.tar.gz b3ddbc22da894a8b9a0fa0c93711e2052b5d2ca29497473b6e15ffbae52faaafff9238619680de474c455ebd073c2d29ead4ff5d962fddb99f7ced27057fa77f shared-lib.patch -f8283db9a510527e84afeeb6eea89948161899c149a559c4a699c533445b42f30e5bf520616ca69d7feb554529ad494a60c276a1eecc915723ec0f264bbc0ed0 openjpeg-2.1.patch" +f8283db9a510527e84afeeb6eea89948161899c149a559c4a699c533445b42f30e5bf520616ca69d7feb554529ad494a60c276a1eecc915723ec0f264bbc0ed0 openjpeg-2.1.patch +3e3f34e448967acb7772365065234c313cb014ebe6e3c3b3bcdbed2242b32ee5589ecd749d06fb4cd5f406eb37ca431e369c96b9adb3b5367d2e5296f1ca983e CVE-2017-6060.patch" diff --git a/main/mupdf/CVE-2017-6060.patch b/main/mupdf/CVE-2017-6060.patch new file mode 100644 index 0000000000..cc03f6106b --- /dev/null +++ b/main/mupdf/CVE-2017-6060.patch @@ -0,0 +1,41 @@ +squashed commits: +06a012a42c9884e3cd653e7826cff1ddec04eb6e +e089b2e2c1d38c5696c7dfd741e21f8f3ef22b14 + +From 05cb7595b61aa00a29f1609b75d280b589091356 Mon Sep 17 00:00:00 2001 +From: Sebastian Rasmussen <sebras@gmail.com> +Date: Tue, 11 Apr 2017 10:54:12 +0800 +Subject: [PATCH] Bug 697551: Make path and line buffers of equal size. + +Previously a too long line could be copied into the too short path buffer. + +jstest: Stop printing bogus script lines. +--- + platform/x11/jstest_main.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/platform/x11/jstest_main.c b/platform/x11/jstest_main.c +index 13c3a0a3..36b32155 100644 +--- a/platform/x11/jstest_main.c ++++ b/platform/x11/jstest_main.c +@@ -346,7 +346,7 @@ main(int argc, char *argv[]) + } + else if (match(&line, "OPEN")) + { +- char path[1024]; ++ char path[LONGLINE]; + if (file_open) + pdfapp_close(&gapp); + if (prefix) +@@ -402,7 +402,7 @@ main(int argc, char *argv[]) + } + else + { +- fprintf(stderr, "Unmatched: %s\n", line); ++ fprintf(stderr, "Ignoring line without script statement.\n"); + } + } + while (!feof(script)); +-- +2.12.2 + |