diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2012-08-24 07:04:33 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2012-08-24 07:06:45 +0000 |
commit | a12193390ba9fd51010a5f110c7e6fe282c6d751 (patch) | |
tree | 6989b86d919d1462087dafcef67b1bcf71cf36c1 /main | |
parent | e71adbe3083f318ca1aa262ea60853451d8564bc (diff) | |
download | aports-a12193390ba9fd51010a5f110c7e6fe282c6d751.tar.bz2 aports-a12193390ba9fd51010a5f110c7e6fe282c6d751.tar.xz |
main/gimp: upgrade to 2.8.2
Diffstat (limited to 'main')
-rw-r--r-- | main/gimp/APKBUILD | 8 | ||||
-rw-r--r-- | main/gimp/CVE-2012-3236.patch | 38 |
2 files changed, 3 insertions, 43 deletions
diff --git a/main/gimp/APKBUILD b/main/gimp/APKBUILD index 7f8be05442..734c1579e0 100644 --- a/main/gimp/APKBUILD +++ b/main/gimp/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=gimp -pkgver=2.8.0 -pkgrel=2 +pkgver=2.8.2 +pkgrel=0 pkgdesc="GNU Image Manipulation Program" url="http://www.gimp.org/" arch="all" @@ -12,7 +12,6 @@ makedepends="gtk+-dev libxpm-dev libxmu-dev librsvg-dev dbus-glib-dev install= subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" source="ftp://ftp.$pkgname.org/pub/$pkgname/v${pkgver%.*}/$pkgname-$pkgver.tar.bz2 - CVE-2012-3236.patch " _builddir="${srcdir}/${pkgname}-${pkgver}" @@ -52,5 +51,4 @@ package() { find "$pkgdir" -name '*.la' -delete } -md5sums="28997d14055f15db063eb92e1c8a7ebb gimp-2.8.0.tar.bz2 -e01ea100274dbf0557336167933e5404 CVE-2012-3236.patch" +md5sums="b542138820ca3a41cbd63fc331907955 gimp-2.8.2.tar.bz2" diff --git a/main/gimp/CVE-2012-3236.patch b/main/gimp/CVE-2012-3236.patch deleted file mode 100644 index f59d68ebff..0000000000 --- a/main/gimp/CVE-2012-3236.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 0474376d234bc3d0901fd5e86f89d778a6473dd8 Mon Sep 17 00:00:00 2001 -From: Michael Natterer <mitch@gimp.org> -Date: Wed, 06 Jun 2012 19:21:10 +0000 -Subject: Bug 676804 - file handling DoS for fit file format - -Apply patch from joe@reactionis.co.uk which fixes a buffer overflow on -broken/malicious fits files. -(cherry picked from commit ace45631595e8781a1420842582d67160097163c) ---- -diff --git a/plug-ins/file-fits/fits-io.c b/plug-ins/file-fits/fits-io.c -index 03d9652..ed77318 100644 ---- a/plug-ins/file-fits/fits-io.c -+++ b/plug-ins/file-fits/fits-io.c -@@ -1054,10 +1054,18 @@ static FITS_HDU_LIST *fits_decode_header (FITS_RECORD_LIST *hdr, - hdulist->used.simple = (strncmp (hdr->data, "SIMPLE ", 8) == 0); - hdulist->used.xtension = (strncmp (hdr->data, "XTENSION", 8) == 0); - if (hdulist->used.xtension) -- { -- fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring); -- strcpy (hdulist->xtension, fdat->fstring); -- } -+ { -+ fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring); -+ if (fdat != NULL) -+ { -+ strcpy (hdulist->xtension, fdat->fstring); -+ } -+ else -+ { -+ strcpy (errmsg, "No valid XTENSION header found."); -+ goto err_return; -+ } -+ } - - FITS_DECODE_CARD (hdr, "NAXIS", fdat, typ_flong); - hdulist->naxis = fdat->flong; --- -cgit v0.9.0.2 |