aboutsummaryrefslogtreecommitdiffstats
path: root/main
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2012-11-05 14:57:31 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2012-11-05 14:57:31 +0000
commit4c4a1e42e1f2a126e50259f639ea0ed8d038e71e (patch)
treee9d5950f60301aa1602348986907b7a6a2349d9d /main
parentd2390d6b7b42530de318fbede75fa502b1c0539f (diff)
downloadaports-4c4a1e42e1f2a126e50259f639ea0ed8d038e71e.tar.bz2
aports-4c4a1e42e1f2a126e50259f639ea0ed8d038e71e.tar.xz
main/ghostscript: fix CVE-2012-4405
fixes #1427
Diffstat (limited to 'main')
-rw-r--r--main/ghostscript/APKBUILD14
-rw-r--r--main/ghostscript/CVE-2012-4405.patch15
2 files changed, 26 insertions, 3 deletions
diff --git a/main/ghostscript/APKBUILD b/main/ghostscript/APKBUILD
index a06102733..ebc8f1e63 100644
--- a/main/ghostscript/APKBUILD
+++ b/main/ghostscript/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Cameron Banta <cbanta@gmail.com>
pkgname=ghostscript
pkgver=9.06
-pkgrel=1
+pkgrel=2
pkgdesc="An interpreter for the PostScript language and for PDF"
url="http://ghostscript.com/"
arch="all"
@@ -11,12 +11,19 @@ makedepends="autoconf automake jpeg-dev libpng-dev jasper-dev expat-dev
zlib-dev tiff-dev freetype-dev libiconv-dev lcms-dev gtk+3.0-dev
libtool"
subpackages="$pkgname-doc $pkgname-dev $pkgname-gtk"
-source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz"
+patches="CVE-2012-4405.patch"
+source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz
+ $patches"
_builddir="$srcdir/ghostscript-$pkgver"
prepare() {
cd "$_builddir"
+ for i in $patches; do
+ msg $i
+ patch -p1 -i "$srcdir"/$i || return 1
+ done
+
# force it to use system-libs
rm -rf jpeg libpng zlib jasper expat tiff lcms cups/libs
@@ -84,4 +91,5 @@ gtk() {
mv "$pkgdir"/usr/bin/gsx "$subpkgdir"/usr/bin/
}
-md5sums="153ddb0622cb155d2f600146f1e28d84 ghostscript-9.06.tar.gz"
+md5sums="153ddb0622cb155d2f600146f1e28d84 ghostscript-9.06.tar.gz
+9b77fb067f77c15116bd9c5b2ab58805 CVE-2012-4405.patch"
diff --git a/main/ghostscript/CVE-2012-4405.patch b/main/ghostscript/CVE-2012-4405.patch
new file mode 100644
index 000000000..a589992ae
--- /dev/null
+++ b/main/ghostscript/CVE-2012-4405.patch
@@ -0,0 +1,15 @@
+--- ./icclib/icc.c.orig
++++ ./icclib/icc.c
+@@ -4996,6 +4996,11 @@
+ p->clutPoints = read_UInt8Number(bp+10);
+
+ /* Sanity check */
++ if (p->inputChan < 1) {
++ sprintf(icp->err,"icmLut_read: No input channels!");
++ return icp->errc = 1;
++ }
++
+ if (p->inputChan > MAX_CHAN) {
+ sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN);
+ return icp->errc = 1;
+