[Pkg-kde-commits] rev 367 - in trunk/packages/kdegraphics/debian: . patches
Adeodato Sim??
dato-guest@haydn.debian.org
Thu, 30 Dec 2004 08:36:50 -0700
Author: dato-guest
Date: 2004-12-30 08:36:13 -0700 (Thu, 30 Dec 2004)
New Revision: 367
Added:
trunk/packages/kdegraphics/debian/patches/12_fix-CAN-2004-1125.diff
Modified:
trunk/packages/kdegraphics/debian/changelog
trunk/packages/kdegraphics/debian/control
Log:
Commited kdegraphics 3.3.1-2 packaging.
NOTE: the changelog is in iso-8859-1, not utf-8.
Modified: trunk/packages/kdegraphics/debian/changelog
===================================================================
--- trunk/packages/kdegraphics/debian/changelog 2004-12-23 07:24:17 UTC (rev 366)
+++ trunk/packages/kdegraphics/debian/changelog 2004-12-30 15:36:13 UTC (rev 367)
@@ -1,3 +1,12 @@
+kdegraphics (4:3.3.1-2) unstable; urgency=high
+
+ * Upload to fix security vulnerability "kpdf Buffer Overflow Vulnerability".
+ As per CAN-2004-1125, the xpdf codebase contains a buffer overflow that
+ can be triggered by a specially crafted PDF file, and remotely supplied
+ pdf files could be used to execute arbitrary code on the client machine.
+
+ -- Adeodato Simó <asp16@alu.ua.es> Thu, 23 Dec 2004 08:35:23 +0100
+
kdegraphics (4:3.3.1-1) unstable; urgency=low
* New upstream release.
Modified: trunk/packages/kdegraphics/debian/control
===================================================================
--- trunk/packages/kdegraphics/debian/control 2004-12-23 07:24:17 UTC (rev 366)
+++ trunk/packages/kdegraphics/debian/control 2004-12-30 15:36:13 UTC (rev 367)
@@ -2,7 +2,7 @@
Section: kde
Priority: optional
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
-Uploaders: Christopher L Cheney <ccheney@debian.org>
+Uploaders: Christopher L Cheney <ccheney@debian.org>, Adeodato Simó <asp16@alu.ua.es>
Build-Depends: automake1.9, debhelper (>> 4.2.0), gawk, gettext, imlib11-dev, kdelibs4-dev (>> 4:3.3.0), libexif-dev, libfribidi-dev, libglut3-dev, libgphoto2-2-dev, libgtk1.2-dev, libopenexr-dev (>= 1.2.1), libpaper-dev, libsane-dev, libtiff4-dev, libtiff-tools, libusb-dev, sharutils, tetex-bin, texinfo, xlibs-static-pic, xpdf-utils
Standards-Version: 3.6.1.0
Added: trunk/packages/kdegraphics/debian/patches/12_fix-CAN-2004-1125.diff
===================================================================
--- trunk/packages/kdegraphics/debian/patches/12_fix-CAN-2004-1125.diff 2004-12-23 07:24:17 UTC (rev 366)
+++ trunk/packages/kdegraphics/debian/patches/12_fix-CAN-2004-1125.diff 2004-12-30 15:36:13 UTC (rev 367)
@@ -0,0 +1,38 @@
+diff -b -p -u -r1.4.4.1 -r1.4.4.2
+--- kdegraphics-orig/kpdf/xpdf/Gfx.cc 2 Sep 2004 21:30:18 -0000 1.4.4.1
++++ kdegraphics-patched/kpdf/xpdf/Gfx.cc 22 Dec 2004 12:05:50 -0000 1.4.4.2
+@@ -2654,7 +2654,9 @@ void Gfx::doImage(Object *ref, Stream *s
+ haveMask = gFalse;
+ dict->lookup("Mask", &maskObj);
+ if (maskObj.isArray()) {
+- for (i = 0; i < maskObj.arrayGetLength(); ++i) {
++ for (i = 0;
++ i < maskObj.arrayGetLength() && i < 2*gfxColorMaxComps;
++ ++i) {
+ maskObj.arrayGet(i, &obj1);
+ maskColors[i] = obj1.getInt();
+ obj1.free();
+diff -b -p -u -r1.3.4.1 -r1.3.4.2
+--- kdegraphics-orig/kpdf/xpdf/GfxState.cc 2 Sep 2004 21:30:18 -0000 1.3.4.1
++++ kdegraphics-patched/kpdf/xpdf/GfxState.cc 22 Dec 2004 12:05:50 -0000 1.3.4.2
+@@ -708,6 +708,11 @@ GfxColorSpace *GfxICCBasedColorSpace::pa
+ }
+ nCompsA = obj2.getInt();
+ obj2.free();
++ if (nCompsA > gfxColorMaxComps) {
++ error(-1, "ICCBased color space with too many (%d > %d) components",
++ nCompsA, gfxColorMaxComps);
++ nCompsA = gfxColorMaxComps;
++ }
+ if (dict->lookup("Alternate", &obj2)->isNull() ||
+ !(altA = GfxColorSpace::parse(&obj2))) {
+ switch (nCompsA) {
+@@ -1054,7 +1059,7 @@ GfxColorSpace *GfxDeviceNColorSpace::par
+ }
+ nCompsA = obj1.arrayGetLength();
+ if (nCompsA > gfxColorMaxComps) {
+- error(-1, "DeviceN color space with more than %d > %d components",
++ error(-1, "DeviceN color space with too many (%d > %d) components",
+ nCompsA, gfxColorMaxComps);
+ nCompsA = gfxColorMaxComps;
+ }