[subversion-commit] SVN tetex commit + diffs: r384 - in
tetex-bin/trunk/debian: . patches
Frank Küster
frank at costa.debian.org
Thu Dec 8 12:13:32 UTC 2005
Author: frank
Date: 2005-12-08 12:13:31 +0000 (Thu, 08 Dec 2005)
New Revision: 384
Modified:
tetex-bin/trunk/debian/changelog
tetex-bin/trunk/debian/patches/patch-CVE-2005-3191+2+3
Log:
correct patch for xpdf vulnerability
Modified: tetex-bin/trunk/debian/changelog
===================================================================
--- tetex-bin/trunk/debian/changelog 2005-12-08 08:47:02 UTC (rev 383)
+++ tetex-bin/trunk/debian/changelog 2005-12-08 12:13:31 UTC (rev 384)
@@ -1,3 +1,11 @@
+tetex-bin (3.0-11.1) unstable; urgency=low
+
+ * The patch for the security fix in the last upload was not complete, I
+ hope it's correct now - many thanks to Martin Pitt
+ <martin.pitt at canonical.com> [frank]
+
+ -- Frank Küster <frank at debian.org> Thu, 8 Dec 2005 13:13:45 +0100
+
tetex-bin (3.0-11) unstable; urgency=high
* Apply xpdf patch 3.01pl1 to fix vulnerabilities in the included xpdf
Modified: tetex-bin/trunk/debian/patches/patch-CVE-2005-3191+2+3
===================================================================
--- tetex-bin/trunk/debian/patches/patch-CVE-2005-3191+2+3 2005-12-08 08:47:02 UTC (rev 383)
+++ tetex-bin/trunk/debian/patches/patch-CVE-2005-3191+2+3 2005-12-08 12:13:31 UTC (rev 384)
@@ -1,7 +1,7 @@
Index: tetex-bin-3.0/libs/xpdf/xpdf/Stream.h
===================================================================
---- tetex-bin-3.0.orig/libs/xpdf/xpdf/Stream.h 2005-12-07 13:48:05.000000000 +0100
-+++ tetex-bin-3.0/libs/xpdf/xpdf/Stream.h 2005-12-07 14:07:25.000000000 +0100
+--- tetex-bin-3.0.orig/libs/xpdf/xpdf/Stream.h 2005-12-07 14:10:04.000000000 +0100
++++ tetex-bin-3.0/libs/xpdf/xpdf/Stream.h 2005-12-08 13:09:27.000000000 +0100
@@ -233,6 +233,8 @@
~StreamPredictor();
@@ -21,8 +21,8 @@
//------------------------------------------------------------------------
Index: tetex-bin-3.0/libs/xpdf/xpdf/Stream.cc
===================================================================
---- tetex-bin-3.0.orig/libs/xpdf/xpdf/Stream.cc 2005-12-07 13:48:05.000000000 +0100
-+++ tetex-bin-3.0/libs/xpdf/xpdf/Stream.cc 2005-12-07 14:07:25.000000000 +0100
+--- tetex-bin-3.0.orig/libs/xpdf/xpdf/Stream.cc 2005-12-07 14:10:04.000000000 +0100
++++ tetex-bin-3.0/libs/xpdf/xpdf/Stream.cc 2005-12-08 13:11:14.000000000 +0100
@@ -407,18 +407,33 @@
StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
@@ -69,7 +69,7 @@
} else {
pred = NULL;
}
-@@ -2897,6 +2916,14 @@
+@@ -2897,6 +2916,10 @@
height = read16();
width = read16();
numComps = str->getChar();
@@ -77,6 +77,13 @@
+ error(getPos(), "Bad number of components in DCT stream", prec);
+ return gFalse;
+ }
+ if (prec != 8) {
+ error(getPos(), "Bad DCT precision %d", prec);
+ return gFalse;
+@@ -2923,6 +2946,10 @@
+ height = read16();
+ width = read16();
+ numComps = str->getChar();
+ if (numComps <= 0 || numComps > 4) {
+ error(getPos(), "Bad number of components in DCT stream", prec);
+ return gFalse;
@@ -97,8 +104,8 @@
}
Index: tetex-bin-3.0/libs/xpdf/xpdf/JPXStream.cc
===================================================================
---- tetex-bin-3.0.orig/libs/xpdf/xpdf/JPXStream.cc 2005-12-07 13:48:05.000000000 +0100
-+++ tetex-bin-3.0/libs/xpdf/xpdf/JPXStream.cc 2005-12-07 14:09:40.000000000 +0100
+--- tetex-bin-3.0.orig/libs/xpdf/xpdf/JPXStream.cc 2005-12-07 14:10:04.000000000 +0100
++++ tetex-bin-3.0/libs/xpdf/xpdf/JPXStream.cc 2005-12-08 13:09:27.000000000 +0100
@@ -666,7 +666,7 @@
int segType;
GBool haveSIZ, haveCOD, haveQCD, haveSOT;
More information about the Pkg-tetex-commits
mailing list