main/ghostscript: upgrade to 9.06 and fix CVE-2012-4405

fixes #1564
author: Natanael Copa <ncopa@alpinelinux.org> 2012-11-05 14:57:31 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2013-01-17 16:00:55 +0000
commit: f2e91c10d670b6976c938af80d07d60ad0ed3193 (patch)
tree: 706dcae6dda205ef13923549b0c88261069f7610
parent: eda2e96a21e8586530375f6ef00d01bff0a8519b (diff)
download: alpine_aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.bz2
alpine_aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.xz
alpine_aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.zip
2 files changed, 27 insertions, 2 deletions
diff --git a/main/ghostscript/APKBUILD b/main/ghostscript/APKBUILD
index d6abc5c38d..0d24b13fcd 100644
--- a/main/ghostscript/APKBUILD
+++ b/main/ghostscript/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Cameron Banta <cbanta@gmail.com>
 # Maintainer: Cameron Banta <cbanta@gmail.com>
 pkgname=ghostscript
-pkgver=9.04
+pkgver=9.06
 pkgrel=0
 pkgdesc="An interpreter for the PostScript language and for PDF"
 url="http://ghostscript.com/"
@@ -11,10 +11,19 @@ makedepends="autoconf automake jpeg-dev libpng-dev jasper-dev expat-dev zlib-dev
             freetype-dev libiconv-dev lcms-dev"
 subpackages="$pkgname-doc $pkgname-dev"
 source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz"
+subpackages="$pkgname-doc $pkgname-dev"
+patches="CVE-2012-4405.patch"
+source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz
+        $patches"
 prepare() {
        cd "$srcdir/$pkgname-$pkgver"
+        for i in $patches; do
+                msg $i
+                patch -p1 -i "$srcdir"/$i || return 1
+        done
        # force it to use system-libs
        rm -rf jpeg libpng zlib jasper expat tiff lcms
@@ -65,4 +74,5 @@ package() {
        mv "$pkgdir/usr/share/$pkgname/$pkgver/examples" "$pkgdir/usr/share/doc/$pkgname"
 }
-md5sums="9c2fb4af1eb609d09dba5bb0fa76173a  ghostscript-9.04.tar.gz"
+md5sums="153ddb0622cb155d2f600146f1e28d84  ghostscript-9.06.tar.gz
+9b77fb067f77c15116bd9c5b2ab58805  CVE-2012-4405.patch"
diff --git a/main/ghostscript/CVE-2012-4405.patch b/main/ghostscript/CVE-2012-4405.patch
new file mode 100644
index 0000000000..a589992aee
--- /dev/null
+++ b/main/ghostscript/CVE-2012-4405.patch
@@ -0,0 +1,15 @@
+--- ./icclib/icc.c.orig
+++ ./icclib/icc.c
+@@ -4996,6 +4996,11 @@
+         p->clutPoints = read_UInt8Number(bp+10);
+ 
+         /* Sanity check */
+       if (p->inputChan < 1) {
+               sprintf(icp->err,"icmLut_read: No input channels!");
+               return icp->errc = 1;
+       }
+
+         if (p->inputChan > MAX_CHAN) {
+                 sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN);
+                 return icp->errc = 1;
author	Natanael Copa <ncopa@alpinelinux.org>	2012-11-05 14:57:31 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2013-01-17 16:00:55 +0000
commit	f2e91c10d670b6976c938af80d07d60ad0ed3193 (patch)
tree	706dcae6dda205ef13923549b0c88261069f7610
parent	eda2e96a21e8586530375f6ef00d01bff0a8519b (diff)
download	alpine_aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.bz2 alpine_aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.tar.xz alpine_aports-f2e91c10d670b6976c938af80d07d60ad0ed3193.zip

diff --git a/main/ghostscript/APKBUILD b/main/ghostscript/APKBUILD index d6abc5c38d..0d24b13fcd 100644 --- a/main/ghostscript/APKBUILD +++ b/main/ghostscript/APKBUILD
@@ -1,7 +1,7 @@
1	# Contributor: Cameron Banta <cbanta@gmail.com>	1	# Contributor: Cameron Banta <cbanta@gmail.com>
2	# Maintainer: Cameron Banta <cbanta@gmail.com>	2	# Maintainer: Cameron Banta <cbanta@gmail.com>
3	pkgname=ghostscript	3	pkgname=ghostscript
4	pkgver=9.04	4	pkgver=9.06
5	pkgrel=0	5	pkgrel=0
6	pkgdesc="An interpreter for the PostScript language and for PDF"	6	pkgdesc="An interpreter for the PostScript language and for PDF"
7	url="http://ghostscript.com/"	7	url="http://ghostscript.com/"
@@ -11,10 +11,19 @@ makedepends="autoconf automake jpeg-dev libpng-dev jasper-dev expat-dev zlib-dev
11	freetype-dev libiconv-dev lcms-dev"	11	freetype-dev libiconv-dev lcms-dev"
12	subpackages="$pkgname-doc $pkgname-dev"	12	subpackages="$pkgname-doc $pkgname-dev"
13	source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz"	13	source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz"
		14	subpackages="$pkgname-doc $pkgname-dev"
		15	patches="CVE-2012-4405.patch"
		16	source="http://downloads.ghostscript.com/public/$pkgname-$pkgver.tar.gz
		17	$patches"
14		18
15	prepare() {	19	prepare() {
16	cd "$srcdir/$pkgname-$pkgver"	20	cd "$srcdir/$pkgname-$pkgver"
17		21
		22	for i in $patches; do
		23	msg $i
		24	patch -p1 -i "$srcdir"/$i \|\| return 1
		25	done
		26
18	# force it to use system-libs	27	# force it to use system-libs
19	rm -rf jpeg libpng zlib jasper expat tiff lcms	28	rm -rf jpeg libpng zlib jasper expat tiff lcms
20		29
@@ -65,4 +74,5 @@ package() {
65	mv "$pkgdir/usr/share/$pkgname/$pkgver/examples" "$pkgdir/usr/share/doc/$pkgname"	74	mv "$pkgdir/usr/share/$pkgname/$pkgver/examples" "$pkgdir/usr/share/doc/$pkgname"
66	}	75	}
67		76
68	md5sums="9c2fb4af1eb609d09dba5bb0fa76173a ghostscript-9.04.tar.gz"	77	md5sums="153ddb0622cb155d2f600146f1e28d84 ghostscript-9.06.tar.gz
		78	9b77fb067f77c15116bd9c5b2ab58805 CVE-2012-4405.patch"


diff --git a/main/ghostscript/CVE-2012-4405.patch b/main/ghostscript/CVE-2012-4405.patch new file mode 100644 index 0000000000..a589992aee --- /dev/null +++ b/main/ghostscript/CVE-2012-4405.patch
@@ -0,0 +1,15 @@
		1	--- ./icclib/icc.c.orig
		2	+++ ./icclib/icc.c
		3	@@ -4996,6 +4996,11 @@
		4	p->clutPoints = read_UInt8Number(bp+10);
		5
		6	/* Sanity check */
		7	+ if (p->inputChan < 1) {
		8	+ sprintf(icp->err,"icmLut_read: No input channels!");
		9	+ return icp->errc = 1;
		10	+ }
		11	+
		12	if (p->inputChan > MAX_CHAN) {
		13	sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN);
		14	return icp->errc = 1;
		15