diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2013-08-30 10:00:24 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-08-30 10:04:06 +0000 |
commit | e5fc4122c8293488c59bfb980d6da123a3910080 (patch) | |
tree | aa15d19f12c017e5e711e128b4ecfc7b930c22d6 | |
parent | 437a2ab6eccb070bfbccd6e3f9b3dac4afad2e12 (diff) | |
download | alpine_aports-e5fc4122c8293488c59bfb980d6da123a3910080.tar.bz2 alpine_aports-e5fc4122c8293488c59bfb980d6da123a3910080.tar.xz alpine_aports-e5fc4122c8293488c59bfb980d6da123a3910080.zip |
main/lcms: fix CVE-2013-4276
fixes #2238
-rw-r--r-- | main/lcms/APKBUILD | 12 | ||||
-rw-r--r-- | main/lcms/CVE-2013-4276.patch | 62 |
2 files changed, 71 insertions, 3 deletions
diff --git a/main/lcms/APKBUILD b/main/lcms/APKBUILD index c2d09b112b..94fec4a543 100644 --- a/main/lcms/APKBUILD +++ b/main/lcms/APKBUILD | |||
@@ -1,7 +1,7 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=lcms | 2 | pkgname=lcms |
3 | pkgver=1.19 | 3 | pkgver=1.19 |
4 | pkgrel=4 | 4 | pkgrel=5 |
5 | pkgdesc="Lightweight color management development library/engine" | 5 | pkgdesc="Lightweight color management development library/engine" |
6 | url="http://www.littlecms.com" | 6 | url="http://www.littlecms.com" |
7 | arch="all" | 7 | arch="all" |
@@ -9,7 +9,8 @@ license="custom" | |||
9 | depends= | 9 | depends= |
10 | makedepends="tiff-dev libjpeg-turbo-dev zlib-dev" | 10 | makedepends="tiff-dev libjpeg-turbo-dev zlib-dev" |
11 | subpackages="$pkgname-dev $pkgname-doc liblcms" | 11 | subpackages="$pkgname-dev $pkgname-doc liblcms" |
12 | source="http://downloads.sourceforge.net/project/lcms/lcms/$pkgver/lcms-$pkgver.tar.gz" | 12 | source="http://downloads.sourceforge.net/project/lcms/lcms/$pkgver/lcms-$pkgver.tar.gz |
13 | CVE-2013-4276.patch" | ||
13 | 14 | ||
14 | _builddir="$srcdir"/$pkgname-$pkgver | 15 | _builddir="$srcdir"/$pkgname-$pkgver |
15 | build() { | 16 | build() { |
@@ -30,4 +31,9 @@ liblcms() { | |||
30 | mv "$pkgdir"/usr/lib/liblcms.so.* "$subpkgdir"/usr/lib/ | 31 | mv "$pkgdir"/usr/lib/liblcms.so.* "$subpkgdir"/usr/lib/ |
31 | } | 32 | } |
32 | 33 | ||
33 | md5sums="8af94611baf20d9646c7c2c285859818 lcms-1.19.tar.gz" | 34 | md5sums="8af94611baf20d9646c7c2c285859818 lcms-1.19.tar.gz |
35 | fa1db4861cfa05f4c4a2c826e1c35502 CVE-2013-4276.patch" | ||
36 | sha256sums="80ae32cb9f568af4dc7ee4d3c05a4c31fc513fc3e31730fed0ce7378237273a9 lcms-1.19.tar.gz | ||
37 | cd10cc5ce791ae782b1257e6181a71cbdb685b705779c9ef2ceffc7fb2021bd0 CVE-2013-4276.patch" | ||
38 | sha512sums="85a55ad0673f0df2aaa80d18caa50314319f8da5ee4d84eed919059d0dad9861d684ef6353ce0ec6f9892a4603ce8e8e12f84d46858e23f52846b8aefd3cf449 lcms-1.19.tar.gz | ||
39 | 73037e6e2f8e52f402c5160a38e1d8cc6f7f5f88145d68f733f796def539902a6dfcf685eae076d1456d885c782771993dc64f78b4e381421b0e4e8730eaa1d2 CVE-2013-4276.patch" | ||
diff --git a/main/lcms/CVE-2013-4276.patch b/main/lcms/CVE-2013-4276.patch new file mode 100644 index 0000000000..8f2f322978 --- /dev/null +++ b/main/lcms/CVE-2013-4276.patch | |||
@@ -0,0 +1,62 @@ | |||
1 | diff -ur lcms-1.19.dfsg/samples/icctrans.c lcms-1.19.dfsg-patched/samples/icctrans.c | ||
2 | --- lcms-1.19.dfsg/samples/icctrans.c 2009-10-30 15:57:45.000000000 +0000 | ||
3 | +++ lcms-1.19.dfsg-patched/samples/icctrans.c 2013-08-06 11:53:14.385266647 +0100 | ||
4 | @@ -86,6 +86,8 @@ | ||
5 | static LPcmsNAMEDCOLORLIST InputColorant = NULL; | ||
6 | static LPcmsNAMEDCOLORLIST OutputColorant = NULL; | ||
7 | |||
8 | +unsigned int Buffer_size = 4096; | ||
9 | + | ||
10 | |||
11 | // isatty replacement | ||
12 | |||
13 | @@ -500,7 +502,7 @@ | ||
14 | |||
15 | Prefix[0] = 0; | ||
16 | if (!lTerse) | ||
17 | - sprintf(Prefix, "%s=", C); | ||
18 | + snprintf(Prefix, 20, "%s=", C); | ||
19 | |||
20 | if (InHexa) | ||
21 | { | ||
22 | @@ -648,7 +650,9 @@ | ||
23 | static | ||
24 | void GetLine(char* Buffer) | ||
25 | { | ||
26 | - scanf("%s", Buffer); | ||
27 | + char User_buffer[Buffer_size]; | ||
28 | + fgets(User_buffer, (Buffer_size - 1), stdin); | ||
29 | + sscanf(User_buffer,"%s", Buffer); | ||
30 | |||
31 | if (toupper(Buffer[0]) == 'Q') { // Quit? | ||
32 | |||
33 | @@ -668,7 +672,7 @@ | ||
34 | static | ||
35 | double GetAnswer(const char* Prompt, double Range) | ||
36 | { | ||
37 | - char Buffer[4096]; | ||
38 | + char Buffer[Buffer_size]; | ||
39 | double val = 0.0; | ||
40 | |||
41 | if (Range == 0.0) { // Range 0 means double value | ||
42 | @@ -738,7 +742,7 @@ | ||
43 | static | ||
44 | WORD GetIndex(void) | ||
45 | { | ||
46 | - char Buffer[4096], Name[40], Prefix[40], Suffix[40]; | ||
47 | + char Buffer[Buffer_size], Name[40], Prefix[40], Suffix[40]; | ||
48 | int index, max; | ||
49 | |||
50 | max = cmsNamedColorCount(hTrans)-1; | ||
51 | diff -ur lcms-1.19.dfsg/tifficc/tiffdiff.c lcms-1.19.dfsg-patched/tifficc/tiffdiff.c | ||
52 | --- lcms-1.19.dfsg/tifficc/tiffdiff.c 2009-10-30 15:57:46.000000000 +0000 | ||
53 | +++ lcms-1.19.dfsg-patched/tifficc/tiffdiff.c 2013-08-06 11:49:06.698951157 +0100 | ||
54 | @@ -633,7 +633,7 @@ | ||
55 | cmsIT8SetSheetType(hIT8, "TIFFDIFF"); | ||
56 | |||
57 | |||
58 | - sprintf(Buffer, "Differences between %s and %s", TiffName1, TiffName2); | ||
59 | + snprintf(Buffer, 256, "Differences between %s and %s", TiffName1, TiffName2); | ||
60 | |||
61 | cmsIT8SetComment(hIT8, Buffer); | ||
62 | |||