Date: Sun, 19 Jan 2003 20:54:29 +0900 (JST) From: KOMATSU Shinichiro <koma2@jiro.c.u-tokyo.ac.jp> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/47211: graphics/xpdf: fix integer overflow vulnerability in pdftops Message-ID: <20030119115430.53BFC72501@jiro.c.u-tokyo.ac.jp>
next in thread | raw e-mail | index | archive | help
>Number: 47211 >Category: ports >Synopsis: graphics/xpdf: fix integer overflow vulnerability in pdftops >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sun Jan 19 04:00:30 PST 2003 >Closed-Date: >Last-Modified: >Originator: KOMATSU Shinichiro >Release: FreeBSD 4.6.2-RELEASE i386 >Organization: >Environment: FreeBSD 4.6.2-RELEASE i386 >Description: Add the patch to fix integer overflow vulnerability in pdftops. See http://www.idefense.com/advisory/12.23.02.txt for details. >How-To-Repeat: >Fix: Index: Makefile =================================================================== RCS file: /home/ncvs/ports/graphics/xpdf/Makefile,v retrieving revision 1.45 diff -u -u -r1.45 Makefile --- Makefile 6 Jan 2003 05:41:13 -0000 1.45 +++ Makefile 19 Jan 2003 08:04:32 -0000 @@ -7,11 +7,17 @@ PORTNAME= xpdf PORTVERSION= 2.01 +PORTREVISION= 1 CATEGORIES= graphics print MASTER_SITES= ftp://ftp.foolabs.com/pub/xpdf/ \ ${MASTER_SITE_TEX_CTAN} MASTER_SITE_SUBDIR= support/xpdf +PATCH_SITES= ftp://ftp.foolabs.com/pub/xpdf/ \ + ${MASTER_SITE_TEX_CTAN} +PATCH_SITE_SUBDIR= support/xpdf +PATCHFILES= xpdf-2.01-patch1 + MAINTAINER= DougB@FreeBSD.org BUILD_DEPENDS= freetype-config:${PORTSDIR}/print/freetype2 @@ -33,6 +39,8 @@ .if defined(A4) CONFIGURE_ARGS+= --enable-a4-paper .endif + +PATCH_DIST_ARGS=-d ${PATCH_WRKSRC}/xpdf --forward --quiet -E ${PATCH_DIST_STRIP} MAN1= pdffonts.1 \ pdfimages.1 \ Index: distinfo =================================================================== RCS file: /home/ncvs/ports/graphics/xpdf/distinfo,v retrieving revision 1.18 diff -u -u -r1.18 distinfo --- distinfo 6 Jan 2003 05:41:13 -0000 1.18 +++ distinfo 19 Jan 2003 08:04:32 -0000 @@ -1 +1,2 @@ MD5 (xpdf-2.01.tar.gz) = 90326075b7bdabe85dc011882365824c +MD5 (xpdf-2.01-patch1) = f27f2bb23dcf7d68c402c7ba50eae22c >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030119115430.53BFC72501>