From owner-freebsd-ports-bugs  Sun Jan 19  4: 0:36 2003
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 95A6037B401
	for <freebsd-ports-bugs@hub.freebsd.org>; Sun, 19 Jan 2003 04:00:32 -0800 (PST)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B384543F13
	for <freebsd-ports-bugs@hub.freebsd.org>; Sun, 19 Jan 2003 04:00:31 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id h0JC0VNS008529
	for <freebsd-ports-bugs@freefall.freebsd.org>; Sun, 19 Jan 2003 04:00:31 -0800 (PST)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.6/8.12.6/Submit) id h0JC0VER008528;
	Sun, 19 Jan 2003 04:00:31 -0800 (PST)
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4900737B401
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 19 Jan 2003 03:54:37 -0800 (PST)
Received: from jiro.c.u-tokyo.ac.jp (jiro.c.u-tokyo.ac.jp [157.82.63.17])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5478B43F1E
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 19 Jan 2003 03:54:37 -0800 (PST)
	(envelope-from koma2@jiro.c.u-tokyo.ac.jp)
Message-Id: <20030119115430.53BFC72501@jiro.c.u-tokyo.ac.jp>
Date: Sun, 19 Jan 2003 20:54:29 +0900 (JST)
From: KOMATSU Shinichiro <koma2@jiro.c.u-tokyo.ac.jp>
Reply-To: KOMATSU Shinichiro <koma2@jiro.c.u-tokyo.ac.jp>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Subject: ports/47211: graphics/xpdf: fix integer overflow vulnerability in pdftops
Sender: owner-freebsd-ports-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ports-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ports-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ports-bugs>
X-Loop: FreeBSD.org


>Number:         47211
>Category:       ports
>Synopsis:       graphics/xpdf: fix integer overflow vulnerability in pdftops
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jan 19 04:00:30 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     KOMATSU Shinichiro
>Release:        FreeBSD 4.6.2-RELEASE i386
>Organization:
>Environment:
FreeBSD 4.6.2-RELEASE i386

	
>Description:

Add the patch to fix integer overflow vulnerability in pdftops.
See http://www.idefense.com/advisory/12.23.02.txt for details.

>How-To-Repeat:
	
>Fix:

Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/graphics/xpdf/Makefile,v
retrieving revision 1.45
diff -u -u -r1.45 Makefile
--- Makefile	6 Jan 2003 05:41:13 -0000	1.45
+++ Makefile	19 Jan 2003 08:04:32 -0000
@@ -7,11 +7,17 @@
 
 PORTNAME=	xpdf
 PORTVERSION=	2.01
+PORTREVISION=	1
 CATEGORIES=	graphics print
 MASTER_SITES=	ftp://ftp.foolabs.com/pub/xpdf/ \
 		${MASTER_SITE_TEX_CTAN}
 MASTER_SITE_SUBDIR=	support/xpdf
 
+PATCH_SITES=	ftp://ftp.foolabs.com/pub/xpdf/ \
+		${MASTER_SITE_TEX_CTAN}
+PATCH_SITE_SUBDIR=	support/xpdf
+PATCHFILES=	xpdf-2.01-patch1
+
 MAINTAINER=	DougB@FreeBSD.org
 
 BUILD_DEPENDS=	freetype-config:${PORTSDIR}/print/freetype2
@@ -33,6 +39,8 @@
 .if defined(A4)
 CONFIGURE_ARGS+=	--enable-a4-paper
 .endif
+
+PATCH_DIST_ARGS=-d ${PATCH_WRKSRC}/xpdf --forward --quiet -E ${PATCH_DIST_STRIP}
 
 MAN1=		pdffonts.1 \
 		pdfimages.1 \
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/graphics/xpdf/distinfo,v
retrieving revision 1.18
diff -u -u -r1.18 distinfo
--- distinfo	6 Jan 2003 05:41:13 -0000	1.18
+++ distinfo	19 Jan 2003 08:04:32 -0000
@@ -1 +1,2 @@
 MD5 (xpdf-2.01.tar.gz) = 90326075b7bdabe85dc011882365824c
+MD5 (xpdf-2.01-patch1) = f27f2bb23dcf7d68c402c7ba50eae22c
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports-bugs" in the body of the message