Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 8 May 2015 15:58:39 +0000 (UTC)
From:      Don Lewis <truckman@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r385792 - in head/editors/openoffice-4: . files
Message-ID:  <201505081558.t48FwdRl043554@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: truckman
Date: Fri May  8 15:58:38 2015
New Revision: 385792
URL: https://svnweb.freebsd.org/changeset/ports/385792

Log:
  Add a patch to fix the HWP filter vulnerability documented in
  CVE-2015-1774 and
  <http://www.openoffice.org/security/cves/CVE-2015-1774.html>;
  
  Approved by:	mat (mentor)
  MFH:		2015Q2
  Security:	b13af778-f4fc-11e4-a95d-ac9e174be3af
  Differential Revision:	https://reviews.freebsd.org/D2478

Added:
  head/editors/openoffice-4/files/patch-CVE-2015-1774   (contents, props changed)
Modified:
  head/editors/openoffice-4/Makefile

Modified: head/editors/openoffice-4/Makefile
==============================================================================
--- head/editors/openoffice-4/Makefile	Fri May  8 15:55:16 2015	(r385791)
+++ head/editors/openoffice-4/Makefile	Fri May  8 15:58:38 2015	(r385792)
@@ -3,7 +3,7 @@
 
 PORTNAME=	apache-openoffice
 PORTVERSION=	${AOOVERSION}
-PORTREVISION=	8
+PORTREVISION=	9
 CATEGORIES=	editors java
 MASTER_SITES=	APACHE/openoffice/${PORTVERSION}/source \
 		http://tools.openoffice.org/unowinreg_prebuild/680/:unoreg \

Added: head/editors/openoffice-4/files/patch-CVE-2015-1774
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/editors/openoffice-4/files/patch-CVE-2015-1774	Fri May  8 15:58:38 2015	(r385792)
@@ -0,0 +1,47 @@
+Index: scp2/source/writer/module_writer.scp
+===================================================================
+--- scp2/source/writer/module_writer.scp	(revision 1677189)
++++ scp2/source/writer/module_writer.scp	(revision 1677190)
+@@ -40,7 +40,6 @@
+     Styles = (HIDDEN_ROOT);
+     Files = (gid_File_Bin_Cde_Sagenda,gid_File_Bin_Cde_Sfax,gid_File_Bin_Cde_Slabel,
+     gid_File_Bin_Cde_Sletter,gid_File_Bin_Cde_Smemo,gid_File_Bin_Cde_Svcard,
+-    gid_File_Lib_Hwpreader,
+     gid_File_Lib_Swd,
+     gid_File_Lib_Swui,
+     gid_File_Lib_Msword,
+Index: scp2/source/writer/file_writer.scp
+===================================================================
+--- scp2/source/writer/file_writer.scp	(revision 1677189)
++++ scp2/source/writer/file_writer.scp	(revision 1677190)
+@@ -25,8 +25,6 @@
+ 
+ STD_LIB_FILE( gid_File_Lib_Swd , swd)
+ 
+-SPECIAL_LIB_FILE(gid_File_Lib_Hwpreader, hwp)
+-
+ File gid_File_Exe_Swriter
+     BIN_FILE_BODY;
+     Dir = gid_Brand_Dir_Program;
+Index: postprocess/packcomponents/makefile.mk
+===================================================================
+--- postprocess/packcomponents/makefile.mk	(revision 1677189)
++++ postprocess/packcomponents/makefile.mk	(revision 1677190)
+@@ -121,7 +121,6 @@
+     fps_office \
+     frm \
+     guesslang \
+-    hwp \
+     i18npool \
+     i18nsearch \
+     lng \
+Index: postprocess/prj/build.lst
+===================================================================
+--- postprocess/prj/build.lst	(revision 1677189)
++++ postprocess/prj/build.lst	(revision 1677190)
+@@ -1,4 +1,4 @@
+-po      postprocess     ::      svgio accessibility automation basctl bean chart2 configmgr CRASHREP:crashrep COINMP:coinmp cui dbaccess desktop dtrans embeddedobj embedserv EPM:epm eventattacher extensions extras fileaccess filter forms fpicker helpcontent2 hwpfilter io JAVAINSTALLER2:javainstaller2 lingucomponent MATHMLDTD:MathMLDTD ODK:odk officecfg package padmin psprint_config remotebridges sc scaddins sccomp scp2 scripting sd setup_native slideshow starmath sw sysui testtools ucb UnoControls unoxml ure wizards xmerge xmlsecurity MORE_FONTS:more_fonts OOo:pyuno OOo:readlicense_oo SO:top unodevtools JFREEREPORT:jfreereport REPORTBUILDER:reportbuilder reportdesign sdext SWEXT:swext smoketestdoc uui writerfilter winaccessibility oox MYSQLC:mysqlc LIBXSLT:libxslt NULL
++po      postprocess     ::      svgio accessibility automation basctl bean chart2 configmgr CRASHREP:crashrep COINMP:coinmp cui dbaccess desktop dtrans embeddedobj embedserv EPM:epm eventattacher extensions extras fileaccess filter forms fpicker helpcontent2 io JAVAINSTALLER2:javainstaller2 lingucomponent MATHMLDTD:MathMLDTD ODK:odk officecfg package padmin psprint_config remotebridges sc scaddins sccomp scp2 scripting sd setup_native slideshow starmath sw sysui testtools ucb UnoControls unoxml ure wizards xmerge xmlsecurity MORE_FONTS:more_fonts OOo:pyuno OOo:readlicense_oo SO:top unodevtools JFREEREPORT:jfreereport REPORTBUILDER:reportbuilder reportdesign sdext SWEXT:swext smoketestdoc uui writerfilter winaccessibility oox MYSQLC:mysqlc LIBXSLT:libxslt NULL
+ po	postprocess			    	usr1	-	all	po_mkout NULL
+ po	postprocess\checkxml		nmake	-	all	po_checkxml NULL
+ po	postprocess\checkdeliver	nmake	-	all	po_checkdlv NULL



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201505081558.t48FwdRl043554>