Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 7 Sep 2015 11:50:19 +0000 (UTC)
From:      Jason Unovitch <junovitch@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r396262 - in head/graphics/libwmf: . files
Message-ID:  <201509071150.t87BoJJF011564@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: junovitch
Date: Mon Sep  7 11:50:19 2015
New Revision: 396262
URL: https://svnweb.freebsd.org/changeset/ports/396262

Log:
  graphics/libwmf: Fix bug introduced by patch for CVE-2015-4696
  
  - The original CVE-2015-4696 patch from upstream was missing line numbers
    in the first patch hunk.  The security issue was resolved by the
    restructured code but a new potential bug was introduced in the process.
  - While here, update to my FreeBSD.org email
  
  PR:		201513
  Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
  Obtained from:	Fedora libwmf RPM git (commit c8bc53c1)
  Approved by:	feld (mentor)
  MFH:		2015Q3

Modified:
  head/graphics/libwmf/Makefile
  head/graphics/libwmf/files/patch-deb784192-CVE-2015-4696

Modified: head/graphics/libwmf/Makefile
==============================================================================
--- head/graphics/libwmf/Makefile	Mon Sep  7 11:34:31 2015	(r396261)
+++ head/graphics/libwmf/Makefile	Mon Sep  7 11:50:19 2015	(r396262)
@@ -3,11 +3,11 @@
 
 PORTNAME=	libwmf
 PORTVERSION=	0.2.8.4
-PORTREVISION=	14
+PORTREVISION=	15
 CATEGORIES=	graphics
 MASTER_SITES=	SF/wvware/${PORTNAME}/${PORTVERSION}
 
-MAINTAINER=	jason.unovitch@gmail.com
+MAINTAINER=	junovitch@FreeBSD.org
 COMMENT=	Tools and library for converting Microsoft WMF (windows metafile)
 
 LICENSE=	GPLv2 # or later

Modified: head/graphics/libwmf/files/patch-deb784192-CVE-2015-4696
==============================================================================
--- head/graphics/libwmf/files/patch-deb784192-CVE-2015-4696	Mon Sep  7 11:34:31 2015	(r396261)
+++ head/graphics/libwmf/files/patch-deb784192-CVE-2015-4696	Mon Sep  7 11:50:19 2015	(r396262)
@@ -1,5 +1,8 @@
 --- src/player/meta.h
 +++ src/player/meta.h
+@@ -2585,6 +2585,8 @@
+ 			polyrect.BR[i] = clip->rects[i].BR;
+ 		}
  
 +		if (FR->region_clip) FR->region_clip (API,&polyrect);
 +

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201509071150.t87BoJJF011564>