diff options
author | Peter Volkov <pva@gentoo.org> | 2008-02-29 12:02:40 +0000 |
---|---|---|
committer | Peter Volkov <pva@gentoo.org> | 2008-02-29 12:02:40 +0000 |
commit | 54bf231b9641e503608728a0552a55d31bb8df00 (patch) | |
tree | 2b8b3632bfd014280333458594f4238e2aa777e7 /app-text/ghostscript-gnu/files | |
parent | big cleanup of old dosemu stuff (diff) | |
download | gentoo-2-54bf231b9641e503608728a0552a55d31bb8df00.tar.gz gentoo-2-54bf231b9641e503608728a0552a55d31bb8df00.tar.bz2 gentoo-2-54bf231b9641e503608728a0552a55d31bb8df00.zip |
Fixed security issue (CVE-2008-0411), bug #208999, thank Robert Buchholz for report and coordination.
(Portage version: 2.1.4.4, RepoMan options: --force)
Diffstat (limited to 'app-text/ghostscript-gnu/files')
-rw-r--r-- | app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff b/app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff new file mode 100644 index 000000000000..a5ddf3a4ff0d --- /dev/null +++ b/app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff @@ -0,0 +1,12 @@ +--- src/zicc.c ++++ src/zicc.c 2008-02-05 16:11:59.000000000 +0000 +@@ -77,6 +77,9 @@ zseticcspace(i_ctx_t * i_ctx_p) + dict_find_string(op, "N", &pnval); + ncomps = pnval->value.intval; + ++ if (2*ncomps > sizeof(range_buff)/sizeof(float)) ++ return_error(e_rangecheck); ++ + /* verify the DataSource entry */ + if (dict_find_string(op, "DataSource", &pstrmval) <= 0) + return_error(e_undefined); |