summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2008-02-29 12:02:40 +0000
committerPeter Volkov <pva@gentoo.org>2008-02-29 12:02:40 +0000
commit54bf231b9641e503608728a0552a55d31bb8df00 (patch)
tree2b8b3632bfd014280333458594f4238e2aa777e7 /app-text/ghostscript-gnu/files
parentbig cleanup of old dosemu stuff (diff)
downloadgentoo-2-54bf231b9641e503608728a0552a55d31bb8df00.tar.gz
gentoo-2-54bf231b9641e503608728a0552a55d31bb8df00.tar.bz2
gentoo-2-54bf231b9641e503608728a0552a55d31bb8df00.zip
Fixed security issue (CVE-2008-0411), bug #208999, thank Robert Buchholz for report and coordination.
(Portage version: 2.1.4.4, RepoMan options: --force)
Diffstat (limited to 'app-text/ghostscript-gnu/files')
-rw-r--r--app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff12
1 files changed, 12 insertions, 0 deletions
diff --git a/app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff b/app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff
new file mode 100644
index 000000000000..a5ddf3a4ff0d
--- /dev/null
+++ b/app-text/ghostscript-gnu/files/ghostscript-8.60-CVE-2008-0411.diff
@@ -0,0 +1,12 @@
+--- src/zicc.c
++++ src/zicc.c 2008-02-05 16:11:59.000000000 +0000
+@@ -77,6 +77,9 @@ zseticcspace(i_ctx_t * i_ctx_p)
+ dict_find_string(op, "N", &pnval);
+ ncomps = pnval->value.intval;
+
++ if (2*ncomps > sizeof(range_buff)/sizeof(float))
++ return_error(e_rangecheck);
++
+ /* verify the DataSource entry */
+ if (dict_find_string(op, "DataSource", &pstrmval) <= 0)
+ return_error(e_undefined);