diff options
author | Peter Volkov <pva@gentoo.org> | 2007-12-10 20:14:28 +0000 |
---|---|---|
committer | Peter Volkov <pva@gentoo.org> | 2007-12-10 20:14:28 +0000 |
commit | 6ef481c2205b0d761f87a1165c2318a91b82deaa (patch) | |
tree | b1d26257ce67e3c2cb88f7b31610e0560fcd6ff5 /media-libs | |
parent | Add patch fixing news test. (diff) | |
download | gentoo-2-6ef481c2205b0d761f87a1165c2318a91b82deaa.tar.gz gentoo-2-6ef481c2205b0d761f87a1165c2318a91b82deaa.tar.bz2 gentoo-2-6ef481c2205b0d761f87a1165c2318a91b82deaa.zip |
Fixed denial of service (infinite loop) via a BMP image, bug #201887.
Fixed bug which prevented imlib to render images is MIT-SHM when the MIT-SHM extension doesn't support shared pixmaps (bugs.debian.org/448360). Thank for report Antti Mäkelä <zarhan AT cs.tut.fi>.
Homepage changed. No website is available for this old library, so pointing to sources location.
(Portage version: 2.1.3.19)
Diffstat (limited to 'media-libs')
-rw-r--r-- | media-libs/imlib/ChangeLog | 13 | ||||
-rw-r--r-- | media-libs/imlib/files/digest-imlib-1.9.15-r2 | 3 | ||||
-rw-r--r-- | media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch | 11 | ||||
-rw-r--r-- | media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch | 105 | ||||
-rw-r--r-- | media-libs/imlib/imlib-1.9.15-r2.ebuild | 63 |
5 files changed, 194 insertions, 1 deletions
diff --git a/media-libs/imlib/ChangeLog b/media-libs/imlib/ChangeLog index 5da421f9d4f2..20ac825a3b50 100644 --- a/media-libs/imlib/ChangeLog +++ b/media-libs/imlib/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for media-libs/imlib # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/imlib/ChangeLog,v 1.57 2007/09/23 14:18:20 drac Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/imlib/ChangeLog,v 1.58 2007/12/10 20:14:24 pva Exp $ + +*imlib-1.9.15-r2 (10 Dec 2007) + + 10 Dec 2007; <pva@gentoo.org> + +files/imlib-1.9.15-bpp16-CVE-2007-3568.patch, + +files/imlib-1.9.15-fix-rendering.patch, +imlib-1.9.15-r2.ebuild: + Fixed denial of service (infinite loop) via a BMP image, bug #201887. Fixed + bug which prevented imlib to render images is MIT-SHM when the MIT-SHM + extension doesn't support shared pixmaps (bugs.debian.org/448360). Thank for + report Antti Mäkelä <zarhan AT cs.tut.fi>. Homepage changed. No website is + available for this old library, so pointing to sources location. 23 Sep 2007; Samuli Suominen <drac@gentoo.org> imlib-1.9.15-r1.ebuild: Fix modular X deps wrt #192733. diff --git a/media-libs/imlib/files/digest-imlib-1.9.15-r2 b/media-libs/imlib/files/digest-imlib-1.9.15-r2 new file mode 100644 index 000000000000..52c816f8266d --- /dev/null +++ b/media-libs/imlib/files/digest-imlib-1.9.15-r2 @@ -0,0 +1,3 @@ +MD5 7db987e6c52e4daf70d7d0f471238eae imlib-1.9.15.tar.bz2 683242 +RMD160 195b80833167134ba2d9a9574d420279f9cf55f4 imlib-1.9.15.tar.bz2 683242 +SHA256 4e6a270308a9ae16586bfc133c1a3dfb2e56f431edb66aaa3a80e36e5ed84ce0 imlib-1.9.15.tar.bz2 683242 diff --git a/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch b/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch new file mode 100644 index 000000000000..94595ffdf55a --- /dev/null +++ b/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch @@ -0,0 +1,11 @@ +--- Imlib/load.c.orig 2007-08-13 23:06:20.000000000 -0300 ++++ Imlib/load.c 2007-08-13 23:06:51.000000000 -0300 +@@ -645,7 +645,7 @@ + planes = (int)word; + fread(&word, 2, 1, file); + bpp = (int)word; +- if (bpp != 1 && bpp != 4 && bpp != 8 && bpp && 16 && bpp != 24 && bpp != 32) ++ if (bpp != 1 && bpp != 4 && bpp != 8 && bpp != 16 && bpp != 24 && bpp != 32) + { + fprintf(stderr, "IMLIB ERROR: unknown bitdepth in file\n"); + return NULL; diff --git a/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch b/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch new file mode 100644 index 000000000000..6212ed31428e --- /dev/null +++ b/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch @@ -0,0 +1,105 @@ +Michel Dänzer <daenzer AT debian.org> + +* The boolean value returned via the last parameter to XShmQueryVersion() + isn't honoured everywhere. +* The init functions that take parameters allow the caller to enable shared + pixmaps when they aren't supported (or disabled by configuration files). + + +These result in incorrect rendering when the MIT-SHM extension doesn't support +shared pixmaps, e.g. using EXA with current versions of Xorg. + +http://bugs.gentoo.org/show_bug.cgi?id=197489 + +diff -up -ru imlib-1.9.15.orig/gdk_imlib/misc.c imlib-1.9.15/gdk_imlib/misc.c +--- imlib-1.9.15.orig/gdk_imlib/misc.c 2002-03-04 18:06:32.000000000 +0100 ++++ imlib-1.9.15/gdk_imlib/misc.c 2007-10-28 14:00:04.000000000 +0100 +@@ -674,6 +674,10 @@ gdk_imlib_init_params(GdkImlibInitParams + visual = gdk_rgb_get_visual(); + id->x.visual = GDK_VISUAL_XVISUAL(visual); /* the visual type */ + id->x.depth = visual->depth; /* the depth of the screen in bpp */ ++ ++ id->x.shm = 0; ++ id->x.shmp = 0; ++ id->max_shm = 0; + #ifdef HAVE_SHM + if (XShmQueryExtension(id->x.disp)) + { +@@ -689,17 +693,14 @@ gdk_imlib_init_params(GdkImlibInitParams + id->x.last_xim = NULL; + id->x.last_sxim = NULL; + id->max_shm = 0x7fffffff; +- if (XShmPixmapFormat(id->x.disp) == ZPixmap) ++ if ((XShmPixmapFormat(id->x.disp) == ZPixmap) && ++ (pm == True)) + id->x.shmp = 1; + } + } + } +- else + #endif +- { +- id->x.shm = 0; +- id->x.shmp = 0; +- } ++ + id->cache.on_image = 0; + id->cache.size_image = 0; + id->cache.num_image = 0; +@@ -935,8 +936,8 @@ gdk_imlib_init_params(GdkImlibInitParams + } + if (p->flags & PARAMS_SHAREDPIXMAPS) + { +- if (id->x.shm) +- id->x.shmp = p->sharedpixmaps; ++ if (!p->sharedpixmaps) ++ id->x.shmp = 0; + } + if (p->flags & PARAMS_PALETTEOVERRIDE) + override = p->paletteoverride; +diff -up -ru imlib-1.9.15.orig/Imlib/misc.c imlib-1.9.15/Imlib/misc.c +--- imlib-1.9.15.orig/Imlib/misc.c 2004-09-21 02:22:59.000000000 +0200 ++++ imlib-1.9.15/Imlib/misc.c 2007-10-28 14:00:23.000000000 +0100 +@@ -675,6 +675,10 @@ Imlib_init_with_params(Display * disp, I + id->x.root = DefaultRootWindow(disp); /* the root window id */ + id->x.visual = DefaultVisual(disp, id->x.screen); /* the visual type */ + id->x.depth = DefaultDepth(disp, id->x.screen); /* the depth of the screen in bpp */ ++ ++ id->x.shm = 0; ++ id->x.shmp = 0; ++ id->max_shm = 0; + #ifdef HAVE_SHM + if (XShmQueryExtension(id->x.disp)) + { +@@ -690,17 +694,14 @@ Imlib_init_with_params(Display * disp, I + id->x.last_xim = NULL; + id->x.last_sxim = NULL; + id->max_shm = 0x7fffffff; +- if (XShmPixmapFormat(id->x.disp) == ZPixmap) ++ if ((XShmPixmapFormat(id->x.disp) == ZPixmap && ++ (pm == True))) + id->x.shmp = 1; + } + } + } +- else + #endif +- { +- id->x.shm = 0; +- id->x.shmp = 0; +- } ++ + id->cache.on_image = 0; + id->cache.size_image = 0; + id->cache.num_image = 0; +@@ -952,8 +953,8 @@ Imlib_init_with_params(Display * disp, I + } + if (p->flags & PARAMS_SHAREDPIXMAPS) + { +- if (id->x.shm) +- id->x.shmp = p->sharedpixmaps; ++ if (!p->sharedpixmaps) ++ id->x.shmp = 0; + } + if (p->flags & PARAMS_PALETTEOVERRIDE) + override = p->paletteoverride; diff --git a/media-libs/imlib/imlib-1.9.15-r2.ebuild b/media-libs/imlib/imlib-1.9.15-r2.ebuild new file mode 100644 index 000000000000..91d40a11760e --- /dev/null +++ b/media-libs/imlib/imlib-1.9.15-r2.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-libs/imlib/imlib-1.9.15-r2.ebuild,v 1.1 2007/12/10 20:14:24 pva Exp $ + +inherit autotools eutils gnome.org + +DESCRIPTION="Image loading and rendering library" +HOMEPAGE="http://ftp.acc.umu.se/pub/GNOME/sources/imlib/1.9/" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="doc gtk" + +RDEPEND="gtk? ( =x11-libs/gtk+-1.2* ) + >=media-libs/tiff-3.5.5 + >=media-libs/giflib-4.1.0 + >=media-libs/libpng-1.2.1 + >=media-libs/jpeg-6b + x11-libs/libICE + x11-libs/libSM + x11-libs/libXext" +DEPEND="${RDEPEND}" + +src_unpack() { + unpack ${A} + cd "${S}" + + # Fix aclocal underquoted definition warnings. + # Conditionalize gdk functions for bug 40453. + # Fix imlib-config for bug 3425. + epatch "${FILESDIR}"/${P}.patch + + # Fix security bug 72681. + epatch "${FILESDIR}"/${PN}-security.patch + + # Fixes security bug #201887 + epatch "${FILESDIR}"/${P}-bpp16-CVE-2007-3568.patch + + # Fixes #197489 + epatch "${FILESDIR}"/${P}-fix-rendering.patch + + eautoconf + _elibtoolize +} + +src_compile() { + econf --sysconfdir=/etc/imlib \ + $(use_enable gtk gdk) \ + $(use_enable gtk gtktest) + + emake || die "emake failed." +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install failed." + + dodoc AUTHORS ChangeLog README + use doc && dohtml doc/* + + # Hack to avoid installing pkgconfig file. + use gtk || rm "${D}"/usr/lib*/pkgconfig/imlibgdk.pc +} |