diff options
author | Timo Gurr <tgurr@gentoo.org> | 2011-08-25 01:02:49 +0000 |
---|---|---|
committer | Timo Gurr <tgurr@gentoo.org> | 2011-08-25 01:02:49 +0000 |
commit | 44e6df3efcf4df9dd1b73f98230ee9f17cddfe38 (patch) | |
tree | b5496cbc44cf3a477fc74a5610b2a6b25c47934c /net-print/cups/files | |
parent | Version bump (diff) | |
download | gentoo-2-44e6df3efcf4df9dd1b73f98230ee9f17cddfe38.tar.gz gentoo-2-44e6df3efcf4df9dd1b73f98230ee9f17cddfe38.tar.bz2 gentoo-2-44e6df3efcf4df9dd1b73f98230ee9f17cddfe38.zip |
Revbumps fixing security issue CVE-2011-2896. Remove old.
(Portage version: 2.2.0_alpha51/cvs/Linux x86_64)
Diffstat (limited to 'net-print/cups/files')
-rw-r--r-- | net-print/cups/files/cups-1.4.8-CVE-2011-2896.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/net-print/cups/files/cups-1.4.8-CVE-2011-2896.patch b/net-print/cups/files/cups-1.4.8-CVE-2011-2896.patch new file mode 100644 index 000000000000..843456f2eebd --- /dev/null +++ b/net-print/cups/files/cups-1.4.8-CVE-2011-2896.patch @@ -0,0 +1,37 @@ +Source: Upstream http://cups.org/str.php?L3914 +Reason: Avoid GIF reader loop (CVE-2011-2896) +Upstream: Fixed in trunk + +diff -up cups-1.4.8/filter/image-gif.c.CVE-2011-2896 cups-1.4.8/filter/image-gif.c +--- cups-1.4.8/filter/image-gif.c.CVE-2011-2896 2011-06-20 21:37:51.000000000 +0100 ++++ cups-1.4.8/filter/image-gif.c 2011-08-19 11:33:37.547911212 +0100 +@@ -648,11 +648,13 @@ gif_read_lzw(FILE *fp, /* I - File to + + if (code == max_code) + { +- *sp++ = firstcode; +- code = oldcode; ++ if (sp < (stack + 8192)) ++ *sp++ = firstcode; ++ ++ code = oldcode; + } + +- while (code >= clear_code) ++ while (code >= clear_code && sp < (stack + 8192)) + { + *sp++ = table[1][code]; + if (code == table[0][code]) +@@ -661,8 +663,10 @@ gif_read_lzw(FILE *fp, /* I - File to + code = table[0][code]; + } + +- *sp++ = firstcode = table[1][code]; +- code = max_code; ++ if (sp < (stack + 8192)) ++ *sp++ = firstcode = table[1][code]; ++ ++ code = max_code; + + if (code < 4096) + { |