Fix gd library security problem refering PHP's SVN repositry. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 Bump PKGREVISION. (This fix is for php5 only and I don't know about php4.)diff -r1.80 -r1.81 pkgsrc/graphics/gd/Makefile
(taca)
@@ -1,17 +1,17 @@ | @@ -1,17 +1,17 @@ | |||
1 | # $NetBSD: Makefile,v 1.80 2009/08/26 19:56:39 sno Exp $ | 1 | # $NetBSD: Makefile,v 1.81 2009/10/22 14:39:55 taca Exp $ | |
2 | 2 | |||
3 | DISTNAME= gd-2.0.35 | 3 | DISTNAME= gd-2.0.35 | |
4 | PKGREVISION= 2 | 4 | PKGREVISION= 3 | |
5 | CATEGORIES= graphics | 5 | CATEGORIES= graphics | |
6 | MASTER_SITES= http://www.libgd.org/releases/ | 6 | MASTER_SITES= http://www.libgd.org/releases/ | |
7 | EXTRACT_SUFX= .tar.bz2 | 7 | EXTRACT_SUFX= .tar.bz2 | |
8 | 8 | |||
9 | MAINTAINER= adam@NetBSD.org | 9 | MAINTAINER= adam@NetBSD.org | |
10 | HOMEPAGE= http://www.libgd.org/ | 10 | HOMEPAGE= http://www.libgd.org/ | |
11 | COMMENT= Graphics library for the dynamic creation of images | 11 | COMMENT= Graphics library for the dynamic creation of images | |
12 | 12 | |||
13 | PKG_DESTDIR_SUPPORT= user-destdir | 13 | PKG_DESTDIR_SUPPORT= user-destdir | |
14 | 14 | |||
15 | .include "options.mk" | 15 | .include "options.mk" | |
16 | 16 | |||
17 | # fails in test not finding libgd.a | 17 | # fails in test not finding libgd.a |
@@ -1,8 +1,9 @@ | @@ -1,8 +1,9 @@ | |||
1 | $NetBSD: distinfo,v 1.29 2009/04/12 00:29:26 sno Exp $ | 1 | $NetBSD: distinfo,v 1.30 2009/10/22 14:39:55 taca Exp $ | |
2 | 2 | |||
3 | SHA1 (gd-2.0.35.tar.bz2) = ccf34a610abff2dbf133a20c4d2a4aa94939018a | 3 | SHA1 (gd-2.0.35.tar.bz2) = ccf34a610abff2dbf133a20c4d2a4aa94939018a | |
4 | RMD160 (gd-2.0.35.tar.bz2) = f452a2c333b2ba9b7b4c143983ec2af18a335516 | 4 | RMD160 (gd-2.0.35.tar.bz2) = f452a2c333b2ba9b7b4c143983ec2af18a335516 | |
5 | Size (gd-2.0.35.tar.bz2) = 1212730 bytes | 5 | Size (gd-2.0.35.tar.bz2) = 1212730 bytes | |
6 | SHA1 (patch-aa) = 726107579811ce1f33b00bd4dbf13040c48120bb | 6 | SHA1 (patch-aa) = 726107579811ce1f33b00bd4dbf13040c48120bb | |
7 | SHA1 (patch-ab) = 082f5baa2c147fb62381c21ecb3ce11a1891a2aa | 7 | SHA1 (patch-ab) = 082f5baa2c147fb62381c21ecb3ce11a1891a2aa | |
8 | SHA1 (patch-ac) = d166ed4d0a3510c610e8aa233d312e15d96f4667 | 8 | SHA1 (patch-ac) = d166ed4d0a3510c610e8aa233d312e15d96f4667 | |
9 | SHA1 (patch-ad) = 61daf7516615b30c749b3bdd7caeec728b4c61db |
$NetBSD: patch-ad,v 1.1 2009/10/22 14:39:55 taca Exp $
* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546,
similar chagne from PHP's SVN repositry r289557.
--- gd_gd.c.orig 2006-04-06 00:52:22.000000000 +0900
+++ gd_gd.c
@@ -44,6 +44,10 @@ _gdGetColors (gdIOCtx * in, gdImagePtr i
{
goto fail1;
}
+ if (im->colorsTotal > gdMaxColors)
+ {
+ goto fail1;
+ }
}
/* Int to accommodate truecolor single-color transparency */
if (!gdGetInt (&im->transparent, in))