seamonkey: also provide patch for tremor (i.e. relevant for ARM) vulnerability Also backported upstream after the release: https://hg.mozilla.org/releases/mozilla-esr52/rev/5cd5586a2f48 PKGREVISION++diff -r1.172 -r1.173 pkgsrc/www/seamonkey/Makefile
(maya)
@@ -1,18 +1,18 @@ | @@ -1,18 +1,18 @@ | |||
1 | # $NetBSD: Makefile,v 1.172 2018/03/16 23:25:56 maya Exp $ | 1 | # $NetBSD: Makefile,v 1.173 2018/03/17 00:06:17 maya Exp $ | |
2 | 2 | |||
3 | DISTNAME= seamonkey-${SM_VER}.source | 3 | DISTNAME= seamonkey-${SM_VER}.source | |
4 | PKGNAME= seamonkey-${SM_VER:S/b/beta/} | 4 | PKGNAME= seamonkey-${SM_VER:S/b/beta/} | |
5 | PKGREVISION= 2 | 5 | PKGREVISION= 3 | |
6 | SM_VER= 2.49.2 | 6 | SM_VER= 2.49.2 | |
7 | CATEGORIES= www | 7 | CATEGORIES= www | |
8 | MASTER_SITES= ${MASTER_SITE_MOZILLA:=seamonkey/releases/${SM_VER}/source/} | 8 | MASTER_SITES= ${MASTER_SITE_MOZILLA:=seamonkey/releases/${SM_VER}/source/} | |
9 | EXTRACT_SUFX= .tar.xz | 9 | EXTRACT_SUFX= .tar.xz | |
10 | 10 | |||
11 | MAINTAINER= pkgsrc-users@NetBSD.org | 11 | MAINTAINER= pkgsrc-users@NetBSD.org | |
12 | HOMEPAGE= http://www.seamonkey-project.org/ | 12 | HOMEPAGE= http://www.seamonkey-project.org/ | |
13 | COMMENT= Full-featured gecko-based browser | 13 | COMMENT= Full-featured gecko-based browser | |
14 | 14 | |||
15 | WRKSRC= ${WRKDIR}/${DISTNAME:S/.source//} | 15 | WRKSRC= ${WRKDIR}/${DISTNAME:S/.source//} | |
16 | MOZILLA_DIR= mozilla/ | 16 | MOZILLA_DIR= mozilla/ | |
17 | PLIST_SRC+= ${PLIST_SRC_DFLT} | 17 | PLIST_SRC+= ${PLIST_SRC_DFLT} | |
18 | USE_LANGUAGES+= c c++ | 18 | USE_LANGUAGES+= c c++ |
@@ -1,20 +1,21 @@ | @@ -1,20 +1,21 @@ | |||
1 | $NetBSD: distinfo,v 1.149 2018/03/16 23:25:56 maya Exp $ | 1 | $NetBSD: distinfo,v 1.150 2018/03/17 00:06:17 maya Exp $ | |
2 | 2 | |||
3 | SHA1 (seamonkey-2.49.2.source.tar.xz) = 843ff7e74e488d03bdbf72237a1973c50887494b | 3 | SHA1 (seamonkey-2.49.2.source.tar.xz) = 843ff7e74e488d03bdbf72237a1973c50887494b | |
4 | RMD160 (seamonkey-2.49.2.source.tar.xz) = 9f79789a5d44985d96f8549f537ad01f23c1fc2c | 4 | RMD160 (seamonkey-2.49.2.source.tar.xz) = 9f79789a5d44985d96f8549f537ad01f23c1fc2c | |
5 | SHA512 (seamonkey-2.49.2.source.tar.xz) = 6f69f7fb0a2de8086231b615b62b350edf6c903d2fde90ee4c79e316cfcf5a413097df9afe1397dbfe680e264f6be14c2c147be7ba11c5dbd73a1e9e01b8857e | 5 | SHA512 (seamonkey-2.49.2.source.tar.xz) = 6f69f7fb0a2de8086231b615b62b350edf6c903d2fde90ee4c79e316cfcf5a413097df9afe1397dbfe680e264f6be14c2c147be7ba11c5dbd73a1e9e01b8857e | |
6 | Size (seamonkey-2.49.2.source.tar.xz) = 229980312 bytes | 6 | Size (seamonkey-2.49.2.source.tar.xz) = 229980312 bytes | |
7 | SHA1 (patch-CVE-2018-5146) = 121d8511b4aef0a784ae12d12c35cd4282c9ab83 | 7 | SHA1 (patch-CVE-2018-5146) = 121d8511b4aef0a784ae12d12c35cd4282c9ab83 | |
8 | SHA1 (patch-CVE-2018-5147) = 1c44a5e2f0a81b58ebc8343028019e4681ee246c | |||
8 | SHA1 (patch-ao) = e466058ed1899a64a9ab5b57290ff2baad1ea03c | 9 | SHA1 (patch-ao) = e466058ed1899a64a9ab5b57290ff2baad1ea03c | |
9 | SHA1 (patch-ldap_c-sdk_include_portable.h) = ce0b643fa031b74bf7d74eedc4f3729807aef799 | 10 | SHA1 (patch-ldap_c-sdk_include_portable.h) = ce0b643fa031b74bf7d74eedc4f3729807aef799 | |
10 | SHA1 (patch-mail_app_Makefile.in) = da6ac87ffdcff733f11218cb11f8ef316bb1bc18 | 11 | SHA1 (patch-mail_app_Makefile.in) = da6ac87ffdcff733f11218cb11f8ef316bb1bc18 | |
11 | SHA1 (patch-mailnews_base_search_src_nsMsgSearchTerm.cpp) = 0cbabcf5b188e86404e3ded8452c73a7f498efe3 | 12 | SHA1 (patch-mailnews_base_search_src_nsMsgSearchTerm.cpp) = 0cbabcf5b188e86404e3ded8452c73a7f498efe3 | |
12 | SHA1 (patch-mozilla_build_gyp.mozbuild) = a80cbc009f031de527349da416dd9a914e731358 | 13 | SHA1 (patch-mozilla_build_gyp.mozbuild) = a80cbc009f031de527349da416dd9a914e731358 | |
13 | SHA1 (patch-mozilla_build_moz.configure_init.configure) = 52247a5abfb178be7d10ec10a250090a94c42fb4 | 14 | SHA1 (patch-mozilla_build_moz.configure_init.configure) = 52247a5abfb178be7d10ec10a250090a94c42fb4 | |
14 | SHA1 (patch-mozilla_build_moz.configure_keyfiles.configure) = 5e3dd199e339187f2cdbe489c5390b255fa5c029 | 15 | SHA1 (patch-mozilla_build_moz.configure_keyfiles.configure) = 5e3dd199e339187f2cdbe489c5390b255fa5c029 | |
15 | SHA1 (patch-mozilla_build_moz.configure_memory.configure) = f5f5275878817e361b2f7a247b7feceb7feeda6e | 16 | SHA1 (patch-mozilla_build_moz.configure_memory.configure) = f5f5275878817e361b2f7a247b7feceb7feeda6e | |
16 | SHA1 (patch-mozilla_build_moz.configure_old.configure) = 1de7c78d2fb7cc88542acc969c0d9cc4e9001977 | 17 | SHA1 (patch-mozilla_build_moz.configure_old.configure) = 1de7c78d2fb7cc88542acc969c0d9cc4e9001977 | |
17 | SHA1 (patch-mozilla_build_pgo_profileserver.py) = 5e93f4153f654d3cfeffcbabfa9ef914044f9671 | 18 | SHA1 (patch-mozilla_build_pgo_profileserver.py) = 5e93f4153f654d3cfeffcbabfa9ef914044f9671 | |
18 | SHA1 (patch-mozilla_config_Makefile.in) = 307d1013be22bc97cd5eb340ba6a3835998319d3 | 19 | SHA1 (patch-mozilla_config_Makefile.in) = 307d1013be22bc97cd5eb340ba6a3835998319d3 | |
19 | SHA1 (patch-mozilla_config_baseconfig.mk) = 49914353e167442440e04afd8e64b57ddf9399df | 20 | SHA1 (patch-mozilla_config_baseconfig.mk) = 49914353e167442440e04afd8e64b57ddf9399df | |
20 | SHA1 (patch-mozilla_config_external_moz.build) = a6f9bfad761428f0690a96d9953cd9fd3879f4ba | 21 | SHA1 (patch-mozilla_config_external_moz.build) = a6f9bfad761428f0690a96d9953cd9fd3879f4ba |
$NetBSD: patch-CVE-2018-5147,v 1.1 2018/03/17 00:06:17 maya Exp $
CVE-2018-5147: Prevent out-of-bounds write in codebook decoding.
Codebooks that are not an exact divisor of the partition size are now
truncated to fit within the partition.
--- mozilla/media/libtremor/lib/tremor_codebook.c.orig 2018-02-05 11:49:21.000000000 +0000
+++ mozilla/media/libtremor/lib/tremor_codebook.c
@@ -258,7 +258,7 @@ long vorbis_book_decodevs_add(codebook *
t[i] = book->valuelist+entry[i]*book->dim;
}
for(i=0,o=0;i<book->dim;i++,o+=step)
- for (j=0;j<step;j++)
+ for (j=0;o+j<n && j<step;j++)
a[o+j]+=t[j][i]>>shift;
}else{
for (i = 0; i < step; i++) {
@@ -267,7 +267,7 @@ long vorbis_book_decodevs_add(codebook *
t[i] = book->valuelist+entry[i]*book->dim;
}
for(i=0,o=0;i<book->dim;i++,o+=step)
- for (j=0;j<step;j++)
+ for (j=0;o+j<n && j<step;j++)
a[o+j]+=t[j][i]<<-shift;
}
}
@@ -287,7 +287,7 @@ long vorbis_book_decodev_add(codebook *b
entry = decode_packed_entry_number(book,b);
if(entry==-1)return(-1);
t = book->valuelist+entry*book->dim;
- for (j=0;j<book->dim;)
+ for (j=0;i<n && j<book->dim;)
a[i++]+=t[j++]>>shift;
}
}else{
@@ -295,7 +295,7 @@ long vorbis_book_decodev_add(codebook *b
entry = decode_packed_entry_number(book,b);
if(entry==-1)return(-1);
t = book->valuelist+entry*book->dim;
- for (j=0;j<book->dim;)
+ for (j=0;i<n && j<book->dim;)
a[i++]+=t[j++]<<-shift;
}
}
@@ -352,15 +352,15 @@ long vorbis_book_decodevv_add(codebook *
long i,j,entry;
int chptr=0;
int shift=point-book->binarypoint;
-
+ int m=offset+n;
if(shift>=0){
- for(i=offset;i<offset+n;){
+ for(i=offset;i<m;){
entry = decode_packed_entry_number(book,b);
if(entry==-1)return(-1);
{
const ogg_int32_t *t = book->valuelist+entry*book->dim;
- for (j=0;j<book->dim;j++){
+ for (j=0;i<m && j<book->dim;j++){
a[chptr++][i]+=t[j]>>shift;
if(chptr==ch){
chptr=0;
@@ -371,12 +371,12 @@ long vorbis_book_decodevv_add(codebook *
}
}else{
- for(i=offset;i<offset+n;){
+ for(i=offset;i<m;){
entry = decode_packed_entry_number(book,b);
if(entry==-1)return(-1);
{
const ogg_int32_t *t = book->valuelist+entry*book->dim;
- for (j=0;j<book->dim;j++){
+ for (j=0;i<m && j<book->dim;j++){
a[chptr++][i]+=t[j]<<-shift;
if(chptr==ch){
chptr=0;