From 73d1887acf72fd7cdd2e7d53d530df2b21d89fb0 Mon Sep 17 00:00:00 2001 From: Jeremy Huddleston Date: Thu, 10 Mar 2005 23:30:09 +0000 Subject: Revision bumps for security bug #84076. Stable amd64, sparc, x86. (Portage version: 2.0.51.19) --- media-libs/libexif/ChangeLog | 10 ++++- media-libs/libexif/Manifest | 9 +++- media-libs/libexif/files/digest-libexif-0.5.12-r2 | 1 + media-libs/libexif/files/digest-libexif-0.6.10 | 1 - media-libs/libexif/files/digest-libexif-0.6.10-r1 | 1 + .../libexif/files/libexif-0.5-CAN-2005-0664.patch | 30 +++++++++++++ .../libexif/files/libexif-0.6-CAN-2005-0664.patch | 30 +++++++++++++ media-libs/libexif/libexif-0.5.12-r2.ebuild | 48 +++++++++++++++++++++ media-libs/libexif/libexif-0.6.10-r1.ebuild | 49 ++++++++++++++++++++++ media-libs/libexif/libexif-0.6.10.ebuild | 43 ------------------- 10 files changed, 175 insertions(+), 47 deletions(-) create mode 100644 media-libs/libexif/files/digest-libexif-0.5.12-r2 delete mode 100644 media-libs/libexif/files/digest-libexif-0.6.10 create mode 100644 media-libs/libexif/files/digest-libexif-0.6.10-r1 create mode 100644 media-libs/libexif/files/libexif-0.5-CAN-2005-0664.patch create mode 100644 media-libs/libexif/files/libexif-0.6-CAN-2005-0664.patch create mode 100644 media-libs/libexif/libexif-0.5.12-r2.ebuild create mode 100644 media-libs/libexif/libexif-0.6.10-r1.ebuild delete mode 100644 media-libs/libexif/libexif-0.6.10.ebuild diff --git a/media-libs/libexif/ChangeLog b/media-libs/libexif/ChangeLog index 18dfe6b9c6d3..adcb1ffe2d93 100644 --- a/media-libs/libexif/ChangeLog +++ b/media-libs/libexif/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for media-libs/libexif # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/ChangeLog,v 1.24 2005/02/24 16:10:48 j4rg0n Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/ChangeLog,v 1.25 2005/03/10 23:30:09 eradicator Exp $ + +*libexif-0.6.10-r1 (10 Mar 2005) + + 10 Mar 2005; Jeremy Huddleston + +files/libexif-0.5-CAN-2005-0664.patch, + +files/libexif-0.6-CAN-2005-0664.patch, +libexif-0.5.12-r2.ebuild, + +libexif-0.6.10-r1.ebuild, -libexif-0.6.10.ebuild: + Revision bumps for security bug #84076. Stable amd64, sparc, x86. 24 Feb 2005; Lina Pezzella libexif-0.5.12-r1.ebuild: Stable ppc-macos diff --git a/media-libs/libexif/Manifest b/media-libs/libexif/Manifest index 3ec91a7559a0..29894d4fa075 100644 --- a/media-libs/libexif/Manifest +++ b/media-libs/libexif/Manifest @@ -1,5 +1,10 @@ MD5 5992e1fdb2cb3473f529546a3172e10a ChangeLog 3386 MD5 7a7e0eb14d617dc5172910756fbf2c5a libexif-0.5.12-r1.ebuild 1041 -MD5 c8622fbf4a95eb874adc422608cd1c42 libexif-0.6.10.ebuild 1093 +MD5 04b63d248d51e4a8303c46fe88733d61 libexif-0.6.10-r1.ebuild 1185 +MD5 dcd011a23507ee7515ce882f04484717 libexif-0.5.12-r2.ebuild 1141 MD5 c6e7ee4006cd2b5bd7cb0367f816fc8a files/digest-libexif-0.5.12-r1 66 -MD5 5356148028342869b259b39e10195fd5 files/digest-libexif-0.6.10 66 +MD5 c6e7ee4006cd2b5bd7cb0367f816fc8a files/digest-libexif-0.5.12-r2 66 +MD5 656d5fb19cf1cdef7132ccb6fa72db2b files/libexif-0.6-CAN-2005-0664.patch 833 +MD5 a8085215f21d54708b3bfca3e1aeb612 files/libexif-0.5-CAN-2005-0664.patch 860 +MD5 d12bd469182751f2d3f1ea795b4bf90b files/digest-libexif-0.6.11 66 +MD5 5356148028342869b259b39e10195fd5 files/digest-libexif-0.6.10-r1 66 diff --git a/media-libs/libexif/files/digest-libexif-0.5.12-r2 b/media-libs/libexif/files/digest-libexif-0.5.12-r2 new file mode 100644 index 000000000000..83a5d8ba424e --- /dev/null +++ b/media-libs/libexif/files/digest-libexif-0.5.12-r2 @@ -0,0 +1 @@ +MD5 97e17fa05cb638eed5e8e59db431ed3a libexif-0.5.12.tar.gz 443724 diff --git a/media-libs/libexif/files/digest-libexif-0.6.10 b/media-libs/libexif/files/digest-libexif-0.6.10 deleted file mode 100644 index 434d4f40b19b..000000000000 --- a/media-libs/libexif/files/digest-libexif-0.6.10 +++ /dev/null @@ -1 +0,0 @@ -MD5 f8a7cf1f083628b78a07dca17cbc6b8b libexif-0.6.10.tar.gz 516861 diff --git a/media-libs/libexif/files/digest-libexif-0.6.10-r1 b/media-libs/libexif/files/digest-libexif-0.6.10-r1 new file mode 100644 index 000000000000..434d4f40b19b --- /dev/null +++ b/media-libs/libexif/files/digest-libexif-0.6.10-r1 @@ -0,0 +1 @@ +MD5 f8a7cf1f083628b78a07dca17cbc6b8b libexif-0.6.10.tar.gz 516861 diff --git a/media-libs/libexif/files/libexif-0.5-CAN-2005-0664.patch b/media-libs/libexif/files/libexif-0.5-CAN-2005-0664.patch new file mode 100644 index 000000000000..7621c49651c1 --- /dev/null +++ b/media-libs/libexif/files/libexif-0.5-CAN-2005-0664.patch @@ -0,0 +1,30 @@ +--- libexif-0.5.12/libexif/exif-data.c.buffer-overflow 2005-03-08 05:24:31.000000000 -0500 ++++ libexif-0.5.12/libexif/exif-data.c 2005-03-08 05:26:30.000000000 -0500 +@@ -551,7 +551,7 @@ + #endif + + /* Byte order (offset 6, length 2) */ +- if (size < 12) ++ if (size < 14) + return; + if (!memcmp (d + 6, "II", 2)) + data->priv->order = EXIF_BYTE_ORDER_INTEL; +@@ -570,12 +570,18 @@ + printf ("IFD 0 at %i.\n", (int) offset); + #endif + ++ if (size < 6 + 4 + offset) ++ return; ++ + /* Parse the actual exif data (offset 14) */ + exif_data_load_data_content (data, data->ifd[EXIF_IFD_0], d + 6, + size - 6, offset); + + /* IFD 1 offset */ + n = exif_get_short (d + 6 + offset, data->priv->order); ++ if (size < 6 + offset + 2 + 12 * n + 4) ++ return; ++ + offset = exif_get_long (d + 6 + offset + 2 + 12 * n, data->priv->order); + if (offset) { + #ifdef DEBUG diff --git a/media-libs/libexif/files/libexif-0.6-CAN-2005-0664.patch b/media-libs/libexif/files/libexif-0.6-CAN-2005-0664.patch new file mode 100644 index 000000000000..0a1e73fa51a9 --- /dev/null +++ b/media-libs/libexif/files/libexif-0.6-CAN-2005-0664.patch @@ -0,0 +1,30 @@ +--- libexif-0.6.9/libexif/exif-data.c~ 2005-03-03 22:54:52.333049248 +0100 ++++ libexif-0.6.9/libexif/exif-data.c 2005-03-03 22:50:57.117807400 +0100 +@@ -640,7 +640,7 @@ + #endif + + /* Byte order (offset 6, length 2) */ +- if (ds < 12) ++ if (ds < 14) + return; + if (!memcmp (d + 6, "II", 2)) + data->priv->order = EXIF_BYTE_ORDER_INTEL; +@@ -659,12 +659,18 @@ + printf ("IFD 0 at %i.\n", (int) offset); + #endif + ++ if (ds < 6 + 4 + offset) ++ return; ++ + /* Parse the actual exif data (offset 14) */ + exif_data_load_data_content (data, data->ifd[EXIF_IFD_0], d + 6, + ds - 6, offset); + + /* IFD 1 offset */ + n = exif_get_short (d + 6 + offset, data->priv->order); ++ if (ds < 6 + offset + 2 + 12 * n + 4) ++ return; ++ + offset = exif_get_long (d + 6 + offset + 2 + 12 * n, data->priv->order); + if (offset) { + #ifdef DEBUG diff --git a/media-libs/libexif/libexif-0.5.12-r2.ebuild b/media-libs/libexif/libexif-0.5.12-r2.ebuild new file mode 100644 index 000000000000..4ef762e4738f --- /dev/null +++ b/media-libs/libexif/libexif-0.5.12-r2.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/libexif-0.5.12-r2.ebuild,v 1.1 2005/03/10 23:30:09 eradicator Exp $ + +inherit eutils + +DESCRIPTION="Library for parsing, editing, and saving EXIF data" +HOMEPAGE="http://libexif.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~ppc-macos sparc x86" +IUSE="nls" + +DEPEND="dev-util/pkgconfig" +RDEPEND="virtual/libc" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/libexif-0.5-CAN-2005-0664.patch +} + +src_compile() { + econf $(use_enable nls) || die + emake || die +} + +src_install() { + dodir /usr/$(get_libdir) + dodir /usr/include/libexif + dodir /usr/share/locale + dodir /usr/$(get_libdir)/pkgconfig + einstall || die + + dodoc ChangeLog README + + # installs a blank directory for whatever broken reason + use nls || rmdir ${D}/usr/share/locale +} + +pkg_postinst() { + einfo + einfo "if you've upgraded from ${PN}-0.5.8 you'll" + einfo "have to run revdep-rebuild from gentoolkit" + einfo +} diff --git a/media-libs/libexif/libexif-0.6.10-r1.ebuild b/media-libs/libexif/libexif-0.6.10-r1.ebuild new file mode 100644 index 000000000000..b521ac5e6b56 --- /dev/null +++ b/media-libs/libexif/libexif-0.6.10-r1.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/libexif-0.6.10-r1.ebuild,v 1.1 2005/03/10 23:30:09 eradicator Exp $ + +inherit eutils + +DESCRIPTION="Library for parsing, editing, and saving EXIF data" +HOMEPAGE="http://libexif.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~ppc-macos" +IUSE="nls" + +DEPEND="dev-util/pkgconfig" +RDEPEND="virtual/libc" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/libexif-0.6-CAN-2005-0664.patch +} + +src_compile() { + econf $(use_enable nls) || die + emake || die +} + +src_install() { + dodir /usr/$(get_libdir) + dodir /usr/include/libexif + use nls && dodir /usr/share/locale + dodir /usr/$(get_libdir)/pkgconfig + + make DESTDIR="${D}" install || die + + dodoc ChangeLog README + + # installs a blank directory for whatever broken reason + use nls || rm -rf ${D}/usr/share/locale + + # Keep around old lib + preserve_old_lib /usr/$(get_libdir)/libexif.so.9 +} + +pkg_postinst() { + preserve_old_lib_notify /usr/$(get_libdir)/libexif.so.9 +} diff --git a/media-libs/libexif/libexif-0.6.10.ebuild b/media-libs/libexif/libexif-0.6.10.ebuild deleted file mode 100644 index 1e7f5033db5f..000000000000 --- a/media-libs/libexif/libexif-0.6.10.ebuild +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/libexif-0.6.10.ebuild,v 1.6 2005/02/24 16:10:48 j4rg0n Exp $ - -inherit eutils - -DESCRIPTION="Library for parsing, editing, and saving EXIF data" -HOMEPAGE="http://libexif.sourceforge.net/" -SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" - -LICENSE="LGPL-2.1" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~ppc-macos" -IUSE="nls" - -DEPEND="dev-util/pkgconfig" -RDEPEND="virtual/libc" - -src_compile() { - econf $(use_enable nls) || die - emake || die -} - -src_install() { - dodir /usr/$(get_libdir) - dodir /usr/include/libexif - use nls && dodir /usr/share/locale - dodir /usr/$(get_libdir)/pkgconfig - - make DESTDIR="${D}" install || die - - dodoc ChangeLog README - - # installs a blank directory for whatever broken reason - use nls || rm -rf ${D}/usr/share/locale - - # Keep around old lib - preserve_old_lib /usr/$(get_libdir)/libexif.so.9 -} - -pkg_postinst() { - preserve_old_lib_notify /usr/$(get_libdir)/libexif.so.9 -} -- cgit v1.2.3-65-gdbad