summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSebastien Fabbro <bicatali@gentoo.org>2008-02-14 23:32:17 +0000
committerSebastien Fabbro <bicatali@gentoo.org>2008-02-14 23:32:17 +0000
commit53495a60d69539bca863a725fdb0ed6d8f12fa99 (patch)
treee304b49147f7f72d7b86fc981869ecfdd3567e8b /sci-astronomy
parentfix RDEPEND (diff)
downloadhistorical-53495a60d69539bca863a725fdb0ed6d8f12fa99.tar.gz
historical-53495a60d69539bca863a725fdb0ed6d8f12fa99.tar.bz2
historical-53495a60d69539bca863a725fdb0ed6d8f12fa99.zip
Fixed security bug in internal copy to tk (bug #208464), removed older affected version.
Package-Manager: portage-2.1.4.3
Diffstat (limited to 'sci-astronomy')
-rw-r--r--sci-astronomy/ds9/ChangeLog8
-rw-r--r--sci-astronomy/ds9/Manifest18
-rw-r--r--sci-astronomy/ds9/ds9-5.0.ebuild61
-rw-r--r--sci-astronomy/ds9/ds9-5.1.ebuild4
-rw-r--r--sci-astronomy/ds9/files/ds9-5.0-Makefile.patch67
-rw-r--r--sci-astronomy/ds9/files/ds9-5.1-tk-gif.patch15
6 files changed, 38 insertions, 135 deletions
diff --git a/sci-astronomy/ds9/ChangeLog b/sci-astronomy/ds9/ChangeLog
index 1fb010bff287..7e702d4cd8f7 100644
--- a/sci-astronomy/ds9/ChangeLog
+++ b/sci-astronomy/ds9/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sci-astronomy/ds9
# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sci-astronomy/ds9/ChangeLog,v 1.7 2008/01/23 14:29:16 markusle Exp $
+# $Header: /var/cvsroot/gentoo-x86/sci-astronomy/ds9/ChangeLog,v 1.8 2008/02/14 23:32:16 bicatali Exp $
+
+ 14 Feb 2008; SĂ©bastien Fabbro <bicatali@gentoo.org>
+ -files/ds9-5.0-Makefile.patch, +files/ds9-5.1-tk-gif.patch,
+ -ds9-5.0.ebuild, ds9-5.1.ebuild:
+ Fixed security bug in internal copy to tk (bug #208464), removed older
+ affected version.
23 Jan 2008; Markus Dittrich <markusle@gentoo.org>
+files/ds9-5.1-gcc4.2-x86.patch, ds9-5.1.ebuild:
diff --git a/sci-astronomy/ds9/Manifest b/sci-astronomy/ds9/Manifest
index 69a7bca4462f..17f2747a5b92 100644
--- a/sci-astronomy/ds9/Manifest
+++ b/sci-astronomy/ds9/Manifest
@@ -1,9 +1,17 @@
-AUX ds9-5.0-Makefile.patch 2645 RMD160 a897f388190650ab2d747de899f5810020df205e SHA1 7fde157a68eca4db07da0138042b57a1cd474c0f SHA256 9c5c1d937661815fcfb675793c4b25cd8baf92c6139ad4aa06823de98462299b
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
AUX ds9-5.1-Makefile.patch 1154 RMD160 1fa279839fecd4cc56a8445d34036ade9ad92406 SHA1 84dcb1a7d6e3fe1583d8ff9cf25a81091364cc9a SHA256 632d64d27f14e73c9ccb0e16874f652d556edbff0be34e38f53ec5cbd1f1b59b
AUX ds9-5.1-gcc4.2-x86.patch 1022 RMD160 40c9c5da3fefae0a67af6750965df797dd2f4a7b SHA1 26a7c740fceb19f5277d2528f0ab4d3e45a46507 SHA256 30a2cabeb66fc2dccc081c04d4895ceab6d62e321f317d1e8c779b6128b41da3
-DIST ds9.5.0.tar.gz 25770808 RMD160 3b54637f14766c6f315a43efbf4531901f5b9c01 SHA1 d2abb42fea2f6de75c26810b4c5fd1c6d71f397b SHA256 03e468bac3749d334c9f03c918f36e28c9eb40d3a5d54e8fecf344ba2c95090b
+AUX ds9-5.1-tk-gif.patch 460 RMD160 bc670457e0424041d4fe4022f569cd78457c9b7b SHA1 aa90e00e34c026bf8776f973644cfebc09abaa32 SHA256 f46964aea235b2da8ae294a151668ede2dab46e83a0fbe1549de19b3305a477b
DIST ds9.5.1.tar.gz 27331599 RMD160 46d915ff098f13911858320d33f5cda6c8ee0ea1 SHA1 7c2bb56e0a8a222b0d13d1d255aaa98fd2979d45 SHA256 aea981ea5714ca4dd9125aacebf2676a85e7045da7d1f97492fbe0e84a22aaf8
-EBUILD ds9-5.0.ebuild 1680 RMD160 4b19d581336b58ebfd8715b88754a7c2f180ab07 SHA1 20e498894640c9e98906c9a60a1811b1f50db0b4 SHA256 bec70668fa24fe287e91260abe1fad71109cc57a923071628f5790bd00299bf3
-EBUILD ds9-5.1.ebuild 1807 RMD160 689c7597160fa29c1626b9950f69c9c7feb78991 SHA1 552402edde2a12b656e130e135d634e0439286f8 SHA256 fad987f6dcc7f6d0da6c06b84e6be76a6ed806646e2875c4789e289f6e89ce21
-MISC ChangeLog 1411 RMD160 7c3608613644772fb15dc0c8eb7a5f6c03016252 SHA1 a1d3a841f53d13dacc7a3765c7b1aef9ec77665c SHA256 c84c018816994b32c187cf31f6627600b42c7ed000756b23aaa716eceef47507
+EBUILD ds9-5.1.ebuild 1892 RMD160 0355134a5068389520db476197d33d933a7e8239 SHA1 60b26390c40951249b2bf8d5a243ee0fb0e1a4a5 SHA256 9aff7491adf42d847f3efedd87592e427379b43021864f6f606970fde70c2446
+MISC ChangeLog 1657 RMD160 ecfd057f3174024f06db8706840fc5ae23ca9ab7 SHA1 6f52eb8d9b23a80396b0dcf484d17119614cd15d SHA256 fa625a3897172473631f3ab7031df5dbd60ca2be2644a8dbfb0e133fff7ce965
MISC metadata.xml 1072 RMD160 3c839d72950b8eb3ab84920e86017f97f3b14799 SHA1 1cefcee915ef90f64beb486d298972981ea3891e SHA256 42893aa6c35591819017a8708062c88df98d27ab0466ec07d7603b46d6e3719e
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.7 (GNU/Linux)
+
+iD8DBQFHtM+K1ycZbhPLE2ARAvp8AJ9EgGbEJrYyKTdC9vmAMggIGsZ/lACcDUMH
+FpNJ8NXmtZ6MKzfVHoVG79E=
+=b3QY
+-----END PGP SIGNATURE-----
diff --git a/sci-astronomy/ds9/ds9-5.0.ebuild b/sci-astronomy/ds9/ds9-5.0.ebuild
deleted file mode 100644
index 1ca11d42cea0..000000000000
--- a/sci-astronomy/ds9/ds9-5.0.ebuild
+++ /dev/null
@@ -1,61 +0,0 @@
-# Copyright 1999-2007 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sci-astronomy/ds9/ds9-5.0.ebuild,v 1.1 2007/11/02 12:43:54 bicatali Exp $
-
-inherit flag-o-matic eutils toolchain-funcs
-
-DESCRIPTION="Data visualization application for astronomical FITS images"
-HOMEPAGE="http://hea-www.harvard.edu/RD/ds9"
-SRC_URI="http://hea-www.harvard.edu/saord/download/${PN}/source/${PN}.${PV}.tar.gz"
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="doc"
-RDEPEND="x11-libs/libX11
- x11-libs/libXdmcp
- x11-libs/libXau"
-DEPEND="${RDEPEND}
- || ( virtual/emacs virtual/xemacs )
- app-arch/zip"
-
-RESTRICT="strip test mirror"
-
-S="${WORKDIR}/sao${PN}"
-
-src_unpack() {
- unpack ${A}
- cd "${S}"
- # patch to speed up compilation (no man pages generation)
- epatch "${FILESDIR}"/${P}-Makefile.patch
-}
-
-src_compile() {
- local ds9arch
- case ${ARCH} in
- x86) ds9arch=linux ;;
- amd64) ds9arch=linux64 ;;
- ppc) ds9arch=linuxppc ;;
- x86-fbsd) ds9arch=freebsd ;;
- *) die "ds9 not supported upstream for this architecture";;
- esac
- ln -s make.${ds9arch} make.include
-
- # This is a long and fragile compilation
- # which recompiles tcl/tk, tkimg, blt, funtools,
- # and a lot of other packages
- emake -j1 \
- CC="$(tc-getCC)" \
- CXX="$(tc-getCXX)" \
- OPTS="${CXXFLAGS}" \
- || die "emake failed"
-}
-
-src_install () {
- dobin bin/ds9 || die "failed installing ds9 binary"
- dobin bin/xpa* || die "failed installing xpa* binaries"
- doman man/man?/xpa* || die " failed installing man pages"
- dodoc README acknowledgement || die "failed installing basic doc"
- if use doc; then
- dohtml -r doc/* || die "failed installing html doc"
- fi
-}
diff --git a/sci-astronomy/ds9/ds9-5.1.ebuild b/sci-astronomy/ds9/ds9-5.1.ebuild
index 581ea348f3a0..a6e72148ece7 100644
--- a/sci-astronomy/ds9/ds9-5.1.ebuild
+++ b/sci-astronomy/ds9/ds9-5.1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2008 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sci-astronomy/ds9/ds9-5.1.ebuild,v 1.2 2008/01/23 14:29:16 markusle Exp $
+# $Header: /var/cvsroot/gentoo-x86/sci-astronomy/ds9/ds9-5.1.ebuild,v 1.3 2008/02/14 23:32:16 bicatali Exp $
inherit flag-o-matic eutils toolchain-funcs
@@ -32,6 +32,8 @@ src_unpack() {
if [[ "${ARCH}" == "x86" ]]; then
epatch "${FILESDIR}"/${P}-gcc4.2-x86.patch
fi
+ # security fix in embedded tk (bug #208464)
+ epatch "${FILESDIR}"/${P}-tk-gif.patch
}
src_compile() {
diff --git a/sci-astronomy/ds9/files/ds9-5.0-Makefile.patch b/sci-astronomy/ds9/files/ds9-5.0-Makefile.patch
deleted file mode 100644
index efb2c9b608e7..000000000000
--- a/sci-astronomy/ds9/files/ds9-5.0-Makefile.patch
+++ /dev/null
@@ -1,67 +0,0 @@
---- Makefile.orig 2007-11-02 09:31:55.857541252 +0000
-+++ Makefile 2007-11-02 09:41:55.131691940 +0000
-@@ -394,39 +394,39 @@
- tclsh : FORCE
- @echo "Installing Tcl shared..."
- cd $(TCLDIRDIR); CC='$(CC)' CFLAGS='$(OPTS) $(TCLOPTS)' LDFLAGS='$(LIBS)' ./configure $(TCLFLAGS) --enable-shared
-- cd $(TCLDIRDIR); $(MAKE) install
-+ cd $(TCLDIRDIR); $(MAKE) install-binaries install-libraries
-
- tcl : FORCE
- @echo "Installing Tcl noshared..."
- cd $(TCLDIRDIR); CC='$(CC)' CFLAGS='$(OPTS) $(TCLOPTS)' LDFLAGS='$(LIBS)' ./configure $(TCLFLAGS) --disable-shared
-- cd $(TCLDIRDIR); $(MAKE) install
-+ cd $(TCLDIRDIR); $(MAKE) install-binaries install-libraries
-
- tksh : FORCE
- @echo "Installing Tk shared..."
- cd $(TKDIRDIR); CC='$(CC)' CFLAGS='$(OPTS) $(TCLOPTS)' LDFLAGS='$(LIBS)' ./configure $(TCLFLAGS) --enable-shared
-- cd $(TKDIRDIR); $(MAKE) install
-+ cd $(TKDIRDIR); $(MAKE) install-binaries install-libraries
- $(RM) -r lib/$(TKVER)/demos
-
- tk : FORCE
- @echo "Installing Tk noshared..."
- cd $(TKDIRDIR); CC='$(CC)' CFLAGS='$(OPTS) $(TCLOPTS)' LDFLAGS='$(LIBS)' ./configure $(TCLFLAGS) --disable-shared
-- cd $(TKDIRDIR); $(MAKE) install
-+ cd $(TKDIRDIR); $(MAKE) install-binaries install-libraries
- $(RM) -r lib/$(TKVER)/demos
-
- tktablesh : FORCE
- @echo "Installing TkTable..."
- cd $(TKTABLEDIR); CC='$(CC)' CFLAGS='$(OPTS)' LDFLAGS='$(LIBS)' ./configure $(TKTABLEFLAGS) --enable-shared
-- cd $(TKTABLEDIR); $(MAKE); $(MAKE) install
-+ cd $(TKTABLEDIR); $(MAKE); $(MAKE) install-binaries install-libraries
-
- tktable : FORCE
- @echo "Installing TkTable..."
- cd $(TKTABLEDIR); CC='$(CC)' CFLAGS='$(OPTS)' LDFLAGS='$(LIBS)' ./configure $(TKTABLEFLAGS) --disable-shared
-- cd $(TKTABLEDIR); $(MAKE); $(MAKE) install
-+ cd $(TKTABLEDIR); $(MAKE); $(MAKE) install-binaries install-libraries
-
- tcllib : FORCE
- @echo "Installing TCLLIB..."
- cd $(TCLLIBDIR); ./configure $(TCLLIBFLAGS)
-- cd $(TCLLIBDIR); $(MAKE) install
-+ cd $(TCLLIBDIR); $(MAKE) install-libraries
-
- tkindex : FORCE
- @echo "Installing Tk mkIndex..."
-@@ -449,7 +449,7 @@
- zlibsh : FORCE
- @echo "Installing zlib..."
- cd $(ZLIBDIR); CC='$(CC)' CFLAGS='$(OPTS)' LDFLAGS='$(LIBS)' ./configure $(ZLIBFLAGS) --shared
-- cd $(ZLIBDIR); $(MAKE) install
-+ cd $(ZLIBDIR); $(MAKE) install-binaries install-libraries
-
- tkimg : FORCE
- @echo "Installing TKIMG noshared..."
-@@ -459,7 +459,7 @@
- tkimgsh : FORCE
- @echo "Installing TKIMG shared..."
- cd $(TKIMGDIR); CC='$(CC)' CFLAGS='$(OPTS)' LDFLAGS='$(LIBS)' ./configure $(TKIMGFLAGS)
-- cd $(TKIMGDIR); $(MAKE) install
-+ cd $(TKIMGDIR); $(MAKE) install-binaries install-libraries
-
- tkmpeg : FORCE
- @echo "Installing TKMPEG..."
diff --git a/sci-astronomy/ds9/files/ds9-5.1-tk-gif.patch b/sci-astronomy/ds9/files/ds9-5.1-tk-gif.patch
new file mode 100644
index 000000000000..4649a561594b
--- /dev/null
+++ b/sci-astronomy/ds9/files/ds9-5.1-tk-gif.patch
@@ -0,0 +1,15 @@
+--- tk8.4.17/generic/tkImgGIF.c.orig 2008-02-14 23:20:53.683962654 +0000
++++ tk8.4.17/generic/tkImgGIF.c 2008-02-14 23:21:42.762759495 +0000
+@@ -826,6 +826,12 @@
+ Tcl_PosixError(interp), (char *) NULL);
+ return TCL_ERROR;
+ }
++
++ if (initialCodeSize > MAX_LWZ_BITS) {
++ Tcl_SetResult(interp, "malformed image", TCL_STATIC);
++ return TCL_ERROR;
++ }
++
+ if (transparent != -1) {
+ cmap[transparent][CM_RED] = 0;
+ cmap[transparent][CM_GREEN] = 0;