1 files changed, 46 insertions, 0 deletions

diff --git a/media-libs/t1lib/files/t1lib-5.1.2-CVE-2010-2642_2011-0433_2011-5244.patch b/media-libs/t1lib/files/t1lib-5.1.2-CVE-2010-2642_2011-0433_2011-5244.patch
new file mode 100644
index 000000000000..9d3168c0bfbe
--- /dev/null
+++ b/media-libs/t1lib/files/t1lib-5.1.2-CVE-2010-2642_2011-0433_2011-5244.patch
@@ -0,0 +1,46 @@
+CVE-2010-2642, CVE-2011-0433 and CVE-2011-5244
+
+CVE-2010-2642:
+==============
+Upstream-Bug: https://bugzilla.gnome.org/show_bug.cgi?id=643882
+Upstream-Fix: https://git.gnome.org/browse/evince/commit/?id=efadec4ffcdde3373f6f4ca0eaac98dc963c4fd5
+
+
+CVE-2011-0433:
+==============
+Upstream-Bug: https://bugzilla.gnome.org/show_bug.cgi?id=640923
+Upstream-Fix: https://git.gnome.org/browse/evince/commit/?id=439c5070022eab6cef7266aab47f978058012c72
+
+
+CVE-2011-5244:
+==============
+Upstream-Bug: https://bugzilla.gnome.org/show_bug.cgi?id=643882
+Upstream-Fix: https://git.gnome.org/browse/evince/commit/?id=efadec4ffcdde3373f6f4ca0eaac98dc963c4fd5
+
+
+Origin: https://bugs.debian.org/652996
+
+diff --git a/lib/t1lib/parseAFM.c b/lib/t1lib/parseAFM.c
+index 6a31d7f..ba64541 100644
+--- a/lib/t1lib/parseAFM.c
++++ b/lib/t1lib/parseAFM.c
+@@ -199,7 +199,9 @@ static char *token(stream)
+     idx = 0;
+     
+     while (ch != EOF && ch != ' ' && ch != CR  && ch != LF &&
+-	   ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'){
++	   ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'
++     && idx < (MAX_NAME -1))
++    {
+       ident[idx++] = ch;
+       ch = fgetc(stream);
+     } /* while */
+@@ -235,7 +237,7 @@ static char *linetoken(stream)
+     while ((ch = fgetc(stream)) == ' ' || ch == '\t' ); 
+     
+     idx = 0;
+-    while (ch != EOF && ch != CR  && ch != LF && ch != CTRL_Z) 
++    while (ch != EOF && ch != CR  && ch != LF && ch != CTRL_Z && idx < (MAX_NAME - 1)) 
+     {
+         ident[idx++] = ch;
+         ch = fgetc(stream);