summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Huddleston <eradicator@gentoo.org>2005-05-10 06:07:47 +0000
committerJeremy Huddleston <eradicator@gentoo.org>2005-05-10 06:07:47 +0000
commitb9ad2e6576635b9d1c4fbd257366b853488ade7d (patch)
treeb063f1da04121fa2eb0f6b79baf7ea2368088d5f /media-libs/libexif
parentversion bump to 1.0.3 (currently masked until testing is done); stablize 0.9.... (diff)
downloadhistorical-b9ad2e6576635b9d1c4fbd257366b853488ade7d.tar.gz
historical-b9ad2e6576635b9d1c4fbd257366b853488ade7d.tar.bz2
historical-b9ad2e6576635b9d1c4fbd257366b853488ade7d.zip
Revbump to fix security bug #92035. Stable on amd64, sparc, and x86.
Package-Manager: portage-2.0.51.21-r1
Diffstat (limited to 'media-libs/libexif')
-rw-r--r--media-libs/libexif/ChangeLog11
-rw-r--r--media-libs/libexif/Manifest20
-rw-r--r--media-libs/libexif/files/digest-libexif-0.5.12-r31
-rw-r--r--media-libs/libexif/files/digest-libexif-0.6.12-r4 (renamed from media-libs/libexif/files/digest-libexif-0.6.12-r3)0
-rw-r--r--media-libs/libexif/files/libexif-0.5.12-recurse.patch67
-rw-r--r--media-libs/libexif/files/libexif-0.6.12-recurse.patch70
-rw-r--r--media-libs/libexif/libexif-0.5.12-r3.ebuild49
-rw-r--r--media-libs/libexif/libexif-0.6.12-r4.ebuild (renamed from media-libs/libexif/libexif-0.6.12-r3.ebuild)3
8 files changed, 211 insertions, 10 deletions
diff --git a/media-libs/libexif/ChangeLog b/media-libs/libexif/ChangeLog
index 9763dde004b5..51fe628511ae 100644
--- a/media-libs/libexif/ChangeLog
+++ b/media-libs/libexif/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for media-libs/libexif
# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/ChangeLog,v 1.35 2005/04/25 00:28:33 azarah Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/ChangeLog,v 1.36 2005/05/10 06:07:47 eradicator Exp $
+
+*libexif-0.6.12-r4 (09 May 2005)
+*libexif-0.5.12-r3 (09 May 2005)
+
+ 09 May 2005; Jeremy Huddleston <eradicator@gentoo.org>
+ +files/libexif-0.5.12-recurse.patch, +files/libexif-0.6.12-recurse.patch,
+ +libexif-0.5.12-r3.ebuild, -libexif-0.6.12-r3.ebuild,
+ +libexif-0.6.12-r4.ebuild:
+ Revbump to fix security bug #92035. Stable on amd64, sparc, and x86.
25 Apr 2005; Martin Schlemmer <azarah@gentoo.org>
+files/libexif-0.6.12-gcc4.patch, libexif-0.6.12-r3.ebuild:
diff --git a/media-libs/libexif/Manifest b/media-libs/libexif/Manifest
index a198a23b6445..7a7a0ef217c4 100644
--- a/media-libs/libexif/Manifest
+++ b/media-libs/libexif/Manifest
@@ -1,20 +1,24 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
-MD5 d5325497b3555e5f782c1d1e3da80410 ChangeLog 5061
-MD5 fb3163ca6913859e23532a5e09cbaf5e libexif-0.6.12-r3.ebuild 1614
+MD5 31629078ccb7486aac1370d73e6877bf ChangeLog 5423
MD5 c1e212329f9083e2405b16dd382d6632 metadata.xml 259
+MD5 aac3c2bfbdb39186a70cd9020d4f2ff9 libexif-0.5.12-r3.ebuild 1183
+MD5 ccd9b2944309227555276d05988870fc libexif-0.6.12-r4.ebuild 1665
MD5 a75e1a14e52213457be999a46c9392ed libexif-0.5.12-r2.ebuild 1125
-MD5 0847d4ce556a73514f3fbbf303707e07 files/digest-libexif-0.6.12-r3 66
+MD5 c6e7ee4006cd2b5bd7cb0367f816fc8a files/digest-libexif-0.5.12-r3 66
MD5 c6e7ee4006cd2b5bd7cb0367f816fc8a files/digest-libexif-0.5.12-r2 66
-MD5 a8085215f21d54708b3bfca3e1aeb612 files/libexif-0.5-CAN-2005-0664.patch 860
MD5 656d5fb19cf1cdef7132ccb6fa72db2b files/libexif-0.6-CAN-2005-0664.patch 833
-MD5 a218f0d3896c793cf66fc505f743ef3b files/libexif-0.6.12-86740.patch 627
+MD5 a8085215f21d54708b3bfca3e1aeb612 files/libexif-0.5-CAN-2005-0664.patch 860
MD5 1cf86cdf4e82ee2c2b92a57348d30ae1 files/libexif-0.6.12-gcc4.patch 391
+MD5 8bf2206b6b7c7c447b7bc296288fc815 files/libexif-0.6.12-recurse.patch 2333
+MD5 a218f0d3896c793cf66fc505f743ef3b files/libexif-0.6.12-86740.patch 627
+MD5 0847d4ce556a73514f3fbbf303707e07 files/digest-libexif-0.6.12-r4 66
+MD5 62b4010332297c9c79f534f541343c1e files/libexif-0.5.12-recurse.patch 2335
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
-iD8DBQFCbDqz1ZcsMnZjRyIRAtwFAJ9ljAarYQumCt870cguICVqWNk4awCgpCri
-YYg9e03WSOr6jGfmwBgnQAc=
-=hUPH
+iD8DBQFCgE/FArHZZzCEUG0RAt0hAJ9PQ20535Go+ED3RS9SqshtwlzVlACfV3se
+pIgg9KlJJ1QQnDn2EwJRTYY=
+=F0cU
-----END PGP SIGNATURE-----
diff --git a/media-libs/libexif/files/digest-libexif-0.5.12-r3 b/media-libs/libexif/files/digest-libexif-0.5.12-r3
new file mode 100644
index 000000000000..83a5d8ba424e
--- /dev/null
+++ b/media-libs/libexif/files/digest-libexif-0.5.12-r3
@@ -0,0 +1 @@
+MD5 97e17fa05cb638eed5e8e59db431ed3a libexif-0.5.12.tar.gz 443724
diff --git a/media-libs/libexif/files/digest-libexif-0.6.12-r3 b/media-libs/libexif/files/digest-libexif-0.6.12-r4
index 09504fee0be0..09504fee0be0 100644
--- a/media-libs/libexif/files/digest-libexif-0.6.12-r3
+++ b/media-libs/libexif/files/digest-libexif-0.6.12-r4
diff --git a/media-libs/libexif/files/libexif-0.5.12-recurse.patch b/media-libs/libexif/files/libexif-0.5.12-recurse.patch
new file mode 100644
index 000000000000..a877c7f22ac2
--- /dev/null
+++ b/media-libs/libexif/files/libexif-0.5.12-recurse.patch
@@ -0,0 +1,67 @@
+diff -Naurp libexif-0.5.12.orig/libexif/exif-data.c libexif-0.5.12/libexif/exif-data.c
+--- libexif-0.5.12.orig/libexif/exif-data.c 2005-05-09 13:40:51.000000000 -0700
++++ libexif-0.5.12/libexif/exif-data.c 2005-05-09 13:43:26.000000000 -0700
+@@ -172,9 +172,10 @@ exif_data_load_data_thumbnail (ExifData
+ }
+
+ static void
+-exif_data_load_data_content (ExifData *data, ExifContent *ifd,
+- const unsigned char *d,
+- unsigned int ds, unsigned int offset)
++exif_data_load_data_content_recurse (ExifData *data, ExifContent *ifd,
++ const unsigned char *d,
++ unsigned int ds, unsigned int offset,
++ unsigned int level)
+ {
+ ExifLong o, thumbnail_offset = 0, thumbnail_length = 0;
+ ExifShort n;
+@@ -182,6 +183,11 @@ exif_data_load_data_content (ExifData *d
+ unsigned int i;
+ ExifTag tag;
+
++ if (level > 150)
++ {
++ return 0;
++ }
++
+ /* Read the number of entries */
+ n = exif_get_short (d + offset, data->priv->order);
+ #ifdef DEBUG
+@@ -205,16 +213,16 @@ exif_data_load_data_content (ExifData *d
+ data->priv->order);
+ switch (tag) {
+ case EXIF_TAG_EXIF_IFD_POINTER:
+- exif_data_load_data_content (data,
+- data->ifd[EXIF_IFD_EXIF], d, ds, o);
++ exif_data_load_data_content_recurse (data,
++ data->ifd[EXIF_IFD_EXIF], d, ds, o, level + 1);
+ break;
+ case EXIF_TAG_GPS_INFO_IFD_POINTER:
+- exif_data_load_data_content (data,
+- data->ifd[EXIF_IFD_GPS], d, ds, o);
++ exif_data_load_data_content_recurse (data,
++ data->ifd[EXIF_IFD_GPS], d, ds, o, level + 1);
+ break;
+ case EXIF_TAG_INTEROPERABILITY_IFD_POINTER:
+- exif_data_load_data_content (data,
+- data->ifd[EXIF_IFD_INTEROPERABILITY], d, ds, o);
++ exif_data_load_data_content_recurse (data,
++ data->ifd[EXIF_IFD_INTEROPERABILITY], d, ds, o, level + 1);
+ break;
+ case EXIF_TAG_JPEG_INTERCHANGE_FORMAT:
+ #ifdef DEBUG
+@@ -252,6 +260,14 @@ exif_data_load_data_content (ExifData *d
+ }
+
+ static void
++exif_data_load_data_content (ExifData *data, ExifContent *ifd,
++ const unsigned char *d,
++ unsigned int ds, unsigned int offset)
++{
++ exif_data_load_data_content_recurse (data, ifd, d, ds, offset, 0);
++}
++
++static void
+ exif_data_save_data_content (ExifData *data, ExifContent *ifd,
+ unsigned char **d, unsigned int *ds,
+ unsigned int offset)
diff --git a/media-libs/libexif/files/libexif-0.6.12-recurse.patch b/media-libs/libexif/files/libexif-0.6.12-recurse.patch
new file mode 100644
index 000000000000..acd1caecb50f
--- /dev/null
+++ b/media-libs/libexif/files/libexif-0.6.12-recurse.patch
@@ -0,0 +1,70 @@
+--- libexif-0.6.12/libexif/exif-data.c.recurse 2005-05-06 13:35:17.610294000 -0400
++++ libexif-0.6.12/libexif/exif-data.c 2005-05-06 13:37:35.112654000 -0400
+@@ -284,9 +284,10 @@
+ }
+
+ static void
+-exif_data_load_data_content (ExifData *data, ExifContent *ifd,
+- const unsigned char *d,
+- unsigned int ds, unsigned int offset)
++exif_data_load_data_content_recurse (ExifData *data, ExifContent *ifd,
++ const unsigned char *d,
++ unsigned int ds, unsigned int offset,
++ unsigned int level)
+ {
+ ExifLong o, thumbnail_offset = 0, thumbnail_length = 0;
+ ExifShort n;
+@@ -296,6 +297,13 @@
+
+ if (!data || !data->priv) return;
+
++ if (level > 150)
++ {
++ exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData",
++ "Deep recursion in exif_data_load_data_content");
++ return 0;
++ }
++
+ /* Read the number of entries */
+ if (offset >= ds - 1) return;
+ n = exif_get_short (d + offset, data->priv->order);
+@@ -320,18 +328,18 @@
+ switch (tag) {
+ case EXIF_TAG_EXIF_IFD_POINTER:
+ CHECK_REC (EXIF_IFD_EXIF);
+- exif_data_load_data_content (data,
+- data->ifd[EXIF_IFD_EXIF], d, ds, o);
++ exif_data_load_data_content_recurse (data,
++ data->ifd[EXIF_IFD_EXIF], d, ds, o, level + 1);
+ break;
+ case EXIF_TAG_GPS_INFO_IFD_POINTER:
+ CHECK_REC (EXIF_IFD_GPS);
+- exif_data_load_data_content (data,
+- data->ifd[EXIF_IFD_GPS], d, ds, o);
++ exif_data_load_data_content_recurse (data,
++ data->ifd[EXIF_IFD_GPS], d, ds, o, level + 1);
+ break;
+ case EXIF_TAG_INTEROPERABILITY_IFD_POINTER:
+ CHECK_REC (EXIF_IFD_INTEROPERABILITY);
+- exif_data_load_data_content (data,
+- data->ifd[EXIF_IFD_INTEROPERABILITY], d, ds, o);
++ exif_data_load_data_content_recurse (data,
++ data->ifd[EXIF_IFD_INTEROPERABILITY], d, ds, o, level + 1);
+ break;
+ case EXIF_TAG_JPEG_INTERCHANGE_FORMAT:
+ thumbnail_offset = o;
+@@ -373,6 +381,14 @@
+ }
+
+ static void
++exif_data_load_data_content (ExifData *data, ExifContent *ifd,
++ const unsigned char *d,
++ unsigned int ds, unsigned int offset)
++{
++ exif_data_load_data_content_recurse (data, ifd, d, ds, offset, 0);
++}
++
++static void
+ exif_data_save_data_content (ExifData *data, ExifContent *ifd,
+ unsigned char **d, unsigned int *ds,
+ unsigned int offset)
diff --git a/media-libs/libexif/libexif-0.5.12-r3.ebuild b/media-libs/libexif/libexif-0.5.12-r3.ebuild
new file mode 100644
index 000000000000..c79d1a287b1c
--- /dev/null
+++ b/media-libs/libexif/libexif-0.5.12-r3.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/libexif-0.5.12-r3.ebuild,v 1.1 2005/05/10 06:07:47 eradicator Exp $
+
+inherit eutils
+
+DESCRIPTION="Library for parsing, editing, and saving EXIF data"
+HOMEPAGE="http://libexif.sourceforge.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~ppc-macos sparc x86"
+IUSE="nls"
+
+DEPEND="dev-util/pkgconfig"
+RDEPEND=""
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ epatch "${FILESDIR}"/libexif-0.5-CAN-2005-0664.patch
+ epatch ${FILESDIR}/${PN}-0.5.12-recurse.patch
+}
+
+src_compile() {
+ econf $(use_enable nls) || die
+ emake || die
+}
+
+src_install() {
+ dodir /usr/$(get_libdir)
+ dodir /usr/include/libexif
+ dodir /usr/share/locale
+ dodir /usr/$(get_libdir)/pkgconfig
+ einstall || die
+
+ dodoc ChangeLog README
+
+ # installs a blank directory for whatever broken reason
+ use nls || rmdir ${D}/usr/share/locale
+}
+
+pkg_postinst() {
+ einfo
+ einfo "if you've upgraded from ${PN}-0.5.8 you'll"
+ einfo "have to run revdep-rebuild from gentoolkit"
+ einfo
+}
diff --git a/media-libs/libexif/libexif-0.6.12-r3.ebuild b/media-libs/libexif/libexif-0.6.12-r4.ebuild
index 5d8471987a45..8b5901b5b075 100644
--- a/media-libs/libexif/libexif-0.6.12-r3.ebuild
+++ b/media-libs/libexif/libexif-0.6.12-r4.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/libexif-0.6.12-r3.ebuild,v 1.2 2005/04/25 00:28:33 azarah Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/libexif-0.6.12-r4.ebuild,v 1.1 2005/05/10 06:07:47 eradicator Exp $
inherit eutils
@@ -21,6 +21,7 @@ src_unpack() {
cd ${S}
epatch ${FILESDIR}/${P}-86740.patch
+ epatch ${FILESDIR}/${PN}-0.6.12-recurse.patch
# The libexif hackers made a goof on the soname versioning. It will
# be fixed in 0.6.13 at which point LIBEXIF_AGE should be removed here.