diff options
author | Jeremy Huddleston <eradicator@gentoo.org> | 2005-05-10 06:07:47 +0000 |
---|---|---|
committer | Jeremy Huddleston <eradicator@gentoo.org> | 2005-05-10 06:07:47 +0000 |
commit | b9ad2e6576635b9d1c4fbd257366b853488ade7d (patch) | |
tree | b063f1da04121fa2eb0f6b79baf7ea2368088d5f /media-libs/libexif | |
parent | version bump to 1.0.3 (currently masked until testing is done); stablize 0.9.... (diff) | |
download | historical-b9ad2e6576635b9d1c4fbd257366b853488ade7d.tar.gz historical-b9ad2e6576635b9d1c4fbd257366b853488ade7d.tar.bz2 historical-b9ad2e6576635b9d1c4fbd257366b853488ade7d.zip |
Revbump to fix security bug #92035. Stable on amd64, sparc, and x86.
Package-Manager: portage-2.0.51.21-r1
Diffstat (limited to 'media-libs/libexif')
-rw-r--r-- | media-libs/libexif/ChangeLog | 11 | ||||
-rw-r--r-- | media-libs/libexif/Manifest | 20 | ||||
-rw-r--r-- | media-libs/libexif/files/digest-libexif-0.5.12-r3 | 1 | ||||
-rw-r--r-- | media-libs/libexif/files/digest-libexif-0.6.12-r4 (renamed from media-libs/libexif/files/digest-libexif-0.6.12-r3) | 0 | ||||
-rw-r--r-- | media-libs/libexif/files/libexif-0.5.12-recurse.patch | 67 | ||||
-rw-r--r-- | media-libs/libexif/files/libexif-0.6.12-recurse.patch | 70 | ||||
-rw-r--r-- | media-libs/libexif/libexif-0.5.12-r3.ebuild | 49 | ||||
-rw-r--r-- | media-libs/libexif/libexif-0.6.12-r4.ebuild (renamed from media-libs/libexif/libexif-0.6.12-r3.ebuild) | 3 |
8 files changed, 211 insertions, 10 deletions
diff --git a/media-libs/libexif/ChangeLog b/media-libs/libexif/ChangeLog index 9763dde004b5..51fe628511ae 100644 --- a/media-libs/libexif/ChangeLog +++ b/media-libs/libexif/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for media-libs/libexif # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/ChangeLog,v 1.35 2005/04/25 00:28:33 azarah Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/ChangeLog,v 1.36 2005/05/10 06:07:47 eradicator Exp $ + +*libexif-0.6.12-r4 (09 May 2005) +*libexif-0.5.12-r3 (09 May 2005) + + 09 May 2005; Jeremy Huddleston <eradicator@gentoo.org> + +files/libexif-0.5.12-recurse.patch, +files/libexif-0.6.12-recurse.patch, + +libexif-0.5.12-r3.ebuild, -libexif-0.6.12-r3.ebuild, + +libexif-0.6.12-r4.ebuild: + Revbump to fix security bug #92035. Stable on amd64, sparc, and x86. 25 Apr 2005; Martin Schlemmer <azarah@gentoo.org> +files/libexif-0.6.12-gcc4.patch, libexif-0.6.12-r3.ebuild: diff --git a/media-libs/libexif/Manifest b/media-libs/libexif/Manifest index a198a23b6445..7a7a0ef217c4 100644 --- a/media-libs/libexif/Manifest +++ b/media-libs/libexif/Manifest @@ -1,20 +1,24 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -MD5 d5325497b3555e5f782c1d1e3da80410 ChangeLog 5061 -MD5 fb3163ca6913859e23532a5e09cbaf5e libexif-0.6.12-r3.ebuild 1614 +MD5 31629078ccb7486aac1370d73e6877bf ChangeLog 5423 MD5 c1e212329f9083e2405b16dd382d6632 metadata.xml 259 +MD5 aac3c2bfbdb39186a70cd9020d4f2ff9 libexif-0.5.12-r3.ebuild 1183 +MD5 ccd9b2944309227555276d05988870fc libexif-0.6.12-r4.ebuild 1665 MD5 a75e1a14e52213457be999a46c9392ed libexif-0.5.12-r2.ebuild 1125 -MD5 0847d4ce556a73514f3fbbf303707e07 files/digest-libexif-0.6.12-r3 66 +MD5 c6e7ee4006cd2b5bd7cb0367f816fc8a files/digest-libexif-0.5.12-r3 66 MD5 c6e7ee4006cd2b5bd7cb0367f816fc8a files/digest-libexif-0.5.12-r2 66 -MD5 a8085215f21d54708b3bfca3e1aeb612 files/libexif-0.5-CAN-2005-0664.patch 860 MD5 656d5fb19cf1cdef7132ccb6fa72db2b files/libexif-0.6-CAN-2005-0664.patch 833 -MD5 a218f0d3896c793cf66fc505f743ef3b files/libexif-0.6.12-86740.patch 627 +MD5 a8085215f21d54708b3bfca3e1aeb612 files/libexif-0.5-CAN-2005-0664.patch 860 MD5 1cf86cdf4e82ee2c2b92a57348d30ae1 files/libexif-0.6.12-gcc4.patch 391 +MD5 8bf2206b6b7c7c447b7bc296288fc815 files/libexif-0.6.12-recurse.patch 2333 +MD5 a218f0d3896c793cf66fc505f743ef3b files/libexif-0.6.12-86740.patch 627 +MD5 0847d4ce556a73514f3fbbf303707e07 files/digest-libexif-0.6.12-r4 66 +MD5 62b4010332297c9c79f534f541343c1e files/libexif-0.5.12-recurse.patch 2335 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) -iD8DBQFCbDqz1ZcsMnZjRyIRAtwFAJ9ljAarYQumCt870cguICVqWNk4awCgpCri -YYg9e03WSOr6jGfmwBgnQAc= -=hUPH +iD8DBQFCgE/FArHZZzCEUG0RAt0hAJ9PQ20535Go+ED3RS9SqshtwlzVlACfV3se +pIgg9KlJJ1QQnDn2EwJRTYY= +=F0cU -----END PGP SIGNATURE----- diff --git a/media-libs/libexif/files/digest-libexif-0.5.12-r3 b/media-libs/libexif/files/digest-libexif-0.5.12-r3 new file mode 100644 index 000000000000..83a5d8ba424e --- /dev/null +++ b/media-libs/libexif/files/digest-libexif-0.5.12-r3 @@ -0,0 +1 @@ +MD5 97e17fa05cb638eed5e8e59db431ed3a libexif-0.5.12.tar.gz 443724 diff --git a/media-libs/libexif/files/digest-libexif-0.6.12-r3 b/media-libs/libexif/files/digest-libexif-0.6.12-r4 index 09504fee0be0..09504fee0be0 100644 --- a/media-libs/libexif/files/digest-libexif-0.6.12-r3 +++ b/media-libs/libexif/files/digest-libexif-0.6.12-r4 diff --git a/media-libs/libexif/files/libexif-0.5.12-recurse.patch b/media-libs/libexif/files/libexif-0.5.12-recurse.patch new file mode 100644 index 000000000000..a877c7f22ac2 --- /dev/null +++ b/media-libs/libexif/files/libexif-0.5.12-recurse.patch @@ -0,0 +1,67 @@ +diff -Naurp libexif-0.5.12.orig/libexif/exif-data.c libexif-0.5.12/libexif/exif-data.c +--- libexif-0.5.12.orig/libexif/exif-data.c 2005-05-09 13:40:51.000000000 -0700 ++++ libexif-0.5.12/libexif/exif-data.c 2005-05-09 13:43:26.000000000 -0700 +@@ -172,9 +172,10 @@ exif_data_load_data_thumbnail (ExifData + } + + static void +-exif_data_load_data_content (ExifData *data, ExifContent *ifd, +- const unsigned char *d, +- unsigned int ds, unsigned int offset) ++exif_data_load_data_content_recurse (ExifData *data, ExifContent *ifd, ++ const unsigned char *d, ++ unsigned int ds, unsigned int offset, ++ unsigned int level) + { + ExifLong o, thumbnail_offset = 0, thumbnail_length = 0; + ExifShort n; +@@ -182,6 +183,11 @@ exif_data_load_data_content (ExifData *d + unsigned int i; + ExifTag tag; + ++ if (level > 150) ++ { ++ return 0; ++ } ++ + /* Read the number of entries */ + n = exif_get_short (d + offset, data->priv->order); + #ifdef DEBUG +@@ -205,16 +213,16 @@ exif_data_load_data_content (ExifData *d + data->priv->order); + switch (tag) { + case EXIF_TAG_EXIF_IFD_POINTER: +- exif_data_load_data_content (data, +- data->ifd[EXIF_IFD_EXIF], d, ds, o); ++ exif_data_load_data_content_recurse (data, ++ data->ifd[EXIF_IFD_EXIF], d, ds, o, level + 1); + break; + case EXIF_TAG_GPS_INFO_IFD_POINTER: +- exif_data_load_data_content (data, +- data->ifd[EXIF_IFD_GPS], d, ds, o); ++ exif_data_load_data_content_recurse (data, ++ data->ifd[EXIF_IFD_GPS], d, ds, o, level + 1); + break; + case EXIF_TAG_INTEROPERABILITY_IFD_POINTER: +- exif_data_load_data_content (data, +- data->ifd[EXIF_IFD_INTEROPERABILITY], d, ds, o); ++ exif_data_load_data_content_recurse (data, ++ data->ifd[EXIF_IFD_INTEROPERABILITY], d, ds, o, level + 1); + break; + case EXIF_TAG_JPEG_INTERCHANGE_FORMAT: + #ifdef DEBUG +@@ -252,6 +260,14 @@ exif_data_load_data_content (ExifData *d + } + + static void ++exif_data_load_data_content (ExifData *data, ExifContent *ifd, ++ const unsigned char *d, ++ unsigned int ds, unsigned int offset) ++{ ++ exif_data_load_data_content_recurse (data, ifd, d, ds, offset, 0); ++} ++ ++static void + exif_data_save_data_content (ExifData *data, ExifContent *ifd, + unsigned char **d, unsigned int *ds, + unsigned int offset) diff --git a/media-libs/libexif/files/libexif-0.6.12-recurse.patch b/media-libs/libexif/files/libexif-0.6.12-recurse.patch new file mode 100644 index 000000000000..acd1caecb50f --- /dev/null +++ b/media-libs/libexif/files/libexif-0.6.12-recurse.patch @@ -0,0 +1,70 @@ +--- libexif-0.6.12/libexif/exif-data.c.recurse 2005-05-06 13:35:17.610294000 -0400 ++++ libexif-0.6.12/libexif/exif-data.c 2005-05-06 13:37:35.112654000 -0400 +@@ -284,9 +284,10 @@ + } + + static void +-exif_data_load_data_content (ExifData *data, ExifContent *ifd, +- const unsigned char *d, +- unsigned int ds, unsigned int offset) ++exif_data_load_data_content_recurse (ExifData *data, ExifContent *ifd, ++ const unsigned char *d, ++ unsigned int ds, unsigned int offset, ++ unsigned int level) + { + ExifLong o, thumbnail_offset = 0, thumbnail_length = 0; + ExifShort n; +@@ -296,6 +297,13 @@ + + if (!data || !data->priv) return; + ++ if (level > 150) ++ { ++ exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData", ++ "Deep recursion in exif_data_load_data_content"); ++ return 0; ++ } ++ + /* Read the number of entries */ + if (offset >= ds - 1) return; + n = exif_get_short (d + offset, data->priv->order); +@@ -320,18 +328,18 @@ + switch (tag) { + case EXIF_TAG_EXIF_IFD_POINTER: + CHECK_REC (EXIF_IFD_EXIF); +- exif_data_load_data_content (data, +- data->ifd[EXIF_IFD_EXIF], d, ds, o); ++ exif_data_load_data_content_recurse (data, ++ data->ifd[EXIF_IFD_EXIF], d, ds, o, level + 1); + break; + case EXIF_TAG_GPS_INFO_IFD_POINTER: + CHECK_REC (EXIF_IFD_GPS); +- exif_data_load_data_content (data, +- data->ifd[EXIF_IFD_GPS], d, ds, o); ++ exif_data_load_data_content_recurse (data, ++ data->ifd[EXIF_IFD_GPS], d, ds, o, level + 1); + break; + case EXIF_TAG_INTEROPERABILITY_IFD_POINTER: + CHECK_REC (EXIF_IFD_INTEROPERABILITY); +- exif_data_load_data_content (data, +- data->ifd[EXIF_IFD_INTEROPERABILITY], d, ds, o); ++ exif_data_load_data_content_recurse (data, ++ data->ifd[EXIF_IFD_INTEROPERABILITY], d, ds, o, level + 1); + break; + case EXIF_TAG_JPEG_INTERCHANGE_FORMAT: + thumbnail_offset = o; +@@ -373,6 +381,14 @@ + } + + static void ++exif_data_load_data_content (ExifData *data, ExifContent *ifd, ++ const unsigned char *d, ++ unsigned int ds, unsigned int offset) ++{ ++ exif_data_load_data_content_recurse (data, ifd, d, ds, offset, 0); ++} ++ ++static void + exif_data_save_data_content (ExifData *data, ExifContent *ifd, + unsigned char **d, unsigned int *ds, + unsigned int offset) diff --git a/media-libs/libexif/libexif-0.5.12-r3.ebuild b/media-libs/libexif/libexif-0.5.12-r3.ebuild new file mode 100644 index 000000000000..c79d1a287b1c --- /dev/null +++ b/media-libs/libexif/libexif-0.5.12-r3.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/libexif-0.5.12-r3.ebuild,v 1.1 2005/05/10 06:07:47 eradicator Exp $ + +inherit eutils + +DESCRIPTION="Library for parsing, editing, and saving EXIF data" +HOMEPAGE="http://libexif.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~ppc-macos sparc x86" +IUSE="nls" + +DEPEND="dev-util/pkgconfig" +RDEPEND="" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/libexif-0.5-CAN-2005-0664.patch + epatch ${FILESDIR}/${PN}-0.5.12-recurse.patch +} + +src_compile() { + econf $(use_enable nls) || die + emake || die +} + +src_install() { + dodir /usr/$(get_libdir) + dodir /usr/include/libexif + dodir /usr/share/locale + dodir /usr/$(get_libdir)/pkgconfig + einstall || die + + dodoc ChangeLog README + + # installs a blank directory for whatever broken reason + use nls || rmdir ${D}/usr/share/locale +} + +pkg_postinst() { + einfo + einfo "if you've upgraded from ${PN}-0.5.8 you'll" + einfo "have to run revdep-rebuild from gentoolkit" + einfo +} diff --git a/media-libs/libexif/libexif-0.6.12-r3.ebuild b/media-libs/libexif/libexif-0.6.12-r4.ebuild index 5d8471987a45..8b5901b5b075 100644 --- a/media-libs/libexif/libexif-0.6.12-r3.ebuild +++ b/media-libs/libexif/libexif-0.6.12-r4.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/libexif-0.6.12-r3.ebuild,v 1.2 2005/04/25 00:28:33 azarah Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-libs/libexif/libexif-0.6.12-r4.ebuild,v 1.1 2005/05/10 06:07:47 eradicator Exp $ inherit eutils @@ -21,6 +21,7 @@ src_unpack() { cd ${S} epatch ${FILESDIR}/${P}-86740.patch + epatch ${FILESDIR}/${PN}-0.6.12-recurse.patch # The libexif hackers made a goof on the soname versioning. It will # be fixed in 0.6.13 at which point LIBEXIF_AGE should be removed here. |