Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/media-libs
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2007-12-10 20:14:28 +0000
committerPeter Volkov <pva@gentoo.org>2007-12-10 20:14:28 +0000
commit3eb830523e7086c562a82244e82f23157e41173a (patch)
treeecb2fa5890f10717a291eb5009d30319edace5da /media-libs
parentAdd patch fixing news test. (diff)
downloadhistorical-3eb830523e7086c562a82244e82f23157e41173a.tar.gz
historical-3eb830523e7086c562a82244e82f23157e41173a.tar.bz2
historical-3eb830523e7086c562a82244e82f23157e41173a.zip
Fixed denial of service (infinite loop) via a BMP image, bug #201887.
Fixed bug which prevented imlib to render images is MIT-SHM when the MIT-SHM extension doesn't support shared pixmaps (bugs.debian.org/448360). Thank for report Antti Mäkelä <zarhan AT cs.tut.fi>. Homepage changed. No website is available for this old library, so pointing to sources location. Package-Manager: portage-2.1.3.19
Diffstat (limited to 'media-libs')
-rw-r--r--media-libs/imlib/ChangeLog13
-rw-r--r--media-libs/imlib/Manifest23
-rw-r--r--media-libs/imlib/files/digest-imlib-1.9.15-r23
-rw-r--r--media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch11
-rw-r--r--media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch105
-rw-r--r--media-libs/imlib/imlib-1.9.15-r2.ebuild63
6 files changed, 213 insertions, 5 deletions
diff --git a/media-libs/imlib/ChangeLog b/media-libs/imlib/ChangeLog
index 5da421f9d4f2..20ac825a3b50 100644
--- a/media-libs/imlib/ChangeLog
+++ b/media-libs/imlib/ChangeLog
@@ -1,6 +1,17 @@
# ChangeLog for media-libs/imlib
# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/imlib/ChangeLog,v 1.57 2007/09/23 14:18:20 drac Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/imlib/ChangeLog,v 1.58 2007/12/10 20:14:24 pva Exp $
+
+*imlib-1.9.15-r2 (10 Dec 2007)
+
+ 10 Dec 2007; <pva@gentoo.org>
+ +files/imlib-1.9.15-bpp16-CVE-2007-3568.patch,
+ +files/imlib-1.9.15-fix-rendering.patch, +imlib-1.9.15-r2.ebuild:
+ Fixed denial of service (infinite loop) via a BMP image, bug #201887. Fixed
+ bug which prevented imlib to render images is MIT-SHM when the MIT-SHM
+ extension doesn't support shared pixmaps (bugs.debian.org/448360). Thank for
+ report Antti Mäkelä <zarhan AT cs.tut.fi>. Homepage changed. No website is
+ available for this old library, so pointing to sources location.
23 Sep 2007; Samuli Suominen <drac@gentoo.org> imlib-1.9.15-r1.ebuild:
Fix modular X deps wrt #192733.
diff --git a/media-libs/imlib/Manifest b/media-libs/imlib/Manifest
index a3a87847c807..91861cc219f4 100644
--- a/media-libs/imlib/Manifest
+++ b/media-libs/imlib/Manifest
@@ -1,3 +1,11 @@
+AUX imlib-1.9.15-bpp16-CVE-2007-3568.patch 457 RMD160 7892bce6d9375befc0a322dd5870f10e5d41ceb5 SHA1 c3977dcb4d95ffab5cadb68bb3e3c7693c1e8be3 SHA256 f0097c1db200b19a3e8f06d85765dd8b8f757dd0bc6fd9bafa0c31cd9c14d8ec
+MD5 29267df943b838a0f556cce1557ca3c0 files/imlib-1.9.15-bpp16-CVE-2007-3568.patch 457
+RMD160 7892bce6d9375befc0a322dd5870f10e5d41ceb5 files/imlib-1.9.15-bpp16-CVE-2007-3568.patch 457
+SHA256 f0097c1db200b19a3e8f06d85765dd8b8f757dd0bc6fd9bafa0c31cd9c14d8ec files/imlib-1.9.15-bpp16-CVE-2007-3568.patch 457
+AUX imlib-1.9.15-fix-rendering.patch 3263 RMD160 2ec2c9bb864d64b588d3b786e9b256f4d3788436 SHA1 3b8cb97fd6918bddc70b78fc04e5a7b4a5395c0e SHA256 7f5f8967ec52658e776a0a60a3a3c93d367ccf877d92569a9313e78bbd510604
+MD5 5212233a3d01640fbf4feb57a6918e6e files/imlib-1.9.15-fix-rendering.patch 3263
+RMD160 2ec2c9bb864d64b588d3b786e9b256f4d3788436 files/imlib-1.9.15-fix-rendering.patch 3263
+SHA256 7f5f8967ec52658e776a0a60a3a3c93d367ccf877d92569a9313e78bbd510604 files/imlib-1.9.15-fix-rendering.patch 3263
AUX imlib-1.9.15.patch 2253 RMD160 beb86753cc2024a9eb671acdc3886b7a5692b526 SHA1 29fb949680e5b2d95392b4c5efd1fdfa21f2df3d SHA256 43dd12dae7913475f968f35a4fa4b1ef4670451e58c712cbd6e5460f20fc9197
MD5 8328ba4002a30764a848de8b9b70f158 files/imlib-1.9.15.patch 2253
RMD160 beb86753cc2024a9eb671acdc3886b7a5692b526 files/imlib-1.9.15.patch 2253
@@ -11,10 +19,14 @@ EBUILD imlib-1.9.15-r1.ebuild 1371 RMD160 3b5fe868af1ab3b2153b7446bf5a04db278376
MD5 666d72fd3d2a7e17777e64237fa436a4 imlib-1.9.15-r1.ebuild 1371
RMD160 3b5fe868af1ab3b2153b7446bf5a04db278376d7 imlib-1.9.15-r1.ebuild 1371
SHA256 54eeffd491c99b53e6d4a75990ddbb75e4a3999e9db71c432a0821cb5e7f885b imlib-1.9.15-r1.ebuild 1371
-MISC ChangeLog 7584 RMD160 749763f7bc5db05a41b20b50daa253af58dab5bf SHA1 1eb67d67c129b9ac67fa5438fcde002b88ecd152 SHA256 5baf0f12ef8e19bab1d3ea3a2bcd55bead3c86ff4ed3fb8ba782ec48d1d6006c
-MD5 a0c2042b792d262b042082997ddd1856 ChangeLog 7584
-RMD160 749763f7bc5db05a41b20b50daa253af58dab5bf ChangeLog 7584
-SHA256 5baf0f12ef8e19bab1d3ea3a2bcd55bead3c86ff4ed3fb8ba782ec48d1d6006c ChangeLog 7584
+EBUILD imlib-1.9.15-r2.ebuild 1530 RMD160 d0e349f9877804dd492cd5b45a44adceee940be8 SHA1 98513d0f71e9d0ce304016f61b468493926ceee1 SHA256 0131bc547bae248e1bec3c54b611be508a7a1495feb92b1be1d328c987f52260
+MD5 1a1bae2531b86c7cb487d5ced293fa27 imlib-1.9.15-r2.ebuild 1530
+RMD160 d0e349f9877804dd492cd5b45a44adceee940be8 imlib-1.9.15-r2.ebuild 1530
+SHA256 0131bc547bae248e1bec3c54b611be508a7a1495feb92b1be1d328c987f52260 imlib-1.9.15-r2.ebuild 1530
+MISC ChangeLog 8141 RMD160 67a3d3df7c34c31cf7e8ac30900b549bd9a3d3b2 SHA1 8583aae288e89a43ed52160bea6276f6f0cd67d9 SHA256 48a1cb003f79b70c96f814e675698a08a433d791b0fbdd2f703973bd12275d56
+MD5 04c9692d70d4afdf6f717282150065bf ChangeLog 8141
+RMD160 67a3d3df7c34c31cf7e8ac30900b549bd9a3d3b2 ChangeLog 8141
+SHA256 48a1cb003f79b70c96f814e675698a08a433d791b0fbdd2f703973bd12275d56 ChangeLog 8141
MISC metadata.xml 166 RMD160 7b80226659bf40e97050b1ffce1858d5f20b3c60 SHA1 e6c6436c304a65b4a012a5b7be7ee264b228a645 SHA256 8e7de0a7f7c15840474de373a3ce36adcc5dd658b2e4d18366fcb63b964a0826
MD5 cdb11033a3fa6525334cecf938961c07 metadata.xml 166
RMD160 7b80226659bf40e97050b1ffce1858d5f20b3c60 metadata.xml 166
@@ -22,3 +34,6 @@ SHA256 8e7de0a7f7c15840474de373a3ce36adcc5dd658b2e4d18366fcb63b964a0826 metadata
MD5 3ca74ed1d09e760b3ba65e3ea3f0c88d files/digest-imlib-1.9.15-r1 241
RMD160 039218e55a8fed0fb8c45920058885c1d84c22df files/digest-imlib-1.9.15-r1 241
SHA256 79835fd763b99e818f64104e0bf5f475c9dc57a629506db65b9694b4eec1c997 files/digest-imlib-1.9.15-r1 241
+MD5 3ca74ed1d09e760b3ba65e3ea3f0c88d files/digest-imlib-1.9.15-r2 241
+RMD160 039218e55a8fed0fb8c45920058885c1d84c22df files/digest-imlib-1.9.15-r2 241
+SHA256 79835fd763b99e818f64104e0bf5f475c9dc57a629506db65b9694b4eec1c997 files/digest-imlib-1.9.15-r2 241
diff --git a/media-libs/imlib/files/digest-imlib-1.9.15-r2 b/media-libs/imlib/files/digest-imlib-1.9.15-r2
new file mode 100644
index 000000000000..52c816f8266d
--- /dev/null
+++ b/media-libs/imlib/files/digest-imlib-1.9.15-r2
@@ -0,0 +1,3 @@
+MD5 7db987e6c52e4daf70d7d0f471238eae imlib-1.9.15.tar.bz2 683242
+RMD160 195b80833167134ba2d9a9574d420279f9cf55f4 imlib-1.9.15.tar.bz2 683242
+SHA256 4e6a270308a9ae16586bfc133c1a3dfb2e56f431edb66aaa3a80e36e5ed84ce0 imlib-1.9.15.tar.bz2 683242
diff --git a/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch b/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch
new file mode 100644
index 000000000000..94595ffdf55a
--- /dev/null
+++ b/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch
@@ -0,0 +1,11 @@
+--- Imlib/load.c.orig 2007-08-13 23:06:20.000000000 -0300
++++ Imlib/load.c 2007-08-13 23:06:51.000000000 -0300
+@@ -645,7 +645,7 @@
+ planes = (int)word;
+ fread(&word, 2, 1, file);
+ bpp = (int)word;
+- if (bpp != 1 && bpp != 4 && bpp != 8 && bpp && 16 && bpp != 24 && bpp != 32)
++ if (bpp != 1 && bpp != 4 && bpp != 8 && bpp != 16 && bpp != 24 && bpp != 32)
+ {
+ fprintf(stderr, "IMLIB ERROR: unknown bitdepth in file\n");
+ return NULL;
diff --git a/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch b/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch
new file mode 100644
index 000000000000..6212ed31428e
--- /dev/null
+++ b/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch
@@ -0,0 +1,105 @@
+Michel Dänzer <daenzer AT debian.org>
+
+* The boolean value returned via the last parameter to XShmQueryVersion()
+ isn't honoured everywhere.
+* The init functions that take parameters allow the caller to enable shared
+ pixmaps when they aren't supported (or disabled by configuration files).
+
+
+These result in incorrect rendering when the MIT-SHM extension doesn't support
+shared pixmaps, e.g. using EXA with current versions of Xorg.
+
+http://bugs.gentoo.org/show_bug.cgi?id=197489
+
+diff -up -ru imlib-1.9.15.orig/gdk_imlib/misc.c imlib-1.9.15/gdk_imlib/misc.c
+--- imlib-1.9.15.orig/gdk_imlib/misc.c 2002-03-04 18:06:32.000000000 +0100
++++ imlib-1.9.15/gdk_imlib/misc.c 2007-10-28 14:00:04.000000000 +0100
+@@ -674,6 +674,10 @@ gdk_imlib_init_params(GdkImlibInitParams
+ visual = gdk_rgb_get_visual();
+ id->x.visual = GDK_VISUAL_XVISUAL(visual); /* the visual type */
+ id->x.depth = visual->depth; /* the depth of the screen in bpp */
++
++ id->x.shm = 0;
++ id->x.shmp = 0;
++ id->max_shm = 0;
+ #ifdef HAVE_SHM
+ if (XShmQueryExtension(id->x.disp))
+ {
+@@ -689,17 +693,14 @@ gdk_imlib_init_params(GdkImlibInitParams
+ id->x.last_xim = NULL;
+ id->x.last_sxim = NULL;
+ id->max_shm = 0x7fffffff;
+- if (XShmPixmapFormat(id->x.disp) == ZPixmap)
++ if ((XShmPixmapFormat(id->x.disp) == ZPixmap) &&
++ (pm == True))
+ id->x.shmp = 1;
+ }
+ }
+ }
+- else
+ #endif
+- {
+- id->x.shm = 0;
+- id->x.shmp = 0;
+- }
++
+ id->cache.on_image = 0;
+ id->cache.size_image = 0;
+ id->cache.num_image = 0;
+@@ -935,8 +936,8 @@ gdk_imlib_init_params(GdkImlibInitParams
+ }
+ if (p->flags & PARAMS_SHAREDPIXMAPS)
+ {
+- if (id->x.shm)
+- id->x.shmp = p->sharedpixmaps;
++ if (!p->sharedpixmaps)
++ id->x.shmp = 0;
+ }
+ if (p->flags & PARAMS_PALETTEOVERRIDE)
+ override = p->paletteoverride;
+diff -up -ru imlib-1.9.15.orig/Imlib/misc.c imlib-1.9.15/Imlib/misc.c
+--- imlib-1.9.15.orig/Imlib/misc.c 2004-09-21 02:22:59.000000000 +0200
++++ imlib-1.9.15/Imlib/misc.c 2007-10-28 14:00:23.000000000 +0100
+@@ -675,6 +675,10 @@ Imlib_init_with_params(Display * disp, I
+ id->x.root = DefaultRootWindow(disp); /* the root window id */
+ id->x.visual = DefaultVisual(disp, id->x.screen); /* the visual type */
+ id->x.depth = DefaultDepth(disp, id->x.screen); /* the depth of the screen in bpp */
++
++ id->x.shm = 0;
++ id->x.shmp = 0;
++ id->max_shm = 0;
+ #ifdef HAVE_SHM
+ if (XShmQueryExtension(id->x.disp))
+ {
+@@ -690,17 +694,14 @@ Imlib_init_with_params(Display * disp, I
+ id->x.last_xim = NULL;
+ id->x.last_sxim = NULL;
+ id->max_shm = 0x7fffffff;
+- if (XShmPixmapFormat(id->x.disp) == ZPixmap)
++ if ((XShmPixmapFormat(id->x.disp) == ZPixmap &&
++ (pm == True)))
+ id->x.shmp = 1;
+ }
+ }
+ }
+- else
+ #endif
+- {
+- id->x.shm = 0;
+- id->x.shmp = 0;
+- }
++
+ id->cache.on_image = 0;
+ id->cache.size_image = 0;
+ id->cache.num_image = 0;
+@@ -952,8 +953,8 @@ Imlib_init_with_params(Display * disp, I
+ }
+ if (p->flags & PARAMS_SHAREDPIXMAPS)
+ {
+- if (id->x.shm)
+- id->x.shmp = p->sharedpixmaps;
++ if (!p->sharedpixmaps)
++ id->x.shmp = 0;
+ }
+ if (p->flags & PARAMS_PALETTEOVERRIDE)
+ override = p->paletteoverride;
diff --git a/media-libs/imlib/imlib-1.9.15-r2.ebuild b/media-libs/imlib/imlib-1.9.15-r2.ebuild
new file mode 100644
index 000000000000..91d40a11760e
--- /dev/null
+++ b/media-libs/imlib/imlib-1.9.15-r2.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/imlib/imlib-1.9.15-r2.ebuild,v 1.1 2007/12/10 20:14:24 pva Exp $
+
+inherit autotools eutils gnome.org
+
+DESCRIPTION="Image loading and rendering library"
+HOMEPAGE="http://ftp.acc.umu.se/pub/GNOME/sources/imlib/1.9/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="doc gtk"
+
+RDEPEND="gtk? ( =x11-libs/gtk+-1.2* )
+ >=media-libs/tiff-3.5.5
+ >=media-libs/giflib-4.1.0
+ >=media-libs/libpng-1.2.1
+ >=media-libs/jpeg-6b
+ x11-libs/libICE
+ x11-libs/libSM
+ x11-libs/libXext"
+DEPEND="${RDEPEND}"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ # Fix aclocal underquoted definition warnings.
+ # Conditionalize gdk functions for bug 40453.
+ # Fix imlib-config for bug 3425.
+ epatch "${FILESDIR}"/${P}.patch
+
+ # Fix security bug 72681.
+ epatch "${FILESDIR}"/${PN}-security.patch
+
+ # Fixes security bug #201887
+ epatch "${FILESDIR}"/${P}-bpp16-CVE-2007-3568.patch
+
+ # Fixes #197489
+ epatch "${FILESDIR}"/${P}-fix-rendering.patch
+
+ eautoconf
+ _elibtoolize
+}
+
+src_compile() {
+ econf --sysconfdir=/etc/imlib \
+ $(use_enable gtk gdk) \
+ $(use_enable gtk gtktest)
+
+ emake || die "emake failed."
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "emake install failed."
+
+ dodoc AUTHORS ChangeLog README
+ use doc && dohtml doc/*
+
+ # Hack to avoid installing pkgconfig file.
+ use gtk || rm "${D}"/usr/lib*/pkgconfig/imlibgdk.pc
+}