rpms/evince/FC-6 evince-0.6.0-overflow.patch, NONE, 1.1 evince.spec, 1.64, 1.65

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Mon Dec 11 03:12:37 UTC 2006 

Author: mclasen

Update of /cvs/dist/rpms/evince/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv31118

Modified Files:
	evince.spec 
Added Files:
	evince-0.6.0-overflow.patch 
Log Message:
* Sun Dec 10 2006 Matthias Clasen <mclasen at redhat.com> - 0.6.0-8
- Fix an overflow in the PostScript backend (#217674, CVE-2006-5864)




evince-0.6.0-overflow.patch:
 ps.c |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

--- NEW FILE evince-0.6.0-overflow.patch ---
--- evince-0.6.0/ps/ps.c.overflow	2006-12-10 21:59:29.000000000 -0500
+++ evince-0.6.0/ps/ps.c	2006-12-10 21:59:34.000000000 -0500
@@ -1231,7 +1231,8 @@
     int level = 0;
     quoted = 1;
     line++;
-    while(*line && !(*line == ')' && level == 0)) {
+    while(*line && !(*line == ')' && level == 0)
+	  && (cp - text) < PSLINELENGTH - 1) {
       if(*line == '\\') {
         if(*(line + 1) == 'n') {
           *cp++ = '\n';
@@ -1302,7 +1303,8 @@
     }
   }
   else {
-    while(*line && !(*line == ' ' || *line == '\t' || *line == '\n'))
+    while(*line && !(*line == ' ' || *line == '\t' || *line == '\n')
+	  && (cp - text) < PSLINELENGTH - 1)
       *cp++ = *line++;
   }
   *cp = '\0';


Index: evince.spec
===================================================================
RCS file: /cvs/dist/rpms/evince/FC-6/evince.spec,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -r1.64 -r1.65
--- evince.spec	18 Oct 2006 17:15:21 -0000	1.64
+++ evince.spec	11 Dec 2006 03:12:35 -0000	1.65
@@ -4,7 +4,7 @@
 
 Name:		evince
 Version:	0.6.0
-Release:	4%{?dist}
+Release:	5%{?dist}
 Summary:	Document viewer
 
 License: 	GPL
@@ -12,6 +12,7 @@
 URL:		http://www.gnome.org/projects/evince/
 Source0: 	http://ftp.gnome.org/pub/GNOME/sources/%{name}/%{version}/%{name}-%{version}.tar.bz2
 Patch0:		evince-0.6.0-print-error.patch
+Patch1:		evince-0.6.0-overflow.patch
 BuildRoot: 	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:	gtk2-devel >= %{gtk2_version}
@@ -44,6 +45,7 @@
 %prep
 %setup -q
 %patch0 -p1 -b .print-error
+%patch1 -p1 -b .overflow
 
 %build
 %configure --disable-scrollkeeper
@@ -129,6 +131,9 @@
 
 
 %changelog
+* Sun Dec 10 2006 Matthias Clasen <mclasen at redhat.com> - 0.6.0-5
+- Fix an overflow in the PostScript backend (#217674, CVE-2006-5864)
+
 * Wed Oct 18 2006 Matthias Clasen <mclasen at redhat.com> - 0.6.0-4
 - Fix scripts according to the packaging guidelines

More information about the fedora-cvs-commits mailing list