rpms/evince/FC-6 evince-0.6.0-overflow.patch, NONE, 1.1 evince.spec, 1.64, 1.65
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Dec 11 03:12:37 UTC 2006
Author: mclasen
Update of /cvs/dist/rpms/evince/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv31118
Modified Files:
evince.spec
Added Files:
evince-0.6.0-overflow.patch
Log Message:
* Sun Dec 10 2006 Matthias Clasen <mclasen at redhat.com> - 0.6.0-8
- Fix an overflow in the PostScript backend (#217674, CVE-2006-5864)
evince-0.6.0-overflow.patch:
ps.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
--- NEW FILE evince-0.6.0-overflow.patch ---
--- evince-0.6.0/ps/ps.c.overflow 2006-12-10 21:59:29.000000000 -0500
+++ evince-0.6.0/ps/ps.c 2006-12-10 21:59:34.000000000 -0500
@@ -1231,7 +1231,8 @@
int level = 0;
quoted = 1;
line++;
- while(*line && !(*line == ')' && level == 0)) {
+ while(*line && !(*line == ')' && level == 0)
+ && (cp - text) < PSLINELENGTH - 1) {
if(*line == '\\') {
if(*(line + 1) == 'n') {
*cp++ = '\n';
@@ -1302,7 +1303,8 @@
}
}
else {
- while(*line && !(*line == ' ' || *line == '\t' || *line == '\n'))
+ while(*line && !(*line == ' ' || *line == '\t' || *line == '\n')
+ && (cp - text) < PSLINELENGTH - 1)
*cp++ = *line++;
}
*cp = '\0';
Index: evince.spec
===================================================================
RCS file: /cvs/dist/rpms/evince/FC-6/evince.spec,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -r1.64 -r1.65
--- evince.spec 18 Oct 2006 17:15:21 -0000 1.64
+++ evince.spec 11 Dec 2006 03:12:35 -0000 1.65
@@ -4,7 +4,7 @@
Name: evince
Version: 0.6.0
-Release: 4%{?dist}
+Release: 5%{?dist}
Summary: Document viewer
License: GPL
@@ -12,6 +12,7 @@
URL: http://www.gnome.org/projects/evince/
Source0: http://ftp.gnome.org/pub/GNOME/sources/%{name}/%{version}/%{name}-%{version}.tar.bz2
Patch0: evince-0.6.0-print-error.patch
+Patch1: evince-0.6.0-overflow.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: gtk2-devel >= %{gtk2_version}
@@ -44,6 +45,7 @@
%prep
%setup -q
%patch0 -p1 -b .print-error
+%patch1 -p1 -b .overflow
%build
%configure --disable-scrollkeeper
@@ -129,6 +131,9 @@
%changelog
+* Sun Dec 10 2006 Matthias Clasen <mclasen at redhat.com> - 0.6.0-5
+- Fix an overflow in the PostScript backend (#217674, CVE-2006-5864)
+
* Wed Oct 18 2006 Matthias Clasen <mclasen at redhat.com> - 0.6.0-4
- Fix scripts according to the packaging guidelines
More information about the fedora-cvs-commits
mailing list