rpms/koffice/FC-6 koffice-xpdf-CVE-2007-3387.diff, NONE, 1.1 koffice.spec, 1.51, 1.52 koffice-1.6.3-nodisplay.patch, 1.1, NONE
Rex Dieter (rdieter)
fedora-extras-commits at redhat.com
Mon Aug 13 18:50:51 UTC 2007
- Previous message (by thread): rpms/gtk2-engines/devel .cvsignore, 1.36, 1.37 gtk2-engines.spec, 1.74, 1.75 sources, 1.37, 1.38
- Next message (by thread): rpms/perl-Crypt-SSLeay/devel .cvsignore, 1.7, 1.8 perl-Crypt-SSLeay.spec, 1.26, 1.27 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rdieter
Update of /cvs/pkgs/rpms/koffice/FC-6
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4620
Modified Files:
koffice.spec
Added Files:
koffice-xpdf-CVE-2007-3387.diff
Removed Files:
koffice-1.6.3-nodisplay.patch
Log Message:
* Mon Aug 13 2007 Rex Dieter <rdieter[AT]fedoraproject.org>
1.6.3-9
- CVE-2007-3387 (#251522, #251524)
* Mon Aug 13 2007 Rex Dieter <rdieter[AT]fedoraproject.org>
1.6.3-8
- License: GPLv2+
- -libs: move libk*common.so.* here
koffice-xpdf-CVE-2007-3387.diff:
--- NEW FILE koffice-xpdf-CVE-2007-3387.diff ---
--- filters/kword/pdf/xpdf/xpdf/Stream.cc
+++ filters/kword/pdf/xpdf/xpdf/Stream.cc
@@ -413,13 +413,11 @@ StreamPredictor::StreamPredictor(Stream
predLine = NULL;
ok = gFalse;
- if (width <= 0 || nComps <= 0 || nBits <= 0 ||
- nComps >= INT_MAX / nBits ||
- width >= INT_MAX / nComps / nBits)
- return;
-
nVals = width * nComps;
- if (nVals * nBits + 7 <= 0)
+ if (width <= 0 || nComps <= 0 || nBits <= 0 ||
+ nComps >= 4 || nBits > 16 ||
+ width >= INT_MAX / nComps ||
+ nVals >= (INT_MAX - 7) / nBits)
return;
pixBytes = (nComps * nBits + 7) >> 3;
Index: koffice.spec
===================================================================
RCS file: /cvs/pkgs/rpms/koffice/FC-6/koffice.spec,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -r1.51 -r1.52
--- koffice.spec 9 Jul 2007 12:00:34 -0000 1.51
+++ koffice.spec 13 Aug 2007 18:50:18 -0000 1.52
@@ -1,17 +1,21 @@
Name: koffice
Version: 1.6.3
-Release: 6%{?dist}.2
+Release: 9%{?dist}
Summary: A free, integrated office suite for KDE
Group: Applications/Productivity
-License: GPL/LGPL
+# apps GPLv2+, libs LGPLv2+
+License: GPLv2+
URL: http://www.koffice.org/
Source0: ftp://ftp.kde.org/pub/kde/stable/koffice-%{version}/src/koffice-%{version}.tar.bz2
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Source100: koshell.png
+# http://www.kde.org/info/security/advisory-20070730-1.txt
+Patch1: ftp://ftp.kde.org/pub/kde/security_patches/koffice-xpdf-CVE-2007-3387.diff
+
# BuildRequires: world-devel ;)
BuildRequires: kdebase-devel
BuildRequires: kdelibs-devel
@@ -234,6 +238,8 @@
%prep
%setup -q
+%patch1 -p0 -b .CVE-2007-3387
+
%build
unset QTDIR || : ; . /etc/profile.d/qt.sh
@@ -412,7 +418,10 @@
%files libs
%defattr(-,root,root,-)
-#_libdir/lib*.so.*
+#_libdir/libk*common.so.*
+%{_libdir}/libkarboncommon.so.*
+%{_libdir}/libkiviocommon.so.*
+%{_libdir}/libkspreadcommon.so.*
%{_libdir}/libkdchart.so.*
%{_libdir}/libkochart.so.*
%{_libdir}/libkofficecore.so.*
@@ -456,7 +465,7 @@
%defattr(-,root,root,-)
%{_bindir}/kspread
%{_libdir}/libkdeinit_kspread.so
-%{_libdir}/libkspreadcommon.so.*
+#{_libdir}/libkspreadcommon.so.*
%{_libdir}/kde3/kspread.*
%{_libdir}/kde3/libkspreadpart.*
%{_libdir}/kde3/kwmailmerge_kspread.*
@@ -497,7 +506,7 @@
%defattr(-,root,root,-)
%{_bindir}/karbon
%{_libdir}/libkdeinit_karbon.so
-%{_libdir}/libkarboncommon.so.*
+#{_libdir}/libkarboncommon.so.*
%{_libdir}/kde3/*karbon*.*
%{_libdir}/kde3/libwmfexport.*
%{_libdir}/kde3/libwmfimport.*
@@ -609,7 +618,7 @@
%defattr(-,root,root,-)
%{_bindir}/kivio
%{_libdir}/libkdeinit_kivio.so
-%{_libdir}/libkiviocommon.so.*
+#{_libdir}/libkiviocommon.so.*
%{_libdir}/kde3/*kivio*.*
%{_libdir}/kde3/straight_connector.*
%{_datadir}/apps/kivio/
@@ -686,6 +695,15 @@
%changelog
+* Mon Aug 13 2007 Rex Dieter <rdieter[AT]fedoraproject.org>
+1.6.3-9
+- CVE-2007-3387 (#251522, #251524)
+
+* Mon Aug 13 2007 Rex Dieter <rdieter[AT]fedoraproject.org>
+1.6.3-8
+- License: GPLv2+
+- -libs: move libk*common.so.* here
+
* Sat Jun 24 2007 Rex Dieter <rdieter[AT]fedoraproject.org>
1.6.3-7
- -devel: %%exclude %%_libdir/libkudesignercore.so (#245333)
--- koffice-1.6.3-nodisplay.patch DELETED ---
- Previous message (by thread): rpms/gtk2-engines/devel .cvsignore, 1.36, 1.37 gtk2-engines.spec, 1.74, 1.75 sources, 1.37, 1.38
- Next message (by thread): rpms/perl-Crypt-SSLeay/devel .cvsignore, 1.7, 1.8 perl-Crypt-SSLeay.spec, 1.26, 1.27 sources, 1.7, 1.8
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list