svn commit: r388051 - in head/graphics/rawstudio: . files
Xin LI
delphij at FreeBSD.org
Sun May 31 09:14:03 UTC 2015
Author: delphij
Date: Sun May 31 09:14:02 2015
New Revision: 388051
URL: https://svnweb.freebsd.org/changeset/ports/388051
Log:
Apply vendor patch for "Avoid overflow in ljpeg_start()"
(changeset 983bda1f) to prevent a denial of service (crash) via a
crafted image
PR: 200199
Obtained from: https://github.com/rawstudio/rawstudio/commit/983bda1f0fa5fa86884381208274198a620f006e
Security: CVE-2015-3885
Security: 57325ecf-facc-11e4-968f-b888e347c638
Submitted by: Jason Unovitch <jason unovitch gmail com>
Reported by: Sevan Janiyan <venture37 geeklan co uk>
Approved by: samm os2 kiev ua (maintainer)
MFH: 2015Q2
Added:
head/graphics/rawstudio/files/patch-plugins_load-dcraw_dcraw.cc (contents, props changed)
Modified:
head/graphics/rawstudio/Makefile
Modified: head/graphics/rawstudio/Makefile
==============================================================================
--- head/graphics/rawstudio/Makefile Sun May 31 08:08:16 2015 (r388050)
+++ head/graphics/rawstudio/Makefile Sun May 31 09:14:02 2015 (r388051)
@@ -3,7 +3,7 @@
PORTNAME= rawstudio
PORTVERSION= 2.0
-PORTREVISION= 10
+PORTREVISION= 11
CATEGORIES= graphics
MASTER_SITES= http://rawstudio.org/files/release/
Added: head/graphics/rawstudio/files/patch-plugins_load-dcraw_dcraw.cc
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/graphics/rawstudio/files/patch-plugins_load-dcraw_dcraw.cc Sun May 31 09:14:02 2015 (r388051)
@@ -0,0 +1,12 @@
+--- plugins/load-dcraw/dcraw.cc.orig 2015-05-29 01:03:46 UTC
++++ plugins/load-dcraw/dcraw.cc
+@@ -869,7 +869,8 @@ struct jhead {
+
+ int CLASS ljpeg_start (struct jhead *jh, int info_only)
+ {
+- int c, tag, len;
++ int c, tag;
++ ushort len;
+ uchar data[0x10000];
+ const uchar *dp;
+
More information about the svn-ports-all
mailing list