svn commit: r418893 - in branches/2016Q3/editors/openoffice-4: . files

[Don Lewis]

Author: truckman
Date: Thu Jul 21 19:21:16 2016
New Revision: 418893
URL: https://svnweb.freebsd.org/changeset/ports/418893

Log:
  MFH 2016Q3
  
  Fix CVE-2016-1513 - Memory Corruption Vulnerability (Impress Presentations).
  
  Regenerate distinfo to add TIMESTAMP.
  
  Approved by:	ports-secteam (blanket)
  Obtained from:	<https://bz.apache.org/ooo/show_bug.cgi?id=127045>
  Security:	72f71e26-4f69-11e6-ac37-ac9e174be3af

Added:
  branches/2016Q3/editors/openoffice-4/files/patch-CVE-2016-1513
     - copied unchanged from r418885, head/editors/openoffice-4/files/patch-CVE-2016-1513
Modified:
  branches/2016Q3/editors/openoffice-4/Makefile
  branches/2016Q3/editors/openoffice-4/distinfo
Directory Properties:
  branches/2016Q3/   (props changed)

Modified: branches/2016Q3/editors/openoffice-4/Makefile
==============================================================================
--- branches/2016Q3/editors/openoffice-4/Makefile	Thu Jul 21 19:13:10 2016	(r418892)
+++ branches/2016Q3/editors/openoffice-4/Makefile	Thu Jul 21 19:21:16 2016	(r418893)
@@ -3,7 +3,7 @@
 
 PORTNAME=	apache-openoffice
 PORTVERSION=	${AOOVERSION}
-PORTREVISION=	7
+PORTREVISION=	8
 CATEGORIES=	editors java
 MASTER_SITES=	APACHE/openoffice/${PORTVERSION}/source \
 		http://tools.openoffice.org/unowinreg_prebuild/680/:unoreg \

Modified: branches/2016Q3/editors/openoffice-4/distinfo
==============================================================================
--- branches/2016Q3/editors/openoffice-4/distinfo	Thu Jul 21 19:13:10 2016	(r418892)
+++ branches/2016Q3/editors/openoffice-4/distinfo	Thu Jul 21 19:21:16 2016	(r418893)
@@ -1,6 +1,7 @@
+TIMESTAMP = 1469002349
 SHA256 (openoffice/apache-openoffice-4.1.2-r1709696-src.tar.bz2) = 2e06774424eb564559f9e6d63ff79aa00522b210067717c5a8cfb54b3b7f1812
 SIZE (openoffice/apache-openoffice-4.1.2-r1709696-src.tar.bz2) = 219041975
-SHA256 (openoffice/ApacheOpenOffice.ext_sources.4.x.x.20150707.tar.gz) = 966a8333c83a18ddd84401389006d6e0b52b8175924b808b54b88211669985fa
-SIZE (openoffice/ApacheOpenOffice.ext_sources.4.x.x.20150707.tar.gz) = 28957004
 SHA256 (openoffice/unowinreg.dll) = f563e522922133db9340b0306711c2d8767cc3481dd9e7d9b0d059906d12653c
 SIZE (openoffice/unowinreg.dll) = 6144
+SHA256 (openoffice/ApacheOpenOffice.ext_sources.4.x.x.20150707.tar.gz) = 966a8333c83a18ddd84401389006d6e0b52b8175924b808b54b88211669985fa
+SIZE (openoffice/ApacheOpenOffice.ext_sources.4.x.x.20150707.tar.gz) = 28957004

Copied: branches/2016Q3/editors/openoffice-4/files/patch-CVE-2016-1513 (from r418885, head/editors/openoffice-4/files/patch-CVE-2016-1513)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2016Q3/editors/openoffice-4/files/patch-CVE-2016-1513	Thu Jul 21 19:21:16 2016	(r418893, copy of r418885, head/editors/openoffice-4/files/patch-CVE-2016-1513)
@@ -0,0 +1,26 @@
+--- tools/source/generic/poly2.cxx.orig	2014-02-25 08:20:50 UTC
++++ tools/source/generic/poly2.cxx
+@@ -196,8 +196,9 @@ void PolyPolygon::Insert( const Polygon&
+ 
+ void PolyPolygon::Remove( sal_uInt16 nPos )
+ {
+-	DBG_CHKTHIS( PolyPolygon, NULL );
+-	DBG_ASSERT( nPos < Count(), "PolyPolygon::Remove(): nPos >= nSize" );
++    DBG_CHKTHIS( PolyPolygon, NULL );
++    DBG_ASSERT( nPos < Count(), "PolyPolygon::Remove(): nPos >= nSize" );
++    if ( nPos >= Count() ) return; // not removable
+ 
+ 	if ( mpImplPolyPolygon->mnRefCount > 1 )
+ 	{
+@@ -216,8 +217,9 @@ void PolyPolygon::Remove( sal_uInt16 nPo
+ 
+ void PolyPolygon::Replace( const Polygon& rPoly, sal_uInt16 nPos )
+ {
+-	DBG_CHKTHIS( PolyPolygon, NULL );
+-	DBG_ASSERT( nPos < Count(), "PolyPolygon::Replace(): nPos >= nSize" );
++    DBG_CHKTHIS( PolyPolygon, NULL );
++    DBG_ASSERT( nPos < Count(), "PolyPolygon::Replace(): nPos >= nSize" );
++    if ( nPos >= Count() ) return; // not replaceable	
+ 
+ 	if ( mpImplPolyPolygon->mnRefCount > 1 )
+ 	{