diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
commit | 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 (patch) | |
tree | 7681bbd4e8b05407772df40a4bf04cbbc8afc3fa /dev-libs/libcroco | |
parent | 30a9caf154332f12ca60756e1b75d2f0e3e1822d (diff) |
gentoo resync : 14.07.2018
Diffstat (limited to 'dev-libs/libcroco')
-rw-r--r-- | dev-libs/libcroco/Manifest | 5 | ||||
-rw-r--r-- | dev-libs/libcroco/files/0.6.12-CVE-2017-7960.patch | 40 | ||||
-rw-r--r-- | dev-libs/libcroco/files/0.6.12-CVE-2017-7961.patch | 42 | ||||
-rw-r--r-- | dev-libs/libcroco/libcroco-0.6.12-r1.ebuild | 59 | ||||
-rw-r--r-- | dev-libs/libcroco/metadata.xml | 16 |
5 files changed, 162 insertions, 0 deletions
diff --git a/dev-libs/libcroco/Manifest b/dev-libs/libcroco/Manifest new file mode 100644 index 000000000000..84b84fc595e5 --- /dev/null +++ b/dev-libs/libcroco/Manifest @@ -0,0 +1,5 @@ +AUX 0.6.12-CVE-2017-7960.patch 1285 BLAKE2B 10118fd008c5c009052f8802db3d65693806c4e90a29d06ae8cc9124b3ce4d2868d7cc689285b685841d989f66100ce50ccab0ea145152bfc818beeb1efff4fb SHA512 736240327aeddbb9a2d7272a7dd3dff2b459e5b99bd81ab9d881644c995e51879d9b3e9c8080571bd387d8dd46ab5cf656f8e2b4e3715fd5548ca32b1d77d58d +AUX 0.6.12-CVE-2017-7961.patch 1437 BLAKE2B 8678147cc24ff674b067691a3eeae42a5731faec2740c23a4679f689b51b160e51f0ec451b38954fb644b2545fab120aa2e97bd22bce253f5f4e5c1b7c21e22a SHA512 88cbcaf64e4c8ceb7002ffd05ce5f42880bd37a25f8c89e927760f0fa982122cde3819ace2e730cc0dd0e093812ad8470e8783477bc2bd10fe05aacf0b3e0e4f +DIST libcroco-0.6.12.tar.xz 482028 BLAKE2B d43b73ba21f600ec6d549b867a58db956e081ca8b0787db577062e36487d23cd99b384ca3269421d26aff9825725b262fd6a3e48be73448fe984548ab3eb080b SHA512 af9a171d5ccded255b57f170576e67155f12fa0f61ab3e379e907975f77afc37e82e22772c6019b2897cffc15b2425faf3ccfda92b1a45b23eda2519debabeb6 +EBUILD libcroco-0.6.12-r1.ebuild 1454 BLAKE2B 84850e5df4810ab53635a451be8958b388bd3a2a4fd7534d2f5f460efd3454fd8089e2937897c96c777ba445a28d3e565e1916a4d1cf61104874715741bc70de SHA512 6d62ee1abb2edb46a10c2b8746bd69bafac2f1abd9372299b79a182bdbd43f241ce194622b1f006203fd0c55974fc8863333e04bf462209a934973c8b8182a95 +MISC metadata.xml 597 BLAKE2B 93f85899d5ecfde37206061e57a03b1eaa181d9e2c105999621da011bbed2b11efaae603c2dbba0b405917653adc75cf849e92682e798e9514984e5577fee90f SHA512 9161b1cf0d796d0aeb681374b278be7938bc551316d6d7fc4fc1e19bfff4477f6b12bf606df0eb17c57e08ecb257f358f579a232ce6dbd6cc2f838aee4e2b9bf diff --git a/dev-libs/libcroco/files/0.6.12-CVE-2017-7960.patch b/dev-libs/libcroco/files/0.6.12-CVE-2017-7960.patch new file mode 100644 index 000000000000..50095d50b898 --- /dev/null +++ b/dev-libs/libcroco/files/0.6.12-CVE-2017-7960.patch @@ -0,0 +1,40 @@ +From 898e3a8c8c0314d2e6b106809a8e3e93cf9d4394 Mon Sep 17 00:00:00 2001 +From: Ignacio Casal Quinteiro +Date: Sun, 16 Apr 2017 13:13:43 +0200 +Subject: [PATCH 1/3] input: check end of input before reading a byte + +When reading bytes we weren't check that the index wasn't +out of bound and this could produce an invalid read which +could deal to a security bug. +--- +leio: Snipped cosmetic chunks + +diff --git a/src/cr-input.c b/src/cr-input.c +index 49000b1..3b63a88 100644 +--- a/src/cr-input.c ++++ b/src/cr-input.c +@@ -404,6 +404,8 @@ cr_input_get_nb_bytes_left (CRInput const * a_this) + enum CRStatus + cr_input_read_byte (CRInput * a_this, guchar * a_byte) + { ++ gulong nb_bytes_left = 0; ++ + g_return_val_if_fail (a_this && PRIVATE (a_this) + && a_byte, CR_BAD_PARAM_ERROR); + +@@ -413,6 +415,12 @@ cr_input_read_byte (CRInput * a_this, guchar * a_byte) + if (PRIVATE (a_this)->end_of_input == TRUE) + return CR_END_OF_INPUT_ERROR; + ++ nb_bytes_left = cr_input_get_nb_bytes_left (a_this); ++ ++ if (nb_bytes_left < 1) { ++ return CR_END_OF_INPUT_ERROR; ++ } ++ + *a_byte = PRIVATE (a_this)->in_buf[PRIVATE (a_this)->next_byte_index]; + + if (PRIVATE (a_this)->nb_bytes - +-- +2.10.1 + diff --git a/dev-libs/libcroco/files/0.6.12-CVE-2017-7961.patch b/dev-libs/libcroco/files/0.6.12-CVE-2017-7961.patch new file mode 100644 index 000000000000..65a08f4ebabc --- /dev/null +++ b/dev-libs/libcroco/files/0.6.12-CVE-2017-7961.patch @@ -0,0 +1,42 @@ +From 9ad72875e9f08e4c519ef63d44cdbd94aa9504f7 Mon Sep 17 00:00:00 2001 +From: Ignacio Casal Quinteiro <qignacio@amazon.com> +Date: Sun, 16 Apr 2017 13:56:09 +0200 +Subject: [PATCH 3/3] tknzr: support only max long rgb values + +This fixes a possible out of bound when reading rgbs which +are longer than the support MAXLONG +--- + src/cr-tknzr.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/cr-tknzr.c b/src/cr-tknzr.c +index 1a7cfeb..1548c35 100644 +--- a/src/cr-tknzr.c ++++ b/src/cr-tknzr.c +@@ -1279,6 +1279,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb) + status = cr_tknzr_parse_num (a_this, &num); + ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL)); + ++ if (num->val > G_MAXLONG) { ++ status = CR_PARSING_ERROR; ++ goto error; ++ } ++ + red = num->val; + cr_num_destroy (num); + num = NULL; +@@ -1298,6 +1303,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb) + status = cr_tknzr_parse_num (a_this, &num); + ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL)); + ++ if (num->val > G_MAXLONG) { ++ status = CR_PARSING_ERROR; ++ goto error; ++ } ++ + PEEK_BYTE (a_this, 1, &next_bytes[0]); + if (next_bytes[0] == '%') { + SKIP_CHARS (a_this, 1); +-- +2.10.1 + diff --git a/dev-libs/libcroco/libcroco-0.6.12-r1.ebuild b/dev-libs/libcroco/libcroco-0.6.12-r1.ebuild new file mode 100644 index 000000000000..19b49bd64c69 --- /dev/null +++ b/dev-libs/libcroco/libcroco-0.6.12-r1.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +GNOME2_LA_PUNT="yes" + +inherit gnome2 multilib-minimal + +DESCRIPTION="Generic Cascading Style Sheet (CSS) parsing and manipulation toolkit" +HOMEPAGE="https://git.gnome.org/browse/libcroco/" + +LICENSE="LGPL-2" +SLOT="0.6" +KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris" +IUSE="test" + +RDEPEND=" + >=dev-libs/glib-2.34.3:2[${MULTILIB_USEDEP}] + >=dev-libs/libxml2-2.9.1-r4[${MULTILIB_USEDEP}] +" +DEPEND="${RDEPEND} + dev-util/gtk-doc-am + >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}] +" + +PATCHES=( + "${FILESDIR}"/${PV}-CVE-2017-7960.patch + "${FILESDIR}"/${PV}-CVE-2017-7961.patch +) + +src_prepare() { + if ! use test; then + # don't waste time building tests + sed 's/^\(SUBDIRS .*\=.*\)tests\(.*\)$/\1\2/' -i Makefile.am Makefile.in \ + || die "sed failed" + fi + + gnome2_src_prepare +} + +multilib_src_configure() { + ECONF_SOURCE=${S} \ + gnome2_src_configure \ + --disable-static \ + $([[ ${CHOST} == *-darwin* ]] && echo --disable-Bsymbolic) + + if multilib_is_native_abi; then + ln -s "${S}"/docs/reference/html docs/reference/html || die + fi +} + +multilib_src_install() { + gnome2_src_install +} + +multilib_src_install_all() { + DOCS="AUTHORS ChangeLog HACKING NEWS README TODO" + einstalldocs +} diff --git a/dev-libs/libcroco/metadata.xml b/dev-libs/libcroco/metadata.xml new file mode 100644 index 000000000000..d296a917b37c --- /dev/null +++ b/dev-libs/libcroco/metadata.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="project"> + <email>gnome@gentoo.org</email> + <name>Gentoo GNOME Desktop</name> +</maintainer> +<longdescription> +The Libcroco project is an effort to build a generic Cascading Style Sheet (CSS) parsing and manipulation toolkit that can be used by GNOME applications in need of CSS support. + +provided is : +A parser module with : A SAC like api and A CSSOM like api. +A CSS2 selection engine +An XML/CSS layout/rendering engine +</longdescription> +</pkgmetadata> |