rpms/tk/devel tk-gifoverflow.patch,NONE,1.1 tk.spec,1.43,1.44

[Marcela Mašláňová (mmaslano)]

Author: mmaslano

Update of /cvs/pkgs/rpms/tk/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24864

Modified Files:
	tk.spec 
Added Files:
	tk-gifoverflow.patch 
Log Message:
CVE-2007-4851 Tk GIF processing buffer overflow


tk-gifoverflow.patch:

--- NEW FILE tk-gifoverflow.patch ---
--- tk8.4.15/generic/tkImgGIF.c.old	2006-03-27 14:13:56.000000000 +0200
+++ tk8.4.15/generic/tkImgGIF.c	2007-09-17 09:28:42.000000000 +0200
@@ -995,7 +995,7 @@
 	 */
 	if (interlace) {
 	    ypos += interlaceStep[pass];
-	    while (ypos >= height) {
+	    while (ypos >= rows) {
 		pass++;
 		if (pass > 3) {
 		    return TCL_OK;


Index: tk.spec
===================================================================
RCS file: /cvs/pkgs/rpms/tk/devel/tk.spec,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- tk.spec	31 Aug 2007 17:59:06 -0000	1.43
+++ tk.spec	17 Sep 2007 07:37:51 -0000	1.44
@@ -3,7 +3,7 @@
 Summary: The graphical toolkit for the Tcl scripting language
 Name: tk
 Version: %{majorver}.15
-Release: 4%{?dist}
+Release: 5%{?dist}
 Epoch:   1
 License: TCL
 Group: Development/Languages
@@ -18,6 +18,7 @@
 # panedwindow.n from itcl conflicts
 Conflicts: itcl <= 3.2
 Patch1: tk-confi.patch
+Patch2: tk-gifoverflow.patch
 
 %description
 When paired with the Tcl scripting language, Tk provides a fast and powerful
@@ -39,7 +40,8 @@
 %prep
 %setup -n %{name}%{version} -q
 
-%patch1  -p1 -b .confi
+%patch1 -p1 -b .confi
+%patch2 -p1 -b .buffer
 
 %build
 cd unix
@@ -107,6 +109,10 @@
 %{_mandir}/man3/*
 
 %changelog
+* Mon Sep 17 2007 Marcela Maslanova <mmaslano at redhat.com> - 1:8.4.15-5
+- CVE-2007-4851 Tk GIF processing buffer overflow
+- Resolves: rhbz#290991
+
 * Fri Aug 31 2007 Jeremy Katz <katzj at redhat.com> - 1:8.4.15-4
 - BR gawk to unbreak things