rpms/poppler/devel poppler-0.12.1-CVE-2009-3607.patch, NONE, 1.1 poppler.spec, 1.103, 1.104
Rex Dieter
rdieter at fedoraproject.org
Sun Oct 25 22:09:41 UTC 2009
- Previous message (by thread): rpms/rubygem-rack/devel .cvsignore, 1.4, 1.5 import.log, 1.3, 1.4 rubygem-rack.spec, 1.5, 1.6 sources, 1.4, 1.5
- Next message (by thread): rpms/poppler/F-12 poppler-0.12.1-CVE-2009-3607.patch, NONE, 1.1 poppler.spec, 1.103, 1.104
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rdieter
Update of /cvs/pkgs/rpms/poppler/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28418/devel
Modified Files:
poppler.spec
Added Files:
poppler-0.12.1-CVE-2009-3607.patch
Log Message:
* Sun Oct 25 2009 Rex Dieter <rdieter at fedoraproject.org> - 0.12.1-2
- CVE-2009-3607 (#530890)
poppler-0.12.1-CVE-2009-3607.patch:
poppler-page.cc | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
--- NEW FILE poppler-0.12.1-CVE-2009-3607.patch ---
http://cgit.freedesktop.org/poppler/poppler/commit/?id=c839b70609
CVE-2009-3607
diff -pruN poppler-0.12.1.orig/glib/poppler-page.cc poppler-0.12.1/glib/poppler-page.cc
--- poppler-0.12.1.orig/glib/poppler-page.cc 2009-09-09 23:22:31.000000000 +0200
+++ poppler-0.12.1/glib/poppler-page.cc 2009-10-25 18:54:30.000000000 +0100
@@ -609,28 +609,28 @@ create_surface_from_thumbnail_data (guch
gint rowstride)
{
guchar *cairo_pixels;
+ gint cairo_stride;
cairo_surface_t *surface;
- static cairo_user_data_key_t key;
int j;
- cairo_pixels = (guchar *)g_malloc (4 * width * height);
- surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels,
- CAIRO_FORMAT_RGB24,
- width, height, 4 * width);
- cairo_surface_set_user_data (surface, &key,
- cairo_pixels, (cairo_destroy_func_t)g_free);
+ surface = cairo_image_surface_create (CAIRO_FORMAT_RGB24, width, height);
+ if (cairo_surface_status (surface))
+ return NULL;
+
+ cairo_pixels = cairo_image_surface_get_data (surface);
+ cairo_stride = cairo_image_surface_get_stride (surface);
for (j = height; j; j--) {
guchar *p = data;
guchar *q = cairo_pixels;
guchar *end = p + 3 * width;
-
+
while (p < end) {
#if G_BYTE_ORDER == G_LITTLE_ENDIAN
q[0] = p[2];
q[1] = p[1];
q[2] = p[0];
-#else
+#else
q[1] = p[0];
q[2] = p[1];
q[3] = p[2];
@@ -640,7 +640,7 @@ create_surface_from_thumbnail_data (guch
}
data += rowstride;
- cairo_pixels += 4 * width;
+ cairo_pixels += cairo_stride;
}
return surface;
Index: poppler.spec
===================================================================
RCS file: /cvs/pkgs/rpms/poppler/devel/poppler.spec,v
retrieving revision 1.103
retrieving revision 1.104
diff -u -p -r1.103 -r1.104
--- poppler.spec 19 Oct 2009 14:38:06 -0000 1.103
+++ poppler.spec 25 Oct 2009 22:09:40 -0000 1.104
@@ -2,7 +2,7 @@
Summary: PDF rendering library
Name: poppler
Version: 0.12.1
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2
Group: Development/Libraries
URL: http://poppler.freedesktop.org/
@@ -10,9 +10,14 @@ Source0: http://poppler.freedesktop.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
## upstreamable patches
+
+## upstream patches
# for texlive/pdftex, make ObjStream class public
Patch100: poppler-0.12.1-objstream.patch
+# CVE-2009-3607 / c839b70609
+Patch162: poppler-0.12.1-CVE-2009-3607.patch
+
BuildRequires: automake libtool
BuildRequires: cairo-devel >= 1.8.4
BuildRequires: gtk2-devel
@@ -116,6 +121,7 @@ converting PDF files to a number of othe
%setup -q
%patch100 -p1 -b .objstream
+%patch162 -p1 -b .CVE-2009-3607
# hammer to nuke rpaths, recheck on new releases
autoreconf -i -f
@@ -214,6 +220,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Sun Oct 25 2009 Rex Dieter <rdieter at fedoraproject.org> - 0.12.1-2
+- CVE-2009-3607 (#530890)
+
* Mon Oct 19 2009 Rex Dieter <rdieter at fedoraproject.org> - 0.12.1-1
- poppler-0.12.1
- deprecate xpdf/pdftohtml Conflicts/Obsoletes
- Previous message (by thread): rpms/rubygem-rack/devel .cvsignore, 1.4, 1.5 import.log, 1.3, 1.4 rubygem-rack.spec, 1.5, 1.6 sources, 1.4, 1.5
- Next message (by thread): rpms/poppler/F-12 poppler-0.12.1-CVE-2009-3607.patch, NONE, 1.1 poppler.spec, 1.103, 1.104
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list