From facae7b819c139b9d21cc9f09eef6322bad46192 Mon Sep 17 00:00:00 2001 From: Carsten Lohrke Date: Mon, 30 Jul 2007 17:56:31 +0000 Subject: Fix for bug 187139. (Portage version: 2.1.3_rc9) --- app-office/kword/ChangeLog | 8 ++- app-office/kword/files/digest-kword-1.6.3-r1 | 3 ++ .../kword/files/koffice-xpdf-CVE-2007-3387.diff | 20 ++++++++ app-office/kword/kword-1.6.3-r1.ebuild | 59 ++++++++++++++++++++++ 4 files changed, 89 insertions(+), 1 deletion(-) create mode 100644 app-office/kword/files/digest-kword-1.6.3-r1 create mode 100644 app-office/kword/files/koffice-xpdf-CVE-2007-3387.diff create mode 100644 app-office/kword/kword-1.6.3-r1.ebuild (limited to 'app-office/kword') diff --git a/app-office/kword/ChangeLog b/app-office/kword/ChangeLog index 97fb8c113be2..8e29aa8d9321 100644 --- a/app-office/kword/ChangeLog +++ b/app-office/kword/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-office/kword # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-office/kword/ChangeLog,v 1.102 2007/07/26 17:40:25 corsair Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-office/kword/ChangeLog,v 1.103 2007/07/30 17:56:31 carlo Exp $ + +*kword-1.6.3-r1 (30 Jul 2007) + + 30 Jul 2007; Carsten Lohrke + +files/koffice-xpdf-CVE-2007-3387.diff, +kword-1.6.3-r1.ebuild: + Fix for bug 187139. 26 Jul 2007; Markus Rothe kword-1.6.3.ebuild: Stable on ppc64; bug #178697 diff --git a/app-office/kword/files/digest-kword-1.6.3-r1 b/app-office/kword/files/digest-kword-1.6.3-r1 new file mode 100644 index 000000000000..0dc1fc75f716 --- /dev/null +++ b/app-office/kword/files/digest-kword-1.6.3-r1 @@ -0,0 +1,3 @@ +MD5 386d388094734f9759977c3267098e30 koffice-1.6.3.tar.bz2 56829391 +RMD160 e474ba48fa983fafb61ad58fb79cddda69ec6908 koffice-1.6.3.tar.bz2 56829391 +SHA256 c3975f0a59f50aaa5547f1709b6fad54f746fd06815859b374676b426dce12cb koffice-1.6.3.tar.bz2 56829391 diff --git a/app-office/kword/files/koffice-xpdf-CVE-2007-3387.diff b/app-office/kword/files/koffice-xpdf-CVE-2007-3387.diff new file mode 100644 index 000000000000..ded0e07205a7 --- /dev/null +++ b/app-office/kword/files/koffice-xpdf-CVE-2007-3387.diff @@ -0,0 +1,20 @@ +--- filters/kword/pdf/xpdf/xpdf/Stream.cc ++++ filters/kword/pdf/xpdf/xpdf/Stream.cc +@@ -413,13 +413,11 @@ StreamPredictor::StreamPredictor(Stream + predLine = NULL; + ok = gFalse; + +- if (width <= 0 || nComps <= 0 || nBits <= 0 || +- nComps >= INT_MAX / nBits || +- width >= INT_MAX / nComps / nBits) +- return; +- + nVals = width * nComps; +- if (nVals * nBits + 7 <= 0) ++ if (width <= 0 || nComps <= 0 || nBits <= 0 || ++ nComps >= 4 || nBits > 16 || ++ width >= INT_MAX / nComps || ++ nVals >= (INT_MAX - 7) / nBits) + return; + + pixBytes = (nComps * nBits + 7) >> 3; diff --git a/app-office/kword/kword-1.6.3-r1.ebuild b/app-office/kword/kword-1.6.3-r1.ebuild new file mode 100644 index 000000000000..43a3662c7900 --- /dev/null +++ b/app-office/kword/kword-1.6.3-r1.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-office/kword/kword-1.6.3-r1.ebuild,v 1.1 2007/07/30 17:56:31 carlo Exp $ + +KMNAME=koffice +MAXKOFFICEVER=${PV} +inherit kde-meta eutils + +DESCRIPTION="KOffice word processor." +HOMEPAGE="http://www.koffice.org/" +LICENSE="GPL-2 LGPL-2" + +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="" + +RDEPEND="$(deprange $PV $MAXKOFFICEVER app-office/koffice-libs) + $(deprange 1.6.2 $MAXKOFFICEVER app-office/kspread) + >=app-text/wv2-0.1.8 + >=media-gfx/imagemagick-5.5.2 + >=app-text/libwpd-0.8.2" + +DEPEND="${RDEPEND} + dev-util/pkgconfig" + +KMCOPYLIB="libkformula lib/kformula + libkofficecore lib/kofficecore + libkofficeui lib/kofficeui + libkopainter lib/kopainter + libkotext lib/kotext + libkwmf lib/kwmf + libkowmf lib/kwmf + libkstore lib/store + libkspreadcommon kspread" + +KMEXTRACTONLY=" + lib/ + kspread/" + +KMCOMPILEONLY="filters/liboofilter" + +KMEXTRA="filters/kword" + +need-kde 3.5 + +PATCHES="${FILESDIR}/koffice-xpdf-CVE-2007-3387.diff" + +src_unpack() { + kde-meta_src_unpack unpack + + # We need to compile libs first + echo "SUBDIRS = liboofilter kword" > $S/filters/Makefile.am + + for i in $(find ${S}/lib -iname "*\.ui"); do + ${QTDIR}/bin/uic ${i} > ${i%.ui}.h + done + + kde-meta_src_unpack makefiles +} -- cgit v1.2.3-65-gdbad