f956d661ad
* gnu/packages/patches/libwmf-CAN-2004-0941.patch, gnu/packages/patches/libwmf-CVE-2007-0455.patch, gnu/packages/patches/libwmf-CVE-2007-2756.patch, gnu/packages/patches/libwmf-CVE-2007-3472.patch, gnu/packages/patches/libwmf-CVE-2007-3473.patch, gnu/packages/patches/libwmf-CVE-2007-3477.patch, gnu/packages/patches/libwmf-CVE-2009-3546.patch: New files. * gnu/packages/patches/libwmf-CVE-2015-0848+4588+4695+4696.patch: Delete file. Replace with ... * gnu/packages/patches/libwmf-CVE-2015-0848+CVE-2015-4588.patch, gnu/packages/patches/libwmf-CVE-2015-4695.patch, gnu/packages/patches/libwmf-CVE-2015-4696.patch: ... these new files. * gnu-system.am (dist_patch_DATA): Adjust accordingly. * gnu/packages/image.scm (libwmf)[source]: Adjust set of patches.
20 lines
619 B
Diff
20 lines
619 B
Diff
Copied from Fedora.
|
|
|
|
http://pkgs.fedoraproject.org/cgit/libwmf.git/tree/libwmf-0.2.8.4-CVE-2007-2756.patch
|
|
|
|
--- libwmf-0.2.8.4/src/extra/gd/gd_png.c 1 Apr 2007 20:41:01 -0000 1.21.2.1
|
|
+++ libwmf-0.2.8.4/src/extra/gd/gd_png.c 16 May 2007 19:06:11 -0000
|
|
@@ -78,8 +78,11 @@
|
|
gdPngReadData (png_structp png_ptr,
|
|
png_bytep data, png_size_t length)
|
|
{
|
|
- gdGetBuf (data, length, (gdIOCtx *)
|
|
- png_get_io_ptr (png_ptr));
|
|
+ int check;
|
|
+ check = gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr));
|
|
+ if (check != length) {
|
|
+ png_error(png_ptr, "Read Error: truncated data");
|
|
+ }
|
|
}
|
|
|
|
static void
|