Hi ports@,
Here is a diff to update optipng to 0.7.7.
MAINTAINER is CCed.
Comments? OK?
Index: Makefile
===================================================================
RCS file: /cvs/ports/graphics/optipng/Makefile,v
retrieving revision 1.4
diff -u -p -r1.4 Makefile
--- Makefile 12 Dec 2017 15:51:44 -0000 1.4
+++ Makefile 2 Jan 2018 21:10:20 -0000
@@ -1,8 +1,7 @@
# $OpenBSD: Makefile,v 1.4 2017/12/12 15:51:44 fcambus Exp $
COMMENT = lossless PNG optimizer
-DISTNAME = optipng-0.7.6
-REVISION = 0
+DISTNAME = optipng-0.7.7
CATEGORIES = graphics
HOMEPAGE = http://optipng.sourceforge.net/
Index: distinfo
===================================================================
RCS file: /cvs/ports/graphics/optipng/distinfo,v
retrieving revision 1.3
diff -u -p -r1.3 distinfo
--- distinfo 1 Jul 2016 07:44:19 -0000 1.3
+++ distinfo 2 Jan 2018 21:10:20 -0000
@@ -1,2 +1,2 @@
-SHA256 (optipng-0.7.6.tar.gz) = SHBjH8vTglYF8AoWi43r9E6hzajvmKc+VBHu6XGZvoA=
-SIZE (optipng-0.7.6.tar.gz) = 2202237
+SHA256 (optipng-0.7.7.tar.gz) = TzLyM874cLP5XTrWQov+QiTvNJCPG0Kwut+FghZlRFI=
+SIZE (optipng-0.7.7.tar.gz) = 2329555
Index: patches/patch-src_gifread_gifread_c
===================================================================
RCS file: patches/patch-src_gifread_gifread_c
diff -N patches/patch-src_gifread_gifread_c
--- patches/patch-src_gifread_gifread_c 12 Dec 2017 15:51:44 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,17 +0,0 @@
-$OpenBSD: patch-src_gifread_gifread_c,v 1.1 2017/12/12 15:51:44 fcambus Exp $
-
-Fix for CVE-2017-16938 (Global buffer overflow)
-https://sourceforge.net/p/optipng/bugs/69/
-
-Index: src/gifread/gifread.c
---- src/gifread/gifread.c.orig
-+++ src/gifread/gifread.c
-@@ -499,6 +499,8 @@ static int LZWReadByte(int init_flag, int input_code_s
- *sp++ = table[1][code];
- if (code == table[0][code])
- GIFError("GIF/LZW error: circular table entry");
-+ if ((size_t)(sp - stack) >= sizeof(stack) / sizeof(stack[0]))
-+ GIFError("GIF/LZW error: circular table");
- code = table[0][code];
- }
-
Index: patches/patch-src_minitiff_tiffread_c
===================================================================
RCS file: patches/patch-src_minitiff_tiffread_c
diff -N patches/patch-src_minitiff_tiffread_c
--- patches/patch-src_minitiff_tiffread_c 12 Dec 2017 15:51:44 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,17 +0,0 @@
-$OpenBSD: patch-src_minitiff_tiffread_c,v 1.1 2017/12/12 15:51:44 fcambus Exp $
-
-Fix for CVE-2017-1000229 (Integer overflow)
-https://sourceforge.net/p/optipng/bugs/65/
-
-Index: src/minitiff/tiffread.c
---- src/minitiff/tiffread.c.orig
-+++ src/minitiff/tiffread.c
-@@ -350,6 +350,8 @@ minitiff_read_info(struct minitiff_info *tiff_ptr, FIL
- count = tiff_ptr->strip_offsets_count;
- if (count == 0 || count > tiff_ptr->height)
- goto err_invalid;
-+ if (count > (size_t)-1 / sizeof(long))
-+ goto err_memory;
- tiff_ptr->strip_offsets = (long *)malloc(count * sizeof(long));
- if (tiff_ptr->strip_offsets == NULL)
- goto err_memory;
No comments:
Post a Comment