rpms/netpbm
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- fix CAN-2005-2471, unsafe gs calls from pstopnm (#165355)

Browse Source
This commit is contained in:
Jindrich Novy 2005-08-09 07:16:50 +00:00
parent 58c4f59992
commit a936aaacd4
2 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
netpbm-10.28-CAN-2005-2471.patch Normal file
View File

@ -0,0 +1,19 @@
--- netpbm-10.28/converter/other/pstopnm.c.CAN-2005-2471 2004-06-23 04:22:33.000000000 +0200
+++ netpbm-10.28/converter/other/pstopnm.c 2005-08-09 08:41:42.000000000 +0200
@@ -702,13 +702,13 @@
if (verbose) {
pm_message("execing '%s' with args '%s' (arg 0), "
- "'%s', '%s', '%s', '%s', '%s', '%s', '%s'",
+ "'%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s'",
ghostscriptProg, arg0,
- deviceopt, outfileopt, gopt, ropt, "-q", "-dNOPAUSE", "-");
+ deviceopt, outfileopt, gopt, ropt, "-q", "-dNOPAUSE", "-dPARANOIDSAFER", "-");
}
execl(ghostscriptProg, arg0, deviceopt, outfileopt, gopt, ropt, "-q",
- "-dNOPAUSE", "-", NULL);
+ "-dNOPAUSE", "-dPARANOIDSAFER", "-", NULL);
pm_error("execl() of Ghostscript ('%s') failed, errno=%d (%s)",
ghostscriptProg, errno, strerror(errno));

7
netpbm.spec
View File

@ -1,7 +1,7 @@
Summary: A library for handling different graphics file formats. Summary: A library for handling different graphics file formats.
Name: netpbm Name: netpbm
Version: 10.28 Version: 10.28
Release: 4 Release: 5
License: freeware License: freeware
Group: System Environment/Libraries Group: System Environment/Libraries
URL: http://netpbm.sourceforge.net/ URL: http://netpbm.sourceforge.net/
@ -21,6 +21,7 @@ Patch10: netpbm-10.27-bmptopnm.patch
Patch11: netpbm-10.27-libpm.patch Patch11: netpbm-10.27-libpm.patch
Patch12: netpbm-10.27-pnmtojpeg.patch Patch12: netpbm-10.27-pnmtojpeg.patch
Patch13: netpbm-10.28-pbmtolj.patch Patch13: netpbm-10.28-pbmtolj.patch
Patch14: netpbm-10.28-CAN-2005-2471.patch
Buildroot: %{_tmppath}/%{name}-root Buildroot: %{_tmppath}/%{name}-root
BuildPrereq: libjpeg-devel, libpng-devel, libtiff-devel, perl BuildPrereq: libjpeg-devel, libpng-devel, libtiff-devel, perl
Obsoletes: libgr Obsoletes: libgr
@ -78,6 +79,7 @@ netpbm-progs. You'll also need to install the netpbm package.
%patch11 -p1 -b .libpm %patch11 -p1 -b .libpm
%patch12 -p1 -b .pnmtojpeg %patch12 -p1 -b .pnmtojpeg
%patch13 -p1 -b .pbmtolj %patch13 -p1 -b .pbmtolj
%patch14 -p1 -b .CAN-2005-2471
##mv shhopt/shhopt.h shhopt/pbmshhopt.h ##mv shhopt/shhopt.h shhopt/pbmshhopt.h
##perl -pi -e 's|shhopt.h|pbmshhopt.h|g' `find -name "*.c" -o -name "*.h"` ./GNUmakefile ##perl -pi -e 's|shhopt.h|pbmshhopt.h|g' `find -name "*.c" -o -name "*.h"` ./GNUmakefile
@ -175,6 +177,9 @@ rm -rf $RPM_BUILD_ROOT/usr/config_template
%{_mandir}/man5/* %{_mandir}/man5/*
%changelog %changelog
* Tue Aug 09 2005 Jindrich Novy <jnovy@redhat.com> 10.28-5
- fix CAN-2005-2471, unsafe gs calls from pstopnm (#165355)
* Thu Jul 21 2005 Jindrich Novy <jnovy@redhat.com> 10.28-4 * Thu Jul 21 2005 Jindrich Novy <jnovy@redhat.com> 10.28-4
- fix buffer overflow in pbmtolj (#163596) - fix buffer overflow in pbmtolj (#163596)