From 5564317dca8a9379e109d2db664ae3703c0e6532 Mon Sep 17 00:00:00 2001 From: Michael Nottebrock Date: Fri, 6 May 2005 16:53:11 +0000 Subject: Fix regressions introduced in the previous KDE security updates: The Kimgio patch broke reading of .rgb images in most cases due to a fence-post error. The Kommander patch was incorrect and still allowed execution of files served from /tmp. Security: References: http://www.kde.org/info/security/advisory-20050421-1.txt http://www.kde.org/info/security/advisory-20050420-1.txt --- x11/kdelibs3/Makefile | 2 +- x11/kdelibs3/files/patch-post-3.4.0-kdelibs-kimgio | 9 --------- 2 files changed, 1 insertion(+), 10 deletions(-) (limited to 'x11/kdelibs3') diff --git a/x11/kdelibs3/Makefile b/x11/kdelibs3/Makefile index fd21ee05e54b..078c64a7a715 100644 --- a/x11/kdelibs3/Makefile +++ b/x11/kdelibs3/Makefile @@ -8,7 +8,7 @@ PORTNAME= kdelibs PORTVERSION= ${KDE_VERSION} -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= x11 kde MASTER_SITES= ${MASTER_SITE_KDE} MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src diff --git a/x11/kdelibs3/files/patch-post-3.4.0-kdelibs-kimgio b/x11/kdelibs3/files/patch-post-3.4.0-kdelibs-kimgio index f7990101ae3f..c1ede2bf9945 100644 --- a/x11/kdelibs3/files/patch-post-3.4.0-kdelibs-kimgio +++ b/x11/kdelibs3/files/patch-post-3.4.0-kdelibs-kimgio @@ -620,15 +620,6 @@ diff -u -3 -d -p -r1.31 -r1.31.2.1 for (x = 0; x < m_xsize; x++, c++) *c = qRgba(qRed(*c), qGreen(*c), qBlue(*c), line[x]); } -@@ -270,7 +272,7 @@ bool SGIImage::readImage(QImage& img) - // sanity ckeck - if (m_rle) - for (uint o = 0; o < m_numrows; o++) -- if (m_starttab[o] + m_lengthtab[o] > m_data.size()) { -+ if (m_starttab[o] + m_lengthtab[o] >= m_data.size()) { - kdDebug(399) << "image corrupt (sanity check failed)" << endl; - return false; - } diff -u -3 -d -p -r1.14 -r1.14.2.1 --- kimgio/tiffr.cpp 22 Nov 2004 03:52:18 -0000 1.14 +++ kimgio/tiffr.cpp 19 Apr 2005 10:48:00 -0000 1.14.2.1 -- cgit v1.2.3