[subversion-commit] SVN tetex commit + diffs: r384 - in tetex-bin/trunk/debian: . patches

Frank Küster frank at costa.debian.org
Thu Dec 8 12:13:32 UTC 2005 

Author: frank
Date: 2005-12-08 12:13:31 +0000 (Thu, 08 Dec 2005)
New Revision: 384

Modified:
   tetex-bin/trunk/debian/changelog
   tetex-bin/trunk/debian/patches/patch-CVE-2005-3191+2+3
Log:
correct patch for xpdf vulnerability

Modified: tetex-bin/trunk/debian/changelog
===================================================================
--- tetex-bin/trunk/debian/changelog	2005-12-08 08:47:02 UTC (rev 383)
+++ tetex-bin/trunk/debian/changelog	2005-12-08 12:13:31 UTC (rev 384)
@@ -1,3 +1,11 @@
+tetex-bin (3.0-11.1) unstable; urgency=low
+
+  * The patch for the security fix in the last upload was not complete, I
+    hope it's correct now - many thanks to Martin Pitt
+    <martin.pitt at canonical.com> [frank]
+
+ -- Frank Küster <frank at debian.org>  Thu,  8 Dec 2005 13:13:45 +0100
+
 tetex-bin (3.0-11) unstable; urgency=high
 
   * Apply xpdf patch 3.01pl1 to fix vulnerabilities in the included xpdf

Modified: tetex-bin/trunk/debian/patches/patch-CVE-2005-3191+2+3
===================================================================
--- tetex-bin/trunk/debian/patches/patch-CVE-2005-3191+2+3	2005-12-08 08:47:02 UTC (rev 383)
+++ tetex-bin/trunk/debian/patches/patch-CVE-2005-3191+2+3	2005-12-08 12:13:31 UTC (rev 384)
@@ -1,7 +1,7 @@
 Index: tetex-bin-3.0/libs/xpdf/xpdf/Stream.h
 ===================================================================
---- tetex-bin-3.0.orig/libs/xpdf/xpdf/Stream.h	2005-12-07 13:48:05.000000000 +0100
-+++ tetex-bin-3.0/libs/xpdf/xpdf/Stream.h	2005-12-07 14:07:25.000000000 +0100
+--- tetex-bin-3.0.orig/libs/xpdf/xpdf/Stream.h	2005-12-07 14:10:04.000000000 +0100
++++ tetex-bin-3.0/libs/xpdf/xpdf/Stream.h	2005-12-08 13:09:27.000000000 +0100
 @@ -233,6 +233,8 @@
  
    ~StreamPredictor();
@@ -21,8 +21,8 @@
  //------------------------------------------------------------------------
 Index: tetex-bin-3.0/libs/xpdf/xpdf/Stream.cc
 ===================================================================
---- tetex-bin-3.0.orig/libs/xpdf/xpdf/Stream.cc	2005-12-07 13:48:05.000000000 +0100
-+++ tetex-bin-3.0/libs/xpdf/xpdf/Stream.cc	2005-12-07 14:07:25.000000000 +0100
+--- tetex-bin-3.0.orig/libs/xpdf/xpdf/Stream.cc	2005-12-07 14:10:04.000000000 +0100
++++ tetex-bin-3.0/libs/xpdf/xpdf/Stream.cc	2005-12-08 13:11:14.000000000 +0100
 @@ -407,18 +407,33 @@
  
  StreamPredictor::StreamPredictor(Stream *strA, int predictorA,
@@ -69,7 +69,7 @@
    } else {
      pred = NULL;
    }
-@@ -2897,6 +2916,14 @@
+@@ -2897,6 +2916,10 @@
    height = read16();
    width = read16();
    numComps = str->getChar();
@@ -77,6 +77,13 @@
 +    error(getPos(), "Bad number of components in DCT stream", prec);
 +    return gFalse;
 +  }
+   if (prec != 8) {
+     error(getPos(), "Bad DCT precision %d", prec);
+     return gFalse;
+@@ -2923,6 +2946,10 @@
+   height = read16();
+   width = read16();
+   numComps = str->getChar();
 +  if (numComps <= 0 || numComps > 4) {
 +    error(getPos(), "Bad number of components in DCT stream", prec);
 +    return gFalse;
@@ -97,8 +104,8 @@
    }
 Index: tetex-bin-3.0/libs/xpdf/xpdf/JPXStream.cc
 ===================================================================
---- tetex-bin-3.0.orig/libs/xpdf/xpdf/JPXStream.cc	2005-12-07 13:48:05.000000000 +0100
-+++ tetex-bin-3.0/libs/xpdf/xpdf/JPXStream.cc	2005-12-07 14:09:40.000000000 +0100
+--- tetex-bin-3.0.orig/libs/xpdf/xpdf/JPXStream.cc	2005-12-07 14:10:04.000000000 +0100
++++ tetex-bin-3.0/libs/xpdf/xpdf/JPXStream.cc	2005-12-08 13:09:27.000000000 +0100
 @@ -666,7 +666,7 @@
    int segType;
    GBool haveSIZ, haveCOD, haveQCD, haveSOT;

More information about the Pkg-tetex-commits mailing list