commit: 41d04b8d7079876adcf13bf3792a5c9701686ca6 Author: Pacho Ramos <pacho <AT> gentoo <DOT> org> AuthorDate: Wed Mar 28 18:22:37 2018 +0000 Commit: Pacho Ramos <pacho <AT> gentoo <DOT> org> CommitDate: Wed Mar 28 18:23:31 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41d04b8d
app-office/pinpoint: Fix CVE-2013-7447 (#574384) Package-Manager: Portage-2.3.24, Repoman-2.3.6 .../files/pinpoint-0.1.8-CVE-2013-7447.patch | 33 ++++++++++++++ app-office/pinpoint/pinpoint-0.1.8-r1.ebuild | 50 ++++++++++++++++++++++ 2 files changed, 83 insertions(+) diff --git a/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch b/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch new file mode 100644 index 00000000000..b9c39ad7206 --- /dev/null +++ b/app-office/pinpoint/files/pinpoint-0.1.8-CVE-2013-7447.patch @@ -0,0 +1,33 @@ +From f90483245250456d6306b4fff2f68f445ef33864 Mon Sep 17 00:00:00 2001 +From: RyuzakiKK <[email protected]> +Date: Sat, 5 Aug 2017 20:00:30 +0200 +Subject: [PATCH] Avoid integer overflow + +pinpoint is affected by a possible integer overflow, that was also +found and patched upstream in gtk+ +https://git.gnome.org/browse/gtk+/commit/?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6 + +With g_malloc_m we can avoid the integer overflow. + +As pointed out by Pacho Ramos in +https://bugzilla.gnome.org/show_bug.cgi?id=762029 +--- + pp-cairo.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/pp-cairo.c b/pp-cairo.c +index 8afb362..dc0a452 100644 +--- a/pp-cairo.c ++++ b/pp-cairo.c +@@ -120,7 +120,7 @@ _cairo_new_surface_from_pixbuf (const GdkPixbuf *pixbuf) + format = CAIRO_FORMAT_ARGB32; + + cairo_stride = cairo_format_stride_for_width (format, width); +- cairo_pixels = g_malloc (height * cairo_stride); ++ cairo_pixels = g_malloc_n (height, cairo_stride); + surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels, + format, + width, height, cairo_stride); +-- +2.13.4 + diff --git a/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild b/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild new file mode 100644 index 00000000000..7bf59666c4c --- /dev/null +++ b/app-office/pinpoint/pinpoint-0.1.8-r1.ebuild @@ -0,0 +1,50 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +inherit gnome2 + +DESCRIPTION="A tool for making hackers do excellent presentations" +HOMEPAGE="https://wiki.gnome.org/Apps/Pinpoint"; + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+gstreamer +pdf" + +# rsvg is used for svg-in-pdf -- clubbing it under pdf for now +RDEPEND=" + >=media-libs/clutter-1.23.7:1.0 + >=media-libs/clutter-gtk-1.6:1.0 + >=dev-libs/glib-2.28:2 + >=x11-libs/cairo-1.9.4 + x11-libs/pango + x11-libs/gdk-pixbuf:2 + gstreamer? ( media-libs/clutter-gst:3.0 ) + pdf? ( gnome-base/librsvg:2 ) +" +DEPEND="${RDEPEND} + virtual/pkgconfig +" + +PATCHES=( + # Fix CVE-2013-7447, bug #574384, https://bugzilla.gnome.org/show_bug.cgi?id=762029 + "${FILESDIR}"/${P}-CVE-2013-7447.patch +) + +src_configure() { + # dax support is disabled because we don't have it in tree yet and it's + # experimental + gnome2_src_configure \ + --disable-dax \ + $(use_enable gstreamer cluttergst) \ + $(use_enable pdf rsvg) +} + +src_install() { + gnome2_src_install + + docompress -x /usr/share/doc/${PF}/examples + insinto "/usr/share/doc/${PF}/examples" + doins introduction.pin bg.jpg bowls.jpg linus.jpg +}
