[UPDATE] graphics/optipng to 0.7.7

Tue, 02 Jan 2018 13:15:11 -0800 

Hi ports@,

Here is a diff to update optipng to 0.7.7.

MAINTAINER is CCed.

Comments? OK?

Index: Makefile
===================================================================
RCS file: /cvs/ports/graphics/optipng/Makefile,v
retrieving revision 1.4
diff -u -p -r1.4 Makefile
--- Makefile    12 Dec 2017 15:51:44 -0000      1.4
+++ Makefile    2 Jan 2018 21:10:20 -0000
@@ -1,8 +1,7 @@
 # $OpenBSD: Makefile,v 1.4 2017/12/12 15:51:44 fcambus Exp $
 
 COMMENT =              lossless PNG optimizer
-DISTNAME =             optipng-0.7.6
-REVISION =             0
+DISTNAME =             optipng-0.7.7
 CATEGORIES =           graphics
 
 HOMEPAGE =             http://optipng.sourceforge.net/
Index: distinfo
===================================================================
RCS file: /cvs/ports/graphics/optipng/distinfo,v
retrieving revision 1.3
diff -u -p -r1.3 distinfo
--- distinfo    1 Jul 2016 07:44:19 -0000       1.3
+++ distinfo    2 Jan 2018 21:10:20 -0000
@@ -1,2 +1,2 @@
-SHA256 (optipng-0.7.6.tar.gz) = SHBjH8vTglYF8AoWi43r9E6hzajvmKc+VBHu6XGZvoA=
-SIZE (optipng-0.7.6.tar.gz) = 2202237
+SHA256 (optipng-0.7.7.tar.gz) = TzLyM874cLP5XTrWQov+QiTvNJCPG0Kwut+FghZlRFI=
+SIZE (optipng-0.7.7.tar.gz) = 2329555
Index: patches/patch-src_gifread_gifread_c
===================================================================
RCS file: patches/patch-src_gifread_gifread_c
diff -N patches/patch-src_gifread_gifread_c
--- patches/patch-src_gifread_gifread_c 12 Dec 2017 15:51:44 -0000      1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,17 +0,0 @@
-$OpenBSD: patch-src_gifread_gifread_c,v 1.1 2017/12/12 15:51:44 fcambus Exp $
-
-Fix for CVE-2017-16938 (Global buffer overflow)
-https://sourceforge.net/p/optipng/bugs/69/
-
-Index: src/gifread/gifread.c
---- src/gifread/gifread.c.orig
-+++ src/gifread/gifread.c
-@@ -499,6 +499,8 @@ static int LZWReadByte(int init_flag, int input_code_s
-             *sp++ = table[1][code];
-             if (code == table[0][code])
-                 GIFError("GIF/LZW error: circular table entry");
-+            if ((size_t)(sp - stack) >= sizeof(stack) / sizeof(stack[0]))
-+                GIFError("GIF/LZW error: circular table");
-             code = table[0][code];
-         }
- 
Index: patches/patch-src_minitiff_tiffread_c
===================================================================
RCS file: patches/patch-src_minitiff_tiffread_c
diff -N patches/patch-src_minitiff_tiffread_c
--- patches/patch-src_minitiff_tiffread_c       12 Dec 2017 15:51:44 -0000      
1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,17 +0,0 @@
-$OpenBSD: patch-src_minitiff_tiffread_c,v 1.1 2017/12/12 15:51:44 fcambus Exp $
-
-Fix for CVE-2017-1000229 (Integer overflow)
-https://sourceforge.net/p/optipng/bugs/65/
-
-Index: src/minitiff/tiffread.c
---- src/minitiff/tiffread.c.orig
-+++ src/minitiff/tiffread.c
-@@ -350,6 +350,8 @@ minitiff_read_info(struct minitiff_info *tiff_ptr, FIL
-         count = tiff_ptr->strip_offsets_count;
-         if (count == 0 || count > tiff_ptr->height)
-             goto err_invalid;
-+        if (count > (size_t)-1 / sizeof(long))
-+            goto err_memory;
-         tiff_ptr->strip_offsets = (long *)malloc(count * sizeof(long));
-         if (tiff_ptr->strip_offsets == NULL)
-             goto err_memory;

Reply via email to