summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Sturmlechner <asturm@gentoo.org>2017-06-26 22:57:36 +0200
committerAndreas Sturmlechner <asturm@gentoo.org>2017-06-26 22:58:10 +0200
commitdfa7924ea685a59ebb1afb94775e8fe9f08b6739 (patch)
tree3af0191d9e864058fc956c878123fa0f73ef1954 /app-text
parentnet-analyzer/sslscan: add 1.11.0, fixing bug 619944 (diff)
downloadgentoo-dfa7924ea685a59ebb1afb94775e8fe9f08b6739.tar.gz
gentoo-dfa7924ea685a59ebb1afb94775e8fe9f08b6739.tar.bz2
gentoo-dfa7924ea685a59ebb1afb94775e8fe9f08b6739.zip
app-text/libmwaw: Fix CVE-2017-9433
Also drop unused RDEPEND. Gentoo-bug: 621880 Package-Manager: Portage-2.3.6, Repoman-2.3.1
Diffstat (limited to 'app-text')
-rw-r--r--app-text/libmwaw/files/libmwaw-0.3.11-CVE-2017-9433.patch19
-rw-r--r--app-text/libmwaw/libmwaw-0.3.11-r1.ebuild52
-rw-r--r--app-text/libmwaw/libmwaw-9999.ebuild1
3 files changed, 71 insertions, 1 deletions
diff --git a/app-text/libmwaw/files/libmwaw-0.3.11-CVE-2017-9433.patch b/app-text/libmwaw/files/libmwaw-0.3.11-CVE-2017-9433.patch
new file mode 100644
index 000000000000..4918fd4b6516
--- /dev/null
+++ b/app-text/libmwaw/files/libmwaw-0.3.11-CVE-2017-9433.patch
@@ -0,0 +1,19 @@
+commit 68b3b74569881248bfb6cbb4266177cc253b292f
+Author: David Tardon <dtardon@redhat.com>
+Date: Sat Apr 8 14:03:29 2017 +0200
+
+ ofz#1037 resize vector correctly
+
+diff --git a/src/lib/MsWrd1Parser.cxx b/src/lib/MsWrd1Parser.cxx
+index 63547e6..3626064 100644
+--- a/src/lib/MsWrd1Parser.cxx
++++ b/src/lib/MsWrd1Parser.cxx
+@@ -902,7 +902,7 @@ bool MsWrd1Parser::readFootnoteCorrespondance(MWAWVec2i limits)
+ int id = fIt++->second;
+ fPos[1] = fIt==footnoteMap.end() ? m_state->m_eot : fIt->first;
+ if (id >= int(m_state->m_footnotesList.size()))
+- m_state->m_footnotesList.resize(size_t(id),MWAWVec2l(0,0));
++ m_state->m_footnotesList.resize(size_t(id)+1,MWAWVec2l(0,0));
+ m_state->m_footnotesList[size_t(id)]=fPos;
+ }
+ ascii().addDelimiter(input->tell(),'|');
diff --git a/app-text/libmwaw/libmwaw-0.3.11-r1.ebuild b/app-text/libmwaw/libmwaw-0.3.11-r1.ebuild
new file mode 100644
index 000000000000..8be0198bd0f6
--- /dev/null
+++ b/app-text/libmwaw/libmwaw-0.3.11-r1.ebuild
@@ -0,0 +1,52 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+EGIT_REPO_URI="git://git.code.sf.net/p/libmwaw/libmwaw"
+[[ ${PV} == 9999 ]] && inherit autotools git-r3
+
+DESCRIPTION="Library parsing many pre-OSX MAC text formats"
+HOMEPAGE="https://sourceforge.net/p/libmwaw/wiki/Home/"
+[[ ${PV} == 9999 ]] || SRC_URI="mirror://sourceforge/${PN}/${P}.tar.xz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+
+[[ ${PV} == 9999 ]] || \
+KEYWORDS="~amd64 ~arm ~x86"
+
+IUSE="doc static-libs tools"
+
+RDEPEND="
+ dev-libs/librevenge
+ sys-libs/zlib
+"
+DEPEND="${RDEPEND}
+ sys-devel/libtool
+ virtual/pkgconfig
+ doc? ( app-doc/doxygen )
+"
+
+PATCHES=( "${FILESDIR}/${P}-CVE-2017-9433.patch" )
+
+src_prepare() {
+ default
+ [[ ${PV} == 9999 ]] && eautoreconf
+}
+
+src_configure() {
+ # zip is hard enabled as the zlib is dep on the rdeps anyway
+ econf \
+ --enable-zip \
+ --disable-werror \
+ --with-sharedptr=c++11 \
+ $(use_with doc docs) \
+ $(use_enable static-libs static) \
+ $(use_enable tools)
+}
+
+src_install() {
+ default
+ find "${D}" -name '*.la' -delete || die
+}
diff --git a/app-text/libmwaw/libmwaw-9999.ebuild b/app-text/libmwaw/libmwaw-9999.ebuild
index ed8c879dc73f..b0434c260bc2 100644
--- a/app-text/libmwaw/libmwaw-9999.ebuild
+++ b/app-text/libmwaw/libmwaw-9999.ebuild
@@ -20,7 +20,6 @@ IUSE="doc static-libs tools"
RDEPEND="
dev-libs/librevenge
- dev-libs/libxml2
sys-libs/zlib
"
DEPEND="${RDEPEND}