packages: xpdf/xpdf.spec, xpdf/xpdf-3.02pl5.patch (NEW) - up to 3.02pl5 (fi...

Sat Nov 6 00:34:09 CET 2010

Author: draenog                      Date: Fri Nov  5 23:34:09 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- up to 3.02pl5 (fixes CVE-2010-3702, CVS-2010-3704)

---- Files affected:
packages/xpdf:
   xpdf.spec (1.122 -> 1.123) , xpdf-3.02pl5.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/xpdf/xpdf.spec
diff -u packages/xpdf/xpdf.spec:1.122 packages/xpdf/xpdf.spec:1.123

--- packages/xpdf/xpdf.spec:1.122	Sun Jun  6 23:15:22 2010
+++ packages/xpdf/xpdf.spec	Sat Nov  6 00:34:03 2010
@@ -18,7 +18,7 @@
 Summary(uk.UTF-8):	Програма для перегляду PDF файлів
 Name:		xpdf
 Version:	3.02
-Release:	8
+Release:	9
 License:	GPL
 Group:		X11/Applications
 Source0:	ftp://ftp.foolabs.com/pub/xpdf/%{name}-%{version}.tar.gz
@@ -32,6 +32,7 @@
 Patch3:		%{name}-%{version}pl2.patch
 Patch4:		%{name}-%{version}pl3.patch
 Patch5:		%{name}-%{version}pl4.patch
+Patch6:		%{name}-%{version}pl5.patch
 URL:		http://www.foolabs.com/xpdf/
 %{?with_x:BuildRequires:	xorg-lib-libX11-devel}
 BuildRequires:	autoconf
@@ -114,6 +115,7 @@
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 
 %build
 %{__autoconf}
@@ -177,6 +179,9 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.123  2010/11/05 23:34:03  draenog
+- up to 3.02pl5 (fixes CVE-2010-3702, CVS-2010-3704)
+
 Revision 1.122  2010/06/06 21:15:22  radek
 - release 8: disable protections by default, use debian's patch (more complete)
 

================================================================
Index: packages/xpdf/xpdf-3.02pl5.patch
diff -u /dev/null packages/xpdf/xpdf-3.02pl5.patch:1.1
--- /dev/null	Sat Nov  6 00:34:09 2010
+++ packages/xpdf/xpdf-3.02pl5.patch	Sat Nov  6 00:34:03 2010
@@ -0,0 +1,41 @@
+*** xpdf-3.02.orig/xpdf/Gfx.cc	Tue Feb 27 14:05:52 2007
+--- xpdf-3.02/xpdf/Gfx.cc	Mon Oct 11 15:39:52 2010
+***************
+*** 461,466 ****
+--- 461,467 ----
+      baseMatrix[i] = state->getCTM()[i];
+    }
+    formDepth = 0;
++   parser = NULL;
+    abortCheckCbk = abortCheckCbkA;
+    abortCheckCbkData = abortCheckCbkDataA;
+  
+***************
+*** 500,505 ****
+--- 501,507 ----
+      baseMatrix[i] = state->getCTM()[i];
+    }
+    formDepth = 0;
++   parser = NULL;
+    abortCheckCbk = abortCheckCbkA;
+    abortCheckCbkData = abortCheckCbkDataA;
+  
+*** xpdf-3.02.orig/fofi/FoFiType1.cc	Tue Feb 27 14:05:51 2007
+--- xpdf-3.02/fofi/FoFiType1.cc	Mon Oct 11 15:44:13 2010
+***************
+*** 224,230 ****
+  		code = code * 8 + (*p2 - '0');
+  	      }
+  	    }
+! 	    if (code < 256) {
+  	      for (p = p2; *p == ' ' || *p == '\t'; ++p) ;
+  	      if (*p == '/') {
+  		++p;
+--- 224,230 ----
+  		code = code * 8 + (*p2 - '0');
+  	      }
+  	    }
+! 	    if (code >= 0 && code < 256) {
+  	      for (p = p2; *p == ' ' || *p == '\t'; ++p) ;
+  	      if (*p == '/') {
+  		++p;
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/xpdf/xpdf.spec?r1=1.122&r2=1.123&f=u

