summaryrefslogtreecommitdiff
path: root/media-libs/raptor
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2021-05-04 22:28:33 +0100
committerV3n3RiX <venerix@redcorelinux.org>2021-05-04 22:28:33 +0100
commita978c074e4272bb901fbe4a10de0a7b2af574f17 (patch)
tree8c764c1cc0576389ce22abd317bceba71ea5732d /media-libs/raptor
parent40aaaa64e86ba6710bbeb31c4615a6ce80e75e11 (diff)
gentoo resync : 04.05.2021
Diffstat (limited to 'media-libs/raptor')
-rw-r--r--media-libs/raptor/Manifest3
-rw-r--r--media-libs/raptor/files/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch32
-rw-r--r--media-libs/raptor/raptor-2.0.15-r3.ebuild (renamed from media-libs/raptor/raptor-2.0.15-r2.ebuild)1
3 files changed, 35 insertions, 1 deletions
diff --git a/media-libs/raptor/Manifest b/media-libs/raptor/Manifest
index 8ea11306d5a4..d8283ff2c368 100644
--- a/media-libs/raptor/Manifest
+++ b/media-libs/raptor/Manifest
@@ -1,5 +1,6 @@
+AUX 0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch 1197 BLAKE2B f570a9a479e9d73f506c16dc7c3a75badf5da2e2407173b1ddd6ed8374f269ca628ea1b84adf94ac3b055db9a1d74f812db9557b96c92300f53c60a5048728a6 SHA512 1d392b6fc41d59349b75e9ab5adcf95a545c02709ec2a71b1855f98a444c9e753ca44464264c624fcaf6e49404f8f92d7aa7b85dfacecb1c7c28f3960e9c4fb9
AUX raptor-2.0.15-dont_use_curl-config.patch 1681 BLAKE2B 5c3b241836e04dabbcd6fd9db6e89225fcd8cf4c1eed24dff7bb5348d7a0985633a7f9173a5279b04ec277ad0f775a18c52ae33af86b6522a21a3e63123d162d SHA512 28e3137592c14dcf9fc1d8401e6bc58af7f1abcab4886acde42a03dd7b61aa9b176672300951f7b4fcdf5128ce445f12594f7a09444331d1d6c34aaa7a4b9cfc
AUX raptor-2.0.15-heap-overflow.patch 1708 BLAKE2B cea8df63861760fe55f1320cbc0833d814c38148b3d5f2b7163348de48bd95a37ee3000d312ce76879c798182f74d60f49fcef89f5f051bd40febc0c1da68099 SHA512 f7df0ec3123ac8ec9f2852dfb54e380d210446a36ab2f74aa9d2dcb8346162046d239b4db9a0747b18e3d19f4dc1ce41d194557c5e53027a3618e81b7b251d3d
DIST raptor2-2.0.15.tar.gz 1886657 BLAKE2B 0a39c7b5705bfbf2daa0ca633f79693953b4dfe24c144008d1646a9840a36d4d7ce153b527450647127ec2522047dbd0a6e71f307ee5656951f7e4b610adfd22 SHA512 563dd01869eb4df8524ec12e2c0a541653874dcd834bd1eb265bc2943bb616968f624121d4688579cdce11b4f00a8ab53b7099f1a0850e256bb0a2c16ba048ee
-EBUILD raptor-2.0.15-r2.ebuild 1634 BLAKE2B 15757b722752da142e88e0224b77725c1ec60479f5610521aff75145cc3dfba266b78da064d381fcbd1ae48006538008edddf4e5587acbb73986727d0c59517f SHA512 4fb565b6dfe1f35206f535051fb7f8c067d328ada3872ab27ed54c6dedd4b1c933e17b93d33eafa0c9566ded69c6249fc17c01f37b99036cf1f22be8d747f1f6
+EBUILD raptor-2.0.15-r3.ebuild 1713 BLAKE2B 9c61a997c410dc4600384ec53b8995ea4782dd2169179c49073b0812953ef399a9ce360b8b6c4d626aae7351e80d50763abe76ea2c85eb9c482bbef04817ec6b SHA512 bb56a414bd06bcf3ee8a656e87e1e7171e2e7fd4bf3c690995d97e3aedd7a99418083f19a0ab2da8772ea6d985a888757e8ba393d02a1c9298c1eaabd7f06ad5
MISC metadata.xml 337 BLAKE2B 6244cd4ab5d8d13437590c4bbb672cb9b5ad47f7e70d30adda368737d745daf4df249eb2166d2ab8335fe0a0fec5b8d3afa9ec091cc6ddcaaf0f2d05f9425741 SHA512 3a2c420495274cfca80f0103066b282b9f1301786a8cbde76b894fac721030bee949fc468c92841698038b991b07fa66f15891392784041a87f655d1860fd11c
diff --git a/media-libs/raptor/files/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch b/media-libs/raptor/files/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch
new file mode 100644
index 000000000000..dc693dfec222
--- /dev/null
+++ b/media-libs/raptor/files/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch
@@ -0,0 +1,32 @@
+From a549457461874157c8c8e8e8a6e0eec06da4fbd0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
+Date: Tue, 24 Nov 2020 10:30:20 +0000
+Subject: [PATCH] CVE-2020-25713 raptor2: malformed input file can lead to a
+ segfault
+
+due to an out of bounds array access in
+raptor_xml_writer_start_element_common
+
+See:
+https://bugs.mageia.org/show_bug.cgi?id=27605
+https://www.openwall.com/lists/oss-security/2020/11/13/1
+https://gerrit.libreoffice.org/c/core/+/106249
+---
+ src/raptor_xml_writer.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
+index 56993dc3..4426d38c 100644
+--- a/src/raptor_xml_writer.c
++++ b/src/raptor_xml_writer.c
+@@ -227,7 +227,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
+
+ /* check it wasn't an earlier declaration too */
+ for(j = 0; j < nspace_declarations_count; j++)
+- if(nspace_declarations[j].nspace == element->attributes[j]->nspace) {
++ if(nspace_declarations[j].nspace == element->attributes[i]->nspace) {
+ declare_me = 0;
+ break;
+ }
+--
+2.28.0
diff --git a/media-libs/raptor/raptor-2.0.15-r2.ebuild b/media-libs/raptor/raptor-2.0.15-r3.ebuild
index e2a831c99843..1f3f7e84c669 100644
--- a/media-libs/raptor/raptor-2.0.15-r2.ebuild
+++ b/media-libs/raptor/raptor-2.0.15-r3.ebuild
@@ -41,6 +41,7 @@ HTML_DOCS=( {NEWS,README,RELEASE,UPGRADING}.html )
PATCHES=(
"${FILESDIR}/${P}-heap-overflow.patch"
"${FILESDIR}/${P}-dont_use_curl-config.patch" #552474
+ "${FILESDIR}/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch"
)
src_prepare() {