diff options
Diffstat (limited to 'dev-libs/libcroco')
-rw-r--r-- | dev-libs/libcroco/Manifest | 5 | ||||
-rw-r--r-- | dev-libs/libcroco/files/0.6.12-CVE-2017-7960.patch | 40 | ||||
-rw-r--r-- | dev-libs/libcroco/files/0.6.12-CVE-2017-7961.patch | 42 | ||||
-rw-r--r-- | dev-libs/libcroco/libcroco-0.6.12-r1.ebuild | 59 | ||||
-rw-r--r-- | dev-libs/libcroco/metadata.xml | 16 |
5 files changed, 0 insertions, 162 deletions
diff --git a/dev-libs/libcroco/Manifest b/dev-libs/libcroco/Manifest deleted file mode 100644 index 84b84fc595e5..000000000000 --- a/dev-libs/libcroco/Manifest +++ /dev/null @@ -1,5 +0,0 @@ -AUX 0.6.12-CVE-2017-7960.patch 1285 BLAKE2B 10118fd008c5c009052f8802db3d65693806c4e90a29d06ae8cc9124b3ce4d2868d7cc689285b685841d989f66100ce50ccab0ea145152bfc818beeb1efff4fb SHA512 736240327aeddbb9a2d7272a7dd3dff2b459e5b99bd81ab9d881644c995e51879d9b3e9c8080571bd387d8dd46ab5cf656f8e2b4e3715fd5548ca32b1d77d58d -AUX 0.6.12-CVE-2017-7961.patch 1437 BLAKE2B 8678147cc24ff674b067691a3eeae42a5731faec2740c23a4679f689b51b160e51f0ec451b38954fb644b2545fab120aa2e97bd22bce253f5f4e5c1b7c21e22a SHA512 88cbcaf64e4c8ceb7002ffd05ce5f42880bd37a25f8c89e927760f0fa982122cde3819ace2e730cc0dd0e093812ad8470e8783477bc2bd10fe05aacf0b3e0e4f -DIST libcroco-0.6.12.tar.xz 482028 BLAKE2B d43b73ba21f600ec6d549b867a58db956e081ca8b0787db577062e36487d23cd99b384ca3269421d26aff9825725b262fd6a3e48be73448fe984548ab3eb080b SHA512 af9a171d5ccded255b57f170576e67155f12fa0f61ab3e379e907975f77afc37e82e22772c6019b2897cffc15b2425faf3ccfda92b1a45b23eda2519debabeb6 -EBUILD libcroco-0.6.12-r1.ebuild 1454 BLAKE2B 84850e5df4810ab53635a451be8958b388bd3a2a4fd7534d2f5f460efd3454fd8089e2937897c96c777ba445a28d3e565e1916a4d1cf61104874715741bc70de SHA512 6d62ee1abb2edb46a10c2b8746bd69bafac2f1abd9372299b79a182bdbd43f241ce194622b1f006203fd0c55974fc8863333e04bf462209a934973c8b8182a95 -MISC metadata.xml 597 BLAKE2B 93f85899d5ecfde37206061e57a03b1eaa181d9e2c105999621da011bbed2b11efaae603c2dbba0b405917653adc75cf849e92682e798e9514984e5577fee90f SHA512 9161b1cf0d796d0aeb681374b278be7938bc551316d6d7fc4fc1e19bfff4477f6b12bf606df0eb17c57e08ecb257f358f579a232ce6dbd6cc2f838aee4e2b9bf diff --git a/dev-libs/libcroco/files/0.6.12-CVE-2017-7960.patch b/dev-libs/libcroco/files/0.6.12-CVE-2017-7960.patch deleted file mode 100644 index 50095d50b898..000000000000 --- a/dev-libs/libcroco/files/0.6.12-CVE-2017-7960.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 898e3a8c8c0314d2e6b106809a8e3e93cf9d4394 Mon Sep 17 00:00:00 2001 -From: Ignacio Casal Quinteiro -Date: Sun, 16 Apr 2017 13:13:43 +0200 -Subject: [PATCH 1/3] input: check end of input before reading a byte - -When reading bytes we weren't check that the index wasn't -out of bound and this could produce an invalid read which -could deal to a security bug. ---- -leio: Snipped cosmetic chunks - -diff --git a/src/cr-input.c b/src/cr-input.c -index 49000b1..3b63a88 100644 ---- a/src/cr-input.c -+++ b/src/cr-input.c -@@ -404,6 +404,8 @@ cr_input_get_nb_bytes_left (CRInput const * a_this) - enum CRStatus - cr_input_read_byte (CRInput * a_this, guchar * a_byte) - { -+ gulong nb_bytes_left = 0; -+ - g_return_val_if_fail (a_this && PRIVATE (a_this) - && a_byte, CR_BAD_PARAM_ERROR); - -@@ -413,6 +415,12 @@ cr_input_read_byte (CRInput * a_this, guchar * a_byte) - if (PRIVATE (a_this)->end_of_input == TRUE) - return CR_END_OF_INPUT_ERROR; - -+ nb_bytes_left = cr_input_get_nb_bytes_left (a_this); -+ -+ if (nb_bytes_left < 1) { -+ return CR_END_OF_INPUT_ERROR; -+ } -+ - *a_byte = PRIVATE (a_this)->in_buf[PRIVATE (a_this)->next_byte_index]; - - if (PRIVATE (a_this)->nb_bytes - --- -2.10.1 - diff --git a/dev-libs/libcroco/files/0.6.12-CVE-2017-7961.patch b/dev-libs/libcroco/files/0.6.12-CVE-2017-7961.patch deleted file mode 100644 index 65a08f4ebabc..000000000000 --- a/dev-libs/libcroco/files/0.6.12-CVE-2017-7961.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 9ad72875e9f08e4c519ef63d44cdbd94aa9504f7 Mon Sep 17 00:00:00 2001 -From: Ignacio Casal Quinteiro <qignacio@amazon.com> -Date: Sun, 16 Apr 2017 13:56:09 +0200 -Subject: [PATCH 3/3] tknzr: support only max long rgb values - -This fixes a possible out of bound when reading rgbs which -are longer than the support MAXLONG ---- - src/cr-tknzr.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/src/cr-tknzr.c b/src/cr-tknzr.c -index 1a7cfeb..1548c35 100644 ---- a/src/cr-tknzr.c -+++ b/src/cr-tknzr.c -@@ -1279,6 +1279,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb) - status = cr_tknzr_parse_num (a_this, &num); - ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL)); - -+ if (num->val > G_MAXLONG) { -+ status = CR_PARSING_ERROR; -+ goto error; -+ } -+ - red = num->val; - cr_num_destroy (num); - num = NULL; -@@ -1298,6 +1303,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb) - status = cr_tknzr_parse_num (a_this, &num); - ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL)); - -+ if (num->val > G_MAXLONG) { -+ status = CR_PARSING_ERROR; -+ goto error; -+ } -+ - PEEK_BYTE (a_this, 1, &next_bytes[0]); - if (next_bytes[0] == '%') { - SKIP_CHARS (a_this, 1); --- -2.10.1 - diff --git a/dev-libs/libcroco/libcroco-0.6.12-r1.ebuild b/dev-libs/libcroco/libcroco-0.6.12-r1.ebuild deleted file mode 100644 index 19b49bd64c69..000000000000 --- a/dev-libs/libcroco/libcroco-0.6.12-r1.ebuild +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -GNOME2_LA_PUNT="yes" - -inherit gnome2 multilib-minimal - -DESCRIPTION="Generic Cascading Style Sheet (CSS) parsing and manipulation toolkit" -HOMEPAGE="https://git.gnome.org/browse/libcroco/" - -LICENSE="LGPL-2" -SLOT="0.6" -KEYWORDS="alpha amd64 arm arm64 hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris" -IUSE="test" - -RDEPEND=" - >=dev-libs/glib-2.34.3:2[${MULTILIB_USEDEP}] - >=dev-libs/libxml2-2.9.1-r4[${MULTILIB_USEDEP}] -" -DEPEND="${RDEPEND} - dev-util/gtk-doc-am - >=virtual/pkgconfig-0-r1[${MULTILIB_USEDEP}] -" - -PATCHES=( - "${FILESDIR}"/${PV}-CVE-2017-7960.patch - "${FILESDIR}"/${PV}-CVE-2017-7961.patch -) - -src_prepare() { - if ! use test; then - # don't waste time building tests - sed 's/^\(SUBDIRS .*\=.*\)tests\(.*\)$/\1\2/' -i Makefile.am Makefile.in \ - || die "sed failed" - fi - - gnome2_src_prepare -} - -multilib_src_configure() { - ECONF_SOURCE=${S} \ - gnome2_src_configure \ - --disable-static \ - $([[ ${CHOST} == *-darwin* ]] && echo --disable-Bsymbolic) - - if multilib_is_native_abi; then - ln -s "${S}"/docs/reference/html docs/reference/html || die - fi -} - -multilib_src_install() { - gnome2_src_install -} - -multilib_src_install_all() { - DOCS="AUTHORS ChangeLog HACKING NEWS README TODO" - einstalldocs -} diff --git a/dev-libs/libcroco/metadata.xml b/dev-libs/libcroco/metadata.xml deleted file mode 100644 index d296a917b37c..000000000000 --- a/dev-libs/libcroco/metadata.xml +++ /dev/null @@ -1,16 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> -<pkgmetadata> -<maintainer type="project"> - <email>gnome@gentoo.org</email> - <name>Gentoo GNOME Desktop</name> -</maintainer> -<longdescription> -The Libcroco project is an effort to build a generic Cascading Style Sheet (CSS) parsing and manipulation toolkit that can be used by GNOME applications in need of CSS support. - -provided is : -A parser module with : A SAC like api and A CSSOM like api. -A CSS2 selection engine -An XML/CSS layout/rendering engine -</longdescription> -</pkgmetadata> |