diff options
Diffstat (limited to 'xfce-base')
-rw-r--r-- | xfce-base/thunar/Manifest | 3 | ||||
-rw-r--r-- | xfce-base/thunar/files/thunar-1.16.2-integer-overflow.patch | 29 | ||||
-rw-r--r-- | xfce-base/thunar/thunar-1.6.12-r1.ebuild (renamed from xfce-base/thunar/thunar-1.6.12.ebuild) | 3 |
3 files changed, 34 insertions, 1 deletions
diff --git a/xfce-base/thunar/Manifest b/xfce-base/thunar/Manifest index 24567b09eeb1..67c6f716e416 100644 --- a/xfce-base/thunar/Manifest +++ b/xfce-base/thunar/Manifest @@ -1,7 +1,8 @@ +AUX thunar-1.16.2-integer-overflow.patch 1160 SHA256 e88ceeefc3a93ac44b95684febd2816be59adc813df1b1e1c7c10a1023b88a9b SHA512 eaefb709e03902cc97be41d4c670ded910234fd1536aae8597cbd9224e0d61badfee912eba81ee2e1a6c308ccd12b26961634e24b8b64fc8457b9d31ba57a843 WHIRLPOOL 89736ac87f23180871c6d316575036037ba083d8ba0119687596e40bc0f527f1ff43dadc5d820c9a69e8838951db307705b87474057b4b53d937916496582d50 DIST Thunar-1.6.10.tar.bz2 1948762 SHA256 7e9d24067268900e5e44d3325e60a1a2b2f8f556ec238ec12574fbea15fdee8a SHA512 56f9407907c85a631b390b6bf363ee863b5a126afc32e1b10e34434b997e82b86223737a0b0a1a8faf801258ad1cfa0585c9c3537c167f6968a2c4dac458395a WHIRLPOOL 813e3a1628227fbe27d221739e4946aa38b147ff4b165ff915b6a57b38ae544f54dc8facf19af0519fac5e903924459a34b6372c42985ed00e997e02434f4b71 DIST Thunar-1.6.12.tar.bz2 1929112 SHA256 fb22091f07ec6de2c9d9d89c61289d2bc3436b36c8c53ccbc9c32ca8a99f2086 SHA512 d18e0fb6b58a65889dc47852a4c513acb7ff9a99fd70d34cbc6b2806d7818893b3c999c0a63f1b7af599d3ff4336b9637944989b97e5cc7431761ce493d2259d WHIRLPOOL 7a07f2453ab73af082c2d9ec9c54551c1bd63241b781695554a0526c4bca97129acb9068990ce65959c6fe39d1dd7d21fc9156405a5c8c87bc95e2f19faffbcc EBUILD thunar-1.6.10-r1.ebuild 1817 SHA256 2b9a180f9f241f0943cd63277993a4c3af5237f71c753106395dbf4958e9dc6d SHA512 d888e8e5e7d00291d085b4dd1cbdfe96b55b5d26c3b6252d450b0d31729b0a21e5a251de49507416d4592e9913c7861d568398fb946c9e3613844a7f3ea88cea WHIRLPOOL e84cc37cb62d3ecbc89557d1e76cbfb177fbc97b482e946c542b496f470e8db07bcf6af5f22b0177d7a08011a8a92e58b52c6e8b60b44c6d7d47a6f22c770369 -EBUILD thunar-1.6.12.ebuild 1966 SHA256 2a503c7c9542913f9412c11ee28c74b485ceac62667a585c1fb710c6097a46d0 SHA512 125a4ab415a28e42e6bb1b8aaea557f3c5a040a3433458ac2c00721a2c7305dc23f4ce7340c3802bfc3f120d0ac601b0eb1208dc96eea15d50b846b7919b2cf2 WHIRLPOOL 236d732e2f52754b0d983b8a3488df77d30ea228bdc5f72338f739be00815d59bab4ba6eba1f9f74c9ef09cde44b99715ffe8f22150cc7537591d6e5b365e36b +EBUILD thunar-1.6.12-r1.ebuild 2030 SHA256 27c5478437e38ec563636ef80d8f5b44dd5325d4adf56a3bfe5b2dc1baad4f9b SHA512 6b3f91e3c2acf44c6f1475e253d1a7911fe735ecf2a9a1617d80415eb7789f95703cda6a92319c759f218969170399cd8cddcbdf7cbde434745a52e982cb108e WHIRLPOOL 56486f367db6d8f8b2fe4e32258741e2415543777630e35b22bd140dc3d29773b62e7939114c4f27978103d49d6dffaf6b7b3ca45e4f7df823c503eb54b61a77 MISC ChangeLog 2866 SHA256 cf64430cef536d724fc00605e8571207b34038c7da5c1d798c15283dc12d72ca SHA512 51bc40e8ff6491ed18f1693f812a03f5c2333eabb01d296223bcab4444324b8fb96e5e1d6879ad9d6711ebd0bf5f450d5736fa38ff77915f7e21a8dec13bc0bf WHIRLPOOL f6924215f361bbdf4de0770a63a7a45b7e49ffc1f13585bd6de01f96cd6e42a0abba253276e44d8d073229ca03c2b3f45462a1a5519b618bfd8c945e978dab61 MISC ChangeLog-2015 24121 SHA256 1c4f24c98b48e24636c014feff70e2f437c4ca31e37a439e74512896a912dffc SHA512 867fe3a8b9f497484ce4965059cf0cc497c9826778a50db362cf2bb83e3c47681982c3feecce2a627d9c20f70770228e638ee11c75bf781f996bd79d32d83922 WHIRLPOOL 9c0d83039bc59dc9bce8b20a9dd3175569bfb1c45d938097d4a5b4fe58ccbdade0956ba904ee181b99b292e07f1e60dbcefb22bf0bd241489b40b601a1262d16 MISC metadata.xml 372 SHA256 c79517f1436518a816ff7335e5e342411b5ce9a2e1ef2279ecc60c4d5e2fa233 SHA512 3ecb379e314ff3f9c745b61707c6df0a912b1466bd56abeebdba0ee138e14ee331fcd61acb3c5b64ace4daa42cbaaec8331cc83d6ae5d0bdc1fa5a69a258ef17 WHIRLPOOL 67ce77734c8d88994c73eee383689f0e6ed7fc2dfe936b3866ec52cb791b6b1d9ac7eaf9871ac6617c507b73738ded310a3a35eb1772ec307b3802e9dc5a6ac6 diff --git a/xfce-base/thunar/files/thunar-1.16.2-integer-overflow.patch b/xfce-base/thunar/files/thunar-1.16.2-integer-overflow.patch new file mode 100644 index 000000000000..09f4b9374435 --- /dev/null +++ b/xfce-base/thunar/files/thunar-1.16.2-integer-overflow.patch @@ -0,0 +1,29 @@ +From 1736b1f69ecf3e44a1b957d8090fb04c6bc5fd95 Mon Sep 17 00:00:00 2001 +From: Mikhail Efremov <sem@altlinux.org> +Date: Thu, 11 Feb 2016 18:59:27 +0300 +Subject: [PATCH] Fix potential buffer overflow + +Use g_malloc_n() instead of g_malloc to avoid integer overflow. +This fixes CVE-2013-7447, see +http://www.openwall.com/lists/oss-security/2016/02/10/2 +for details. +--- + thunar/thunar-gdk-extensions.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/thunar/thunar-gdk-extensions.c b/thunar/thunar-gdk-extensions.c +index 50ecb4a..775eca3 100644 +--- a/thunar/thunar-gdk-extensions.c ++++ b/thunar/thunar-gdk-extensions.c +@@ -75,7 +75,7 @@ thunar_gdk_cairo_create_surface (const GdkPixbuf *pixbuf) + + /* prepare pixel data and surface */ + cairo_stride = cairo_format_stride_for_width (format, width); +- cairo_pixels = g_malloc (height * cairo_stride); ++ cairo_pixels = g_malloc_n (height, cairo_stride); + surface = cairo_image_surface_create_for_data (cairo_pixels, format, + width, height, cairo_stride); + cairo_surface_set_user_data (surface, &cairo_key, cairo_pixels, g_free); +-- +2.6.5 + diff --git a/xfce-base/thunar/thunar-1.6.12.ebuild b/xfce-base/thunar/thunar-1.6.12-r1.ebuild index c34167b9a8a3..f1baaf54ef0d 100644 --- a/xfce-base/thunar/thunar-1.6.12.ebuild +++ b/xfce-base/thunar/thunar-1.6.12-r1.ebuild @@ -48,6 +48,9 @@ REQUIRED_USE="trash-panel-plugin? ( dbus )" S=${WORKDIR}/${MY_P} DOCS=( AUTHORS ChangeLog FAQ HACKING NEWS README THANKS TODO ) +PATCHES=( + "${FILESDIR}"/thunar-1.16.2-integer-overflow.patch +) src_configure() { local myconf=( |