Attachment #211573 for bug #244060

Lines 3-9 Link Here

(-)astro/foxtrotgps/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= foxtrotgps	4	PORTNAME= foxtrotgps
5	PORTVERSION= 1.2.0	5	PORTVERSION= 1.2.0
6	PORTREVISION= 5	6	PORTREVISION= 6
7	CATEGORIES= astro geography	7	CATEGORIES= astro geography
8	MASTER_SITES= http://www.foxtrotgps.org/releases/	8	MASTER_SITES= http://www.foxtrotgps.org/releases/
9		9

Lines 2-8 Link Here

(-)deskutils/cairo-dock-plugins/Makefile (-1 / +1 lines)
2		2
3	PORTNAME= cairo-dock-plugins	3	PORTNAME= cairo-dock-plugins
4	PORTVERSION= 3.4.1	4	PORTVERSION= 3.4.1
5	PORTREVISION= 7	5	PORTREVISION= 8
6	CATEGORIES= deskutils	6	CATEGORIES= deskutils
7		7
8	MAINTAINER= ports@FreeBSD.org	8	MAINTAINER= ports@FreeBSD.org

Lines 3-9 Link Here

(-)deskutils/nemo-extensions/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= nemo-extensions	4	PORTNAME= nemo-extensions
5	PORTVERSION= 2.4.0	5	PORTVERSION= 2.4.0
6	PORTREVISION= 4	6	PORTREVISION= 5
7	CATEGORIES= deskutils gnome	7	CATEGORIES= deskutils gnome
8	DIST_SUBDIR= gnome3	8	DIST_SUBDIR= gnome3
9		9

Lines 3-9 Link Here

(-)deskutils/pinot/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= pinot	4	PORTNAME= pinot
5	PORTVERSION= 1.09	5	PORTVERSION= 1.09
6	PORTREVISION= 22	6	PORTREVISION= 23
7	CATEGORIES= deskutils	7	CATEGORIES= deskutils
8		8
9	MAINTAINER= thierry@FreeBSD.org	9	MAINTAINER= thierry@FreeBSD.org

Lines 3-9 Link Here

(-)deskutils/xfce4-tumbler/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= tumbler	4	PORTNAME= tumbler
5	PORTVERSION= 0.2.8	5	PORTVERSION= 0.2.8
6	PORTREVISION= 2	6	PORTREVISION= 3
7	CATEGORIES= deskutils xfce	7	CATEGORIES= deskutils xfce
8	MASTER_SITES= XFCE	8	MASTER_SITES= XFCE
9	PKGNAMEPREFIX= xfce4-	9	PKGNAMEPREFIX= xfce4-

Lines 3-9 Link Here

(-)graphics/eog/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= eog	4	PORTNAME= eog
5	PORTVERSION= 3.28.4	5	PORTVERSION= 3.28.4
6	PORTREVISION= 2	6	PORTREVISION= 3
7	CATEGORIES= graphics gnome	7	CATEGORIES= graphics gnome
8	MASTER_SITES= GNOME	8	MASTER_SITES= GNOME
9	DIST_SUBDIR= gnome3	9	DIST_SUBDIR= gnome3

Lines 3-8 Link Here

(-)graphics/eog-plugins/Makefile (+1 lines)
3		3
4	PORTNAME= eog-plugins	4	PORTNAME= eog-plugins
5	PORTVERSION= 3.26.2	5	PORTVERSION= 3.26.2
		6	PORTREVISION= 1
6	CATEGORIES= graphics gnome	7	CATEGORIES= graphics gnome
7	MASTER_SITES= GNOME	8	MASTER_SITES= GNOME
8	DIST_SUBDIR= gnome3	9	DIST_SUBDIR= gnome3

Lines 3-8 Link Here

(-)graphics/eom/Makefile (+1 lines)
3		3
4	PORTNAME= eom	4	PORTNAME= eom
5	PORTVERSION= 1.22.2	5	PORTVERSION= 1.22.2
		6	PORTREVISION= 1
6	CATEGORIES= graphics mate	7	CATEGORIES= graphics mate
7	MASTER_SITES= MATE	8	MASTER_SITES= MATE
8	DIST_SUBDIR= mate	9	DIST_SUBDIR= mate

Lines 3-9 Link Here

(-)graphics/exif/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= exif	4	PORTNAME= exif
5	PORTVERSION= 0.6.21	5	PORTVERSION= 0.6.21
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES= graphics	7	CATEGORIES= graphics
8	MASTER_SITES= SF/lib${PORTNAME}/${PORTNAME}/${PORTVERSION}	8	MASTER_SITES= SF/lib${PORTNAME}/${PORTNAME}/${PORTVERSION}
9		9

Lines 3-8 Link Here

(-)graphics/exiftran/Makefile (+1 lines)
3		3
4	PORTNAME= exiftran	4	PORTNAME= exiftran
5	PORTVERSION= 2.14	5	PORTVERSION= 2.14
		6	PORTREVISION= 1
6	CATEGORIES= graphics	7	CATEGORIES= graphics
7	MASTER_SITES= http://www.kraxel.org/releases/fbida/	8	MASTER_SITES= http://www.kraxel.org/releases/fbida/
8	DISTNAME= fbida-${PORTVERSION}	9	DISTNAME= fbida-${PORTVERSION}

Lines 3-8 Link Here

(-)graphics/feh/Makefile (+1 lines)
3		3
4	PORTNAME= feh	4	PORTNAME= feh
5	PORTVERSION= 3.2.1	5	PORTVERSION= 3.2.1
		6	PORTREVISION= 1
6	CATEGORIES= graphics	7	CATEGORIES= graphics
7	MASTER_SITES= http://feh.finalrewind.org/ \	8	MASTER_SITES= http://feh.finalrewind.org/ \
8	LOCAL/uqs	9	LOCAL/uqs

Lines 3-9 Link Here

(-)graphics/frogr/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= frogr	4	PORTNAME= frogr
5	PORTVERSION= 1.5	5	PORTVERSION= 1.5
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES= graphics	7	CATEGORIES= graphics
8	MASTER_SITES= GNOME	8	MASTER_SITES= GNOME
9		9

Lines 3-9 Link Here

(-)graphics/gnome-color-manager/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= gnome-color-manager	4	PORTNAME= gnome-color-manager
5	PORTVERSION= 3.28.0	5	PORTVERSION= 3.28.0
6	PORTREVISION= 4	6	PORTREVISION= 5
7	CATEGORIES= graphics gnome	7	CATEGORIES= graphics gnome
8	MASTER_SITES= GNOME	8	MASTER_SITES= GNOME
9	DIST_SUBDIR= gnome	9	DIST_SUBDIR= gnome

Lines 3-8 Link Here

(-)graphics/gphoto2/Makefile (+1 lines)
3		3
4	PORTNAME= gphoto2	4	PORTNAME= gphoto2
5	PORTVERSION= 2.5.23	5	PORTVERSION= 2.5.23
		6	PORTREVISION= 1
6	CATEGORIES= graphics	7	CATEGORIES= graphics
7	MASTER_SITES= SF/gphoto/gphoto/${PORTVERSION}	8	MASTER_SITES= SF/gphoto/gphoto/${PORTVERSION}
8		9

Lines 3-9 Link Here

(-)graphics/gtkam/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= gtkam	4	PORTNAME= gtkam
5	PORTVERSION= 1.0	5	PORTVERSION= 1.0
6	PORTREVISION= 4	6	PORTREVISION= 5
7	CATEGORIES= graphics	7	CATEGORIES= graphics
8	MASTER_SITES= SF/gphoto/${PORTNAME}/${PORTVERSION}	8	MASTER_SITES= SF/gphoto/${PORTNAME}/${PORTVERSION}
9		9

Lines 3-8 Link Here

(-)graphics/ida/Makefile (+1 lines)
3		3
4	PORTNAME= ida	4	PORTNAME= ida
5	PORTVERSION= 2.14	5	PORTVERSION= 2.14
		6	PORTREVISION= 1
6	CATEGORIES= graphics	7	CATEGORIES= graphics
7	MASTER_SITES= https://www.kraxel.org/releases/fbida/	8	MASTER_SITES= https://www.kraxel.org/releases/fbida/
8	DISTNAME= fbida-${PORTVERSION}	9	DISTNAME= fbida-${PORTVERSION}

Lines 3-9 Link Here

(-)graphics/libexif/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= libexif	4	PORTNAME= libexif
5	PORTVERSION= 0.6.21	5	PORTVERSION= 0.6.21
6	PORTREVISION= 4	6	PORTREVISION= 5
7	CATEGORIES= graphics	7	CATEGORIES= graphics
8	MASTER_SITES= SF	8	MASTER_SITES= SF
9		9




https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566.patch
From 75aa73267fdb1e0ebfbc00369e7312bac43d0566 Mon Sep 17 00:00:00 2001
From: Marcus Meissner <meissner@suse.de>
Date: Sat, 18 Jan 2020 09:29:42 +0100
Subject: [PATCH] fix CVE-2019-9278

avoid the use of unsafe integer overflow checking constructs (unsigned integer operations cannot overflow, so "u1 + u2 > u1" can be optimized away)

check for the actual sizes, which should also handle the overflows
document other places google patched, but do not seem relevant due to other restrictions

fixes https://github.com/libexif/libexif/issues/26
---
 libexif/exif-data.c | 28 ++++++++++++++++++----------
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git libexif/exif-data.c libexif/exif-data.c
index a6f9c94..6332cd1 100644
--- libexif/exif-data.c
+++ libexif/exif-data.c
@@ -192,9 +192,15 @@ exif_data_load_data_entry (ExifData *data, ExifEntry *entry,
 		doff = offset + 8;
 
 	/* Sanity checks */
-	if ((doff + s < doff) || (doff + s < s) || (doff + s > size)) {
+	if (doff >= size) {
 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
-				  "Tag data past end of buffer (%u > %u)", doff+s, size);	
+				  "Tag starts past end of buffer (%u > %u)", doff, size);
+		return 0;
+	}
+
+	if (s > size - doff) {
+		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
+				  "Tag data goes past end of buffer (%u > %u)", doff+s, size);
 		return 0;
 	}
 
@@ -315,13 +321,14 @@ exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d,
 			       unsigned int ds, ExifLong o, ExifLong s)
 {
 	/* Sanity checks */
-	if ((o + s < o) || (o + s < s) || (o + s > ds) || (o > ds)) {
-		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
-			  "Bogus thumbnail offset (%u) or size (%u).",
-			  o, s);
+	if (o >= ds) {
+		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail offset (%u).", o);
+		return;
+	}
+	if (s > ds - o) {
+		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail size (%u), max would be %u.", s, ds-o);
 		return;
 	}
-
 	if (data->data) 
 		exif_mem_free (data->priv->mem, data->data);
 	if (!(data->data = exif_data_alloc (data, s))) {
@@ -947,7 +954,7 @@ exif_data_load_data (ExifData *data, const unsigned char *d_orig,
 	exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", 
 		  "IFD 0 at %i.", (int) offset);
 
-	/* Sanity check the offset, being careful about overflow */
+	/* ds is restricted to 16 bit above, so offset is restricted too, and offset+8 should not overflow. */
 	if (offset > ds || offset + 6 + 2 > ds)
 		return;
 
@@ -956,6 +963,7 @@ exif_data_load_data (ExifData *data, const unsigned char *d_orig,
 
 	/* IFD 1 offset */
 	n = exif_get_short (d + 6 + offset, data->priv->order);
+	/* offset < 2<<16, n is 16 bit at most, so this op will not overflow */
 	if (offset + 6 + 2 + 12 * n + 4 > ds)
 		return;
 
@@ -964,8 +972,8 @@ exif_data_load_data (ExifData *data, const unsigned char *d_orig,
 		exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
 			  "IFD 1 at %i.", (int) offset);
 
-		/* Sanity check. */
-		if (offset > ds || offset + 6 > ds) {
+		/* Sanity check. ds is ensured to be above 6 above, offset is 16bit */
+		if (offset > ds - 6) {
 			exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA,
 				  "ExifData", "Bogus offset of IFD1.");
 		} else {




https://github.com/libexif/libexif/commit/f9bb9f263fb00f0603ecbefa8957cad24168cbff.patch
From f9bb9f263fb00f0603ecbefa8957cad24168cbff Mon Sep 17 00:00:00 2001
From: Dan Fandrich <dan@coneharvesters.com>
Date: Wed, 4 Jul 2018 11:06:09 +0200
Subject: [PATCH] Fix a buffer read overflow in exif_entry_get_value

While parsing EXIF_TAG_FOCAL_LENGTH it was possible to read 8 bytes past
the end of a heap buffer. This was detected by the OSS Fuzz project.
Patch from Google.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7344 and
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14543
---
 libexif/exif-entry.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git libexif/exif-entry.c libexif/exif-entry.c
index 61260d3..a224ac2 100644
--- libexif/exif-entry.c
+++ libexif/exif-entry.c
@@ -1040,12 +1040,12 @@ exif_entry_get_value (ExifEntry *e, char *val, unsigned int maxlen)
 		d = 0.;
 		entry = exif_content_get_entry (
 			e->parent->parent->ifd[EXIF_IFD_0], EXIF_TAG_MAKE);
-		if (entry && entry->data &&
+		if (entry && entry->data && entry->size >= 7 &&
 		    !strncmp ((char *)entry->data, "Minolta", 7)) {
 			entry = exif_content_get_entry (
 					e->parent->parent->ifd[EXIF_IFD_0],
 					EXIF_TAG_MODEL);
-			if (entry && entry->data) {
+			if (entry && entry->data && entry->size >= 8) {
 				if (!strncmp ((char *)entry->data, "DiMAGE 7", 8))
 					d = 3.9;
 				else if (!strncmp ((char *)entry->data, "DiMAGE 5", 8))




https://github.com/libexif/libexif/commit/a0c04d9cb6ab0c41a6458def9f892754e84160a0.patch
From a0c04d9cb6ab0c41a6458def9f892754e84160a0 Mon Sep 17 00:00:00 2001
From: Marcus Meissner <marcus@jet.franken.de>
Date: Sat, 15 Jun 2019 18:40:48 +0200
Subject: [PATCH] fixed a buffer overread (OSS-Fuzz)
 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8884

---
 libexif/olympus/exif-mnote-data-olympus.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git libexif/olympus/exif-mnote-data-olympus.c libexif/olympus/exif-mnote-data-olympus.c
index dac7f5b..669e4ec 100644
--- libexif/olympus/exif-mnote-data-olympus.c
+++ libexif/olympus/exif-mnote-data-olympus.c
@@ -344,7 +344,7 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
 
 	case nikonV2:
 		o2 += 6;
-		if (o2 >= buf_size) return;
+		if (o2 + 8 >= buf_size) return;
 		exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataOlympus",
 			"Parsing Nikon maker note v2 (0x%02x, %02x, %02x, "
 			"%02x, %02x, %02x, %02x, %02x)...",

Lines 3-9 Link Here

(-)graphics/libexif-gtk/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= libexif-gtk	4	PORTNAME= libexif-gtk
5	PORTVERSION= 0.4.0	5	PORTVERSION= 0.4.0
6	PORTREVISION= 4	6	PORTREVISION= 5
7	CATEGORIES= graphics	7	CATEGORIES= graphics
8	MASTER_SITES= SF/libexif/${PORTNAME}/${PORTVERSION}	8	MASTER_SITES= SF/libexif/${PORTNAME}/${PORTVERSION}
9		9

Lines 3-8 Link Here

(-)graphics/libgphoto2/Makefile (+1 lines)
3		3
4	PORTNAME= libgphoto2	4	PORTNAME= libgphoto2
5	PORTVERSION= 2.5.23	5	PORTVERSION= 2.5.23
		6	PORTREVISION= 1
6	CATEGORIES= graphics	7	CATEGORIES= graphics
7	MASTER_SITES= SF/gphoto/libgphoto/${PORTVERSION}	8	MASTER_SITES= SF/gphoto/libgphoto/${PORTVERSION}
8		9

Lines 3-8 Link Here

(-)graphics/lximage-qt/Makefile (+1 lines)
3		3
4	PORTNAME= lximage-qt	4	PORTNAME= lximage-qt
5	PORTVERSION= 0.14.1	5	PORTVERSION= 0.14.1
		6	PORTREVISION= 1
6	CATEGORIES= graphics	7	CATEGORIES= graphics
7	MASTER_SITES= LXQT	8	MASTER_SITES= LXQT
8		9

Lines 3-9 Link Here

(-)graphics/p5-Image-LibExif/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= Image-LibExif	4	PORTNAME= Image-LibExif
5	PORTVERSION= 0.04	5	PORTVERSION= 0.04
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES= graphics perl5	7	CATEGORIES= graphics perl5
8	MASTER_SITES= CPAN	8	MASTER_SITES= CPAN
9	PKGNAMEPREFIX= p5-	9	PKGNAMEPREFIX= p5-

Lines 3-9 Link Here

(-)graphics/pfstools/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= pfstools	4	PORTNAME= pfstools
5	DISTVERSION= 2.1.0	5	DISTVERSION= 2.1.0
6	PORTREVISION= 6	6	PORTREVISION= 7
7	CATEGORIES= graphics	7	CATEGORIES= graphics
8	MASTER_SITES= SF	8	MASTER_SITES= SF
9		9

Lines 3-9 Link Here

(-)graphics/qiv/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= qiv	4	PORTNAME= qiv
5	PORTVERSION= 2.3.1	5	PORTVERSION= 2.3.1
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES= graphics	7	CATEGORIES= graphics
8	MASTER_SITES= http://spiegl.de/qiv/download/ \	8	MASTER_SITES= http://spiegl.de/qiv/download/ \
9	http://www.predatorlabs.net/dl/	9	http://www.predatorlabs.net/dl/

Lines 3-9 Link Here

(-)graphics/ristretto/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= ristretto	4	PORTNAME= ristretto
5	PORTVERSION= 0.10.0	5	PORTVERSION= 0.10.0
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES= graphics xfce	7	CATEGORIES= graphics xfce
8	MASTER_SITES= XFCE/apps	8	MASTER_SITES= XFCE/apps
9	DIST_SUBDIR= xfce4	9	DIST_SUBDIR= xfce4

Lines 3-9 Link Here

(-)graphics/shotwell/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= shotwell	4	PORTNAME= shotwell
5	PORTVERSION= 0.30.8	5	PORTVERSION= 0.30.8
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES= graphics gnome	7	CATEGORIES= graphics gnome
8	MASTER_SITES= GNOME	8	MASTER_SITES= GNOME
9		9

Lines 3-9 Link Here

(-)graphics/simpleviewer/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= simpleviewer	4	PORTNAME= simpleviewer
5	PORTVERSION= 3.1.7	5	PORTVERSION= 3.1.7
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES= graphics	7	CATEGORIES= graphics
8	MASTER_SITES= https://bitbucket.org/andreyu/simple-viewer-gl/get/	8	MASTER_SITES= https://bitbucket.org/andreyu/simple-viewer-gl/get/
9	DISTNAME= v${PORTVERSION} # version tag, has no embedded ${PORTNAME}	9	DISTNAME= v${PORTVERSION} # version tag, has no embedded ${PORTNAME}

Lines 3-8 Link Here

(-)graphics/sxiv/Makefile (+1 lines)
3		3
4	PORTNAME= sxiv	4	PORTNAME= sxiv
5	PORTVERSION= 25	5	PORTVERSION= 25
		6	PORTREVISION= 1
6	DISTVERSIONPREFIX= v	7	DISTVERSIONPREFIX= v
7	CATEGORIES= graphics	8	CATEGORIES= graphics
8		9

Lines 3-9 Link Here

(-)graphics/vips/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= vips	4	PORTNAME= vips
5	PORTVERSION= 8.8.3	5	PORTVERSION= 8.8.3
6	PORTREVISION= 4	6	PORTREVISION= 5
7	CATEGORIES= graphics	7	CATEGORIES= graphics
8	MASTER_SITES= https://github.com/libvips/libvips/releases/download/v${PORTVERSION}/	8	MASTER_SITES= https://github.com/libvips/libvips/releases/download/v${PORTVERSION}/
9		9

Lines 3-8 Link Here

(-)graphics/wxsvg/Makefile (+1 lines)
3		3
4	PORTNAME= wxsvg	4	PORTNAME= wxsvg
5	PORTVERSION= 1.5.21	5	PORTVERSION= 1.5.21
		6	PORTREVISION= 1
6	CATEGORIES= graphics	7	CATEGORIES= graphics
7	MASTER_SITES= SF	8	MASTER_SITES= SF
8		9

Lines 3-8 Link Here

(-)graphics/xviewer/Makefile (+1 lines)
3		3
4	PORTNAME= xviewer	4	PORTNAME= xviewer
5	PORTVERSION= 2.4.3	5	PORTVERSION= 2.4.3
		6	PORTREVISION= 1
6	CATEGORIES= graphics	7	CATEGORIES= graphics
7		8
8	MAINTAINER= danfe@FreeBSD.org	9	MAINTAINER= danfe@FreeBSD.org

Lines 3-8 Link Here

(-)graphics/xzgv/Makefile (+1 lines)
3		3
4	PORTNAME= xzgv	4	PORTNAME= xzgv
5	PORTVERSION= 0.9.2	5	PORTVERSION= 0.9.2
		6	PORTREVISION= 1
6	CATEGORIES= graphics	7	CATEGORIES= graphics
7	MASTER_SITES= SF	8	MASTER_SITES= SF
8		9

Lines 3-9 Link Here

(-)multimedia/dvdstyler/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= dvdstyler	4	PORTNAME= dvdstyler
5	PORTVERSION= 3.1	5	PORTVERSION= 3.1
6	PORTREVISION= 0	6	PORTREVISION= 1
7	PORTEPOCH= 2	7	PORTEPOCH= 2
8	CATEGORIES= multimedia	8	CATEGORIES= multimedia
9	MASTER_SITES= SF	9	MASTER_SITES= SF

Lines 3-9 Link Here

(-)multimedia/gmerlin/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= gmerlin	4	PORTNAME= gmerlin
5	PORTVERSION= 1.2.0	5	PORTVERSION= 1.2.0
6	PORTREVISION= 17	6	PORTREVISION= 18
7	CATEGORIES= multimedia	7	CATEGORIES= multimedia
8	MASTER_SITES= SF	8	MASTER_SITES= SF
9		9

Lines 3-9 Link Here

(-)multimedia/mlt/Makefile (-1 / +1 lines)
3	PORTNAME= mlt	3	PORTNAME= mlt
4	DISTVERSIONPREFIX= v	4	DISTVERSIONPREFIX= v
5	DISTVERSION= 6.18.0	5	DISTVERSION= 6.18.0
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES?= multimedia	7	CATEGORIES?= multimedia
8		8
9	MAINTAINER= kde@FreeBSD.org	9	MAINTAINER= kde@FreeBSD.org

Lines 3-9 Link Here

(-)net/mediatomb/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= mediatomb	4	PORTNAME= mediatomb
5	PORTVERSION= 0.12.1	5	PORTVERSION= 0.12.1
6	PORTREVISION= 26	6	PORTREVISION= 27
7	CATEGORIES= net multimedia	7	CATEGORIES= net multimedia
8	MASTER_SITES= SF/${PORTNAME}/MediaTomb/${PORTVERSION}	8	MASTER_SITES= SF/${PORTNAME}/MediaTomb/${PORTVERSION}
9		9

Lines 3-9 Link Here

(-)net/minidlna/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= minidlna	4	PORTNAME= minidlna
5	PORTVERSION= 1.2.1	5	PORTVERSION= 1.2.1
6	PORTREVISION= 6	6	PORTREVISION= 7
7	PORTEPOCH= 1	7	PORTEPOCH= 1
8	CATEGORIES= net multimedia www	8	CATEGORIES= net multimedia www
9		9

Lines 4-9 Link Here

(-)net-im/qTox/Makefile (+1 lines)
4	PORTNAME= qTox	4	PORTNAME= qTox
5	DISTVERSIONPREFIX= v	5	DISTVERSIONPREFIX= v
6	DISTVERSION= 1.16.3-784	6	DISTVERSION= 1.16.3-784
		7	PORTREVISION= 1
7	DISTVERSIONSUFFIX= -g981ecfca	8	DISTVERSIONSUFFIX= -g981ecfca
8	CATEGORIES= net-im net-p2p	9	CATEGORIES= net-im net-p2p
9		10

Lines 3-9 Link Here

(-)sysutils/lxqt-qtplugin/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= lxqt-qtplugin	4	PORTNAME= lxqt-qtplugin
5	PORTVERSION= 0.14.0	5	PORTVERSION= 0.14.0
6	PORTREVISION= 1	6	PORTREVISION= 2
7	CATEGORIES= sysutils	7	CATEGORIES= sysutils
8	MASTER_SITES= LXQT	8	MASTER_SITES= LXQT
9		9

Lines 3-9 Link Here

(-)sysutils/tracker-miners/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= tracker-miners	4	PORTNAME= tracker-miners
5	PORTVERSION= 2.0.5	5	PORTVERSION= 2.0.5
6	PORTREVISION= 12	6	PORTREVISION= 13
7	CATEGORIES= sysutils gnome	7	CATEGORIES= sysutils gnome
8	MASTER_SITES= GNOME	8	MASTER_SITES= GNOME
9		9

Lines 3-8 Link Here

(-)www/chromium/Makefile (+1 lines)
3		3
4	PORTNAME= chromium	4	PORTNAME= chromium
5	PORTVERSION= 79.0.3945.130	5	PORTVERSION= 79.0.3945.130
		6	PORTREVISION= 1
6	CATEGORIES?= www java	7	CATEGORIES?= www java
7	MASTER_SITES= https://commondatastorage.googleapis.com/chromium-browser-official/ \	8	MASTER_SITES= https://commondatastorage.googleapis.com/chromium-browser-official/ \
8	LOCAL/cpm/chromium/:fonts	9	LOCAL/cpm/chromium/:fonts

Lines 3-9 Link Here

(-)www/iridium/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= iridium	4	PORTNAME= iridium
5	PORTVERSION= 2019.04.73	5	PORTVERSION= 2019.04.73
6	PORTREVISION= 3	6	PORTREVISION= 4
7	CATEGORIES= www	7	CATEGORIES= www
8	MASTER_SITES= https://downloads.iridiumbrowser.de/source/	8	MASTER_SITES= https://downloads.iridiumbrowser.de/source/
9	PKGNAMESUFFIX= -browser	9	PKGNAMESUFFIX= -browser

Lines 3-9 Link Here

(-)www/swiggle/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= swiggle	4	PORTNAME= swiggle
5	PORTVERSION= 0.4	5	PORTVERSION= 0.4
6	PORTREVISION= 9	6	PORTREVISION= 10
7	CATEGORIES= www	7	CATEGORIES= www
8	MASTER_SITES= http://homepage.univie.ac.at/l.ertl/swiggle/files/ \	8	MASTER_SITES= http://homepage.univie.ac.at/l.ertl/swiggle/files/ \
9	http://bsd-geek.de/FreeBSD/distfiles/	9	http://bsd-geek.de/FreeBSD/distfiles/

Lines 3-8 Link Here

(-)x11/libfm/Makefile (+1 lines)
3		3
4	PORTNAME= libfm	4	PORTNAME= libfm
5	DISTVERSION= 1.3.1	5	DISTVERSION= 1.3.1
		6	PORTREVISION= 1
6	CATEGORIES= x11	7	CATEGORIES= x11
7	MASTER_SITES= SF/pcmanfm/PCManFM%20%2B%20Libfm%20%28tarball%20release%29/LibFM/	8	MASTER_SITES= SF/pcmanfm/PCManFM%20%2B%20Libfm%20%28tarball%20release%29/LibFM/
8		9

Lines 3-8 Link Here

(-)x11/libfm-qt/Makefile (+1 lines)
3		3
4	PORTNAME= libfm-qt	4	PORTNAME= libfm-qt
5	PORTVERSION= 0.14.1	5	PORTVERSION= 0.14.1
		6	PORTREVISION= 1
6	CATEGORIES= x11	7	CATEGORIES= x11
7	MASTER_SITES= LXQT	8	MASTER_SITES= LXQT
8		9

Lines 3-8 Link Here

(-)x11-fm/caja/Makefile (+1 lines)
3		3
4	PORTNAME= caja	4	PORTNAME= caja
5	PORTVERSION= 1.22.3	5	PORTVERSION= 1.22.3
		6	PORTREVISION= 1
6	CATEGORIES= x11-fm mate	7	CATEGORIES= x11-fm mate
7	MASTER_SITES= MATE	8	MASTER_SITES= MATE
8	DIST_SUBDIR= mate	9	DIST_SUBDIR= mate

Lines 3-9 Link Here

(-)x11-fm/nemo/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= nemo	4	PORTNAME= nemo
5	PORTVERSION= 2.4.5	5	PORTVERSION= 2.4.5
6	PORTREVISION= 4	6	PORTREVISION= 5
7	CATEGORIES= x11-fm gnome	7	CATEGORIES= x11-fm gnome
8	DIST_SUBDIR= gnome3	8	DIST_SUBDIR= gnome3
9		9

Lines 3-8 Link Here

(-)x11-fm/pcmanfm-qt/Makefile (+1 lines)
3		3
4	PORTNAME= pcmanfm-qt	4	PORTNAME= pcmanfm-qt
5	PORTVERSION= 0.14.1	5	PORTVERSION= 0.14.1
		6	PORTREVISION= 1
6	CATEGORIES= x11-fm	7	CATEGORIES= x11-fm
7	MASTER_SITES= LXQT	8	MASTER_SITES= LXQT
8		9

Lines 3-8 Link Here

(-)x11-fm/thunar/Makefile (+1 lines)
3		3
4	PORTNAME= thunar	4	PORTNAME= thunar
5	DISTVERSION= 1.8.12	5	DISTVERSION= 1.8.12
		6	PORTREVISION= 1
6	CATEGORIES= x11-fm xfce	7	CATEGORIES= x11-fm xfce
7	MASTER_SITES= XFCE	8	MASTER_SITES= XFCE
8	DIST_SUBDIR= xfce4	9	DIST_SUBDIR= xfce4

Lines 3-9 Link Here

(-)x11-toolkits/libgdiplus/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= libgdiplus	4	PORTNAME= libgdiplus
5	PORTVERSION= 5.6	5	PORTVERSION= 5.6
6	PORTREVISION= 2	6	PORTREVISION= 3
7	CATEGORIES= x11-toolkits	7	CATEGORIES= x11-toolkits
8	MASTER_SITES= http://download.mono-project.com/sources/${PORTNAME}/	8	MASTER_SITES= http://download.mono-project.com/sources/${PORTNAME}/
9		9

Lines 3-9 Link Here

(-)x11-wm/windowmaker/Makefile (-1 / +1 lines)
3		3
4	PORTNAME= windowmaker	4	PORTNAME= windowmaker
5	PORTVERSION= 0.95.8	5	PORTVERSION= 0.95.8
6	PORTREVISION= 2	6	PORTREVISION= 3
7	CATEGORIES= x11-wm windowmaker	7	CATEGORIES= x11-wm windowmaker
8	MASTER_SITES= http://windowmaker.org/pub/source/release/	8	MASTER_SITES= http://windowmaker.org/pub/source/release/
9	DISTNAME= WindowMaker-${PORTVERSION}	9	DISTNAME= WindowMaker-${PORTVERSION}

Return to bug 244060

Line 0 Link Here

(-)graphics/libexif/files/patch-CVE-2019-9278 (+86 lines)
		1	https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566.patch
		2	From 75aa73267fdb1e0ebfbc00369e7312bac43d0566 Mon Sep 17 00:00:00 2001
		3	From: Marcus Meissner <meissner@suse.de>
		4	Date: Sat, 18 Jan 2020 09:29:42 +0100
		5	Subject: [PATCH] fix CVE-2019-9278
		6
		7	avoid the use of unsafe integer overflow checking constructs (unsigned integer operations cannot overflow, so "u1 + u2 > u1" can be optimized away)
		8
		9	check for the actual sizes, which should also handle the overflows
		10	document other places google patched, but do not seem relevant due to other restrictions
		11
		12	fixes https://github.com/libexif/libexif/issues/26
		13	---
		14	libexif/exif-data.c \| 28 ++++++++++++++++++----------
		15	1 file changed, 18 insertions(+), 10 deletions(-)
		16
		17	diff --git libexif/exif-data.c libexif/exif-data.c
		18	index a6f9c94..6332cd1 100644
		19	--- libexif/exif-data.c
		20	+++ libexif/exif-data.c
		21	@@ -192,9 +192,15 @@ exif_data_load_data_entry (ExifData data, ExifEntry entry,
		22	doff = offset + 8;
		23
		24	/* Sanity checks */
		25	- if ((doff + s < doff) \|\| (doff + s < s) \|\| (doff + s > size)) {
		26	+ if (doff >= size) {
		27	exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
		28	- "Tag data past end of buffer (%u > %u)", doff+s, size);
		29	+ "Tag starts past end of buffer (%u > %u)", doff, size);
		30	+ return 0;
		31	+ }
		32	+
		33	+ if (s > size - doff) {
		34	+ exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
		35	+ "Tag data goes past end of buffer (%u > %u)", doff+s, size);
		36	return 0;
		37	}
		38
		39	@@ -315,13 +321,14 @@ exif_data_load_data_thumbnail (ExifData data, const unsigned char d,
		40	unsigned int ds, ExifLong o, ExifLong s)
		41	{
		42	/* Sanity checks */
		43	- if ((o + s < o) \|\| (o + s < s) \|\| (o + s > ds) \|\| (o > ds)) {
		44	- exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
		45	- "Bogus thumbnail offset (%u) or size (%u).",
		46	- o, s);
		47	+ if (o >= ds) {
		48	+ exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail offset (%u).", o);
		49	+ return;
		50	+ }
		51	+ if (s > ds - o) {
		52	+ exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail size (%u), max would be %u.", s, ds-o);
		53	return;
		54	}
		55	-
		56	if (data->data)
		57	exif_mem_free (data->priv->mem, data->data);
		58	if (!(data->data = exif_data_alloc (data, s))) {
		59	@@ -947,7 +954,7 @@ exif_data_load_data (ExifData data, const unsigned char d_orig,
		60	exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
		61	"IFD 0 at %i.", (int) offset);
		62
		63	- /* Sanity check the offset, being careful about overflow */
		64	+ /* ds is restricted to 16 bit above, so offset is restricted too, and offset+8 should not overflow. */
65	if (offset > ds \|\| offset + 6 + 2 > ds)
66	return;
67
68	@@ -956,6 +963,7 @@ exif_data_load_data (ExifData data, const unsigned char d_orig,
69
70	/* IFD 1 offset */
71	n = exif_get_short (d + 6 + offset, data->priv->order);
72	+ /* offset < 2<<16, n is 16 bit at most, so this op will not overflow */
73	if (offset + 6 + 2 + 12 * n + 4 > ds)
74	return;
75
76	@@ -964,8 +972,8 @@ exif_data_load_data (ExifData data, const unsigned char d_orig,
77	exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
78	"IFD 1 at %i.", (int) offset);
79
80	- /* Sanity check. */
81	- if (offset > ds \|\| offset + 6 > ds) {
82	+ /* Sanity check. ds is ensured to be above 6 above, offset is 16bit */
83	+ if (offset > ds - 6) {
84	exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA,
85	"ExifData", "Bogus offset of IFD1.");
86	} else {

Line 0 Link Here

(-)graphics/libexif/files/patch-chromium-7344-and-14543 (+35 lines)
	1	https://github.com/libexif/libexif/commit/f9bb9f263fb00f0603ecbefa8957cad24168cbff.patch
	2	From f9bb9f263fb00f0603ecbefa8957cad24168cbff Mon Sep 17 00:00:00 2001
	3	From: Dan Fandrich <dan@coneharvesters.com>
	4	Date: Wed, 4 Jul 2018 11:06:09 +0200
	5	Subject: [PATCH] Fix a buffer read overflow in exif_entry_get_value
	6
	7	While parsing EXIF_TAG_FOCAL_LENGTH it was possible to read 8 bytes past
	8	the end of a heap buffer. This was detected by the OSS Fuzz project.
	9	Patch from Google.
	10
	11	Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7344 and
	12	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14543
	13	---
	14	libexif/exif-entry.c \| 4 ++--
	15	1 file changed, 2 insertions(+), 2 deletions(-)
	16
	17	diff --git libexif/exif-entry.c libexif/exif-entry.c
	18	index 61260d3..a224ac2 100644
	19	--- libexif/exif-entry.c
	20	+++ libexif/exif-entry.c
	21	@@ -1040,12 +1040,12 @@ exif_entry_get_value (ExifEntry e, char val, unsigned int maxlen)
	22	d = 0.;
	23	entry = exif_content_get_entry (
	24	e->parent->parent->ifd[EXIF_IFD_0], EXIF_TAG_MAKE);
	25	- if (entry && entry->data &&
	26	+ if (entry && entry->data && entry->size >= 7 &&
	27	!strncmp ((char *)entry->data, "Minolta", 7)) {
	28	entry = exif_content_get_entry (
	29	e->parent->parent->ifd[EXIF_IFD_0],
	30	EXIF_TAG_MODEL);
	31	- if (entry && entry->data) {
	32	+ if (entry && entry->data && entry->size >= 8) {
	33	if (!strncmp ((char *)entry->data, "DiMAGE 7", 8))
	34	d = 3.9;
	35	else if (!strncmp ((char *)entry->data, "DiMAGE 5", 8))

Line 0 Link Here

(-)graphics/libexif/files/patch-chromium-8884 (+24 lines)
	1	https://github.com/libexif/libexif/commit/a0c04d9cb6ab0c41a6458def9f892754e84160a0.patch
	2	From a0c04d9cb6ab0c41a6458def9f892754e84160a0 Mon Sep 17 00:00:00 2001
	3	From: Marcus Meissner <marcus@jet.franken.de>
	4	Date: Sat, 15 Jun 2019 18:40:48 +0200
	5	Subject: [PATCH] fixed a buffer overread (OSS-Fuzz)
	6	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8884
	7
	8	---
	9	libexif/olympus/exif-mnote-data-olympus.c \| 2 +-
	10	1 file changed, 1 insertion(+), 1 deletion(-)
	11
	12	diff --git libexif/olympus/exif-mnote-data-olympus.c libexif/olympus/exif-mnote-data-olympus.c
	13	index dac7f5b..669e4ec 100644
	14	--- libexif/olympus/exif-mnote-data-olympus.c
	15	+++ libexif/olympus/exif-mnote-data-olympus.c
	16	@@ -344,7 +344,7 @@ exif_mnote_data_olympus_load (ExifMnoteData *en,
	17
	18	case nikonV2:
	19	o2 += 6;
	20	- if (o2 >= buf_size) return;
	21	+ if (o2 + 8 >= buf_size) return;
	22	exif_log (en->log, EXIF_LOG_CODE_DEBUG, "ExifMnoteDataOlympus",
	23	"Parsing Nikon maker note v2 (0x%02x, %02x, %02x, "
	24	"%02x, %02x, %02x, %02x, %02x)...",