View | Details | Raw Unified | Return to bug 140335
Collapse All | Expand All

(-)b/graphics/gd/Makefile (-1 / +1 lines)
Lines 7-13 Link Here
7
7
8
PORTNAME=	gd
8
PORTNAME=	gd
9
PORTVERSION=	2.0.35
9
PORTVERSION=	2.0.35
10
PORTREVISION?=	1
10
PORTREVISION?=	2
11
PORTEPOCH=	1
11
PORTEPOCH=	1
12
CATEGORIES+=	graphics
12
CATEGORIES+=	graphics
13
MASTER_SITES=	http://www.libgd.org/releases/
13
MASTER_SITES=	http://www.libgd.org/releases/
(-)b/graphics/gd/files/patch-cve-2009-3546 (+15 lines)
Added Link Here
1
Adopted-From: http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/gd/libgd/gd_gd.c?r1=289557&r2=289556&pathrev=289557&view=patch
2
3
--- gd_gd.c.orig	2006-04-05 19:52:22.000000000 +0400
4
+++ gd_gd.c	2009-11-06 18:06:50.000000000 +0300
5
@@ -44,6 +44,10 @@
6
 	    {
7
 	      goto fail1;
8
 	    }
9
+	  if (im->colorsTotal > gdMaxColors)
10
+	    {
11
+	      goto fail1;
12
+	    }
13
 	}
14
       /* Int to accommodate truecolor single-color transparency */
15
       if (!gdGetInt (&im->transparent, in))
(-)b/graphics/php4-gd/Makefile (+2 lines)
Lines 11-14 MASTERDIR= ${.CURDIR}/../../lang/php4 Link Here
11
11
12
PKGNAMESUFFIX=	-gd
12
PKGNAMESUFFIX=	-gd
13
13
14
PORTREVISION=	1
15
14
.include "${MASTERDIR}/Makefile"
16
.include "${MASTERDIR}/Makefile"
(-)b/graphics/php4-gd/files/patch-cve-2009-3546 (+14 lines)
Added Link Here
1
Obtained-From: http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/gd/libgd/gd_gd.c?r1=289557&r2=289556&pathrev=289557&view=patch
2
3
--- libgd/gd_gd.c	2009/10/12 09:44:18	289556
4
+++ libgd/gd_gd.c	2009/10/12 10:01:37	289557
5
@@ -39,6 +39,9 @@
6
 			if (!gdGetWord(&im->colorsTotal, in)) {
7
 				goto fail1;
8
 			}
9
+			if (im->colorsTotal > gdMaxColors) {
10
+				goto fail1;
11
+			}
12
 		}
13
 		/* Int to accommodate truecolor single-color transparency */
14
 		if (!gdGetInt(&im->transparent, in)) {
(-)b/graphics/php5-gd/Makefile (+2 lines)
Lines 11-14 MASTERDIR= ${.CURDIR}/../../lang/php5 Link Here
11
11
12
PKGNAMESUFFIX=	-gd
12
PKGNAMESUFFIX=	-gd
13
13
14
PORTREVISION=	2
15
14
.include "${MASTERDIR}/Makefile"
16
.include "${MASTERDIR}/Makefile"
(-)b/graphics/php5-gd/files/patch-cve-2009-3546 (+14 lines)
Added Link Here
1
Obtained-From: http://svn.php.net/viewvc/php/php-src/branches/PHP_5_2/ext/gd/libgd/gd_gd.c?r1=289557&r2=289556&pathrev=289557&view=patch
2
3
--- libgd/gd_gd.c	2009/10/12 09:44:18	289556
4
+++ libgd/gd_gd.c	2009/10/12 10:01:37	289557
5
@@ -39,6 +39,9 @@
6
 			if (!gdGetWord(&im->colorsTotal, in)) {
7
 				goto fail1;
8
 			}
9
+			if (im->colorsTotal > gdMaxColors) {
10
+				goto fail1;
11
+			}
12
 		}
13
 		/* Int to accommodate truecolor single-color transparency */
14
 		if (!gdGetInt(&im->transparent, in)) {
(-)b/security/vuxml/vuln.xml (-4 / +4 lines)
Lines 40-54 Note: Please add new entries to the beginning of this file. Link Here
40
    <affects>
40
    <affects>
41
      <package>
41
      <package>
42
	<name>gd</name>
42
	<name>gd</name>
43
	<range><gt>0</gt></range>
43
	<range><lt>2.0.35_2,1</lt></range>
44
      </package>
44
      </package>
45
      <package>
45
      <package>
46
	<name>php5-gd</name>
46
	<name>php5-gd</name>
47
	<range><gt>0</gt></range>
47
	<range><lt>5.2.11_2</lt></range>
48
      </package>
48
      </package>
49
      <package>
49
      <package>
50
	<name>php4-gd</name>
50
	<name>php4-gd</name>
51
	<range><gt>0</gt></range>
51
	<range><lt>4.4.9_1</lt></range>
52
      </package>
52
      </package>
53
    </affects>
53
    </affects>
54
    <description>
54
    <description>
Lines 73-78 Note: Please add new entries to the beginning of this file. Link Here
73
    <dates>
73
    <dates>
74
      <discovery>2009-10-15</discovery>
74
      <discovery>2009-10-15</discovery>
75
      <entry>2009-11-05</entry>
75
      <entry>2009-11-05</entry>
76
      <modified>2009-11-06</modified>
76
    </dates>
77
    </dates>
77
  </vuln>
78
  </vuln>
78
79
79
- 

Return to bug 140335