SliTaz Repositories

     1.1 --- a/abiword/receipt	Sun Mar 13 12:06:14 2022 +0000
     1.2 +++ b/abiword/receipt	Sun Mar 13 15:13:28 2022 +0000
     1.3 @@ -25,10 +25,9 @@
     1.4  current_version()
     1.5  {
     1.6  	wget -O - http://www.abisource.com/downloads/abiword/ 2>/dev/null | \
     1.7 -	sed "/latest/d;/\[DIR/!d;s|.*href=.\\([0-9\.]*\\)/.*|http://www.abisource.com/downloads/abiword/\\1/source/|" | sort -Vr | sed q > /tmp/url$$
     1.8 -	cat /tmp/url$$ | xargs wget -O - 2>/dev/null | \
     1.9 +	sed "/latest/d;/\[DIR/!d;s|.*href=.\\([0-9\.]*\\)/.*|http://www.abisource.com/downloads/abiword/\\1/source/|" | \
    1.10 +	sort -Vr | sed q | xargs wget -O - 2>/dev/null | \
    1.11  	sed "/latest/d;/$PACKAGE-/!d;/tar/!d;s|.*$PACKAGE-\\(.*\\).tar.*\".*|\\1|" | sort -Vr | sed q
    1.12 -	rm -f /tmp/url$$
    1.13  }
    1.14  
    1.15  # Rules to configure and make the package.

     2.1 --- a/advancecomp/receipt	Sun Mar 13 12:06:14 2022 +0000
     2.2 +++ b/advancecomp/receipt	Sun Mar 13 15:13:28 2022 +0000
     2.3 @@ -23,7 +23,9 @@
     2.4  # Rules to configure and make the package.
     2.5  compile_rules()
     2.6  {
     2.7 -	patch -p1 -i $stuff/advancecomp.patch
     2.8 +	for patch in $stuff/*.patch ; do
     2.9 +		patch -p1 -i $patch
    2.10 +	done
    2.11  
    2.12  	./autogen.sh &&
    2.13  	./configure $CONFIGURE_ARGS && make && make install

     3.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     3.2 +++ b/advancecomp/stuff/CVE-2019-8383.patch	Sun Mar 13 15:13:28 2022 +0000
     3.3 @@ -0,0 +1,44 @@
     3.4 +commit 78a56b21340157775be2462a19276b4d31d2bd01
     3.5 +Author: Andrea Mazzoleni <amadvance@gmail.com>
     3.6 +Date:   Fri Jan 4 20:49:25 2019 +0100
     3.7 +
     3.8 +    Fix a buffer overflow caused by invalid images
     3.9 +
    3.10 +diff --git a/lib/png.c b/lib/png.c
    3.11 +index 0939a5a..cbf140b 100644
    3.12 +--- a/lib/png.c
    3.13 ++++ b/lib/png.c
    3.14 +@@ -603,6 +603,7 @@ adv_error adv_png_read_ihdr(
    3.15 + 	unsigned pixel;
    3.16 + 	unsigned width;
    3.17 + 	unsigned width_align;
    3.18 ++	unsigned scanline;
    3.19 + 	unsigned height;
    3.20 + 	unsigned depth;
    3.21 + 	int r;
    3.22 +@@ -719,9 +720,23 @@ adv_error adv_png_read_ihdr(
    3.23 + 		goto err_ptr;
    3.24 + 	}
    3.25 + 
    3.26 +-	*dat_size = height * (width_align * pixel + 1);
    3.27 ++	/* check for overflow */
    3.28 ++	if (pixel == 0 || width_align >= UINT_MAX / pixel) {
    3.29 ++		error_set("Invalid image size");
    3.30 ++		goto err_ptr;
    3.31 ++	}
    3.32 ++
    3.33 ++	scanline = width_align * pixel + 1;
    3.34 ++
    3.35 ++	/* check for overflow */
    3.36 ++	if (scanline == 0 || height >= UINT_MAX / scanline) {
    3.37 ++		error_set("Invalid image size");
    3.38 ++		goto err_ptr;
    3.39 ++	}
    3.40 ++
    3.41 ++	*dat_size = height * scanline;
    3.42 + 	*dat_ptr = malloc(*dat_size);
    3.43 +-	*pix_scanline = width_align * pixel + 1;
    3.44 ++	*pix_scanline = scanline;
    3.45 + 	*pix_ptr = *dat_ptr + 1;
    3.46 + 
    3.47 + 	z.zalloc = 0;

     4.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.2 +++ b/advancecomp/stuff/CVE-2019-9210.patch	Sun Mar 13 15:13:28 2022 +0000
     4.3 @@ -0,0 +1,100 @@
     4.4 +commit 7894a6e684ce68ddff9f4f4919ab8e3911ac8040
     4.5 +Author: Andrea Mazzoleni <amadvance@gmail.com>
     4.6 +Date:   Fri Jan 4 20:49:48 2019 +0100
     4.7 +
     4.8 +    Fix a buffer overflow caused by invalid chunks
     4.9 +
    4.10 +diff --git a/pngex.cc b/pngex.cc
    4.11 +index 55d16f5..3f5b49f 100644
    4.12 +--- a/pngex.cc
    4.13 ++++ b/pngex.cc
    4.14 +@@ -163,6 +163,10 @@ void png_print_chunk(unsigned type, unsigned char* data, unsigned size)
    4.15 + 
    4.16 + 	switch (type) {
    4.17 + 		case ADV_MNG_CN_MHDR :
    4.18 ++			if (size < 28) {
    4.19 ++				cout << " invalid chunk size";
    4.20 ++				break;
    4.21 ++			}
    4.22 + 			cout << " width:" << be_uint32_read(data+0) << " height:" << be_uint32_read(data+4) << " frequency:" << be_uint32_read(data+8);
    4.23 + 			cout << " simplicity:" << be_uint32_read(data+24);
    4.24 + 			cout << "(bit";
    4.25 +@@ -174,6 +178,10 @@ void png_print_chunk(unsigned type, unsigned char* data, unsigned size)
    4.26 + 			cout << ")";
    4.27 + 		break;
    4.28 + 		case ADV_MNG_CN_DHDR :
    4.29 ++			if (size < 4) {
    4.30 ++				cout << " invalid chunk size";
    4.31 ++				break;
    4.32 ++			}
    4.33 + 			cout << " id:" << be_uint16_read(data+0);
    4.34 + 			switch (data[2]) {
    4.35 + 				case 0 : cout << " img:unspecified"; break;
    4.36 +@@ -243,6 +251,10 @@ void png_print_chunk(unsigned type, unsigned char* data, unsigned size)
    4.37 + 			}
    4.38 + 			break;
    4.39 + 		case ADV_MNG_CN_DEFI :
    4.40 ++			if (size < 2) {
    4.41 ++				cout << " invalid chunk size";
    4.42 ++				break;
    4.43 ++			}
    4.44 + 			cout << " id:" << be_uint16_read(data+0);
    4.45 + 			if (size >= 3) {
    4.46 + 				switch (data[2]) {
    4.47 +@@ -266,6 +278,10 @@ void png_print_chunk(unsigned type, unsigned char* data, unsigned size)
    4.48 + 			}
    4.49 + 		break;
    4.50 + 		case ADV_MNG_CN_MOVE :
    4.51 ++			if (size < 13) {
    4.52 ++				cout << " invalid chunk size";
    4.53 ++				break;
    4.54 ++			}
    4.55 + 			cout << " id_from:" << be_uint16_read(data+0) << " id_to:" << be_uint16_read(data+2);
    4.56 + 			switch (data[4]) {
    4.57 + 				case 0 : cout << " type:replace"; break;
    4.58 +@@ -275,6 +291,10 @@ void png_print_chunk(unsigned type, unsigned char* data, unsigned size)
    4.59 + 			cout << " x:" << (int)be_uint32_read(data + 5) << " y:" << (int)be_uint32_read(data + 9);
    4.60 + 			break;
    4.61 + 		case ADV_MNG_CN_PPLT :
    4.62 ++			if (size < 1) {
    4.63 ++				cout << " invalid chunk size";
    4.64 ++				break;
    4.65 ++			}
    4.66 + 			switch (data[0]) {
    4.67 + 				case 0 : cout << " type:replacement_rgb"; break;
    4.68 + 				case 1 : cout << " type:delta_rgb"; break;
    4.69 +@@ -285,7 +305,7 @@ void png_print_chunk(unsigned type, unsigned char* data, unsigned size)
    4.70 + 				default : cout << " type:?"; break;
    4.71 + 			}
    4.72 + 			i = 1;
    4.73 +-			while (i<size) {
    4.74 ++			while (i + 1 < size) {
    4.75 + 				unsigned ssize;
    4.76 + 				cout << " " << (unsigned)data[i] << ":" << (unsigned)data[i+1];
    4.77 + 				if (data[0] == 0 || data[1] == 1)
    4.78 +@@ -298,6 +318,10 @@ void png_print_chunk(unsigned type, unsigned char* data, unsigned size)
    4.79 + 			}
    4.80 + 			break;
    4.81 + 		case ADV_PNG_CN_IHDR :
    4.82 ++			if (size < 13) {
    4.83 ++				cout << " invalid chunk size";
    4.84 ++				break;
    4.85 ++			}
    4.86 + 			cout << " width:" << be_uint32_read(data) << " height:" << be_uint32_read(data + 4);
    4.87 + 			cout << " depth:" << (unsigned)data[8];
    4.88 + 			cout << " color_type:" << (unsigned)data[9];
    4.89 +diff -up advancecomp-2.1/lib/png.c.me advancecomp-2.1/lib/png.c
    4.90 +--- advancecomp-2.1/lib/png.c.me	2019-03-06 21:38:19.099210846 +0100
    4.91 ++++ advancecomp-2.1/lib/png.c	2019-03-06 21:38:49.193040592 +0100
    4.92 +@@ -655,6 +655,11 @@ adv_error adv_png_read_ihdr(
    4.93 + 	}
    4.94 + 	*pix_pixel = pixel;
    4.95 + 
    4.96 ++	if (width_align < width) {
    4.97 ++		error_unsupported_set("Invalid image size");
    4.98 ++		goto err;
    4.99 ++	}
   4.100 ++
   4.101 + 	if (data[10] != 0) { /* compression */
   4.102 + 		error_unsupported_set("Unsupported compression, %d instead of 0", (unsigned)data[10]);
   4.103 + 		goto err;

     5.1 --- a/babl/receipt	Sun Mar 13 12:06:14 2022 +0000
     5.2 +++ b/babl/receipt	Sun Mar 13 15:13:28 2022 +0000
     5.3 @@ -20,10 +20,9 @@
     5.4  current_version()
     5.5  {
     5.6  	wget -O - https://download.gimp.org/pub/$PACKAGE/ 2>/dev/null | \
     5.7 -	sed "/latest/d;/\[DIR/!d;s|.*href=.\\(.*\\)/.*\".*|https://download.gimp.org/pub/$PACKAGE/\\1|" | sort -Vr | sed q > /tmp/url$$
     5.8 -	cat /tmp/url$$ | xargs wget -O - 2>/dev/null | \
     5.9 +	sed "/latest/d;/\[DIR/!d;s|.*href=.\\(.*\\)/.*\".*|https://download.gimp.org/pub/$PACKAGE/\\1|" | \
    5.10 +	sort -Vr | sed q | xargs wget -O - 2>/dev/null | \
    5.11  	sed "/latest/d;/$PACKAGE-/!d;/tar/!d;s|.*$PACKAGE-\\(.*\\).tar.*\".*|\\1|" | sort -Vr | sed q
    5.12 -	rm -f /tmp/url$$
    5.13  }
    5.14  
    5.15  # Rules to configure and make the package.

     6.1 --- a/gegl/receipt	Sun Mar 13 12:06:14 2022 +0000
     6.2 +++ b/gegl/receipt	Sun Mar 13 15:13:28 2022 +0000
     6.3 @@ -19,10 +19,9 @@
     6.4  current_version()
     6.5  {
     6.6  	wget -O - https://download.gimp.org/pub/$PACKAGE/ 2>/dev/null | \
     6.7 -	sed "/latest/d;/\[DIR/!d;s|.*href=.\\(.*\\)/.*\".*|https://download.gimp.org/pub/$PACKAGE/\\1/|" | sort -Vr | sed q > /tmp/url$$
     6.8 -	cat /tmp/url$$ | xargs wget -O - 2>/dev/null | \
     6.9 +	sed "/latest/d;/\[DIR/!d;s|.*href=.\\(.*\\)/.*\".*|https://download.gimp.org/pub/$PACKAGE/\\1/|" | \
    6.10 +	sort -Vr | sed q | xargs wget -O - 2>/dev/null | \
    6.11  	sed "/latest/d;/$PACKAGE-/!d;/tar/!d;s|.*$PACKAGE-\\(.*\\).tar.*\".*|\\1|" | sort -Vr | sed q
    6.12 -	rm -f /tmp/url$$
    6.13  }
    6.14  
    6.15  # Rules to configure and make the package.

     7.1 --- a/gimp/receipt	Sun Mar 13 12:06:14 2022 +0000
     7.2 +++ b/gimp/receipt	Sun Mar 13 15:13:28 2022 +0000
     7.3 @@ -22,10 +22,9 @@
     7.4  current_version()
     7.5  {
     7.6  	wget -O - https://download.gimp.org/pub/$PACKAGE/ 2>/dev/null | \
     7.7 -	sed "/latest/d;/\[DIR/!d;/v[0-9]/!d;s|.*href=.\\(.*\\)/.*\".*|https://download.gimp.org/pub/$PACKAGE/\\1|" | sort -Vr | sed q > /tmp/url$$
     7.8 -	cat /tmp/url$$ | xargs wget -O - 2>/dev/null | \
     7.9 +	sed "/latest/d;/\[DIR/!d;/v[0-9]/!d;s|.*href=.\\(.*\\)/.*\".*|https://download.gimp.org/pub/$PACKAGE/\\1|" | \
    7.10 +	sort -Vr | sed q | xargs wget -O - 2>/dev/null | \
    7.11  	sed "/latest/d;/$PACKAGE-/!d;/tar/!d;s|.*$PACKAGE-\\(.*\\).tar.*\".*|\\1|" | sort -Vr | sed q
    7.12 -	rm -f /tmp/url$$
    7.13  }
    7.14  
    7.15  # Rules to configure and make the package.