From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JPnYz-0000AC-BO for garchives@archives.gentoo.org; Thu, 14 Feb 2008 23:32:21 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9199FE0588; Thu, 14 Feb 2008 23:32:19 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 4DE2FE05A4 for ; Thu, 14 Feb 2008 23:32:19 +0000 (UTC) Received: from stork.gentoo.org (stork.gentoo.org [64.127.104.133]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id DD36B65A3A for ; Thu, 14 Feb 2008 23:32:18 +0000 (UTC) Received: from bicatali by stork.gentoo.org with local (Exim 4.68) (envelope-from ) id 1JPnYv-0001x3-OI for gentoo-commits@lists.gentoo.org; Thu, 14 Feb 2008 23:32:17 +0000 From: "Sebastien Fabbro (bicatali)" To: gentoo-commits@lists.gentoo.org Reply-To: gentoo-dev@lists.gentoo.org, bicatali@gentoo.org Subject: [gentoo-commits] gentoo-x86 commit in sci-astronomy/ds9/files: ds9-5.1-tk-gif.patch ds9-5.0-Makefile.patch X-VCS-Repository: gentoo-x86 X-VCS-Files: ds9-5.1-tk-gif.patch ds9-5.0-Makefile.patch X-VCS-Directories: sci-astronomy/ds9/files X-VCS-Committer: bicatali X-VCS-Committer-Name: Sebastien Fabbro Content-Type: text/plain; charset=utf8 Message-Id: Sender: Sebastien Fabbro Date: Thu, 14 Feb 2008 23:32:17 +0000 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 58bd3e63-ceac-485c-a79c-38e791155b8a X-Archives-Hash: bb035a79f1b330c23d9f30780f73222a bicatali 08/02/14 23:32:17 Added: ds9-5.1-tk-gif.patch Removed: ds9-5.0-Makefile.patch Log: Fixed security bug in internal copy to tk (bug #208464), removed older = affected version. (Portage version: 2.1.4.3) Revision Changes Path 1.1 sci-astronomy/ds9/files/ds9-5.1-tk-gif.patch file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sci-astronomy/ds9/= files/ds9-5.1-tk-gif.patch?rev=3D1.1&view=3Dmarkup plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sci-astronomy/ds9/= files/ds9-5.1-tk-gif.patch?rev=3D1.1&content-type=3Dtext/plain Index: ds9-5.1-tk-gif.patch =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- tk8.4.17/generic/tkImgGIF.c.orig 2008-02-14 23:20:53.683962654 +0000 +++ tk8.4.17/generic/tkImgGIF.c 2008-02-14 23:21:42.762759495 +0000 @@ -826,6 +826,12 @@ Tcl_PosixError(interp), (char *) NULL); return TCL_ERROR; } + + if (initialCodeSize > MAX_LWZ_BITS) { + Tcl_SetResult(interp, "malformed image", TCL_STATIC); + return TCL_ERROR; + } + if (transparent !=3D -1) { cmap[transparent][CM_RED] =3D 0; cmap[transparent][CM_GREEN] =3D 0; --=20 gentoo-commits@lists.gentoo.org mailing list