diff options
-rw-r--r-- | user/atril/CVE-2019-11459.patch | 69 | ||||
-rw-r--r-- | user/yelp-xsl/APKBUILD | 33 |
2 files changed, 33 insertions, 69 deletions
diff --git a/user/atril/CVE-2019-11459.patch b/user/atril/CVE-2019-11459.patch deleted file mode 100644 index a826cbd29..000000000 --- a/user/atril/CVE-2019-11459.patch +++ /dev/null @@ -1,69 +0,0 @@ -Backport of the following, since it did not apply due to whitespace / -formatting - -From bd4ce9171fef52720e74ffeeeeca3b0c5b5d4808 Mon Sep 17 00:00:00 2001 -From: Victor Kareh <vkareh@redhat.com> -Date: Sun, 11 Aug 2019 05:20:09 +0300 -Subject: [PATCH] tiff: Handle failure from TIFFReadRGBAImageOriented - -The TIFFReadRGBAImageOriented function returns zero if it was unable to -read the image. Return NULL in this case instead of displaying -uninitialized memory. - -This addresses CVE-2019-11459 - -upstream commit: -https://gitlab.gnome.org/GNOME/evince/commit/234f034a4 ---- - ---- atril-1.22.1/backend/tiff/tiff-document.c -+++ atril-1.22.1/backend/tiff/tiff-document.c -@@ -282,17 +282,21 @@ tiff_document_render (EvDocument *d - return NULL; - } - -+ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, -+ width, height, -+ (uint32 *)pixels, -+ orientation, 0)) { -+ g_warning ("Failed to read TIFF image."); -+ g_free (pixels); -+ return NULL; -+ } -+ - surface = cairo_image_surface_create_for_data (pixels, - CAIRO_FORMAT_RGB24, - width, height, - rowstride); - cairo_surface_set_user_data (surface, &key, - pixels, (cairo_destroy_func_t)g_free); -- -- TIFFReadRGBAImageOriented (tiff_document->tiff, -- width, height, -- (uint32 *)pixels, -- orientation, 0); - pop_handlers (); - - /* Convert the format returned by libtiff to -@@ -373,13 +377,17 @@ tiff_document_render_pixbuf (EvDocument - if (!pixels) - return NULL; - -+ if (!TIFFReadRGBAImageOriented (tiff_document->tiff, -+ width, height, -+ (uint32 *)pixels, -+ ORIENTATION_TOPLEFT, 0)) { -+ g_free (pixels); -+ return NULL; -+ } -+ - pixbuf = gdk_pixbuf_new_from_data (pixels, GDK_COLORSPACE_RGB, TRUE, 8, - width, height, rowstride, - (GdkPixbufDestroyNotify) g_free, NULL); -- TIFFReadRGBAImageOriented (tiff_document->tiff, -- width, height, -- (uint32 *)pixels, -- ORIENTATION_TOPLEFT, 0); - pop_handlers (); - - scaled_pixbuf = gdk_pixbuf_scale_simple (pixbuf, diff --git a/user/yelp-xsl/APKBUILD b/user/yelp-xsl/APKBUILD new file mode 100644 index 000000000..65c20e517 --- /dev/null +++ b/user/yelp-xsl/APKBUILD @@ -0,0 +1,33 @@ +# Contributor: Sheila Aman <sheila@vulpine.house> +# Maintainer: Sheila Aman <sheila@vulpine.house> +pkgname=yelp-xsl +pkgver=40.2 +pkgrel=0 +pkgdesc="XSL stylesheets for Yelp documentation" +url="http://live.gnome.org/Yelp" +arch="noarch" +license="GPL-2.0+" +depends="" +makedepends="itstool" +source="https://download-fallback.gnome.org/sources/yelp-xsl/40/yelp-xsl-$pkgver.tar.xz" + +build() { + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --localstatedir=/var + make +} + +check() { + make check +} + +package() { + make DESTDIR="$pkgdir" install +} + +sha512sums="d365d6d873878a640244053efa9f2b9f7330a8bbca1c47073f0617c1f9150f58e91b48ac7d28e5b65fd113d612afd65b5f9c3d16a6958a957130f85d2f866483 yelp-xsl-40.2.tar.xz" |