graphicsmagick: 1.3.32 → 1.3.35
Fixes: CVE-2020-10938
This commit is contained in:
Martin Weinelt
Frederik Rietdijk
parent
8fe050fb78
commit
459bad4be4
@ -1,42 +0,0 @@
|
|||||||
# reduced version of commit f30492f40f78d867b43422215057dd21de4ba447
|
|
||||||
# from upstream hg repository:
|
|
||||||
RegisterPNGImage(): Pass correct size value to strlcat().
|
|
||||||
|
|
||||||
diff -r 95c4711e8bee -r f30492f40f78 coders/png.c
|
|
||||||
--- a/coders/png.c Mon Jun 17 07:24:30 2019 -0500
|
|
||||||
+++ b/coders/png.c Mon Jun 17 18:54:43 2019 -0500
|
|
||||||
@@ -6427,26 +6427,26 @@
|
|
||||||
|
|
||||||
*version='\0';
|
|
||||||
#if defined(PNG_LIBPNG_VER_STRING)
|
|
||||||
- (void) strlcat(version,"libpng ",MaxTextExtent);
|
|
||||||
- (void) strlcat(version,PNG_LIBPNG_VER_STRING,MaxTextExtent);
|
|
||||||
+ (void) strlcat(version,"libpng ",sizeof(version));
|
|
||||||
+ (void) strlcat(version,PNG_LIBPNG_VER_STRING,sizeof(version));
|
|
||||||
#if (PNG_LIBPNG_VER > 10005)
|
|
||||||
if (LocaleCompare(PNG_LIBPNG_VER_STRING,png_get_header_ver(NULL)) != 0)
|
|
||||||
{
|
|
||||||
- (void) strlcat(version,",",MaxTextExtent);
|
|
||||||
- (void) strlcat(version,png_get_libpng_ver(NULL),MaxTextExtent);
|
|
||||||
+ (void) strlcat(version,",",sizeof(version));
|
|
||||||
+ (void) strlcat(version,png_get_libpng_ver(NULL),sizeof(version));
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(ZLIB_VERSION)
|
|
||||||
if (*version != '\0')
|
|
||||||
- (void) strlcat(version,", ",MaxTextExtent);
|
|
||||||
- (void) strlcat(version,"zlib ",MaxTextExtent);
|
|
||||||
- (void) strlcat(version,ZLIB_VERSION,MaxTextExtent);
|
|
||||||
+ (void) strlcat(version,", ",sizeof(version));
|
|
||||||
+ (void) strlcat(version,"zlib ",sizeof(version));
|
|
||||||
+ (void) strlcat(version,ZLIB_VERSION,sizeof(version));
|
|
||||||
if (LocaleCompare(ZLIB_VERSION,zlib_version) != 0)
|
|
||||||
{
|
|
||||||
- (void) strlcat(version,",",MaxTextExtent);
|
|
||||||
- (void) strlcat(version,zlib_version,MaxTextExtent);
|
|
||||||
+ (void) strlcat(version,",",sizeof(version));
|
|
||||||
+ (void) strlcat(version,zlib_version,sizeof(version));
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
@ -4,16 +4,15 @@
|
|||||||
|
|
||||||
stdenv.mkDerivation rec {
|
stdenv.mkDerivation rec {
|
||||||
pname = "graphicsmagick";
|
pname = "graphicsmagick";
|
||||||
version = "1.3.32";
|
version = "1.3.35";
|
||||||
|
|
||||||
src = fetchurl {
|
src = fetchurl {
|
||||||
url = "mirror://sourceforge/graphicsmagick/GraphicsMagick-${version}.tar.xz";
|
url = "mirror://sourceforge/graphicsmagick/GraphicsMagick-${version}.tar.xz";
|
||||||
sha256 = "1qclp9i31idpcbbqswmnq2q11lmv0a7cvdb1y72xcky8sshaahmq";
|
sha256 = "0l024l4hawm9s3jqrgi2j0lxgm61dqh8sgkj1017ma7y11hqv2hq";
|
||||||
};
|
};
|
||||||
|
|
||||||
patches = [
|
patches = [
|
||||||
./disable-popen.patch
|
./disable-popen.patch
|
||||||
./1.3.32-darwin-png-strlcat-fix.patch
|
|
||||||
];
|
];
|
||||||
|
|
||||||
configureFlags = [
|
configureFlags = [
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user