diff options
author | markus <markus@FreeBSD.org> | 2006-10-23 19:14:54 +0800 |
---|---|---|
committer | markus <markus@FreeBSD.org> | 2006-10-23 19:14:54 +0800 |
commit | 9e1e77e6f9bbc59b131ad1c1b39c514ac11e7d00 (patch) | |
tree | 9ada8b05ba5638eba7d79c9741dabfce7602c155 /x11/kdelibs3 | |
parent | 859b226fc3545a63797a4fe4bbe6d13c324b58ec (diff) | |
download | freebsd-ports-gnome-9e1e77e6f9bbc59b131ad1c1b39c514ac11e7d00.tar.gz freebsd-ports-gnome-9e1e77e6f9bbc59b131ad1c1b39c514ac11e7d00.tar.zst freebsd-ports-gnome-9e1e77e6f9bbc59b131ad1c1b39c514ac11e7d00.zip |
- Fix an integer overflow vulnerability in Qt and kdelibs
- Bump PORTREVISIONs
Approved by: portmgr (erwin)
Security: CVE-2006-4811
Security: https://rhn.redhat.com/errata/RHSA-2006-0720.html
Diffstat (limited to 'x11/kdelibs3')
-rw-r--r-- | x11/kdelibs3/Makefile | 2 | ||||
-rw-r--r-- | x11/kdelibs3/files/patch-CVE-2006-4811 | 14 |
2 files changed, 15 insertions, 1 deletions
diff --git a/x11/kdelibs3/Makefile b/x11/kdelibs3/Makefile index 00ae1a11b738..ecafb51987c7 100644 --- a/x11/kdelibs3/Makefile +++ b/x11/kdelibs3/Makefile @@ -8,7 +8,7 @@ PORTNAME= kdelibs PORTVERSION= ${KDE_VERSION} -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= x11 kde MASTER_SITES= ${MASTER_SITE_KDE} MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src diff --git a/x11/kdelibs3/files/patch-CVE-2006-4811 b/x11/kdelibs3/files/patch-CVE-2006-4811 new file mode 100644 index 000000000000..8a9c8dfebb57 --- /dev/null +++ b/x11/kdelibs3/files/patch-CVE-2006-4811 @@ -0,0 +1,14 @@ +Index: khtml/rendering/render_image.cpp +=================================================================== +--- khtml/rendering/render_image.cpp (revision 594232) ++++ khtml/rendering/render_image.cpp (working copy) +@@ -294,7 +294,8 @@ void RenderImage::paint(PaintInfo& paint + if ( (cWidth != intrinsicWidth() || cHeight != intrinsicHeight()) && + pix.width() > 0 && pix.height() > 0 && i->valid_rect().isValid()) + { +- if (resizeCache.isNull() && cWidth && cHeight && intrinsicWidth() && intrinsicHeight()) ++ if (resizeCache.isNull() && cWidth > 0 && cHeight > 0 && intrinsicWidth() && intrinsicHeight() ++ && cWidth < 4096 && cHeight < 4096) + { + QRect scaledrect(i->valid_rect()); + // kdDebug(6040) << "time elapsed: " << dt->elapsed() << endl; |