aboutsummaryrefslogtreecommitdiffstats
path: root/x11/kdelibs3
diff options
context:
space:
mode:
authormarkus <markus@FreeBSD.org>2006-10-23 19:14:54 +0800
committermarkus <markus@FreeBSD.org>2006-10-23 19:14:54 +0800
commit9e1e77e6f9bbc59b131ad1c1b39c514ac11e7d00 (patch)
tree9ada8b05ba5638eba7d79c9741dabfce7602c155 /x11/kdelibs3
parent859b226fc3545a63797a4fe4bbe6d13c324b58ec (diff)
downloadfreebsd-ports-gnome-9e1e77e6f9bbc59b131ad1c1b39c514ac11e7d00.tar.gz
freebsd-ports-gnome-9e1e77e6f9bbc59b131ad1c1b39c514ac11e7d00.tar.zst
freebsd-ports-gnome-9e1e77e6f9bbc59b131ad1c1b39c514ac11e7d00.zip
- Fix an integer overflow vulnerability in Qt and kdelibs
- Bump PORTREVISIONs Approved by: portmgr (erwin) Security: CVE-2006-4811 Security: https://rhn.redhat.com/errata/RHSA-2006-0720.html
Diffstat (limited to 'x11/kdelibs3')
-rw-r--r--x11/kdelibs3/Makefile2
-rw-r--r--x11/kdelibs3/files/patch-CVE-2006-481114
2 files changed, 15 insertions, 1 deletions
diff --git a/x11/kdelibs3/Makefile b/x11/kdelibs3/Makefile
index 00ae1a11b738..ecafb51987c7 100644
--- a/x11/kdelibs3/Makefile
+++ b/x11/kdelibs3/Makefile
@@ -8,7 +8,7 @@
PORTNAME= kdelibs
PORTVERSION= ${KDE_VERSION}
-PORTREVISION= 3
+PORTREVISION= 4
CATEGORIES= x11 kde
MASTER_SITES= ${MASTER_SITE_KDE}
MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src
diff --git a/x11/kdelibs3/files/patch-CVE-2006-4811 b/x11/kdelibs3/files/patch-CVE-2006-4811
new file mode 100644
index 000000000000..8a9c8dfebb57
--- /dev/null
+++ b/x11/kdelibs3/files/patch-CVE-2006-4811
@@ -0,0 +1,14 @@
+Index: khtml/rendering/render_image.cpp
+===================================================================
+--- khtml/rendering/render_image.cpp (revision 594232)
++++ khtml/rendering/render_image.cpp (working copy)
+@@ -294,7 +294,8 @@ void RenderImage::paint(PaintInfo& paint
+ if ( (cWidth != intrinsicWidth() || cHeight != intrinsicHeight()) &&
+ pix.width() > 0 && pix.height() > 0 && i->valid_rect().isValid())
+ {
+- if (resizeCache.isNull() && cWidth && cHeight && intrinsicWidth() && intrinsicHeight())
++ if (resizeCache.isNull() && cWidth > 0 && cHeight > 0 && intrinsicWidth() && intrinsicHeight()
++ && cWidth < 4096 && cHeight < 4096)
+ {
+ QRect scaledrect(i->valid_rect());
+ // kdDebug(6040) << "time elapsed: " << dt->elapsed() << endl;