diff options
author | Nirbheek Chauhan <nirbheek@gentoo.org> | 2009-06-27 11:34:54 +0000 |
---|---|---|
committer | Nirbheek Chauhan <nirbheek@gentoo.org> | 2009-06-27 11:34:54 +0000 |
commit | feb27ab0041e15736db7beba13658c0182c66e1e (patch) | |
tree | 53facfbf7feb69dbae92a27ddcd820a84d6bbfad /net-libs/webkit-gtk | |
parent | Keyworded on alpha, bug #269088 (diff) | |
download | gentoo-2-feb27ab0041e15736db7beba13658c0182c66e1e.tar.gz gentoo-2-feb27ab0041e15736db7beba13658c0182c66e1e.tar.bz2 gentoo-2-feb27ab0041e15736db7beba13658c0182c66e1e.zip |
Fix bug 271861 (Array indexing vulnerability (CVE-2009-0945))
(Portage version: 2.2_rc33/cvs/Linux i686)
Diffstat (limited to 'net-libs/webkit-gtk')
-rw-r--r-- | net-libs/webkit-gtk/ChangeLog | 8 | ||||
-rw-r--r-- | net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch | 18 | ||||
-rw-r--r-- | net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild | 72 |
3 files changed, 97 insertions, 1 deletions
diff --git a/net-libs/webkit-gtk/ChangeLog b/net-libs/webkit-gtk/ChangeLog index b989a6213179..e7016c704729 100644 --- a/net-libs/webkit-gtk/ChangeLog +++ b/net-libs/webkit-gtk/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-libs/webkit-gtk # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-libs/webkit-gtk/ChangeLog,v 1.34 2009/06/19 17:26:25 mrpouet Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-libs/webkit-gtk/ChangeLog,v 1.35 2009/06/27 11:34:54 nirbheek Exp $ + +*webkit-gtk-0_p40220-r1 (27 Jun 2009) + + 27 Jun 2009; <nirbheek@gentoo.org> +webkit-gtk-0_p40220-r1.ebuild, + +files/webkit-gtk-CVE-2009-0945.patch: + Fix bug 271861 (Array indexing vulnerability (CVE-2009-0945)) *webkit-gtk-1.1.10 (19 Jun 2009) diff --git a/net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch b/net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch new file mode 100644 index 000000000000..d053e42866e8 --- /dev/null +++ b/net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch @@ -0,0 +1,18 @@ +Patch against Webkit-0 for CVE-2009-0945, bug 271861. + +diff -ru a/WebKit-r40220/WebCore/svg/SVGList.h b/WebKit-r40220/WebCore/svg/SVGList.h +--- a/WebKit-r40220/WebCore/svg/SVGList.h 2009-01-21 06:14:24.000000000 +0100 ++++ b/WebKit-r40220/WebCore/svg/SVGList.h 2009-06-27 01:47:15.000000000 +0200 +@@ -96,7 +96,11 @@ + + Item insertItemBefore(Item newItem, unsigned int index, ExceptionCode&) + { +- m_vector.insert(index, newItem); ++ if (index < m_vector.size()) { ++ m_vector.insert(index, newItem); ++ } else { ++ m_vector.append(newItem); ++ } + return newItem; + } + diff --git a/net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild b/net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild new file mode 100644 index 000000000000..9c3689d07ee0 --- /dev/null +++ b/net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild @@ -0,0 +1,72 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild,v 1.1 2009/06/27 11:34:54 nirbheek Exp $ + +inherit autotools flag-o-matic eutils + +MY_P="WebKit-r${PV/0\_p}" +DESCRIPTION="Open source web browser engine" +HOMEPAGE="http://www.webkit.org/" +SRC_URI="http://nightly.webkit.org/files/trunk/src/${MY_P}.tar.bz2" + +LICENSE="LGPL-2 LGPL-2.1 BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 -ia64 ~ppc -sparc ~x86 ~x86-fbsd" +IUSE="coverage debug gstreamer pango soup sqlite svg xslt" + +RDEPEND=">=x11-libs/gtk+-2.8 + >=dev-libs/icu-3.8.1-r1 + >=net-misc/curl-7.15 + media-libs/jpeg + media-libs/libpng + dev-libs/libxml2 + sqlite? ( >=dev-db/sqlite-3 ) + gstreamer? ( + >=media-libs/gst-plugins-base-0.10 + ) + soup? ( >=net-libs/libsoup-2.23.1 ) + xslt? ( dev-libs/libxslt ) + pango? ( x11-libs/pango )" + +DEPEND="${RDEPEND} + dev-util/gperf + dev-util/pkgconfig + virtual/perl-Text-Balanced" + +S="${WORKDIR}/${MY_P}" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}/${P}-gcc44-aliasing.patch" + epatch "${FILESDIR}/${PN}-CVE-2009-0945.patch" + eautoreconf +} + +src_compile() { + # It doesn't compile on alpha without this LDFLAGS + use alpha && append-ldflags "-Wl,--no-relax" + + local myconf + use pango && myconf="${myconf} --with-font-backend=pango" + use soup && myconf="${myconf} --with-http-backend=soup" + + econf \ + $(use_enable sqlite database) \ + $(use_enable sqlite icon-database) \ + $(use_enable sqlite dom-storage) \ + $(use_enable sqlite offline-web-applications) \ + $(use_enable gstreamer video) \ + $(use_enable svg) \ + $(use_enable debug) \ + $(use_enable xslt) \ + $(use_enable coverage) \ + ${myconf} \ + || die "configure failed" + + emake || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "Install failed" +} |