summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNirbheek Chauhan <nirbheek@gentoo.org>2009-06-27 11:34:54 +0000
committerNirbheek Chauhan <nirbheek@gentoo.org>2009-06-27 11:34:54 +0000
commitfeb27ab0041e15736db7beba13658c0182c66e1e (patch)
tree53facfbf7feb69dbae92a27ddcd820a84d6bbfad /net-libs/webkit-gtk
parentKeyworded on alpha, bug #269088 (diff)
downloadgentoo-2-feb27ab0041e15736db7beba13658c0182c66e1e.tar.gz
gentoo-2-feb27ab0041e15736db7beba13658c0182c66e1e.tar.bz2
gentoo-2-feb27ab0041e15736db7beba13658c0182c66e1e.zip
Fix bug 271861 (Array indexing vulnerability (CVE-2009-0945))
(Portage version: 2.2_rc33/cvs/Linux i686)
Diffstat (limited to 'net-libs/webkit-gtk')
-rw-r--r--net-libs/webkit-gtk/ChangeLog8
-rw-r--r--net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch18
-rw-r--r--net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild72
3 files changed, 97 insertions, 1 deletions
diff --git a/net-libs/webkit-gtk/ChangeLog b/net-libs/webkit-gtk/ChangeLog
index b989a6213179..e7016c704729 100644
--- a/net-libs/webkit-gtk/ChangeLog
+++ b/net-libs/webkit-gtk/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-libs/webkit-gtk
# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-libs/webkit-gtk/ChangeLog,v 1.34 2009/06/19 17:26:25 mrpouet Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-libs/webkit-gtk/ChangeLog,v 1.35 2009/06/27 11:34:54 nirbheek Exp $
+
+*webkit-gtk-0_p40220-r1 (27 Jun 2009)
+
+ 27 Jun 2009; <nirbheek@gentoo.org> +webkit-gtk-0_p40220-r1.ebuild,
+ +files/webkit-gtk-CVE-2009-0945.patch:
+ Fix bug 271861 (Array indexing vulnerability (CVE-2009-0945))
*webkit-gtk-1.1.10 (19 Jun 2009)
diff --git a/net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch b/net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch
new file mode 100644
index 000000000000..d053e42866e8
--- /dev/null
+++ b/net-libs/webkit-gtk/files/webkit-gtk-CVE-2009-0945.patch
@@ -0,0 +1,18 @@
+Patch against Webkit-0 for CVE-2009-0945, bug 271861.
+
+diff -ru a/WebKit-r40220/WebCore/svg/SVGList.h b/WebKit-r40220/WebCore/svg/SVGList.h
+--- a/WebKit-r40220/WebCore/svg/SVGList.h 2009-01-21 06:14:24.000000000 +0100
++++ b/WebKit-r40220/WebCore/svg/SVGList.h 2009-06-27 01:47:15.000000000 +0200
+@@ -96,7 +96,11 @@
+
+ Item insertItemBefore(Item newItem, unsigned int index, ExceptionCode&)
+ {
+- m_vector.insert(index, newItem);
++ if (index < m_vector.size()) {
++ m_vector.insert(index, newItem);
++ } else {
++ m_vector.append(newItem);
++ }
+ return newItem;
+ }
+
diff --git a/net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild b/net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild
new file mode 100644
index 000000000000..9c3689d07ee0
--- /dev/null
+++ b/net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild
@@ -0,0 +1,72 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-libs/webkit-gtk/webkit-gtk-0_p40220-r1.ebuild,v 1.1 2009/06/27 11:34:54 nirbheek Exp $
+
+inherit autotools flag-o-matic eutils
+
+MY_P="WebKit-r${PV/0\_p}"
+DESCRIPTION="Open source web browser engine"
+HOMEPAGE="http://www.webkit.org/"
+SRC_URI="http://nightly.webkit.org/files/trunk/src/${MY_P}.tar.bz2"
+
+LICENSE="LGPL-2 LGPL-2.1 BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 -ia64 ~ppc -sparc ~x86 ~x86-fbsd"
+IUSE="coverage debug gstreamer pango soup sqlite svg xslt"
+
+RDEPEND=">=x11-libs/gtk+-2.8
+ >=dev-libs/icu-3.8.1-r1
+ >=net-misc/curl-7.15
+ media-libs/jpeg
+ media-libs/libpng
+ dev-libs/libxml2
+ sqlite? ( >=dev-db/sqlite-3 )
+ gstreamer? (
+ >=media-libs/gst-plugins-base-0.10
+ )
+ soup? ( >=net-libs/libsoup-2.23.1 )
+ xslt? ( dev-libs/libxslt )
+ pango? ( x11-libs/pango )"
+
+DEPEND="${RDEPEND}
+ dev-util/gperf
+ dev-util/pkgconfig
+ virtual/perl-Text-Balanced"
+
+S="${WORKDIR}/${MY_P}"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ epatch "${FILESDIR}/${P}-gcc44-aliasing.patch"
+ epatch "${FILESDIR}/${PN}-CVE-2009-0945.patch"
+ eautoreconf
+}
+
+src_compile() {
+ # It doesn't compile on alpha without this LDFLAGS
+ use alpha && append-ldflags "-Wl,--no-relax"
+
+ local myconf
+ use pango && myconf="${myconf} --with-font-backend=pango"
+ use soup && myconf="${myconf} --with-http-backend=soup"
+
+ econf \
+ $(use_enable sqlite database) \
+ $(use_enable sqlite icon-database) \
+ $(use_enable sqlite dom-storage) \
+ $(use_enable sqlite offline-web-applications) \
+ $(use_enable gstreamer video) \
+ $(use_enable svg) \
+ $(use_enable debug) \
+ $(use_enable xslt) \
+ $(use_enable coverage) \
+ ${myconf} \
+ || die "configure failed"
+
+ emake || die "emake failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "Install failed"
+}