[gentoo-commits] repo/gentoo:master commit in: kde-frameworks/kcodecs/, kde-frameworks/kcodecs/files/

Sat, 09 Mar 2019 14:49:58 -0800 

commit:     65a4f73687d0eb5d589d1af93cf57f35d435d0ff
Author:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
AuthorDate: Sat Mar  9 22:48:58 2019 +0000
Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Sat Mar  9 22:49:16 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=65a4f736

kde-frameworks/kcodecs: Fix CVE-2013-0779

Bug: https://bugs.gentoo.org/679884
Package-Manager: Portage-2.3.62, Repoman-2.3.12
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

 .../files/kcodecs-5.54.0-CVE-2013-0779.patch       | 25 ++++++++++++++++++++++
 kde-frameworks/kcodecs/kcodecs-5.54.0-r1.ebuild    | 18 ++++++++++++++++
 2 files changed, 43 insertions(+)

diff --git a/kde-frameworks/kcodecs/files/kcodecs-5.54.0-CVE-2013-0779.patch 
b/kde-frameworks/kcodecs/files/kcodecs-5.54.0-CVE-2013-0779.patch
new file mode 100644
index 00000000000..d5f0092ea25
--- /dev/null
+++ b/kde-frameworks/kcodecs/files/kcodecs-5.54.0-CVE-2013-0779.patch
@@ -0,0 +1,25 @@
+From 9d3fdbed7bf161d19a9440f2d33ada1e93082332 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aa...@kde.org>
+Date: Wed, 6 Feb 2019 20:04:01 +0100
+Subject: Fix for CVE-2013-0779
+
+Only six years late ^_^
+---
+ src/probers/nsEscSM.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/probers/nsEscSM.cpp b/src/probers/nsEscSM.cpp
+index 6e3ea74..ec134ed 100644
+--- a/src/probers/nsEscSM.cpp
++++ b/src/probers/nsEscSM.cpp
+@@ -183,7 +183,7 @@ static const unsigned int ISO2022JP_st [ 9] = {
+     PCK4BITS(eError, eError, eError, eError, eItsMe, eError, eStart, eStart) 
//40-47
+ };
+ 
+-static const unsigned int ISO2022JPCharLenTable[] = {0, 0, 0, 0, 0, 0, 0, 0};
++static const unsigned int ISO2022JPCharLenTable[] = {0, 0, 0, 0, 0, 0, 0, 0, 
0, 0};
+ 
+ const SMModel ISO2022JPSMModel = {
+     {eIdxSft4bits, eSftMsk4bits, eBitSft4bits, eUnitMsk4bits, ISO2022JP_cls },
+-- 
+cgit v1.1

diff --git a/kde-frameworks/kcodecs/kcodecs-5.54.0-r1.ebuild 
b/kde-frameworks/kcodecs/kcodecs-5.54.0-r1.ebuild
new file mode 100644
index 00000000000..32f8a3e266a
--- /dev/null
+++ b/kde-frameworks/kcodecs/kcodecs-5.54.0-r1.ebuild
@@ -0,0 +1,18 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit kde5
+
+DESCRIPTION="Framework for manipulating strings using various encodings"
+LICENSE="GPL-2+ LGPL-2+"
+KEYWORDS="~amd64 ~arm ~arm64 ~x86"
+IUSE="nls"
+
+BDEPEND="
+       dev-util/gperf
+       nls? ( $(add_qt_dep linguist-tools) )
+"
+
+PATCHES=( "${FILESDIR}/${P}-CVE-2013-0779.patch" )

Reply via email to