Mail archive
alpine-aports

[alpine-aports] [PATCH 3.5-stable] main/mupdf: security fixes #6897 (CVE-2017-6060)

From: Daniel Sabogal <dsabogalcc_at_gmail.com>
Date: Wed, 3 May 2017 13:41:30 -0400

---
 main/mupdf/APKBUILD            | 14 ++++++++++----
 main/mupdf/CVE-2017-6060.patch | 41 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 51 insertions(+), 4 deletions(-)
 create mode 100644 main/mupdf/CVE-2017-6060.patch
diff --git a/main/mupdf/APKBUILD b/main/mupdf/APKBUILD
index 166d6d5075..4f6117af2c 100644
--- a/main/mupdf/APKBUILD
+++ b/main/mupdf/APKBUILD
_at_@ -3,7 +3,7 @@
 # Maintainer: Daniel Sabogal <dsabogalcc_at_gmail.com>
 pkgname=mupdf
 pkgver=1.10a
-pkgrel=2
+pkgrel=3
 pkgdesc="A lightweight PDF and XPS viewer"
 url="http://mupdf.com"
 arch="all"
_at_@ -18,9 +18,12 @@ source="http://mupdf.com/downloads/archive/$pkgname-$pkgver-source.tar.gz
 	openjpeg-2.1.patch
 	CVE-2017-5896.patch
 	CVE-2017-5991.patch
+	CVE-2017-6060.patch
 	"
 
 # secfixes:
+#   1.10a-r3:
+#   - CVE-2017-6060
 #   1.10a-r2:
 #   - CVE-2017-5991
 #   1.10a-r1:
_at_@ -86,14 +89,17 @@ md5sums="f80fbba2524d1d52f6ed09237d382411  mupdf-1.10a-source.tar.gz
 8c4c5ec03c3df7e87a672c79302f6df5  shared-lib.patch
 a5b85a55be0e958c16f900730ff24ad8  openjpeg-2.1.patch
 64d2931655dbea67a291032221b67e10  CVE-2017-5896.patch
-1c10386d9b536669c5c787b3b1585d6f  CVE-2017-5991.patch"
+1c10386d9b536669c5c787b3b1585d6f  CVE-2017-5991.patch
+b0a85e545d0ae1bfe8173c3034a1bab5  CVE-2017-6060.patch"
 sha256sums="aacc1f36b9180f562022ef1ab3439b009369d944364f3cff8a2a898834e3a836  mupdf-1.10a-source.tar.gz
 3ff3c9413c4c1005db7e41a085ce8e72ee1e956e8d1538a615f51f86f8bb1d14  shared-lib.patch
 12ea2a295b62ca85298273d54b423ec8e73fb52d712bcee20bab0507a595b7a0  openjpeg-2.1.patch
 23994ce0dc819b29f983328503d073595d56d75fd1001674d30275170fe96792  CVE-2017-5896.patch
-c600d516648c6324069930ea6b606a0a040dfaf7a9d3d323156c5e7d80bc4eb9  CVE-2017-5991.patch"
+c600d516648c6324069930ea6b606a0a040dfaf7a9d3d323156c5e7d80bc4eb9  CVE-2017-5991.patch
+0dd145a8ac2c11b0cf493b39c71b39b163b0ed0d05ee8c351500670e669bbe8b  CVE-2017-6060.patch"
 sha512sums="8c735963364985e74ceb38242afae555a3d2ee7c69abe3fe5c485e8613a83d996a58f231cb689a156019d431fa67d565503247d010b0a404054850483aed9fec  mupdf-1.10a-source.tar.gz
 bc38cc6935ed1c5941773e0671bea25d33897c1018c30f11ff3a1ec1e583276597f521b9e526f9bd38a6f9a1e76aa3e52782995ded72a618d07811abcd7ca734  shared-lib.patch
 bfb509c529e26c3d2dc827298ce3a6083640fbe3fd7491560ffb1e8f86d62bbd4a5d52721079caef8a38d6f332132b581859276000b397f9512673eedb0315a7  openjpeg-2.1.patch
 e9f29b909e016967fc9e6ca6723d63aecfea5c8aeadbd923bbf8a0fa1f4b0e16bd4eedac178bbf5fa359e47a55aa307b6581c6ce45b177ee12430f41c0b49cd7  CVE-2017-5896.patch
-b65a9dce7ba239be788d144c27edb7528ebcf08ead4defe887a08d7879cf72ca3b172a9a33ec3f9426743f45ecb9aac17baf1b526bf5f880beb00bdd84bdc42a  CVE-2017-5991.patch"
+b65a9dce7ba239be788d144c27edb7528ebcf08ead4defe887a08d7879cf72ca3b172a9a33ec3f9426743f45ecb9aac17baf1b526bf5f880beb00bdd84bdc42a  CVE-2017-5991.patch
+3e3f34e448967acb7772365065234c313cb014ebe6e3c3b3bcdbed2242b32ee5589ecd749d06fb4cd5f406eb37ca431e369c96b9adb3b5367d2e5296f1ca983e  CVE-2017-6060.patch"
diff --git a/main/mupdf/CVE-2017-6060.patch b/main/mupdf/CVE-2017-6060.patch
new file mode 100644
index 0000000000..cc03f6106b
--- /dev/null
+++ b/main/mupdf/CVE-2017-6060.patch
_at_@ -0,0 +1,41 @@
+squashed commits:
+06a012a42c9884e3cd653e7826cff1ddec04eb6e
+e089b2e2c1d38c5696c7dfd741e21f8f3ef22b14
+
+From 05cb7595b61aa00a29f1609b75d280b589091356 Mon Sep 17 00:00:00 2001
+From: Sebastian Rasmussen <sebras_at_gmail.com>
+Date: Tue, 11 Apr 2017 10:54:12 +0800
+Subject: [PATCH] Bug 697551: Make path and line buffers of equal size.
+
+Previously a too long line could be copied into the too short path buffer.
+
+jstest: Stop printing bogus script lines.
+---
+ platform/x11/jstest_main.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/platform/x11/jstest_main.c b/platform/x11/jstest_main.c
+index 13c3a0a3..36b32155 100644
+--- a/platform/x11/jstest_main.c
++++ b/platform/x11/jstest_main.c
+_at_@ -346,7 +346,7 @@ main(int argc, char *argv[])
+ 				}
+ 				else if (match(&line, "OPEN"))
+ 				{
+-					char path[1024];
++					char path[LONGLINE];
+ 					if (file_open)
+ 						pdfapp_close(&gapp);
+ 					if (prefix)
+_at_@ -402,7 +402,7 @@ main(int argc, char *argv[])
+ 				}
+ 				else
+ 				{
+-					fprintf(stderr, "Unmatched: %s\n", line);
++					fprintf(stderr, "Ignoring line without script statement.\n");
+ 				}
+ 			}
+ 			while (!feof(script));
+-- 
+2.12.2
+
-- 
2.12.2
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Wed May 03 2017 - 13:41:30 GMT