[arch-commits] Commit in lasem/repos (3 files)

Evangelos Foutras foutrelis at archlinux.org
Tue May 19 08:00:32 UTC 2020 

    Date: Tuesday, May 19, 2020 @ 08:00:32
  Author: foutrelis
Revision: 386106

archrelease: copy trunk to staging-x86_64

Added:
  lasem/repos/staging-x86_64/
  lasem/repos/staging-x86_64/CVE-2013-7447.patch
    (from rev 386105, lasem/trunk/CVE-2013-7447.patch)
  lasem/repos/staging-x86_64/PKGBUILD
    (from rev 386105, lasem/trunk/PKGBUILD)

---------------------+
 CVE-2013-7447.patch |   28 ++++++++++++++++++++++++++++
 PKGBUILD            |   34 ++++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+)

Copied: lasem/repos/staging-x86_64/CVE-2013-7447.patch (from rev 386105, lasem/trunk/CVE-2013-7447.patch)
===================================================================
--- staging-x86_64/CVE-2013-7447.patch	                        (rev 0)
+++ staging-x86_64/CVE-2013-7447.patch	2020-05-19 08:00:32 UTC (rev 386106)
@@ -0,0 +1,28 @@
+From 6f2feed780d9139a45c06e1ad399d06a4f351fbf Mon Sep 17 00:00:00 2001
+From: RyuzakiKK <aasonykk at gmail.com>
+Date: Sat, 5 Aug 2017 21:40:55 +0200
+Subject: cairo: Avoid integer overflow CVE-2013-7447
+
+lasem is affected by a possible integer overflow, that was also
+found and patched upstream in gtk+
+https://git.gnome.org/browse/gtk+/commit/?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6
+---
+ src/lsmcairo.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/lsmcairo.c b/src/lsmcairo.c
+index c568fd5..73fb93e 100644
+--- a/src/lsmcairo.c
++++ b/src/lsmcairo.c
+@@ -528,7 +528,7 @@ lsm_cairo_set_source_pixbuf (cairo_t *cairo,
+ 		format = CAIRO_FORMAT_ARGB32;
+ 
+ 	cairo_stride = cairo_format_stride_for_width (format, width);
+-	cairo_pixels = g_malloc (height * cairo_stride);
++	cairo_pixels = g_malloc_n (height, cairo_stride);
+ 	surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels,
+ 						       format,
+ 						       width, height, cairo_stride);
+-- 
+cgit v0.12
+

Copied: lasem/repos/staging-x86_64/PKGBUILD (from rev 386105, lasem/trunk/PKGBUILD)
===================================================================
--- staging-x86_64/PKGBUILD	                        (rev 0)
+++ staging-x86_64/PKGBUILD	2020-05-19 08:00:32 UTC (rev 386106)
@@ -0,0 +1,34 @@
+# Maintainer: Jan de Groot <jgc at archlinux.org>
+# Contributor: Adria Arrufat <adria.arrufat at protonmail.ch>
+pkgname=lasem
+pkgver=0.4.4
+pkgrel=2
+pkgdesc="SVG and Mathml rendering library"
+arch=('x86_64')
+url="https://wiki.gnome.org/Projects/Lasem"
+license=('LGPL')
+depends=('gtk3')
+makedepends=('intltool' 'python')
+options=('!libtool')
+source=(https://download.gnome.org/sources/$pkgname/${pkgver:0:3}/$pkgname-$pkgver.tar.xz
+        CVE-2013-7447.patch)
+sha256sums=('9bf01fcfdc913ebc05989ac1f5902d52e28e7c31f797e2b6d3d413d4b51bba39'
+            'd9e836934655db45e52f6ab1923866a5010a071c1c62fcbcb6c2fd999e978d2c')
+
+prepare() {
+  cd $pkgname-$pkgver
+  patch -Np1 -i ../CVE-2013-7447.patch
+}
+
+build() {
+  cd "$pkgname-$pkgver"
+  ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
+      --disable-static
+  make
+}
+
+package() {
+  cd "$pkgname-$pkgver"
+  make DESTDIR="$pkgdir" install
+  mv "$pkgdir/usr/doc" "$pkgdir/usr/share/doc"
+}

More information about the arch-commits mailing list