From ef94a20531d28da2c38af81f3987f42c7c470988 Mon Sep 17 00:00:00 2001 From: tsutsui Date: Wed, 18 Dec 2019 14:02:10 +0000 Subject: [PATCH] libsixel: update to 1.8.3. (security fixes) Upstream changes: v1.8.3 * Security fix for CVE-2018-19757 (#79), NULL pointer dereference problem, reported by @nluedtke and fixed by @knok (#91, #94). * Security fix for CVE-2018-19762 (#81), heap-based buffer overflow problem, reported by @nluedtke and fixed by @knok (#92). * Security fix for CVE-2018-19756 (#80), heap-based buffer over-read problem, reported by @nluedtke and fixed by @knok (#93). * Security fix for CVE-2018-19763 (#82), heap-based buffer over-read problem, reported by @nluedtke and fixed by @knok (#95). * Security fix for CVE-2018-19761, illegal address access, fixed by @knok (#96). * Security fix for CVE-2018-19759, heap-based buffer over-read problem, fixed by @knok (#98). * Security fix for CVE-2018-3753 (#83), infinite loop problem, reported by @cool-tomato and fixed by @knok (#99). * Security fix for CVE-2018-19759 (#102), heap-based buffer over-read that will cause a denial of service. reported and fixed by @YourButterfly. (#106) * Security fix for CVE-2019-19635 (#103), heap-based buffer overflow, reported and fixed by @YourButterfly. (#106) * Security fix for CVE-2019-19636 (#104) and CVE-2019-19637 (#105), integer overflow problem. reported and fixed by @YourButterfly. (#106) * gif loader: check LZW code size (Issue #75), Thanks to @HongxuChen. https://github.com/saitoha/libsixel/commit/7808a06b88c11dbc502318cdd51fa374f8cd47ee * core: Fix a global-buffer-overflow problem (Issue #72), Thanks to @fgeek. https://github.com/saitoha/libsixel/commit/c868b59ec89bdb24c42a0de89e5319a989076c66 * core: Fix unexpected hangs/performance issues (Issue #76), Thanks to @HongxuChen. https://github.com/saitoha/libsixel/commit/88561b7a810017b91d26b6273323dde4b6f9b273 https://github.com/saitoha/libsixel/commit/2d3d9ffe8ab886b7bc670fd896d63c628436cc66 https://github.com/saitoha/libsixel/commit/c9363cd1d5929e1d721af9f09633061dfa8152fe --- graphics/libsixel/Makefile | 5 ++--- graphics/libsixel/distinfo | 10 +++++----- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/graphics/libsixel/Makefile b/graphics/libsixel/Makefile index 1a0adfd436b4..81a7b7754b59 100644 --- a/graphics/libsixel/Makefile +++ b/graphics/libsixel/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.42 2019/08/22 12:23:20 ryoon Exp $ +# $NetBSD: Makefile,v 1.43 2019/12/18 14:02:10 tsutsui Exp $ -DISTNAME= libsixel-1.8.2 -PKGREVISION= 6 +DISTNAME= libsixel-1.8.3 CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_GITHUB:=saitoha/} GITHUB_PROJECT= libsixel diff --git a/graphics/libsixel/distinfo b/graphics/libsixel/distinfo index b4a569413a01..cc2ca9527fab 100644 --- a/graphics/libsixel/distinfo +++ b/graphics/libsixel/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.21 2018/07/28 14:01:21 tsutsui Exp $ +$NetBSD: distinfo,v 1.22 2019/12/18 14:02:10 tsutsui Exp $ -SHA1 (libsixel-1.8.2.tar.gz) = f0a150461904d4217617009249c63150182588f7 -RMD160 (libsixel-1.8.2.tar.gz) = 1f1a6f5a46fa36ecab2563a96c4913d96a61713e -SHA512 (libsixel-1.8.2.tar.gz) = f0287b7b7a190f0f964e27fc65aa816a78c09de5e50045a25eb05f9b430c74f779a7d5eb591b3430a82a06621d53719bf115bcdd0b99acc9afe3cb9ab6fde271 -Size (libsixel-1.8.2.tar.gz) = 4778776 bytes +SHA1 (libsixel-1.8.3.tar.gz) = 5c1360b56b1259fca4ac1055da1fbbd29cd16d6b +RMD160 (libsixel-1.8.3.tar.gz) = 9874ba7263e1add4079aeea73dfb6e63bea09309 +SHA512 (libsixel-1.8.3.tar.gz) = 1b62083cbbaf7c8d05de646aa854c9e472f65ab9e34c6fdccbb2c283da4fdcb9838eddba41ea6a9720315e735bbf97cf6446dc6cb46fbf73d4b173068d18fda8 +Size (libsixel-1.8.3.tar.gz) = 4781583 bytes