head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.8 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.6 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.4 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.2 pkgsrc-2011Q2-base:1.2 pkgsrc-2011Q1:1.1.0.4 pkgsrc-2011Q1-base:1.1 pkgsrc-2010Q4:1.1.0.2; locks; strict; comment @# @; 1.2 date 2011.04.11.15.35.53; author drochner; state dead; branches; next 1.1; 1.1 date 2011.03.05.13.37.19; author tron; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2011.03.05.13.37.19; author spz; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2011.03.05.19.44.54; author spz; state Exp; branches; next ; desc @@ 1.2 log @update to 1.28.4 changes: bugfixes @ text @$NetBSD: patch-CVE-2011-0064-1,v 1.1 2011/03/05 13:37:19 tron Exp $ Fix for the DoS vulnerability reported in CVE-2011-0064 taken from openSUSE. --- pango/opentype/hb-buffer-private.h.orig 2010-02-09 12:06:28.000000000 +0000 +++ pango/opentype/hb-buffer-private.h 2011-03-05 13:30:22.000000000 +0000 @@@@ -72,6 +72,7 @@@@ unsigned int allocated; hb_bool_t have_output; /* weather we have an output buffer going on */ + hb_bool_t in_error; /* Allocation failed */ unsigned int in_length; unsigned int out_length; unsigned int in_pos; @ 1.1 log @Add openSUSE's fix for the DoS vulnerability remoted in CVE-2011-0064. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-CVE-2011-0064-1 was added on branch pkgsrc-2010Q4 on 2011-03-05 19:44:54 +0000 @ text @d1 14 @ 1.1.2.2 log @Pullup ticket #3378 - requested by tron devel/pango: security fix Revisions pulled up: - devel/pango/Makefile 1.152 - devel/pango/distinfo 1.88 Files added: devel/pango/patches/patch-CVE-2011-0064-1 devel/pango/patches/patch-CVE-2011-0064-2 devel/pango/patches/patch-CVE-2011-0064-3 --------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Mar 5 13:37:20 UTC 2011 Modified Files: pkgsrc/devel/pango: Makefile distinfo Added Files: pkgsrc/devel/pango/patches: patch-CVE-2011-0064-1 patch-CVE-2011-0064-2 patch-CVE-2011-0064-3 Log Message: Add openSUSE's fix for the DoS vulnerability remoted in CVE-2011-0064. @ text @a0 14 $NetBSD$ Fix for the DoS vulnerability reported in CVE-2011-0064 taken from openSUSE. --- pango/opentype/hb-buffer-private.h.orig 2010-02-09 12:06:28.000000000 +0000 +++ pango/opentype/hb-buffer-private.h 2011-03-05 13:30:22.000000000 +0000 @@@@ -72,6 +72,7 @@@@ unsigned int allocated; hb_bool_t have_output; /* weather we have an output buffer going on */ + hb_bool_t in_error; /* Allocation failed */ unsigned int in_length; unsigned int out_length; unsigned int in_pos; @