head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.12
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.10
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.8
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.6
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.4
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2008Q4:1.2.0.2
	pkgsrc-2008Q4-base:1.2
	pkgsrc-2008Q3:1.1.0.10
	pkgsrc-2008Q3-base:1.1
	cube-native-xorg:1.1.0.8
	cube-native-xorg-base:1.1
	pkgsrc-2008Q2:1.1.0.6
	pkgsrc-2008Q2-base:1.1
	cwrapper:1.1.0.4
	pkgsrc-2008Q1:1.1.0.2
	pkgsrc-2008Q1-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2008.12.03.08.33.07;	author wiz;	state dead;
branches;
next	1.1;

1.1
date	2008.02.11.10.12.24;	author drochner;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update to 1.2.7, security fixes were already in pkgsrc.

1.2.7:
Sam Lantinga - Sun Nov  2 15:08:27 PST 2008
 * Fixed buffer overflow in BMP loading code, discovered by j00ru//vx
Sam Lantinga - Fri Dec 28 08:34:54 PST 2007
 * Fixed buffer overflow in GIF loading code, discovered by Michael Skladnikiewicz
@
text
@$NetBSD: patch-ab,v 1.1 2008/02/11 10:12:24 drochner Exp $

--- IMG_gif.c.orig	2007-07-02 04:03:48.000000000 +0200
+++ IMG_gif.c
@@@@ -418,6 +418,10 @@@@ LWZReadByte(SDL_RWops *src, int flag, in
     static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp;
     register int i;
 
+    /* Fixed buffer overflow found by Michael Skladnikiewicz */
+    if (input_code_size > MAX_LWZ_BITS)
+        return -1;
+
     if (flag) {
 	set_code_size = input_code_size;
 	code_size = set_code_size + 1;
@


1.1
log
@also patch CVE-2007-6697 (buffer overflow in gif parser), from upstream
CVS, bump PKGREVISION
@
text
@d1 1
a1 1
$NetBSD$
@