head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.1.0.32
	pkgsrc-2013Q2-base:1.1
	pkgsrc-2013Q1:1.1.0.30
	pkgsrc-2013Q1-base:1.1
	pkgsrc-2012Q4:1.1.0.28
	pkgsrc-2012Q4-base:1.1
	pkgsrc-2012Q3:1.1.0.26
	pkgsrc-2012Q3-base:1.1
	pkgsrc-2012Q2:1.1.0.24
	pkgsrc-2012Q2-base:1.1
	pkgsrc-2012Q1:1.1.0.22
	pkgsrc-2012Q1-base:1.1
	pkgsrc-2011Q4:1.1.0.20
	pkgsrc-2011Q4-base:1.1
	pkgsrc-2011Q3:1.1.0.18
	pkgsrc-2011Q3-base:1.1
	pkgsrc-2011Q2:1.1.0.16
	pkgsrc-2011Q2-base:1.1
	pkgsrc-2011Q1:1.1.0.14
	pkgsrc-2011Q1-base:1.1
	pkgsrc-2010Q4:1.1.0.12
	pkgsrc-2010Q4-base:1.1
	pkgsrc-2010Q3:1.1.0.10
	pkgsrc-2010Q3-base:1.1
	pkgsrc-2010Q2:1.1.0.8
	pkgsrc-2010Q2-base:1.1
	pkgsrc-2010Q1:1.1.0.6
	pkgsrc-2010Q1-base:1.1
	pkgsrc-2009Q4:1.1.0.4
	pkgsrc-2009Q4-base:1.1
	pkgsrc-2009Q3:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2013.09.02.21.17.42;	author adam;	state dead;
branches;
next	1.1;
commitid	RTkiYLqzcPGanU3x;

1.1
date	2009.10.22.14.39.55;	author taca;	state Exp;
branches
	1.1.2.1;
next	;

1.1.2.1
date	2009.10.22.14.39.55;	author tron;	state dead;
branches;
next	1.1.2.2;

1.1.2.2
date	2009.10.22.21.28.32;	author tron;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Changes 2.1.0:
* gdColorMapLookup() answers the RGB values according to given color map
* Added support of variable resolution
* new filter gdImagePixelate()
* merged improvements that PHP GD team had made to GD Graphics Library
* bugfixes
@
text
@$NetBSD: patch-ad,v 1.1 2009/10/22 14:39:55 taca Exp $

* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546,
  similar chagne from PHP's SVN repositry r289557.

--- gd_gd.c.orig	2006-04-06 00:52:22.000000000 +0900
+++ gd_gd.c
@@@@ -44,6 +44,10 @@@@ _gdGetColors (gdIOCtx * in, gdImagePtr i
 	    {
 	      goto fail1;
 	    }
+	  if (im->colorsTotal > gdMaxColors)
+	    {
+	        goto fail1;
+	    }
 	}
       /* Int to accommodate truecolor single-color transparency */
       if (!gdGetInt (&im->transparent, in))
@


1.1
log
@Fix gd library security problem refering PHP's SVN repositry.

	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546

Bump PKGREVISION.
(This fix is for php5 only and I don't know about php4.)
@
text
@d1 1
a1 1
$NetBSD$
@


1.1.2.1
log
@file patch-ad was added on branch pkgsrc-2009Q3 on 2009-10-22 21:28:32 +0000
@
text
@d1 18
@


1.1.2.2
log
@Pullup ticket #2919 - requested by taca
gd: security patch

Revisions pulled up:
- graphics/gd/Makefile				1.81
- graphics/gd/distinfo				1.30-1.31
- graphics/gd/patches/patch-ad			1.1
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Thu Oct 22 14:39:55 UTC 2009

Modified Files:
	pkgsrc/graphics/gd: Makefile distinfo
Added Files:
	pkgsrc/graphics/gd/patches: patch-ad

Log Message:
Fix gd library security problem refering PHP's SVN repositry.

	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546

Bump PKGREVISION.
(This fix is for php5 only and I don't know about php4.)
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Thu Oct 22 15:20:53 UTC 2009

Modified Files:
	pkgsrc/graphics/gd: distinfo

Log Message:
Oops, update distinfo.
@
text
@a0 18
$NetBSD: patch-ad,v 1.1 2009/10/22 14:39:55 taca Exp $

* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546,
  similar chagne from PHP's SVN repositry r289557.

--- gd_gd.c.orig	2006-04-06 00:52:22.000000000 +0900
+++ gd_gd.c
@@@@ -44,6 +44,10 @@@@ _gdGetColors (gdIOCtx * in, gdImagePtr i
 	    {
 	      goto fail1;
 	    }
+	  if (im->colorsTotal > gdMaxColors)
+	    {
+	        goto fail1;
+	    }
 	}
       /* Int to accommodate truecolor single-color transparency */
       if (!gdGetInt (&im->transparent, in))
@