Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Roque
slapos
Commits
3e5177c9
Commit
3e5177c9
authored
Apr 14, 2014
by
Kazuhiko Shiozaki
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'origin/master' into erp5-cluster
parents
4dcd2da6
3badbfb0
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
60 additions
and
7 deletions
+60
-7
component/curl/buildout.cfg
component/curl/buildout.cfg
+2
-2
component/jbigkit/CVE-2013-6369.patch
component/jbigkit/CVE-2013-6369.patch
+52
-0
component/jbigkit/buildout.cfg
component/jbigkit/buildout.cfg
+1
-0
slapos/recipe/generic_mysql/template/my.cnf.in
slapos/recipe/generic_mysql/template/my.cnf.in
+1
-0
stack/erp5/buildout.cfg
stack/erp5/buildout.cfg
+4
-5
No files found.
component/curl/buildout.cfg
View file @
3e5177c9
...
...
@@ -11,8 +11,8 @@ parts =
[curl]
recipe = slapos.recipe.cmmi
url = http://curl.haxx.se/download/curl-7.3
5
.0.tar.bz2
md5sum =
c18fbdd031adb0529ae09fce399f2d10
url = http://curl.haxx.se/download/curl-7.3
6
.0.tar.bz2
md5sum =
e6d1f9d1b59da5062109ffe14e0569a4
configure-options =
--disable-static
--disable-ldap
...
...
component/jbigkit/CVE-2013-6369.patch
0 → 100644
View file @
3e5177c9
Description: CVE-2013-6369
Patch by upstream
--- jbigkit-2.0.orig/libjbig/jbig.c
+++ jbigkit-2.0/libjbig/jbig.c
@@ -1747,7 +1747,7 @@
void jbg_int2dppriv(unsigned char *dptab
#define FILL_TABLE1(offset, len, trans) \
for (i = 0; i < len; i++) { \
k = 0; \
- for (j = 0; j < 8; j++) \
+ for (j = 0; i >> j; j++) \
k |= ((i >> j) & 1) << trans[j]; \
dptable[(i + offset) >> 2] |= \
(internal[k + offset] & 3) << ((3 - (i&3)) << 1); \
@@ -1778,7 +1778,7 @@
void jbg_dppriv2int(char *internal, cons
#define FILL_TABLE2(offset, len, trans) \
for (i = 0; i < len; i++) { \
k = 0; \
- for (j = 0; j < 8; j++) \
+ for (j = 0; i >> j; j++) \
k |= ((i >> j) & 1) << trans[j]; \
internal[k + offset] = \
(dptable[(i + offset) >> 2] >> ((3 - (i & 3)) << 1)) & 3; \
@@ -2583,6 +2583,7 @@
int jbg_dec_in(struct jbg_dec_state *s,
unsigned long x, y;
unsigned long is[3], ie[3];
size_t dummy_cnt;
+ unsigned char *dppriv;
if (!cnt) cnt = &dummy_cnt;
*cnt = 0;
@@ -2720,13 +2721,16 @@
int jbg_dec_in(struct jbg_dec_state *s,
(s->options & (JBG_DPON | JBG_DPPRIV | JBG_DPLAST)) ==
(JBG_DPON | JBG_DPPRIV)) {
assert(s->bie_len >= 20);
+ if (!s->dppriv || s->dppriv == jbg_dptable)
+ s->dppriv = (char *) checked_malloc(1728, sizeof(char));
while (s->bie_len < 20 + 1728 && *cnt < len)
- s->buffer[s->bie_len++ - 20] = data[(*cnt)++];
+ s->dppriv[s->bie_len++ - 20] = data[(*cnt)++];
if (s->bie_len < 20 + 1728)
return JBG_EAGAIN;
- if (!s->dppriv || s->dppriv == jbg_dptable)
- s->dppriv = (char *) checked_malloc(1728, sizeof(char));
- jbg_dppriv2int(s->dppriv, s->buffer);
+ dppriv = s->dppriv;
+ s->dppriv = (char *) checked_malloc(6912, sizeof(char));
+ jbg_dppriv2int(s->dppriv, dppriv);
+ checked_free(dppriv);
}
/*
component/jbigkit/buildout.cfg
View file @
3e5177c9
...
...
@@ -12,6 +12,7 @@ patch-options =
# http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/media-libs/jbigkit/files/jbigkit-2.0-build.patch?revision=1.1
patches =
${:_profile_base_location_}/jbigkit-2.0-build.patch#e974958e9331735c07478e9c2dde8795
${:_profile_base_location_}/CVE-2013-6369.patch#cc44c27df4ae7fc3cbdcf75b426a2fdd
configure-command = true
make-targets = lib pbm
post-make-hook = ${:_profile_base_location_}/jbigkit-hooks.py#f1edb4ddd212d2d100d7ea8b2e42d21f:post_make_hook
slapos/recipe/generic_mysql/template/my.cnf.in
View file @
3e5177c9
...
...
@@ -24,6 +24,7 @@ long_query_time = 1
max_allowed_packet = 128M
query_cache_size = 0
query_cache_type = 0
innodb_file_per_table = 0
plugin-load = ha_mroonga.so;handlersocket.so
...
...
stack/erp5/buildout.cfg
View file @
3e5177c9
...
...
@@ -691,7 +691,7 @@ astroid = 1.0.1
async = 0.6.1
atomize = 0.2.0
chardet = 2.2.1
cliff = 1.6.
0
cliff = 1.6.
1
cmd2 = 0.6.7
csp-eventlet = 0.7.0
ecdsa = 0.11
...
...
@@ -716,7 +716,7 @@ ipython = 2.0.0
itsdangerous = 0.24
lock-file = 2.0
logilab-common = 0.61.0
meld3 =
0.6.1
0
meld3 =
1.0.
0
minitage = 2.0.67
minitage.core = 2.0.57
minitage.paste = 1.4.6
...
...
@@ -730,11 +730,10 @@ plone.recipe.command = 1.1
ply = 3.4
polib = 1.0.4
pprofile = 1.7.1
prettytable = 0.7.3-nxd001
psutil = 2.0.0
psutil = 2.1.0
pyflakes = 0.8.1
pylint = 1.1.0
pyparsing = 2.0.
1
pyparsing = 2.0.
2
python-ldap = 2.4.15
python-magic = 0.4.6
python-memcached = 1.53
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment