cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
37,033 Commits 1 Branch 0 Tags 544 MiB
51fbf235c2
Commit Graph

63 Commits

Author SHA1 Message Date
espie
49a9142c53 new lib specs 2006-08-03 23:55:10 +00:00
bernd
5cef0e1aee Fix heap based buffer overflow. 
From KDE. http://www.kde.org/info/security/advisory-20060202-1.txt

ok brad@
 2006-02-05 09:59:00 +00:00
bernd
73df9cb65e Fix several security bugs in the xpdf code. 
o iDefense advisories from 2005-12-05
o CAN-2005-3191, CAN-2005-3192, CAN-2005-3193

- JPX Stream Reader Heap Overflow Vulnerability
- DCTStream Baseline Heap Overflow Vulnerability
- DCTStream Progressive Heap Overflow
- StreamPredictor Heap Overflow Vulnerability

Patch provided by xpdf developers.
 2005-12-07 09:22:14 +00:00
brad
f78eac374a upgrade to xpdf 3.01 
Most of the update is from Bernd Ahlers <bernd at ba-net dot org>
 2005-09-09 17:34:53 +00:00
sturm
0d88196840 bump PKGNAME so that 3.7 won't have higher PKGNAMEs than 3.8 
suggested by espie@, ok pval@
 2005-08-31 19:55:36 +00:00
naddy
9c8738ab34 Fix denial of service vulnerability. 
Check sanity of the TrueType "loca" table.  Specially crafted broken
tables caused disk space exhaustion due to very large generated glyph
descriptions when attempting to fix the table.  CAN-2005-2097.

from Ubuntu Linux; ok brad@
 2005-08-11 14:18:47 +00:00
naddy
5fde06cb73 sync patches 2005-08-10 20:27:25 +00:00
naddy
fe99af154b SECURITY: 
Fix a buffer overflow due to insufficient bounds checking while
processing a PDF file that provides malicious values in the /Encrypt
/Length tag.

http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities&flashstatus=false

ok robert@
 2005-01-19 16:23:16 +00:00
naddy
ae76d3ea1f SIZE 2005-01-05 17:21:50 +00:00
robert
1186293490 SECURITY: 
fix a buffer overflow vulnerability; bump PKGNAME; use autoconf-2.59

ok MAINTAINER (brad@)
 2004-12-22 17:36:24 +00:00
alek
23b926dc64 Add WANTLIB markers 2004-12-07 00:23:20 +00:00
naddy
398c2b8469 Remove workaround for GNU m4 incompatibility, which has been fixed in our m4. 2004-11-08 16:34:52 +00:00
naddy
1a313ddeea freetype fixes, adapted from FreeBSD; ok brad@ 2004-11-06 18:19:53 +00:00
brad
31ca292e2d Chris Evans discovered numerous vulnerabilities in the xpdf package: 
Multiple integer overflow issues affecting xpdf.
These can result in writing an arbitrary byte to an attacker controlled
location which probably could lead to arbitrary code execution.
CAN-2004-0888

Multiple integer overflow issues.
These can result in DoS or possibly arbitrary code execution.
CAN-2004-0889

Chris also discovered issues with infinite loop logic error.
 2004-10-23 02:24:36 +00:00
espie
d1fa125d45 new plists 2004-09-15 18:39:31 +00:00
naddy
51b4d86024 drop obsolete lib requirement 2004-07-30 01:19:28 +00:00
brad
370fbe9082 install sample xpdfrc file and fix lpr usage. From: sturm@ 2004-04-06 02:35:44 +00:00
brad
8127d75ffc FreeType2 authors are brain dead. Workaround really stupid change 
with FreeType2 that comes with XF 4.4.
 2004-02-14 21:06:54 +00:00
brad
d08dcf874d now that there is a separate fonts package for ghostscript 
use that instead.
 2004-01-31 18:06:38 +00:00
brad
722abda26f better 2004-01-25 09:44:20 +00:00
brad
dba7e02584 - remove bogus --with-gzip in CONFIGURE_ARGS 
- add RUN_DEPENDS on GNU ghostscript for the fonts
 2004-01-25 09:37:39 +00:00
brad
54cbe89b39 upgrade to xpdf 3.00 
"shitloads better rendering" - jose@
 2004-01-25 06:02:40 +00:00
naddy
112339c1d4 remove WWW lines 2003-12-15 21:54:59 +00:00
brad
774e18ab50 remove DRM bullshit. 
--
From: cloder@
 2003-10-24 19:31:57 +00:00
brad
92fc00317d upgrade to xpdf 2.02pl1 
fixes a flaw where an attacker can embed malicious hyperlinks that if
activated can execute arbitrary shell commands.

http://marc.theaimsgroup.com/?l=full-disclosure&m=105555332025253&w=2
 2003-06-19 12:00:47 +00:00
brad
2d8ff25d82 upgrade to xpdf 2.02 
--
From: naddy@
 2003-05-20 00:37:10 +00:00
sturm
93a38c63c4 update to xpdf 2.01 
- switch to motif toolkit
- support for multiple open documents
- lots of minor tweaks, bugfixes and additions, see
  http://www.foolabs.com/xpdf/CHANGES for details

MAINTAINER ok
 2003-02-12 08:28:20 +00:00
brad
f975f83529 The pdftops filter in xpdf contains an integer overflow that can 
be exploited to gain the privileges of the target user.

http://www.idefense.com/advisory/12.23.02.txt
 2002-12-29 23:45:20 +00:00
naddy
d79d0fc832 No regression tests available. 2002-10-28 22:43:46 +00:00
pvalchev
6109dd2c35 no more need to build this static on sparc64, remove workaround 
ld.so fix thanks to drahn@
 2002-09-04 00:55:41 +00:00
brad
e6ed1a0dbf upgrade to xpdf 1.01 2002-05-23 23:44:21 +00:00
pvalchev
6cfb29e647 temporary link xpdf static on sparc64 to workaround ld.so bug; ok brad 
with this it works...
 2002-05-08 20:33:11 +00:00
brad
8bb1abbd3c upgrade to xpdf 1.00 2002-04-27 04:21:01 +00:00
brad
00c89eea6f distfile does not exist on distsites so use MASTER_SITE_BACKUP for now. 2002-03-30 21:48:27 +00:00
kevlo
7276e66536 support Japanese/Chinese PDF viewing. 
--
Submitted by Hidenori Ishikawa <hideishi@magisystem.net>;
Tested by me;
Ok'd by brad@
 2001-12-13 03:26:28 +00:00
brad
91858bb23d upgrade to xpdf 0.93 2001-11-29 16:42:41 +00:00
espie
d4a8bd7c69 full lib depends 2001-10-24 12:36:02 +00:00
brad
30c8ec7ea4 bump major for t1lib 2001-08-28 00:54:46 +00:00
brad
14ccfbe8fa dewey dependency on t1lib. 2001-06-27 13:23:22 +00:00
brad
a749e3af31 - integrate COMMENT 
- bump NEED_VERSION
- add USE_X11
 2001-04-15 23:10:36 +00:00
brad
caed3f3d96 - bump t1lib major rev in dependency entry. 
- takeover as MAINTAINER.
- remove freetype FLAVOR and just include it by default.
 2001-03-10 17:23:27 +00:00
brad
ead2322d22 upgrade to xpdf 0.92 2001-03-07 19:10:01 +00:00
danh
3bb680a697 MAINTAINER set to ports@openbsd.org. This was requested by the 
previous maintainer as he no longer has time to maintain this.
 2001-03-03 19:19:12 +00:00
brad
73d37a6d73 - make use of t1lib 
- add a FLAVOR to use the freetype library
 2000-08-31 09:31:45 +00:00
brad
fa4e599998 upgrade to xpdf 0.91 2000-08-30 23:07:30 +00:00
fgsch
54a949ee7a strip bins on install. 2000-07-04 13:12:04 +00:00
fgsch
03c023b3bf move to new style: CONFIGURE_STYLE, no LICENSE_TYPE, comment on plist and 
the like.
 2000-07-04 12:48:02 +00:00
espie
a1a8c7096a Fake 2000-03-26 18:38:51 +00:00
espie
0fd05ef2ce Move all NEED_VERSION right after CATEGORY 2000-03-24 22:11:32 +00:00
turan
504f314d16 espie will not shut up about this, DISTF -> DISTFILES, PKG -> PACKAGE 2000-02-15 05:03:51 +00:00