108411 2005-10-07 10:43 0000 app-office/{koffice,kword}: heap overflow in rtf import filter (CAN-2005-2971) 2005-10-14 00:33:38 0000 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED B3 [glsa] jaervosz P2 normal --- 1 carlo@gentoo.org security@gentoo.org kde@gentoo.org carlo@gentoo.org 2005-10-07 10:43:29 0000 The advisory should follow next monday. carlo@gentoo.org 2005-10-07 10:44:50 0000 Created an attachment (id=70104) kword-3.4.1-rtfimport.diff carlo@gentoo.org 2005-10-07 10:47:41 0000 Created an attachment (id=70105) kword-1.4.1-r1.ebuild For those archs who want to check already... alpha and ppc64 don't have KOffice 1.4 marked stable yet, but the patch applies to KOffice 1.3.5 as well. koon@gentoo.org 2005-10-07 11:38:52 0000 This is CAN-2005-2971 koon@gentoo.org 2005-10-07 11:39:13 0000 *** Bug 106898 has been marked as a duplicate of this bug. *** jaervosz@gentoo.org 2005-10-07 23:56:42 0000 Thx Carsten, do you have a draft advisory and an updated kword ebuild? Calling arch security liaisons: alpha kloeri amd64 blubb ppc hansmi ppc64 tgall sparc gustavoz x86 tester Do NOT commit anything to Portage. blubb@gentoo.org 2005-10-08 02:18:31 0000 CC'ing cryos since he's our kde-guy ;) carlo@gentoo.org 2005-10-08 06:45:59 0000 Created an attachment (id=70151) advisory-20051010-1.txt (In reply to comment #5) > Thx Carsten, do you have a draft advisory Sure, it's terse, though. > and an updated kword ebuild? Is the one I attached not good enough? jaervosz@gentoo.org 2005-10-08 07:40:24 0000 Sorry I meant koffice, if you want that tested too. cryos@gentoo.org 2005-10-08 13:23:07 0000 Tested kword here. I was able to both save and open rtf files. Is there any test rtf file I should be trying? Otherwise amd64 looks good to go here - all the normal stuff seems to work as always. hansmi@gentoo.org 2005-10-08 15:37:19 0000 Looks good for ppc. carlo@gentoo.org 2005-10-08 16:04:01 0000 Sune: The code is the same... Marcus: I don't have a test rtf. koon@gentoo.org 2005-10-09 09:27:36 0000 PoC RTF @ http://scary.beasts.org/misc/out27.rtf tester@gentoo.org 2005-10-10 08:46:15 0000 I dont do kde... Carlo: are you on x86? kloeri@gentoo.org 2005-10-10 16:26:47 0000 Good on alpha. gustavoz@gentoo.org 2005-10-10 19:39:29 0000 Adding weeve since he's our KDE man(tm) (and my KDE is b0rked). jaervosz@gentoo.org 2005-10-11 06:20:55 0000 1.4.2 released but no apparent mention of this issue. Let's keep this closed until their advisory is out. Note: Good on alpha and ppc so far. jaervosz@gentoo.org 2005-10-11 07:24:54 0000 This is now public. Carlo please commit an updated ebuild and we'll call remaining arches to mark stable jaervosz@gentoo.org 2005-10-11 07:34:40 0000 Fixed ebuilds are already in the tree. Arches please test and mark 1.4.1-r1 or 1.4.2 stable. KDE, please follow normal security release procedures next time. greg_g@gentoo.org 2005-10-11 07:51:16 0000 I committed the fixed ebuilds a few hours ago, sorry. The ebuilds that are ready to be marked stable are app-office/koffice-1.4.1-r1 and app-office/kword-1.4.1-r1. ppc64: I see you don't have koffice/kword-1.4.x marked stable, do you think you can mark it stable right now or do you prefer to have a patched version of koffice/kword-1.3.x too? carlo@gentoo.org 2005-10-11 07:58:31 0000 I just committed koffice-1.3.5-r3 and kword-1.3.5-r1 for those who don't see KOffice 1.4 stable on their architecture yet. (In reply to comment #13) > I dont do kde... > Carlo: are you on x86? Yes, marked stable already. cryos@gentoo.org 2005-10-11 08:17:33 0000 amd64 done. kloeri@gentoo.org 2005-10-11 14:14:45 0000 Alpha done. weeve@gentoo.org 2005-10-11 23:51:24 0000 And on the 7th day, there was SPARC, and it was good. josejx@gentoo.org 2005-10-12 09:14:05 0000 Marked ppc stable. ranger@gentoo.org 2005-10-13 13:31:31 0000 Marked app-office/koffice-1.4.1-r1 and app-office/kword-1.4.1-r1 and supporting deps ppc64 today. jaervosz@gentoo.org 2005-10-13 13:34:12 0000 This one is ready for GLSA. jaervosz@gentoo.org 2005-10-14 00:33:38 0000 GLSA 200510-12 Note: Both Thierry and I voted for GLSA on this one on IRC. 70104 2005-10-07 10:44 0000 kword-3.4.1-rtfimport.diff kword-3.4.1-rtfimport.diff text/plain SW5kZXg6IGZpbHRlcnMva3dvcmQvcnRmL2ltcG9ydC9ydGZpbXBvcnRfdG9rZW5pemVyLmNwcAo9 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09Ci0tLSBmaWx0ZXJzL2t3b3JkL3J0Zi9pbXBvcnQvcnRmaW1wb3J0X3Rva2VuaXpl ci5jcHAJKHJldmlzaW9uIDQ2MzIzNSkKKysrIGZpbHRlcnMva3dvcmQvcnRmL2ltcG9ydC9ydGZp bXBvcnRfdG9rZW5pemVyLmNwcAkod29ya2luZyBjb3B5KQpAQCAtMTYsNyArMTYsNyBAQAogCiBS VEZUb2tlbml6ZXI6OlJURlRva2VuaXplcigpCiB7Ci0gICAgdG9rZW5UZXh0LnJlc2l6ZSggNDEx MiApOworICAgIHRva2VuVGV4dC5yZXNpemUoIDQxMTMgKTsKICAgICBmaWxlQnVmZmVyLnJlc2l6 ZSggNDA5NiApOwogICAgIGluZmlsZSA9IDBMOwogfQpAQCAtMzAsOCArMzAsMjUgQEAKICAgICBm aWxlQnVmZmVyUHRyID0gMEw7CiAgICAgZmlsZUJ1ZmZlckVuZCA9IDBMOwogICAgIGluZmlsZSA9 IGluOworICAgIHR5cGUgPSBSVEZUb2tlbml6ZXI6OlBsYWluVGV4dDsKIH0KIAoraW50IFJURlRv a2VuaXplcjo6bmV4dENoYXIoKQoreworICAgIGlmICggZmlsZUJ1ZmZlclB0ciA9PSBmaWxlQnVm ZmVyRW5kICkgeworICAgICAgICBpbnQgbiA9IGluZmlsZS0+cmVhZEJsb2NrKCBmaWxlQnVmZmVy LmRhdGEoKSwgZmlsZUJ1ZmZlci5zaXplKCkgKTsKKyAgICAgICAgZmlsZUJ1ZmZlclB0ciA9ICgg dWNoYXIqICkgZmlsZUJ1ZmZlci5kYXRhKCk7CisgICAgICAgIGZpbGVCdWZmZXJFbmQgPSBmaWxl QnVmZmVyUHRyOworCisgICAgICAgIGlmICggbiA8PSAwICkKKyAgICAgICAgICAgIHJldHVybiAt MTsKKworICAgICAgICBmaWxlQnVmZmVyRW5kID0gZmlsZUJ1ZmZlclB0ciArIG47CisgICAgfQor ICAgIHJldHVybiAqZmlsZUJ1ZmZlclB0cisrOworfQorCisKIC8qKgogICogUmVhZHMgdGhlIG5l eHQgdG9rZW4uCiAgKi8KQEAgLTQyLDIyICs1OSwxNSBAQAogICAgIGlmICghaW5maWxlKQogCXJl dHVybjsKIAotICAgIGRvCi0gICAgewotCWlmIChmaWxlQnVmZmVyUHRyID09IGZpbGVCdWZmZXJF bmQpCi0JewotCSAgICBpbnQgbiA9IGluZmlsZS0+cmVhZEJsb2NrKCBmaWxlQnVmZmVyLmRhdGEo KSwgZmlsZUJ1ZmZlci5zaXplKCkgKTsKKyAgICBkbyB7CisgICAgICAgIGludCBuID0gbmV4dENo YXIoKTsKIAotCSAgICBpZiAobiA8PSAwKQotCSAgICB7Ci0JCS8vIFJldHVybiBDbG9zZUdyb3Vw IG9uIEVPRgotCQljaCA9ICd9JzsKLQkJYnJlYWs7Ci0JICAgIH0KLQkgICAgZmlsZUJ1ZmZlclB0 ciA9ICh1Y2hhciAqKWZpbGVCdWZmZXIuZGF0YSgpOwotCSAgICBmaWxlQnVmZmVyRW5kID0gKGZp bGVCdWZmZXJQdHIgKyBuKTsKLQl9Ci0JY2ggPSAqZmlsZUJ1ZmZlclB0cisrOworICAgICAgICBp ZiAoIG4gPD0gMCApIHsKKyAgICAgICAgICAgIGNoID0gJ30nOworICAgICAgICAgICAgYnJlYWs7 CisgICAgICAgIH0KKworICAgICAgICBjaCA9IG47CiAgICAgfQogICAgIHdoaWxlIChjaCA9PSAn XG4nIHx8IGNoID09ICdccicgJiYgY2ggIT0gMCk7CiAKQEAgLTY3LDYgKzc3LDcgQEAKIAogICAg IHVjaGFyICpfdGV4dCA9ICh1Y2hhciAqKXRleHQ7CiAKKwogICAgIGlmIChjaCA9PSAneycpCiAJ dHlwZSA9IFJURlRva2VuaXplcjo6T3Blbkdyb3VwOwogICAgIGVsc2UgaWYgKGNoID09ICd9JykK QEAgLTc1LDIwICs4NiwxNCBAQAogICAgIHsKIAl0eXBlID0gUlRGVG9rZW5pemVyOjpDb250cm9s V29yZDsKIAotCWlmIChmaWxlQnVmZmVyUHRyID09IGZpbGVCdWZmZXJFbmQpCi0JewotCSAgICBp bnQgbiA9IGluZmlsZS0+cmVhZEJsb2NrKCBmaWxlQnVmZmVyLmRhdGEoKSwgZmlsZUJ1ZmZlci5z aXplKCkgKTsKKyAgICAgICAgaW50IG4gPSBuZXh0Q2hhcigpOwogCi0JICAgIGlmIChuIDw9IDAp Ci0JICAgIHsKLQkJLy8gUmV0dXJuIENsb3NlR3JvdXAgb24gRU9GCi0JCXR5cGUgPSBSVEZUb2tl bml6ZXI6OkNsb3NlR3JvdXA7Ci0JCXJldHVybjsKLQkgICAgfQotCSAgICBmaWxlQnVmZmVyUHRy ID0gKHVjaGFyICopZmlsZUJ1ZmZlci5kYXRhKCk7Ci0JICAgIGZpbGVCdWZmZXJFbmQgPSAoZmls ZUJ1ZmZlclB0ciArIG4pOwotCX0KLQljaCA9ICpmaWxlQnVmZmVyUHRyKys7CisgICAgICAgIGlm ICggbiA8PSAwICkgeworICAgICAgICAgICAgLy8gUmV0dXJuIENsb3NlR3JvdXAgb24gRU9GCisg ICAgICAgICAgICB0eXBlID0gUlRGVG9rZW5pemVyOjpDbG9zZUdyb3VwOworICAgICAgICAgICAg cmV0dXJuOworICAgICAgICB9CisJY2ggPSBuOwogCiAJLy8gVHlwZSBpcyBlaXRoZXIgY29udHJv bCB3b3JkIG9yIGNvbnRyb2wgc3ltYm9sCiAJaWYgKChjaCA+PSAnYScgJiYgY2ggPD0gJ3onKSB8 fCAoY2ggPj0gJ0EnICYmIGNoIDw9ICdaJykpCkBAIC05Niw2NCArMTAxLDQxIEBACiAJICAgIGlu dCB2ID0gMDsKIAogCSAgICAvLyBSZWFkIGFscGhhYmV0aWMgc3RyaW5nIChjb21tYW5kKQotCSAg ICB3aGlsZSAoKGNoID49ICdhJyAmJiBjaCA8PSAneicpIHx8IChjaCA+PSAnQScgJiYgY2ggPD0g J1onKSkKKwkgICAgd2hpbGUgKF90ZXh0IDwgKCB1Y2hhciogKXRva2VuVGV4dC5kYXRhKCkrdG9r ZW5UZXh0LnNpemUoKS0zICYmIAorICAgICAgICAgICAgICAgICAgKChjaCA+PSAnYScgJiYgY2gg PD0gJ3onKSB8fCAoY2ggPj0gJ0EnICYmIGNoIDw9ICdaJykpICkKIAkgICAgewogCQkqX3RleHQr KyA9IGNoOwogCi0JCWlmIChmaWxlQnVmZmVyUHRyID09IGZpbGVCdWZmZXJFbmQpCi0JCXsKLQkJ ICAgIGludCBuID0gaW5maWxlLT5yZWFkQmxvY2soIGZpbGVCdWZmZXIuZGF0YSgpLCBmaWxlQnVm ZmVyLnNpemUoKSApOwotCi0JCSAgICBpZiAobiA8PSAwKQotCQkgICAgewotCQkJY2ggPSAnICc7 Ci0JCQlicmVhazsKLQkJICAgIH0KLQkJICAgIGZpbGVCdWZmZXJQdHIgPSAodWNoYXIgKilmaWxl QnVmZmVyLmRhdGEoKTsKLQkJICAgIGZpbGVCdWZmZXJFbmQgPSAoZmlsZUJ1ZmZlclB0ciArIG4p OwotCQl9Ci0JCWNoID0gKmZpbGVCdWZmZXJQdHIrKzsKKyAgICAgICAgICAgICAgICBpbnQgbiA9 IG5leHRDaGFyKCk7CisgICAgICAgICAgICAgICAgaWYgKCBuIDw9IDAgKSB7CisgICAgICAgICAg ICAgICAgICAgIGNoID0gJyAnOworICAgICAgICAgICAgICAgICAgICBicmVhazsKKyAgICAgICAg ICAgICAgICB9CisgICAgICAgICAgICAgICAgY2ggPSBuOwogCSAgICB9CiAKIAkgICAgLy8gUmVh ZCBudW1lcmljIHBhcmFtZXRlciAocGFyYW0pCiAJICAgIGJvb2wgaXNuZWcgPSAoY2ggPT0gJy0n KTsKIAotCSAgICBpZiAoaXNuZWcpCi0JICAgIHsKLQkJaWYgKGZpbGVCdWZmZXJQdHIgPT0gZmls ZUJ1ZmZlckVuZCkKLQkJewotCQkgICAgaW50IG4gPSBpbmZpbGUtPnJlYWRCbG9jayggZmlsZUJ1 ZmZlci5kYXRhKCksIGZpbGVCdWZmZXIuc2l6ZSgpICk7Ci0KLQkJICAgIGlmIChuIDw9IDApCi0J CSAgICB7Ci0JCQkvLyBSZXR1cm4gQ2xvc2VHcm91cCBvbiBFT0YKLQkJCXR5cGUgPSBSVEZUb2tl bml6ZXI6OkNsb3NlR3JvdXA7Ci0JCQlyZXR1cm47Ci0JCSAgICB9Ci0JCSAgICBmaWxlQnVmZmVy UHRyID0gKHVjaGFyICopZmlsZUJ1ZmZlci5kYXRhKCk7Ci0JCSAgICBmaWxlQnVmZmVyRW5kID0g KGZpbGVCdWZmZXJQdHIgKyBuKTsKLQkJfQotCQljaCA9ICpmaWxlQnVmZmVyUHRyKys7CisJICAg IGlmIChpc25lZykgeworICAgICAgICAgICAgICAgIGludCBuID0gbmV4dENoYXIoKTsKKyAgICAg ICAgICAgICAgICBpZiAoIG4gPD0gMCApIHsKKyAgICAgICAgICAgICAgICAgICAgdHlwZSA9IFJU RlRva2VuaXplcjo6Q2xvc2VHcm91cDsKKyAgICAgICAgICAgICAgICAgICAgcmV0dXJuOworICAg ICAgICAgICAgICAgIH0KKwkJY2ggPSBuOwogCSAgICB9Ci0JICAgIHdoaWxlIChjaCA+PSAnMCcg JiYgY2ggPD0gJzknKQotCSAgICB7CisKKwkgICAgd2hpbGUgKGNoID49ICcwJyAmJiBjaCA8PSAn OScpIHsKIAkJdgkgPSAoMTAgKiB2KSArIGNoIC0gJzAnOwogCQloYXNQYXJhbSA9IHRydWU7CiAK LQkJaWYgKGZpbGVCdWZmZXJQdHIgPT0gZmlsZUJ1ZmZlckVuZCkKLQkJewotCQkgICAgaW50IG4g PSBpbmZpbGUtPnJlYWRCbG9jayggZmlsZUJ1ZmZlci5kYXRhKCksIGZpbGVCdWZmZXIuc2l6ZSgp ICk7CisgICAgICAgICAgICAgICAgaW50IG4gPSBuZXh0Q2hhcigpOwogCi0JCSAgICBpZiAobiA8 PSAwKQotCQkgICAgewotCQkJY2ggPSAnICc7Ci0JCQlicmVhazsKLQkJICAgIH0KLQkJICAgIGZp bGVCdWZmZXJQdHIgPSAodWNoYXIgKilmaWxlQnVmZmVyLmRhdGEoKTsKLQkJICAgIGZpbGVCdWZm ZXJFbmQgPSAoZmlsZUJ1ZmZlclB0ciArIG4pOwotCQl9Ci0JCWNoID0gKmZpbGVCdWZmZXJQdHIr KzsKLQkgICAgfQorICAgICAgICAgICAgICAgIGlmICggbiA8PSAwICkKKyAgICAgICAgICAgICAg ICAgICAgbiA9ICcgJzsKKyAgICAgICAgICAgICAgICBjaCA9IG47CisgICAgICAgICAgICB9CiAJ ICAgIHZhbHVlID0gaXNuZWcgPyAtdiA6IHY7CiAKIAkgICAgLy8gSWYgZGVsaW1pdGVyIGlzIGEg c3BhY2UsIGl0J3MgcGFydCBvZiB0aGUgY29udHJvbCB3b3JkCkBAIC0xNjMsNyArMTQ1LDcgQEAK IAkgICAgfQogCiAgICAgICAgICAgICAqX3RleHQgPSAwOyAvLyBKdXN0IHB1dCBhbiBlbmQgb2Yg c3RyaW5nIGZvciB0aGUgdGVzdCwgaXQgY2FuIHRoZW4gYmUgb3Zlci13cml0dGVuIGFnYWluCi0g ICAgICAgICAgICBpZiAoICFxc3RybmNtcCggdG9rZW5UZXh0LmRhdGEoKSsxLCAiYmluIiwgNCAp ICkgLy8gVGVzdCB0aGUgTlVMTCB0b28gdG8gYXZvaWQgY2F0Y2hpbmcga2V5d29yZHMgc3RhcnRp bmcgd2l0aCAiYmluIgorICAgICAgICAgICAgaWYgKCAhbWVtY21wKCB0b2tlblRleHQuZGF0YSgp KzEsICJiaW4iLCA0ICkgKQogICAgICAgICAgICAgeyAgIC8vIFdlIGhhdmUgXGJpbiwgc28gd2Ug bmVlZCB0byByZWFkIHRoZSBieXRlcwogICAgICAgICAgICAgICAgIGtkRGVidWcoMzA1MTUpIDw8 ICJUb2tlbjoiIDw8IHRva2VuVGV4dCA8PCBlbmRsOwogICAgICAgICAgICAgICAgIGlmICh2YWx1 ZSA+IDApCkBAIC0xNzMsMjYgKzE1NSwxNSBAQAogICAgICAgICAgICAgICAgICAgICBiaW5hcnlE YXRhLnJlc2l6ZSh2YWx1ZSk7CiAgICAgICAgICAgICAgICAgICAgIGZvciAoaW50IGk9MDsgaTx2 YWx1ZTsgaSsrKQogICAgICAgICAgICAgICAgICAgICB7Ci0gICAgICAgICAgICAgICAgICAgICAg ICBpZiAoZmlsZUJ1ZmZlclB0ciA9PSBmaWxlQnVmZmVyRW5kKQotICAgICAgICAgICAgICAgICAg ICAgICAgewotICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNvbnN0IGludCBuID0gaW5maWxl LT5yZWFkQmxvY2soIGZpbGVCdWZmZXIuZGF0YSgpLCBmaWxlQnVmZmVyLnNpemUoKSApOwotCi0g ICAgICAgICAgICAgICAgICAgICAgICAgICAgaWYgKG4gPD0gMCkKLSAgICAgICAgICAgICAgICAg ICAgICAgICAgICB7Ci0gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGtkRXJyb3IoMzA1 MTUpIDw8ICJcXGJpbiBzdHJlYW0gaGl0IGVuZCBvZiBmaWxlLiIgPDwgZW5kbDsKLSAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgdHlwZSA9IFJURlRva2VuaXplcjo6Q2xvc2VHcm91cDsK LSAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgYnJlYWs7Ci0gICAgICAgICAgICAgICAg ICAgICAgICAgICAgfQotICAgICAgICAgICAgICAgICAgICAgICAgICAgIGZpbGVCdWZmZXJQdHIg PSAodWNoYXIgKilmaWxlQnVmZmVyLmRhdGEoKTsKLSAgICAgICAgICAgICAgICAgICAgICAgICAg ICBmaWxlQnVmZmVyRW5kID0gKGZpbGVCdWZmZXJQdHIgKyBuKTsKKyAgICAgICAgICAgICAgICAg ICAgICAgIGludCBuID0gbmV4dENoYXIoKTsKKyAgICAgICAgICAgICAgICAgICAgICAgIGlmICgg biA8PSAwICkgeworICAgICAgICAgICAgICAgICAgICAgICAgICAgIHR5cGUgPSBSVEZUb2tlbml6 ZXI6OkNsb3NlR3JvdXA7CisgICAgICAgICAgICAgICAgICAgICAgICAgICAgYnJlYWs7CiAgICAg ICAgICAgICAgICAgICAgICAgICB9Ci0gICAgICAgICAgICAgICAgICAgICAgICBiaW5hcnlEYXRh W2ldPSpmaWxlQnVmZmVyUHRyKys7CisKKyAgICAgICAgICAgICAgICAgICAgICAgIGJpbmFyeURh dGFbaV0gPSBuOwogICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICAgfQotICAg ICAgICAgICAgICAgIGVsc2UKLSAgICAgICAgICAgICAgICB7Ci0gICAgICAgICAgICAgICAgICAg IGtkRXJyb3IoMzA1MTUpIDw8ICJcXGJpbiB3aXRoIG5lZ2F0aXZlIHZhbHVlIHNraXBwaW5nIiA8 PCBlbmRsOwotICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgIH0KIAogCX0KQEAgLTIwMCwx OSArMTcxLDEzIEBACiAJewogCSAgICB0eXBlID0gUlRGVG9rZW5pemVyOjpDb250cm9sV29yZDsK IAkgICAgKl90ZXh0KysgPSBjaDsKLQkgICAgaWYgKGZpbGVCdWZmZXJQdHIgPT0gZmlsZUJ1ZmZl ckVuZCkKLQkgICAgewotCQlpbnQgbiA9IGluZmlsZS0+cmVhZEJsb2NrKCBmaWxlQnVmZmVyLmRh dGEoKSwgZmlsZUJ1ZmZlci5zaXplKCkgKTsKIAotCQlpZiAobiA8PSAwKQotCQl7Ci0JCSAgICAv LyBSZXR1cm4gQ2xvc2VHcm91cCBvbiBFT0YKLQkJICAgIHR5cGUgPSBSVEZUb2tlbml6ZXI6OkNs b3NlR3JvdXA7Ci0JCSAgICByZXR1cm47Ci0JCX0KLQkJZmlsZUJ1ZmZlclB0ciA9ICh1Y2hhciAq KWZpbGVCdWZmZXIuZGF0YSgpOwotCQlmaWxlQnVmZmVyRW5kID0gKGZpbGVCdWZmZXJQdHIgKyBu KTsKLQkgICAgfQorICAgICAgICAgICAgaW50IG4gPSBuZXh0Q2hhcigpOworCisgICAgICAgICAg ICBpZiAoIG4gPD0gMCApIHsKKyAgICAgICAgICAgICAgICB0eXBlID0gUlRGVG9rZW5pemVyOjpD bG9zZUdyb3VwOworICAgICAgICAgICAgICAgIHJldHVybjsKKyAgICAgICAgICAgIH0KIAkgICAg Y2ggPSAqZmlsZUJ1ZmZlclB0cisrOwogCSAgICBmb3IoaW50IGk9MDtpPDI7aSsrKQogCSAgICB7 CkBAIC0yMjAsMjIgKzE4NSwxNiBAQAogCQl2YWx1ZTw8PTQ7CiAJCXZhbHVlPXZhbHVlfCgoY2gg KyAoKGNoICYgMTYpID8gMCA6IDkpKSAmIDB4Zik7CiAKLQkJaWYgKGZpbGVCdWZmZXJQdHIgPT0g ZmlsZUJ1ZmZlckVuZCkKLQkJewotCQkgICAgaW50IG4gPSBpbmZpbGUtPnJlYWRCbG9jayggZmls ZUJ1ZmZlci5kYXRhKCksIGZpbGVCdWZmZXIuc2l6ZSgpICk7CisgICAgICAgICAgICAgICAgaW50 IG4gPSBuZXh0Q2hhcigpOwogCi0JCSAgICBpZiAobiA8PSAwKQotCQkgICAgewotCQkJY2ggPSAn ICc7Ci0JCQlicmVhazsKLQkJICAgIH0KLQkJICAgIGZpbGVCdWZmZXJQdHIgPSAodWNoYXIgKilm aWxlQnVmZmVyLmRhdGEoKTsKLQkJICAgIGZpbGVCdWZmZXJFbmQgPSAoZmlsZUJ1ZmZlclB0ciAr IG4pOwotCQl9CisgICAgICAgICAgICAgICAgaWYgKCBuIDw9IDAgKSB7CisgICAgICAgICAgICAg ICAgICAgIGNoID0gJyAnOworICAgICAgICAgICAgICAgICAgICBicmVhazsKKyAgICAgICAgICAg ICAgICB9CiAJCWNoID0gKmZpbGVCdWZmZXJQdHIrKzsKIAkgICAgfQotCQktLWZpbGVCdWZmZXJQ dHI7Ci0JICAgIH0KKyAgICAgICAgICAgIC0tZmlsZUJ1ZmZlclB0cjsKKyAgICAgICAgfQogCWVs c2UKIAl7CiAJICAgIHR5cGUgPSBSVEZUb2tlbml6ZXI6OkNvbnRyb2xXb3JkOwpAQCAtMjQ4LDE0 ICsyMDcsMTYgQEAKIAogCS8vIEV2ZXJ5dGhpbmcgdW50aWwgbmV4dCBiYWNrc2xhc2gsIG9wZW5l ciBvciBjbG9zZXIKIAl3aGlsZSAoIGNoICE9ICdcXCcgJiYgY2ggIT0gJ3snICYmIGNoICE9ICd9 JyAmJiBjaCAhPSAnXG4nICYmCi0JCWNoICE9ICdccicgJiYgZmlsZUJ1ZmZlclB0ciA8PSBmaWxl QnVmZmVyRW5kICkKKwkJY2ggIT0gJ1xyJykKIAl7CiAJICAgICpfdGV4dCsrID0gY2g7CisgICAg ICAgICAgICBpZihmaWxlQnVmZmVyUHRyID49IGZpbGVCdWZmZXJFbmQpCisgICAgICAgICAgICAg ICAgYnJlYWs7CiAJICAgIGNoID0gKmZpbGVCdWZmZXJQdHIrKzsKIAl9Ci0KLQkvLyBHaXZlIGJh Y2sgbGFzdCBjaGFyCi0JLS1maWxlQnVmZmVyUHRyOworICAgICAgICBpZihmaWxlQnVmZmVyUHRy IDwgZmlsZUJ1ZmZlckVuZCkKKyAgICAgICAgICAtLWZpbGVCdWZmZXJQdHI7IC8vIGdpdmUgYmFj ayB0aGUgbGFzdCBjaGFyCiAgICAgfQogICAgICpfdGV4dCsrID0gMDsKKwogfQpJbmRleDogZmls dGVycy9rd29yZC9ydGYvaW1wb3J0L3J0ZmltcG9ydF90b2tlbml6ZXIuaAo9PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0t LSBmaWx0ZXJzL2t3b3JkL3J0Zi9pbXBvcnQvcnRmaW1wb3J0X3Rva2VuaXplci5oCShyZXZpc2lv biA0NjMyMzUpCisrKyBmaWx0ZXJzL2t3b3JkL3J0Zi9pbXBvcnQvcnRmaW1wb3J0X3Rva2VuaXpl ci5oCSh3b3JraW5nIGNvcHkpCkBAIC01MCw2ICs1MCw4IEBACiAKICAgICAvLyB0b2tlbml6ZXIg KHByaXZhdGUpIGRhdGEKIHByaXZhdGU6CisgICAgaW50IG5leHRDaGFyKCk7CisKICAgICBRRmls ZSAqaW5maWxlOwogICAgIFFCeXRlQXJyYXkgZmlsZUJ1ZmZlcjsKICAgICBRQ1N0cmluZyB0b2tl blRleHQ7Cg== 70105 2005-10-07 10:47 0000 kword-1.4.1-r1.ebuild kword-1.4.1-r1.ebuild text/plain IyBDb3B5cmlnaHQgMTk5OS0yMDA1IEdlbnRvbyBGb3VuZGF0aW9uCiMgRGlzdHJpYnV0ZWQgdW5k ZXIgdGhlIHRlcm1zIG9mIHRoZSBHTlUgR2VuZXJhbCBQdWJsaWMgTGljZW5zZSB2MgojICRIZWFk ZXI6IC92YXIvY3Zzcm9vdC9nZW50b28teDg2L2FwcC1vZmZpY2Uva3dvcmQva3dvcmQtMS40LjEu ZWJ1aWxkLHYgMS41IDIwMDUvMDkvMTIgMTQ6MDc6MTcgYWdyaWZmaXMgRXhwICQKCktNTkFNRT1r b2ZmaWNlCk1BWEtPRkZJQ0VWRVI9JHtQVn0KaW5oZXJpdCBrZGUtbWV0YSBldXRpbHMKCkRFU0NS SVBUSU9OPSJLT2ZmaWNlIHdvcmQgcHJvY2Vzc29yLiIKSE9NRVBBR0U9Imh0dHA6Ly93d3cua29m ZmljZS5vcmcvIgpMSUNFTlNFPSJHUEwtMiBMR1BMLTIiCgpTTE9UPSIwIgpLRVlXT1JEUz0iYWxw aGEgYW1kNjQgcHBjIH5wcGM2NCB+c3BhcmMgeDg2IgpJVVNFPSIiCgpSREVQRU5EPSIkKGRlcHJh bmdlICRQViAkTUFYS09GRklDRVZFUiBhcHAtb2ZmaWNlL2tvZmZpY2UtbGlicykKCSQoZGVwcmFu Z2UgJFBWICRNQVhLT0ZGSUNFVkVSIGFwcC1vZmZpY2Uva3NwcmVhZCkKCT49YXBwLXRleHQvd3Yy LTAuMS44Cgk+PW1lZGlhLWdmeC9pbWFnZW1hZ2ljay01LjUuMiIKCkRFUEVORD0iJHtSREVQRU5E fQoJZGV2LXV0aWwvcGtnY29uZmlnIgoKS01DT1BZTElCPSIKCWxpYmtmb3JtdWxhIGxpYi9rZm9y bXVsYQoJbGlia29mZmljZWNvcmUgbGliL2tvZmZpY2Vjb3JlCglsaWJrb2ZmaWNldWkgbGliL2tv ZmZpY2V1aQoJbGlia29wYWludGVyIGxpYi9rb3BhaW50ZXIKCWxpYmtvc2NyaXB0IGxpYi9rb3Nj cmlwdAoJbGlia290ZXh0IGxpYi9rb3RleHQKCWxpYmt3bWYgbGliL2t3bWYKCWxpYmtvd21mIGxp Yi9rd21mCglsaWJrc3RvcmUgbGliL3N0b3JlCglsaWJrc3ByZWFkY29tbW9uIGtzcHJlYWQiCgpL TUVYVFJBQ1RPTkxZPSIKCWxpYi8KCWtzcHJlYWQvIgoKS01DT01QSUxFT05MWT0iZmlsdGVycy9s aWJvb2ZpbHRlciIKCktNRVhUUkE9ImZpbHRlcnMva3dvcmQiCgpuZWVkLWtkZSAzLjMKClBBVENI RVM9IiR7RklMRVNESVJ9L2t3b3JkLTMuNC4xLXJ0ZmltcG9ydC5kaWZmIgoKc3JjX3VucGFjaygp IHsKCWtkZS1tZXRhX3NyY191bnBhY2sgdW5wYWNrCgoJIyBXZSBuZWVkIHRvIGNvbXBpbGUgbGli b29maWx0ZXIgZmlyc3QKCWVjaG8gIlNVQkRJUlMgPSBsaWJvb2ZpbHRlciBrd29yZCIgPiAkUy9m aWx0ZXJzL01ha2VmaWxlLmFtCgoJa2RlLW1ldGFfc3JjX3VucGFjayBtYWtlZmlsZXMKfQo= 70151 2005-10-08 06:45 0000 advisory-20051010-1.txt advisory-20051010-1.txt text/plain S0RFIFNlY3VyaXR5IEFkdmlzb3J5OiBLV29yZCBSVEYgaW1wb3J0IGJ1ZmZlciBvdmVyZmxvdwpP cmlnaW5hbCBSZWxlYXNlIERhdGU6IDIwMDUtMTAtWFgKVVJMOiBodHRwOi8vd3d3LmtkZS5vcmcv aW5mby9zZWN1cml0eS9hZHZpc29yeS0yMDA1MTBYWC0xLnR4dAoKMC4gUmVmZXJlbmNlcwoKICAg ICAgICBDQU4tMjAwNS1GSVhNRQoKMS4gU3lzdGVtcyBhZmZlY3RlZDoKCiAgICAgICAgQWxsIEtP ZmZpY2UgcmVsZWFzZXMgc3RhcnRpbmcgZnJvbSBLT2ZmaWNlIDEuMi4wIHVwIHRvIAogICAgICAg IGluY2x1ZGluZyBLT2ZmaWNlIDEuNC4xLgoKCjIuIE92ZXJ2aWV3OgoKICAgICAgICBDaHJpcyBF dmFucyByZXBvcnRlZCBhIGhlYXAgYmFzZWQgYnVmZmVyIG92ZXJmbG93IGluCiAgICAgICAgdGhl IFJURiBpbXBvcnRlciBvZiBLV29yZC4KCjMuIEltcGFjdDoKCiAgICAgICAgT3BlbmluZyBzcGVj aWFsbHkgY3JhZnRlZCBSVEYgZmlsZXMgaW4gS1dvcmQgY2FuIGNhdXNlCiAgICAgICAgZXhlY3V0 aW9uIG9mIGFiaXRyYXJ5IGNvZGUuCgoKNC4gU29sdXRpb246CgogICAgICAgIFNvdXJjZSBjb2Rl IHBhdGNoZXMgaGF2ZSBiZWVuIG1hZGUgYXZhaWxhYmxlIHdoaWNoIGZpeCB0aGVzZQogICAgICAg IHZ1bG5lcmFiaWxpdGllcy4gQ29udGFjdCB5b3VyIE9TIHZlbmRvciAvIGJpbmFyeSBwYWNrYWdl IHByb3ZpZGVyCiAgICAgICAgZm9yIGluZm9ybWF0aW9uIGFib3V0IGhvdyB0byBvYnRhaW4gdXBk YXRlZCBiaW5hcnkgcGFja2FnZXMuCgoKNS4gUGF0Y2g6CgogICAgICAgIFBhdGNoIGZvciBLT2Zm aWNlIDEuNC4xIGlzIGF2YWlsYWJsZSBmcm9tIAogICAgICAgIGZ0cDovL2Z0cC5rZGUub3JnL3B1 Yi9rZGUvc2VjdXJpdHlfcGF0Y2hlcyA6CgogICAgICAgIFhYWFgK