A voluntary security review of the importers by infamous41md has turned up three buffer overflow errors in the xfig import code. These errors have existed since the code was first created in version 0.87, but are corrected as of version 0.95-pre6. The attached patch fixes them for version 0.94.
Created attachment 83432 [details, diff] /home/ed/dia-0.94_xfigoverflowfix.patch extracted a working patch from the advisory
gnome-office please provide fixed ebuilds. you can find a patch in the URL of this bug.
Created attachment 83434 [details, diff] dia-0.94_xfigoverflowfix.patch fixed a typo
*** Bug 128386 has been marked as a duplicate of this bug. ***
Can anybody with commit privs please update the current stable ebuild (dia-0.94-r3) to add an epatch line for the attachment/patch. Thanks
gnome-office, please bump or we may have to mask it.
The patch was missing the segment below but -r5 is now committed with the patch. --- dia-0.94/plug-ins/xfig/xfig.h 2004-08-16 03:56:21.000000000 -0400 +++ dia-0.94.new/plug-ins/xfig/xfig.h 2006-04-20 17:19:28.000000000 -0400 @@ -6,6 +6,7 @@ #define FIG_MAX_DEFAULT_COLORS 32 #define FIG_MAX_USER_COLORS 512 +#define FIG_MAX_DEPTHS 1000 /* 1200 PPI */ #define FIG_UNIT 472.440944881889763779527559055118 /* 1/80 inch */
dia-0.94-r5 stable on alpha.
I've done some testing with dia-0.94-r5 [-debug +gnome +png +python -static +zlib] on x86. A really nice application that seems to work fine (i wish i had discovered this app a few weeks earlier) ... Portage 2.0.54 (default-linux/x86/2006.0, gcc-3.4.5, glibc-2.3.5-r3, 2.6.15-gentoo-r5 i686) ================================================================= System uname: 2.6.15-gentoo-r5 i686 AMD Athlon(tm) XP 2400+ Gentoo Base System version 1.6.14 dev-lang/python: 2.3.5-r2, 2.4.2 sys-apps/sandbox: 1.2.12 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1 sys-devel/binutils: 2.16.1 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=athlon-xp -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/eselect/compiler /etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=athlon-xp -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig collision-protect distlocks sandbox sfperms strict" GENTOO_MIRRORS="http://gentoo.inode.at/ " LANG="en_US.utf8" LC_ALL="en_US.utf8" LINGUAS="en de" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://192.168.0.1/gentoo-portage" USE="x86 3dnow 3dnowext X a52 aalib alsa apm audiofile avi berkdb bitmap-fonts bonobo bzip2 bzlib cairo cdr cli crypt css cups curl dbus divx4linux dri dts dv dvd dvdr dvdread emboss encode evo exif expat fam fame ffmpeg firefox flac foomaticdb fortran gd gdbm gif glut gmp gnome gphoto2 gpm gstreamer gtk gtk2 gtkhtml guile hal idn imagemagick imlib ipv6 isdnlog java jpeg junit lcms libg++ libwww mad mikmod mmx mmxext mng motif mp3 mpeg nautilus ncurses nls nptl nsplugin nvidia ogg oggvorbis openal opengl pam pcre pdflib perl plotutils png pppd python quicktime readline real reflection ruby sdl session slang speex spell spl sqlite sse ssl subtitles svga tcltk tcpd tetex theora tiff truetype truetype-fonts type1-fonts udev unicode usb vcd video_cards_nvidia vorbis win32codecs wma xine xml xml2 xmms xv xvid zlib linguas_en linguas_de userland_GNU kernel_linux elibc_glibc" Unset: ASFLAGS, CTARGET, INSTALL_MASK, LDFLAGS
Stable on SPARC.
...and x86 is done
ppc stable
ppc64 stable
amd64 stable.
Ready for GLSA
Thx ed. GLSA 200604-14 mips, ia64 don't forget to mark stable to benifit from the GLSA.