Added an upstream patch to fix security bug 198409. Fixed the desktop files as per bug 190006. Thanks to gentoofan23 for providing patches!

Package-Manager: portage-2.1.3.19
author: Wulf Krueger <philantrop@gentoo.org> 2007-11-11 19:08:43 +0000
committer: Wulf Krueger <philantrop@gentoo.org> 2007-11-11 19:08:43 +0000
commit: 4872a249f9bbc9cfe1c54649c91c7b8a26e9588a (patch)
tree: 970e975cb732cadf68cf388fd7f73010911816a2 /app-office
parent: Stable on x86 wrt bug #198590 (diff)
download: historical-4872a249f9bbc9cfe1c54649c91c7b8a26e9588a.tar.gz
historical-4872a249f9bbc9cfe1c54649c91c7b8a26e9588a.tar.bz2
historical-4872a249f9bbc9cfe1c54649c91c7b8a26e9588a.zip
6 files changed, 774 insertions, 10 deletions
diff --git a/app-office/kword/ChangeLog b/app-office/kword/ChangeLog
index 849c33badb0a..199f677f3f7c 100644
--- a/app-office/kword/ChangeLog
+++ b/app-office/kword/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for app-office/kword
 # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-office/kword/ChangeLog,v 1.109 2007/08/12 14:42:02 beandog Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-office/kword/ChangeLog,v 1.110 2007/11/11 19:08:42 philantrop Exp $
+
+*kword-1.6.3-r2 (11 Nov 2007)
+
+  11 Nov 2007; Wulf C. Krueger <philantrop@gentoo.org>
+  +files/koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff,
+  +kword-1.6.3-r2.ebuild:
+  Added an upstream patch to fix security bug 198409. Fixed the desktop file
+  as per bug 190006. Thanks to gentoofan23 for providing a patch!
 
   12 Aug 2007; Steve Dibb <beandog@gentoo.org> kword-1.6.3-r1.ebuild:
   amd64 stable, security bug 187139
diff --git a/app-office/kword/Manifest b/app-office/kword/Manifest
index c185dd29d8c1..fb09cd61fe6d 100644
--- a/app-office/kword/Manifest
+++ b/app-office/kword/Manifest
@@ -1,3 +1,10 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+AUX koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff 15961 RMD160 ab6ec62b1ee7c369e8a6f44ba285a56b8c5439b4 SHA1 a3d1d85567ccf729a2237f4aa837f7e025ce00ae SHA256 ed9b3ee5b1590aae930dc2829b9a463fac9cee5ab3e412423a4991109f507942
+MD5 1d6b58dbe1cab4b0168a8e4344f8d7af files/koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff 15961
+RMD160 ab6ec62b1ee7c369e8a6f44ba285a56b8c5439b4 files/koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff 15961
+SHA256 ed9b3ee5b1590aae930dc2829b9a463fac9cee5ab3e412423a4991109f507942 files/koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff 15961
 AUX koffice-xpdf-CVE-2007-0104.diff 3185 RMD160 1ea990a06dfdc709362a6cb0fbb69851da86a3d6 SHA1 bef37ffafbae9a509363f7bc63806ab7162576b9 SHA256 36585b64bc23c9e352c0ff4edff9788add81381049dff5ae1d9de708f9696bfe
 MD5 dc28881c39f11c040f8c942e4af238d1 files/koffice-xpdf-CVE-2007-0104.diff 3185
 RMD160 1ea990a06dfdc709362a6cb0fbb69851da86a3d6 files/koffice-xpdf-CVE-2007-0104.diff 3185
@@ -16,18 +23,22 @@ EBUILD kword-1.6.3-r1.ebuild 1357 RMD160 2bec58a8d51b8bedb9d3c47dc259c41bf9dd236
 MD5 0d0a02b2c5a6b097c6d75b7bcb2ec972 kword-1.6.3-r1.ebuild 1357
 RMD160 2bec58a8d51b8bedb9d3c47dc259c41bf9dd236d kword-1.6.3-r1.ebuild 1357
 SHA256 8349bf065e61b557a451e2a4150ce035cf63ad777a5a5e5165a2a08fe9651978 kword-1.6.3-r1.ebuild 1357
+EBUILD kword-1.6.3-r2.ebuild 1541 RMD160 c8f9199b4ba9996d668eeabf0f2a249a117c89bc SHA1 9cd9439f171023f908412483fd711bda8a2470ac SHA256 8a0a446550d74cbb52cdfb25a7f875efdfff4e0fd5ff49cd0f45272f9612a237
+MD5 ca439d6036f8633cc8cad3ce18ec9bf6 kword-1.6.3-r2.ebuild 1541
+RMD160 c8f9199b4ba9996d668eeabf0f2a249a117c89bc kword-1.6.3-r2.ebuild 1541
+SHA256 8a0a446550d74cbb52cdfb25a7f875efdfff4e0fd5ff49cd0f45272f9612a237 kword-1.6.3-r2.ebuild 1541
 EBUILD kword-1.6.3.ebuild 1299 RMD160 06a087a676c6f887dd8eef1a4dc319e0b633aada SHA1 5240142570cf772ac6a367051303642250689126 SHA256 f6ca317b9bf9e392831b80236bc58401555f4ef4bdc2e9c79795a25eb1f227cc
 MD5 e8475644a526bff0b3c31ea128e3c666 kword-1.6.3.ebuild 1299
 RMD160 06a087a676c6f887dd8eef1a4dc319e0b633aada kword-1.6.3.ebuild 1299
 SHA256 f6ca317b9bf9e392831b80236bc58401555f4ef4bdc2e9c79795a25eb1f227cc kword-1.6.3.ebuild 1299
-MISC ChangeLog 13113 RMD160 071fa3b1f172f3b4f2110233bfd43b10d68bd52b SHA1 3cea52b549c6f1958dd8d73402e6063051490bee SHA256 788ab7021c5913168d4b2c4f2e15f404e5152b466086c17d34e582383a1ba42a
-MD5 542735de45d1ac562d09103a8de1eded ChangeLog 13113
-RMD160 071fa3b1f172f3b4f2110233bfd43b10d68bd52b ChangeLog 13113
-SHA256 788ab7021c5913168d4b2c4f2e15f404e5152b466086c17d34e582383a1ba42a ChangeLog 13113
-MISC metadata.xml 157 RMD160 9258d9691830e58ee00ca89f0a6df9ce077f2439 SHA1 b2ca0d856f38a09bf6d2e58ee77b344552585862 SHA256 e0e268ca18fef286617fcfe97773d5df5b8fbdb5fbcb9a29adc5e8b0baea4292
-MD5 02039d51ca4a42817775fd436dfaa956 metadata.xml 157
-RMD160 9258d9691830e58ee00ca89f0a6df9ce077f2439 metadata.xml 157
-SHA256 e0e268ca18fef286617fcfe97773d5df5b8fbdb5fbcb9a29adc5e8b0baea4292 metadata.xml 157
+MISC ChangeLog 13431 RMD160 5f0a0701a79fe9ae7bf4846e3c834376697d9325 SHA1 029cd76fb9e31132331b686682f0767bf21339f9 SHA256 48d6f97149e73e1f8bdec837d6d6f43c441c02a8c3b8bd95d3c23e197d54336e
+MD5 a6b591363d31817571a103df0f6a1e76 ChangeLog 13431
+RMD160 5f0a0701a79fe9ae7bf4846e3c834376697d9325 ChangeLog 13431
+SHA256 48d6f97149e73e1f8bdec837d6d6f43c441c02a8c3b8bd95d3c23e197d54336e ChangeLog 13431
+MISC metadata.xml 156 RMD160 ecce3b981f150c45ae1e84e2d208e678d6124259 SHA1 b64f7c0b4e5db816d82ad19848f72118af129d35 SHA256 2f4da28506b9d4185f320f67a6191d30c7a921217ed4447ed46ea0bc4aefc79a
+MD5 acc03a4b12bb0433a57e95bd253b9501 metadata.xml 156
+RMD160 ecce3b981f150c45ae1e84e2d208e678d6124259 metadata.xml 156
+SHA256 2f4da28506b9d4185f320f67a6191d30c7a921217ed4447ed46ea0bc4aefc79a metadata.xml 156
 MD5 44d307bd453fb21c59c4f449870d5859 files/digest-kword-1.6.1-r1 250
 RMD160 bba235b5d7bdb20b43d72df70e83f94e73f8468a files/digest-kword-1.6.1-r1 250
 SHA256 8947fdfcfda8edd2bd5291f3d5c44f7521d41f2686b116c88b6f8c72448b5054 files/digest-kword-1.6.1-r1 250
@@ -37,3 +48,13 @@ SHA256 228e7da12dd539925ef41c160b2ff077b722852e088b2c6315ef7ba7aa4cce82 files/di
 MD5 bbb63ff3d409864fc447d9164fa89128 files/digest-kword-1.6.3-r1 250
 RMD160 7683a0c1ce9679046577b8fbc57e8abbda17b46b files/digest-kword-1.6.3-r1 250
 SHA256 228e7da12dd539925ef41c160b2ff077b722852e088b2c6315ef7ba7aa4cce82 files/digest-kword-1.6.3-r1 250
+MD5 bbb63ff3d409864fc447d9164fa89128 files/digest-kword-1.6.3-r2 250
+RMD160 7683a0c1ce9679046577b8fbc57e8abbda17b46b files/digest-kword-1.6.3-r2 250
+SHA256 228e7da12dd539925ef41c160b2ff077b722852e088b2c6315ef7ba7aa4cce82 files/digest-kword-1.6.3-r2 250
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.7 (GNU/Linux)
+
+iD8DBQFHN1NDCkvF58q80IkRAuHsAKCnFQ2v4QmeHVb2CuJphugS1bO77gCfc1ha
+1JQxJFPoJ8dgOA0Oc/xVEoA=
+=V7Sc
+-----END PGP SIGNATURE-----
diff --git a/app-office/kword/files/digest-kword-1.6.3-r2 b/app-office/kword/files/digest-kword-1.6.3-r2
new file mode 100644
index 000000000000..0dc1fc75f716
--- /dev/null
+++ b/app-office/kword/files/digest-kword-1.6.3-r2
@@ -0,0 +1,3 @@
+MD5 386d388094734f9759977c3267098e30 koffice-1.6.3.tar.bz2 56829391
+RMD160 e474ba48fa983fafb61ad58fb79cddda69ec6908 koffice-1.6.3.tar.bz2 56829391
+SHA256 c3975f0a59f50aaa5547f1709b6fad54f746fd06815859b374676b426dce12cb koffice-1.6.3.tar.bz2 56829391
diff --git a/app-office/kword/files/koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff b/app-office/kword/files/koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff
new file mode 100644
index 000000000000..dabcf23d44aa
--- /dev/null
+++ b/app-office/kword/files/koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff
@@ -0,0 +1,669 @@
+--- filters/kword/pdf/xpdf/xpdf/Stream.cc
++++ filters/kword/pdf/xpdf/xpdf/Stream.cc
+@@ -1239,6 +1239,7 @@
+ // CCITTFaxStream
+ //------------------------------------------------------------------------
+ 
++#if 0
+ CCITTFaxStream::CCITTFaxStream(Stream *strA, int encodingA, GBool endOfLineA,
+ 			       GBool byteAlignA, int columnsA, int rowsA,
+ 			       GBool endOfBlockA, GBool blackA):
+@@ -1748,6 +1749,609 @@
+   }
+   return (inputBuf >> (inputBits - n)) & (0xffff >> (16 - n));
+ }
++#else // secfix
++CCITTFaxStream::CCITTFaxStream(Stream *strA, int encodingA, GBool endOfLineA,
++			       GBool byteAlignA, int columnsA, int rowsA,
++			       GBool endOfBlockA, GBool blackA):
++    FilterStream(strA) {
++  encoding = encodingA;
++  endOfLine = endOfLineA;
++  byteAlign = byteAlignA;
++  columns = columnsA;
++  if (columns < 1) {
++    columns = 1;
++  } else if (columns > (INT_MAX - 2)/sizeof(int)) {
++    columns = (INT_MAX - 2)/sizeof(int);
++  }
++  rows = rowsA;
++  endOfBlock = endOfBlockA;
++  black = blackA;
++  // 0 <= codingLine[0] < codingLine[1] < ... < codingLine[n] = columns
++  // ---> max codingLine size = columns + 1
++  // refLine has one extra guard entry at the end
++  // ---> max refLine size = columns + 2
++  codingLine = (int *)gmalloc((columns + 1) * sizeof(int));
++  refLine = (int *)gmalloc((columns + 2) * sizeof(int));
++
++  eof = gFalse;
++  row = 0;
++  nextLine2D = encoding < 0;
++  inputBits = 0;
++  codingLine[0] = columns;
++  a0i = 0;
++  outputBits = 0;
++
++  buf = EOF;
++}
++
++CCITTFaxStream::~CCITTFaxStream() {
++  delete str;
++  gfree(refLine);
++  gfree(codingLine);
++}
++
++void CCITTFaxStream::reset() {
++  short code1;
++
++  str->reset();
++  eof = gFalse;
++  row = 0;
++  nextLine2D = encoding < 0;
++  inputBits = 0;
++  codingLine[0] = columns;
++  a0i = 0;
++  outputBits = 0;
++  buf = EOF;
++
++  // skip any initial zero bits and end-of-line marker, and get the 2D
++  // encoding tag
++  while ((code1 = lookBits(12)) == 0) {
++    eatBits(1);
++  }
++  if (code1 == 0x001) {
++    eatBits(12);
++  }
++  if (encoding > 0) {
++    nextLine2D = !lookBits(1);
++    eatBits(1);
++  }
++}
++
++inline void CCITTFaxStream::addPixels(int a1, int blackPixels) {
++  if (a1 > codingLine[a0i]) {
++    if (a1 > columns) {
++      error(getPos(), "CCITTFax row is wrong length (%d)", a1);
++      err = gTrue;
++      a1 = columns;
++    }
++    if ((a0i & 1) ^ blackPixels) {
++      ++a0i;
++    }
++    codingLine[a0i] = a1;
++  }
++}
++
++inline void CCITTFaxStream::addPixelsNeg(int a1, int blackPixels) {
++  if (a1 > codingLine[a0i]) {
++    if (a1 > columns) {
++      error(getPos(), "CCITTFax row is wrong length (%d)", a1);
++      err = gTrue;
++      a1 = columns;
++    }
++    if ((a0i & 1) ^ blackPixels) {
++      ++a0i;
++    }
++    codingLine[a0i] = a1;
++  } else if (a1 < codingLine[a0i]) {
++    if (a1 < 0) {
++      error(getPos(), "Invalid CCITTFax code");
++      err = gTrue;
++      a1 = 0;
++    }
++    while (a0i > 0 && a1 <= codingLine[a0i - 1]) {
++      --a0i;
++    }
++    codingLine[a0i] = a1;
++  }
++}
++
++int CCITTFaxStream::lookChar() {
++  short code1, code2, code3;
++  int b1i, blackPixels, i, bits;
++  GBool gotEOL;
++
++  if (buf != EOF) {
++    return buf;
++  }
++
++  // read the next row
++  if (outputBits == 0) {
++
++    // if at eof just return EOF
++    if (eof) {
++      return EOF;
++    }
++
++    err = gFalse;
++
++    // 2-D encoding
++    if (nextLine2D) {
++      for (i = 0; codingLine[i] < columns; ++i) {
++	refLine[i] = codingLine[i];
++      }
++      refLine[i++] = columns;
++      refLine[i] = columns;
++      codingLine[0] = 0;
++      a0i = 0;
++      b1i = 0;
++      blackPixels = 0;
++      // invariant:
++      // refLine[b1i-1] <= codingLine[a0i] < refLine[b1i] < refLine[b1i+1]
++      //                                                             <= columns
++      // exception at left edge:
++      //   codingLine[a0i = 0] = refLine[b1i = 0] = 0 is possible
++      // exception at right edge:
++      //   refLine[b1i] = refLine[b1i+1] = columns is possible
++      while (codingLine[a0i] < columns) {
++	code1 = getTwoDimCode();
++	switch (code1) {
++	case twoDimPass:
++	  addPixels(refLine[b1i + 1], blackPixels);
++	  if (refLine[b1i + 1] < columns) {
++	    b1i += 2;
++	  }
++	  break;
++	case twoDimHoriz:
++	  code1 = code2 = 0;
++	  if (blackPixels) {
++	    do {
++	      code1 += code3 = getBlackCode();
++	    } while (code3 >= 64);
++	    do {
++	      code2 += code3 = getWhiteCode();
++	    } while (code3 >= 64);
++	  } else {
++	    do {
++	      code1 += code3 = getWhiteCode();
++	    } while (code3 >= 64);
++	    do {
++	      code2 += code3 = getBlackCode();
++	    } while (code3 >= 64);
++	  }
++	  addPixels(codingLine[a0i] + code1, blackPixels);
++	  if (codingLine[a0i] < columns) {
++	    addPixels(codingLine[a0i] + code2, blackPixels ^ 1);
++	  }
++	  while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++	    b1i += 2;
++	  }
++	  break;
++	case twoDimVertR3:
++	  addPixels(refLine[b1i] + 3, blackPixels);
++	  blackPixels ^= 1;
++	  if (codingLine[a0i] < columns) {
++	    ++b1i;
++	    while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++	      b1i += 2;
++	    }
++	  }
++	  break;
++	case twoDimVertR2:
++	  addPixels(refLine[b1i] + 2, blackPixels);
++	  blackPixels ^= 1;
++	  if (codingLine[a0i] < columns) {
++	    ++b1i;
++	    while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++	      b1i += 2;
++	    }
++	  }
++	  break;
++	case twoDimVertR1:
++	  addPixels(refLine[b1i] + 1, blackPixels);
++	  blackPixels ^= 1;
++	  if (codingLine[a0i] < columns) {
++	    ++b1i;
++	    while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++	      b1i += 2;
++	    }
++	  }
++	  break;
++	case twoDimVert0:
++	  addPixels(refLine[b1i], blackPixels);
++	  blackPixels ^= 1;
++	  if (codingLine[a0i] < columns) {
++	    ++b1i;
++	    while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++	      b1i += 2;
++	    }
++	  }
++	  break;
++	case twoDimVertL3:
++	  addPixelsNeg(refLine[b1i] - 3, blackPixels);
++	  blackPixels ^= 1;
++	  if (codingLine[a0i] < columns) {
++	    if (b1i > 0) {
++	      --b1i;
++	    } else {
++	      ++b1i;
++	    }
++	    while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++	      b1i += 2;
++	    }
++	  }
++	  break;
++	case twoDimVertL2:
++	  addPixelsNeg(refLine[b1i] - 2, blackPixels);
++	  blackPixels ^= 1;
++	  if (codingLine[a0i] < columns) {
++	    if (b1i > 0) {
++	      --b1i;
++	    } else {
++	      ++b1i;
++	    }
++	    while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++	      b1i += 2;
++	    }
++	  }
++	  break;
++	case twoDimVertL1:
++	  addPixelsNeg(refLine[b1i] - 1, blackPixels);
++	  blackPixels ^= 1;
++	  if (codingLine[a0i] < columns) {
++	    if (b1i > 0) {
++	      --b1i;
++	    } else {
++	      ++b1i;
++	    }
++	    while (refLine[b1i] <= codingLine[a0i] && refLine[b1i] < columns) {
++	      b1i += 2;
++	    }
++	  }
++	  break;
++	case EOF:
++	  addPixels(columns, 0);
++	  eof = gTrue;
++	  break;
++	default:
++	  error(getPos(), "Bad 2D code %04x in CCITTFax stream", code1);
++	  addPixels(columns, 0);
++	  err = gTrue;
++	  break;
++	}
++      }
++
++    // 1-D encoding
++    } else {
++      codingLine[0] = 0;
++      a0i = 0;
++      blackPixels = 0;
++      while (codingLine[a0i] < columns) {
++	code1 = 0;
++	if (blackPixels) {
++	  do {
++	    code1 += code3 = getBlackCode();
++	  } while (code3 >= 64);
++	} else {
++	  do {
++	    code1 += code3 = getWhiteCode();
++	  } while (code3 >= 64);
++	}
++	addPixels(codingLine[a0i] + code1, blackPixels);
++	blackPixels ^= 1;
++      }
++    }
++
++    // byte-align the row
++    if (byteAlign) {
++      inputBits &= ~7;
++    }
++
++    // check for end-of-line marker, skipping over any extra zero bits
++    gotEOL = gFalse;
++    if (!endOfBlock && row == rows - 1) {
++      eof = gTrue;
++    } else {
++      code1 = lookBits(12);
++      while (code1 == 0) {
++	eatBits(1);
++	code1 = lookBits(12);
++      }
++      if (code1 == 0x001) {
++	eatBits(12);
++	gotEOL = gTrue;
++      } else if (code1 == EOF) {
++	eof = gTrue;
++      }
++    }
++
++    // get 2D encoding tag
++    if (!eof && encoding > 0) {
++      nextLine2D = !lookBits(1);
++      eatBits(1);
++    }
++
++    // check for end-of-block marker
++    if (endOfBlock && gotEOL) {
++      code1 = lookBits(12);
++      if (code1 == 0x001) {
++	eatBits(12);
++	if (encoding > 0) {
++	  lookBits(1);
++	  eatBits(1);
++	}
++	if (encoding >= 0) {
++	  for (i = 0; i < 4; ++i) {
++	    code1 = lookBits(12);
++	    if (code1 != 0x001) {
++	      error(getPos(), "Bad RTC code in CCITTFax stream");
++	    }
++	    eatBits(12);
++	    if (encoding > 0) {
++	      lookBits(1);
++	      eatBits(1);
++	    }
++	  }
++	}
++	eof = gTrue;
++      }
++
++    // look for an end-of-line marker after an error -- we only do
++    // this if we know the stream contains end-of-line markers because
++    // the "just plow on" technique tends to work better otherwise
++    } else if (err && endOfLine) {
++      while (1) {
++	code1 = lookBits(13);
++	if (code1 == EOF) {
++	  eof = gTrue;
++	  return EOF;
++	}
++	if ((code1 >> 1) == 0x001) {
++	  break;
++	}
++	eatBits(1);
++      }
++      eatBits(12); 
++      if (encoding > 0) {
++	eatBits(1);
++	nextLine2D = !(code1 & 1);
++      }
++    }
++
++    // set up for output
++    if (codingLine[0] > 0) {
++      outputBits = codingLine[a0i = 0];
++    } else {
++      outputBits = codingLine[a0i = 1];
++    }
++
++    ++row;
++  }
++
++  // get a byte
++  if (outputBits >= 8) {
++    buf = (a0i & 1) ? 0x00 : 0xff;
++    outputBits -= 8;
++    if (outputBits == 0 && codingLine[a0i] < columns) {
++      ++a0i;
++      outputBits = codingLine[a0i] - codingLine[a0i - 1];
++    }
++  } else {
++    bits = 8;
++    buf = 0;
++    do {
++      if (outputBits > bits) {
++	buf <<= bits;
++	if (!(a0i & 1)) {
++	  buf |= 0xff >> (8 - bits);
++	}
++	outputBits -= bits;
++	bits = 0;
++      } else {
++	buf <<= outputBits;
++	if (!(a0i & 1)) {
++	  buf |= 0xff >> (8 - outputBits);
++	}
++	bits -= outputBits;
++	outputBits = 0;
++	if (codingLine[a0i] < columns) {
++	  ++a0i;
++	  outputBits = codingLine[a0i] - codingLine[a0i - 1];
++	} else if (bits > 0) {
++	  buf <<= bits;
++	  bits = 0;
++	}
++      }
++    } while (bits);
++  }
++  if (black) {
++    buf ^= 0xff;
++  }
++  return buf;
++}
++
++short CCITTFaxStream::getTwoDimCode() {
++  short code;
++  CCITTCode *p;
++  int n;
++
++  code = 0; // make gcc happy
++  if (endOfBlock) {
++    code = lookBits(7);
++    p = &twoDimTab1[code];
++    if (p->bits > 0) {
++      eatBits(p->bits);
++      return p->n;
++    }
++  } else {
++    for (n = 1; n <= 7; ++n) {
++      code = lookBits(n);
++      if (n < 7) {
++	code <<= 7 - n;
++      }
++      p = &twoDimTab1[code];
++      if (p->bits == n) {
++	eatBits(n);
++	return p->n;
++      }
++    }
++  }
++  error(getPos(), "Bad two dim code (%04x) in CCITTFax stream", code);
++  return EOF;
++}
++
++short CCITTFaxStream::getWhiteCode() {
++  short code;
++  CCITTCode *p;
++  int n;
++
++  code = 0; // make gcc happy
++  if (endOfBlock) {
++    code = lookBits(12);
++    if (code == EOF) {
++      return 1;
++    }
++    if ((code >> 5) == 0) {
++      p = &whiteTab1[code];
++    } else {
++      p = &whiteTab2[code >> 3];
++    }
++    if (p->bits > 0) {
++      eatBits(p->bits);
++      return p->n;
++    }
++  } else {
++    for (n = 1; n <= 9; ++n) {
++      code = lookBits(n);
++      if (code == EOF) {
++	return 1;
++      }
++      if (n < 9) {
++	code <<= 9 - n;
++      }
++      p = &whiteTab2[code];
++      if (p->bits == n) {
++	eatBits(n);
++	return p->n;
++      }
++    }
++    for (n = 11; n <= 12; ++n) {
++      code = lookBits(n);
++      if (code == EOF) {
++	return 1;
++      }
++      if (n < 12) {
++	code <<= 12 - n;
++      }
++      p = &whiteTab1[code];
++      if (p->bits == n) {
++	eatBits(n);
++	return p->n;
++      }
++    }
++  }
++  error(getPos(), "Bad white code (%04x) in CCITTFax stream", code);
++  // eat a bit and return a positive number so that the caller doesn't
++  // go into an infinite loop
++  eatBits(1);
++  return 1;
++}
++
++short CCITTFaxStream::getBlackCode() {
++  short code;
++  CCITTCode *p;
++  int n;
++
++  code = 0; // make gcc happy
++  if (endOfBlock) {
++    code = lookBits(13);
++    if (code == EOF) {
++      return 1;
++    }
++    if ((code >> 7) == 0) {
++      p = &blackTab1[code];
++    } else if ((code >> 9) == 0 && (code >> 7) != 0) {
++      p = &blackTab2[(code >> 1) - 64];
++    } else {
++      p = &blackTab3[code >> 7];
++    }
++    if (p->bits > 0) {
++      eatBits(p->bits);
++      return p->n;
++    }
++  } else {
++    for (n = 2; n <= 6; ++n) {
++      code = lookBits(n);
++      if (code == EOF) {
++	return 1;
++      }
++      if (n < 6) {
++	code <<= 6 - n;
++      }
++      p = &blackTab3[code];
++      if (p->bits == n) {
++	eatBits(n);
++	return p->n;
++      }
++    }
++    for (n = 7; n <= 12; ++n) {
++      code = lookBits(n);
++      if (code == EOF) {
++	return 1;
++      }
++      if (n < 12) {
++	code <<= 12 - n;
++      }
++      if (code >= 64) {
++	p = &blackTab2[code - 64];
++	if (p->bits == n) {
++	  eatBits(n);
++	  return p->n;
++	}
++      }
++    }
++    for (n = 10; n <= 13; ++n) {
++      code = lookBits(n);
++      if (code == EOF) {
++	return 1;
++      }
++      if (n < 13) {
++	code <<= 13 - n;
++      }
++      p = &blackTab1[code];
++      if (p->bits == n) {
++	eatBits(n);
++	return p->n;
++      }
++    }
++  }
++  error(getPos(), "Bad black code (%04x) in CCITTFax stream", code);
++  // eat a bit and return a positive number so that the caller doesn't
++  // go into an infinite loop
++  eatBits(1);
++  return 1;
++}
++
++short CCITTFaxStream::lookBits(int n) {
++  int c;
++
++  while (inputBits < n) {
++    if ((c = str->getChar()) == EOF) {
++      if (inputBits == 0) {
++	return EOF;
++      }
++      // near the end of the stream, the caller may ask for more bits
++      // than are available, but there may still be a valid code in
++      // however many bits are available -- we need to return correct
++      // data in this case
++      return (inputBuf << (n - inputBits)) & (0xffff >> (16 - n));
++    }
++    inputBuf = (inputBuf << 8) + c;
++    inputBits += 8;
++  }
++  return (inputBuf >> (inputBits - n)) & (0xffff >> (16 - n));
++}
++
++#endif
+ 
+ GString *CCITTFaxStream::getPSFilter(const char *indent) {
+   GString *s;
+@@ -1929,6 +2533,12 @@
+     // allocate a buffer for the whole image
+     bufWidth = ((width + mcuWidth - 1) / mcuWidth) * mcuWidth;
+     bufHeight = ((height + mcuHeight - 1) / mcuHeight) * mcuHeight;
++    if (bufWidth <= 0 || bufHeight <= 0 ||
++	bufWidth > INT_MAX / bufWidth / (int)sizeof(int)) {
++      error(getPos(), "Invalid image size in DCT stream");
++      y = height;
++      return;
++    }
+     for (i = 0; i < numComps; ++i) {
+       frameBuf[i] = (int *)gmalloc(bufWidth * bufHeight * sizeof(int));
+       memset(frameBuf[i], 0, bufWidth * bufHeight * sizeof(int));
+@@ -2975,6 +3585,11 @@
+   }
+   scanInfo.firstCoeff = str->getChar();
+   scanInfo.lastCoeff = str->getChar();
++  if (scanInfo.firstCoeff < 0 || scanInfo.lastCoeff > 63 ||
++      scanInfo.firstCoeff > scanInfo.lastCoeff) {
++    error(getPos(), "Bad DCT coefficient numbers in scan info block");
++    return gFalse;
++  }
+   c = str->getChar();
+   scanInfo.ah = (c >> 4) & 0x0f;
+   scanInfo.al = c & 0x0f;
+--- filters/kword/pdf/xpdf/xpdf/Stream.h
++++ filters/kword/pdf/xpdf/xpdf/Stream.h
+@@ -513,13 +513,17 @@
+   int row;			// current row
+   int inputBuf;			// input buffer
+   int inputBits;		// number of bits in input buffer
+-  short *refLine;		// reference line changing elements
+-  int b1;			// index into refLine
+-  short *codingLine;		// coding line changing elements
+-  int a0;			// index into codingLine
++  int *codingLine;             // coding line changing elements
++  int *refLine;                        // reference line changing elements
++  int a0i;                     // index into codingLine
++  GBool err;                   // error on current line
++
+   int outputBits;		// remaining output bits
+   int buf;			// character buffer
+ 
++  void addPixels(int a1, int black);
++  void addPixelsNeg(int a1, int black);
++
+   short getTwoDimCode();
+   short getWhiteCode();
+   short getBlackCode();
diff --git a/app-office/kword/kword-1.6.3-r2.ebuild b/app-office/kword/kword-1.6.3-r2.ebuild
new file mode 100644
index 000000000000..d59262f47b56
--- /dev/null
+++ b/app-office/kword/kword-1.6.3-r2.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-office/kword/kword-1.6.3-r2.ebuild,v 1.1 2007/11/11 19:08:42 philantrop Exp $
+
+KMNAME=koffice
+MAXKOFFICEVER=${PV}
+inherit kde-meta eutils
+
+DESCRIPTION="KOffice word processor."
+HOMEPAGE="http://www.koffice.org/"
+LICENSE="GPL-2 LGPL-2"
+
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE=""
+
+RDEPEND="$(deprange $PV $MAXKOFFICEVER app-office/koffice-libs)
+	$(deprange 1.6.2 $MAXKOFFICEVER app-office/kspread)
+	>=app-text/wv2-0.1.8
+	>=media-gfx/imagemagick-5.5.2
+	>=app-text/libwpd-0.8.2"
+
+DEPEND="${RDEPEND}
+	dev-util/pkgconfig"
+
+KMCOPYLIB="libkformula lib/kformula
+	libkofficecore lib/kofficecore
+	libkofficeui lib/kofficeui
+	libkopainter lib/kopainter
+	libkotext lib/kotext
+	libkwmf lib/kwmf
+	libkowmf lib/kwmf
+	libkstore lib/store
+	libkspreadcommon kspread"
+
+KMEXTRACTONLY="
+	lib/
+	kspread/"
+
+KMCOMPILEONLY="filters/liboofilter"
+
+KMEXTRA="filters/kword"
+
+need-kde 3.5
+
+PATCHES="${FILESDIR}/koffice-xpdf-CVE-2007-3387.diff
+		${FILESDIR}/koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff"
+
+src_unpack() {
+	kde-meta_src_unpack unpack
+
+	# We need to compile libs first
+	echo "SUBDIRS = liboofilter kword" > "$S"/filters/Makefile.am
+
+	for i in $(find "${S}"/lib -iname "*\.ui"); do
+		${QTDIR}/bin/uic ${i} > ${i%.ui}.h
+	done
+
+	kde-meta_src_unpack makefiles
+
+	# Fix the desktop file. cf. bug 190006
+	sed -i -e "s:x-mswrite:x-mswrite;:g" "${S}"/kword/kword.desktop
+}
diff --git a/app-office/kword/metadata.xml b/app-office/kword/metadata.xml
index 3399d0876645..8d1e86a9cefb 100644
--- a/app-office/kword/metadata.xml
+++ b/app-office/kword/metadata.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-<herd>kde</herd> 
+<herd>kde</herd>
 </pkgmetadata>
author	Wulf Krueger <philantrop@gentoo.org>	2007-11-11 19:08:43 +0000
committer	Wulf Krueger <philantrop@gentoo.org>	2007-11-11 19:08:43 +0000
commit	4872a249f9bbc9cfe1c54649c91c7b8a26e9588a (patch)
tree	970e975cb732cadf68cf388fd7f73010911816a2 /app-office
parent	Stable on x86 wrt bug #198590 (diff)
download	historical-4872a249f9bbc9cfe1c54649c91c7b8a26e9588a.tar.gz historical-4872a249f9bbc9cfe1c54649c91c7b8a26e9588a.tar.bz2 historical-4872a249f9bbc9cfe1c54649c91c7b8a26e9588a.zip