diff options
-rw-r--r-- | app-text/atril/atril-1.12.2-r5.ebuild (renamed from app-text/atril/atril-1.12.2-r4.ebuild) | 4 | ||||
-rw-r--r-- | app-text/atril/atril-1.14.2-r2.ebuild (renamed from app-text/atril/atril-1.14.2-r1.ebuild) | 4 | ||||
-rw-r--r-- | app-text/atril/atril-1.16.1-r2.ebuild (renamed from app-text/atril/atril-1.16.1-r1.ebuild) | 4 | ||||
-rw-r--r-- | app-text/atril/files/atril-cve-2017-1000083.patch | 28 |
4 files changed, 37 insertions, 3 deletions
diff --git a/app-text/atril/atril-1.12.2-r4.ebuild b/app-text/atril/atril-1.12.2-r5.ebuild index aa353029fbdf..360dac80db22 100644 --- a/app-text/atril/atril-1.12.2-r4.ebuild +++ b/app-text/atril/atril-1.12.2-r5.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2018 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI=6 @@ -67,6 +67,8 @@ DEPEND="${RDEPEND} # Tests use dogtail which is not available on Gentoo. RESTRICT="test" +FILES=( "${FILESDIR}/${PN}-cve-2017-1000083.patch" ) + src_configure() { # Passing --disable-help would drop offline help, that would be inconsistent # with helps of the most of GNOME apps that doesn't require network for that. diff --git a/app-text/atril/atril-1.14.2-r1.ebuild b/app-text/atril/atril-1.14.2-r2.ebuild index 12e1ae529a2d..792c2c2e6a06 100644 --- a/app-text/atril/atril-1.14.2-r1.ebuild +++ b/app-text/atril/atril-1.14.2-r2.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2018 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI=6 @@ -69,6 +69,8 @@ DEPEND="${COMMON_DEPEND} # Tests use dogtail which is not available on Gentoo. RESTRICT="test" +FILES=( "${FILESDIR}/${PN}-cve-2017-1000083.patch" ) + src_configure() { # Passing --disable-help would drop offline help, that would be inconsistent # with helps of the most of GNOME apps that doesn't require network for that. diff --git a/app-text/atril/atril-1.16.1-r1.ebuild b/app-text/atril/atril-1.16.1-r2.ebuild index 4259cddf89bc..24aad9d4f3c7 100644 --- a/app-text/atril/atril-1.16.1-r1.ebuild +++ b/app-text/atril/atril-1.16.1-r2.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2018 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI=6 @@ -68,6 +68,8 @@ DEPEND="${COMMON_DEPEND} # Tests use dogtail which is not available on Gentoo. RESTRICT="test" +FILES=( "${FILESDIR}/${PN}-cve-2017-1000083.patch" ) + src_configure() { # Passing --disable-help would drop offline help, that would be inconsistent # with helps of the most of GNOME apps that doesn't require network for that. diff --git a/app-text/atril/files/atril-cve-2017-1000083.patch b/app-text/atril/files/atril-cve-2017-1000083.patch new file mode 100644 index 000000000000..29c81f7e5424 --- /dev/null +++ b/app-text/atril/files/atril-cve-2017-1000083.patch @@ -0,0 +1,28 @@ +From f4291fd62f7dfe6460d2406a979ccfac0c68dd59 Mon Sep 17 00:00:00 2001 +From: ZenWalker <scow@riseup.net> +Date: Wed, 19 Jul 2017 11:00:09 +0200 +Subject: [PATCH] comics: make the files containing "--checkpoint-action=" + unsupported + +Fixes #257 +--- + backend/comics/comics-document.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/backend/comics/comics-document.c b/backend/comics/comics-document.c +index 9f945c6..4d4d293 100644 +--- a/backend/comics/comics-document.c ++++ b/backend/comics/comics-document.c +@@ -983,6 +983,12 @@ extract_argv (EvDocument *document, gint page) + char *command_line, *quoted_archive, *quoted_filename; + GError *err = NULL; + ++ if (g_strrstr (comics_document->page_names->pdata[page], "--checkpoint-action=")) ++ { ++ g_warning ("File unsupported\n"); ++ gtk_main_quit (); ++ } ++ + if (page >= comics_document->page_names->len) + return NULL; + |