From owner-svn-ports-all@freebsd.org Thu Jul 21 19:21:17 2016 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AF7D4BA0E53; Thu, 21 Jul 2016 19:21:17 +0000 (UTC) (envelope-from truckman@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8D7BA12B0; Thu, 21 Jul 2016 19:21:17 +0000 (UTC) (envelope-from truckman@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u6LJLGqT099266; Thu, 21 Jul 2016 19:21:16 GMT (envelope-from truckman@FreeBSD.org) Received: (from truckman@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u6LJLGqW099262; Thu, 21 Jul 2016 19:21:16 GMT (envelope-from truckman@FreeBSD.org) Message-Id: <201607211921.u6LJLGqW099262@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: truckman set sender to truckman@FreeBSD.org using -f From: Don Lewis Date: Thu, 21 Jul 2016 19:21:16 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r418893 - in branches/2016Q3/editors/openoffice-4: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jul 2016 19:21:17 -0000 Author: truckman Date: Thu Jul 21 19:21:16 2016 New Revision: 418893 URL: https://svnweb.freebsd.org/changeset/ports/418893 Log: MFH 2016Q3 Fix CVE-2016-1513 - Memory Corruption Vulnerability (Impress Presentations). Regenerate distinfo to add TIMESTAMP. Approved by: ports-secteam (blanket) Obtained from: Security: 72f71e26-4f69-11e6-ac37-ac9e174be3af Added: branches/2016Q3/editors/openoffice-4/files/patch-CVE-2016-1513 - copied unchanged from r418885, head/editors/openoffice-4/files/patch-CVE-2016-1513 Modified: branches/2016Q3/editors/openoffice-4/Makefile branches/2016Q3/editors/openoffice-4/distinfo Directory Properties: branches/2016Q3/ (props changed) Modified: branches/2016Q3/editors/openoffice-4/Makefile ============================================================================== --- branches/2016Q3/editors/openoffice-4/Makefile Thu Jul 21 19:13:10 2016 (r418892) +++ branches/2016Q3/editors/openoffice-4/Makefile Thu Jul 21 19:21:16 2016 (r418893) @@ -3,7 +3,7 @@ PORTNAME= apache-openoffice PORTVERSION= ${AOOVERSION} -PORTREVISION= 7 +PORTREVISION= 8 CATEGORIES= editors java MASTER_SITES= APACHE/openoffice/${PORTVERSION}/source \ http://tools.openoffice.org/unowinreg_prebuild/680/:unoreg \ Modified: branches/2016Q3/editors/openoffice-4/distinfo ============================================================================== --- branches/2016Q3/editors/openoffice-4/distinfo Thu Jul 21 19:13:10 2016 (r418892) +++ branches/2016Q3/editors/openoffice-4/distinfo Thu Jul 21 19:21:16 2016 (r418893) @@ -1,6 +1,7 @@ +TIMESTAMP = 1469002349 SHA256 (openoffice/apache-openoffice-4.1.2-r1709696-src.tar.bz2) = 2e06774424eb564559f9e6d63ff79aa00522b210067717c5a8cfb54b3b7f1812 SIZE (openoffice/apache-openoffice-4.1.2-r1709696-src.tar.bz2) = 219041975 -SHA256 (openoffice/ApacheOpenOffice.ext_sources.4.x.x.20150707.tar.gz) = 966a8333c83a18ddd84401389006d6e0b52b8175924b808b54b88211669985fa -SIZE (openoffice/ApacheOpenOffice.ext_sources.4.x.x.20150707.tar.gz) = 28957004 SHA256 (openoffice/unowinreg.dll) = f563e522922133db9340b0306711c2d8767cc3481dd9e7d9b0d059906d12653c SIZE (openoffice/unowinreg.dll) = 6144 +SHA256 (openoffice/ApacheOpenOffice.ext_sources.4.x.x.20150707.tar.gz) = 966a8333c83a18ddd84401389006d6e0b52b8175924b808b54b88211669985fa +SIZE (openoffice/ApacheOpenOffice.ext_sources.4.x.x.20150707.tar.gz) = 28957004 Copied: branches/2016Q3/editors/openoffice-4/files/patch-CVE-2016-1513 (from r418885, head/editors/openoffice-4/files/patch-CVE-2016-1513) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q3/editors/openoffice-4/files/patch-CVE-2016-1513 Thu Jul 21 19:21:16 2016 (r418893, copy of r418885, head/editors/openoffice-4/files/patch-CVE-2016-1513) @@ -0,0 +1,26 @@ +--- tools/source/generic/poly2.cxx.orig 2014-02-25 08:20:50 UTC ++++ tools/source/generic/poly2.cxx +@@ -196,8 +196,9 @@ void PolyPolygon::Insert( const Polygon& + + void PolyPolygon::Remove( sal_uInt16 nPos ) + { +- DBG_CHKTHIS( PolyPolygon, NULL ); +- DBG_ASSERT( nPos < Count(), "PolyPolygon::Remove(): nPos >= nSize" ); ++ DBG_CHKTHIS( PolyPolygon, NULL ); ++ DBG_ASSERT( nPos < Count(), "PolyPolygon::Remove(): nPos >= nSize" ); ++ if ( nPos >= Count() ) return; // not removable + + if ( mpImplPolyPolygon->mnRefCount > 1 ) + { +@@ -216,8 +217,9 @@ void PolyPolygon::Remove( sal_uInt16 nPo + + void PolyPolygon::Replace( const Polygon& rPoly, sal_uInt16 nPos ) + { +- DBG_CHKTHIS( PolyPolygon, NULL ); +- DBG_ASSERT( nPos < Count(), "PolyPolygon::Replace(): nPos >= nSize" ); ++ DBG_CHKTHIS( PolyPolygon, NULL ); ++ DBG_ASSERT( nPos < Count(), "PolyPolygon::Replace(): nPos >= nSize" ); ++ if ( nPos >= Count() ) return; // not replaceable + + if ( mpImplPolyPolygon->mnRefCount > 1 ) + {