From 9e0d26fa2544dea04e8850fcc98a5b11287b657a Mon Sep 17 00:00:00 2001
From: Rex Dieter <rdieter@fedoraproject.org>
Date: Aug 13 2007 19:05:13 +0000
Subject: - CVE-2007-3387 (#251509, #251511)

- License: GPLv2

---

diff --git a/kdegraphics.spec b/kdegraphics.spec
index 9538f9a..3a0112b 100644
--- a/kdegraphics.spec
+++ b/kdegraphics.spec
@@ -7,9 +7,9 @@ Name:    kdegraphics
 Summary: K Desktop Environment - Graphics Applications
 Epoch:   7
 Version: 3.5.7
-Release: 1%{?dist}
+Release: 2%{?dist}
 
-License: GPL
+License: GPLv2
 Group:   Applications/Multimedia
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Url:     http://www.kde.org
@@ -18,16 +18,17 @@ Source:  ftp://ftp.kde.org/pub/kde/stable/%{version}/src/%{name}-%{version}.tar.
 Patch1: kdegraphics-3.3.0-misc.patch
 Patch2: kdegraphics-3.3.1-xorg.patch
 Patch3: kdegraphics-3.5.1-warning.patch
+# http://www.kde.org/info/security/advisory-20070730-1.txt
+Patch4: ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.7-kdegraphics-CVE-2007-3387.diff
 
-Requires: ghostscript
-Requires: ghostscript-fonts
+Requires: ghostscript ghostscript-fonts
 
 BuildRequires: gettext
 BuildRequires: kdelibs-devel >= 6:%{version}
 BuildRequires: libmng-devel
+BuildRequires: libpng-devel
 BuildRequires: libtiff-devel
 BuildRequires: libungif-devel
-BuildRequires: libpng-devel
 
 %ifnarch s390 s390x
 %define kamera 1
@@ -106,6 +107,7 @@ Extra graphics applications for the K Desktop Environment, including:
 %patch1 -p1 -b .misc
 %patch2 -p1 -b .xorg
 %patch3 -p1 -b .gcc-warning
+%patch4 -p0 -b .CVE-2007-3387
 
 %if 0%{!?rhel:1}
   DO_NOT_COMPILE=""
@@ -307,6 +309,10 @@ update-desktop-database %{_datadir}/applications > /dev/null 2>&1 || :
 
 
 %changelog
+* Mon Aug 13 2007 Rex Dieter <rdieter[AT]fedoraproject.org> = 7:3.5.7-2
+- CVE-2007-3387 (#251509, #251511)
+- License: GPLv2
+
 * Mon Jun 11 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 7:3.5.7-1
 - 3.5.7
 
diff --git a/post-3.5.7-kdegraphics-CVE-2007-3387.diff b/post-3.5.7-kdegraphics-CVE-2007-3387.diff
new file mode 100644
index 0000000..e28add8
--- /dev/null
+++ b/post-3.5.7-kdegraphics-CVE-2007-3387.diff
@@ -0,0 +1,17 @@
+Index: kpdf/xpdf/xpdf/Stream.cc
+===================================================================
+--- kpdf/xpdf/xpdf/Stream.cc	(revision 689574)
++++ kpdf/xpdf/xpdf/Stream.cc	(working copy)
+@@ -411,9 +411,9 @@ StreamPredictor::StreamPredictor(Stream 
+ 
+   nVals = width * nComps;
+   if (width <= 0 || nComps <= 0 || nBits <= 0 ||
+-      nComps >= INT_MAX / nBits ||
+-      width >= INT_MAX / nComps / nBits ||
+-      nVals * nBits + 7 < 0) {
++      nComps > gfxColorMaxComps || nBits > 16 ||
++      width >= INT_MAX / nComps ||
++      nVals >= (INT_MAX - 7) / nBits) {
+     return;
+   }
+   pixBytes = (nComps * nBits + 7) >> 3;