Patch for CVE-2023-1729

This commit is contained in:
Gwyn Ciesla 2023-05-08 09:38:24 -05:00
parent 5ba7f852cb
commit aa282b12e8
2 changed files with 27 additions and 1 deletions

View File

@ -0,0 +1,22 @@
From 9ab70f6dca19229cb5caad7cc31af4e7501bac93 Mon Sep 17 00:00:00 2001
From: Alex Tutubalin <lexa@lexa.ru>
Date: Sat, 14 Jan 2023 18:32:59 +0300
Subject: [PATCH] do not set shrink flag for 3/4 component images
---
src/preprocessing/raw2image.cpp | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/preprocessing/raw2image.cpp b/src/preprocessing/raw2image.cpp
index e65e2ad7..702cf290 100644
--- a/src/preprocessing/raw2image.cpp
+++ b/src/preprocessing/raw2image.cpp
@@ -43,6 +43,8 @@ void LibRaw::raw2image_start()
// adjust for half mode!
IO.shrink =
+ !imgdata.rawdata.color4_image && !imgdata.rawdata.color3_image &&
+ !imgdata.rawdata.float4_image && !imgdata.rawdata.float3_image &&
P1.filters &&
(O.half_size || ((O.threshold || O.aber[0] != 1 || O.aber[2] != 1)));

View File

@ -7,7 +7,7 @@
Summary: Library for reading RAW files obtained from digital photo cameras Summary: Library for reading RAW files obtained from digital photo cameras
Name: LibRaw Name: LibRaw
Version: 0.21.1 Version: 0.21.1
Release: 3%{?dist} Release: 4%{?dist}
License: BSD-3-Clause and (CDDL-1.0 or LGPL-2.1-only) License: BSD-3-Clause and (CDDL-1.0 or LGPL-2.1-only)
URL: http://www.libraw.org URL: http://www.libraw.org
@ -20,6 +20,7 @@ BuildRequires: make
Source0: http://github.com/LibRaw/LibRaw/archive/%{version}.tar.gz Source0: http://github.com/LibRaw/LibRaw/archive/%{version}.tar.gz
Patch0: LibRaw-pkgconfig.patch Patch0: LibRaw-pkgconfig.patch
Patch1: 9ab70f6dca19229cb5caad7cc31af4e7501bac93.patch
Provides: bundled(dcraw) = 9.25 Provides: bundled(dcraw) = 9.25
%description %description
@ -114,6 +115,9 @@ rm -fv %{buildroot}%{_libdir}/lib*.la
%changelog %changelog
* Mon May 08 2023 Gwyn Ciesla <gwync@protonmail.com> - 0.21.1-4
- Patch for CVE-2023-1729
* Mon Mar 13 2023 Gwyn Ciesla <gwync@protonmail.com> - 0.21.1-3 * Mon Mar 13 2023 Gwyn Ciesla <gwync@protonmail.com> - 0.21.1-3
- migrate to SPDX license - migrate to SPDX license