import LibRaw-0.19.5-3.el8
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
af785f636f
commit
e9cb040e25
42
SOURCES/LibRaw-CVE-2020-24870.patch
Normal file
42
SOURCES/LibRaw-CVE-2020-24870.patch
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
From 4d463048b9f27a3dc86b7010c198b32d995cd941 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Debarshi Ray <debarshir@gnome.org>
|
||||||
|
Date: Tue, 27 Apr 2021 17:44:09 +0200
|
||||||
|
Subject: [PATCH] Limit loops to MIN(colors,4)
|
||||||
|
|
||||||
|
This is a backport of commit 4feaed4dea636cee for CVE-2020-24870.
|
||||||
|
|
||||||
|
https://github.com/LibRaw/LibRaw/issues/330
|
||||||
|
---
|
||||||
|
internal/dcraw_common.cpp | 9 +++++----
|
||||||
|
1 file changed, 5 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/internal/dcraw_common.cpp b/internal/dcraw_common.cpp
|
||||||
|
index a36553208194..3e8c009eb08e 100644
|
||||||
|
--- a/internal/dcraw_common.cpp
|
||||||
|
+++ b/internal/dcraw_common.cpp
|
||||||
|
@@ -19598,17 +19598,18 @@ dng_skip:
|
||||||
|
|
||||||
|
if(calidx[colidx] == sidx)
|
||||||
|
{
|
||||||
|
- for (int i = 0; i < colors; i++)
|
||||||
|
+ for (int i = 0; i < colors && i < 4; i++)
|
||||||
|
FORCC
|
||||||
|
cc[i][c] = tiff_ifd[sidx].dng_color[colidx].calibration[i][c];
|
||||||
|
}
|
||||||
|
|
||||||
|
if(abidx == sidx)
|
||||||
|
- for (int i = 0; i < colors; i++)
|
||||||
|
+ for (int i = 0; i < colors && i < 4; i++)
|
||||||
|
FORCC cc[i][c] *= tiff_ifd[sidx].dng_levels.analogbalance[i];
|
||||||
|
int j;
|
||||||
|
- FORCC for (int i = 0; i < 3; i++) for (cam_xyz[c][i] = j = 0; j < colors; j++) cam_xyz[c][i] +=
|
||||||
|
- cc[c][j] * cm[j][i];// add AsShotXY later * xyz[i];
|
||||||
|
+ FORCC for (int i = 0; i < 3; i++)
|
||||||
|
+ for (cam_xyz[c][i] = j = 0; j < colors && j < 4; j++)
|
||||||
|
+ cam_xyz[c][i] += cc[c][j] * cm[j][i];// add AsShotXY later * xyz[i];
|
||||||
|
cam_xyz_coeff(cmatrix, cam_xyz);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.30.2
|
||||||
|
|
||||||
@ -1,7 +1,7 @@
|
|||||||
Summary: Library for reading RAW files obtained from digital photo cameras
|
Summary: Library for reading RAW files obtained from digital photo cameras
|
||||||
Name: LibRaw
|
Name: LibRaw
|
||||||
Version: 0.19.5
|
Version: 0.19.5
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
License: BSD and (CDDL or LGPLv2)
|
License: BSD and (CDDL or LGPLv2)
|
||||||
URL: http://www.libraw.org
|
URL: http://www.libraw.org
|
||||||
|
|
||||||
@ -14,6 +14,7 @@ BuildRequires: autoconf automake libtool
|
|||||||
Source0: http://www.libraw.org/data/%{name}-%{version}.tar.gz
|
Source0: http://www.libraw.org/data/%{name}-%{version}.tar.gz
|
||||||
Patch0: LibRaw-0.6.0-pkgconfig.patch
|
Patch0: LibRaw-0.6.0-pkgconfig.patch
|
||||||
Patch1: LibRaw-CVE-2020-15503.patch
|
Patch1: LibRaw-CVE-2020-15503.patch
|
||||||
|
Patch2: LibRaw-CVE-2020-24870.patch
|
||||||
Provides: bundled(dcraw) = 9.25
|
Provides: bundled(dcraw) = 9.25
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -54,6 +55,7 @@ LibRaw sample programs
|
|||||||
|
|
||||||
%patch0 -p0 -b .pkgconfig
|
%patch0 -p0 -b .pkgconfig
|
||||||
%patch1 -p1 -b .cve-2020-15503
|
%patch1 -p1 -b .cve-2020-15503
|
||||||
|
%patch2 -p1 -b .cve-2020-24870
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf -if
|
autoreconf -if
|
||||||
@ -117,6 +119,10 @@ rm -fv %{buildroot}%{_libdir}/lib*.la
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Apr 27 2021 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-3
|
||||||
|
- Backport fix for CVE-2020-24870 from upstream
|
||||||
|
Resolves: #1931841
|
||||||
|
|
||||||
* Mon Aug 10 2020 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-2
|
* Mon Aug 10 2020 Debarshi Ray <rishi@fedoraproject.org> - 0.19.5-2
|
||||||
- Backport fix for CVE-2020-15503 from Fedora
|
- Backport fix for CVE-2020-15503 from Fedora
|
||||||
Resolves: #1853529
|
Resolves: #1853529
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user