Resolves: RHEL-182498 - fix CVE-2026-42216

Signed-off-by: Josef Ridky <jridky@redhat.com>
This commit is contained in:
Josef Ridky 2026-06-25 11:40:41 +02:00
parent 978b6dbc51
commit a50be90d1a
2 changed files with 20 additions and 0 deletions

View File

@ -0,0 +1,17 @@
diff -ruNp a/src/lib/OpenEXR/ImfIDManifest.cpp b/src/lib/OpenEXR/ImfIDManifest.cpp
--- a/src/lib/OpenEXR/ImfIDManifest.cpp 2026-06-25 11:37:35.541229769 +0200
+++ b/src/lib/OpenEXR/ImfIDManifest.cpp 2026-06-25 11:39:22.576872688 +0200
@@ -359,6 +359,13 @@ void IDManifest::init(const char* data,
//
// previous string had more than 255 characters?
//
+ const size_t minPrefixLen =
+ stringList[i - 1].size () > 255 ? size_t (2) : size_t (1);
+ if (stringList[i].size () < minPrefixLen)
+ {
+ throw IEX_NAMESPACE::InputExc (
+ "IDManifest string too small for common prefix length");
+ }
if(stringList[i-1].size()>255)
{
common = size_t( ((unsigned char) (stringList[i][0])) <<8 ) + size_t( (unsigned char) (stringList[i][1]));

View File

@ -25,6 +25,8 @@ Patch4: openexr-CVE-2026-27622.patch
Patch5: openexr-CVE-2026-34588.patch
# Fix CVE-2026-41142
Patch6: openexr-CVE-2026-41142.patch
# Fix CVE-2026-42216
Patch7: openexr-CVE-2026-42216.patch
BuildRequires: cmake gcc gcc-c++
BuildRequires: boost-devel
@ -166,6 +168,7 @@ EXCLUDE_REGEX='ReadDeep|DWA[AB]Compression|testCompression|Rgba|SampleImages|Sha
%changelog
* Thu Jun 25 2026 Josef Ridky <jridky@redhat.com> - 3.1.10-12
- fix CVE-2026-41142
- fix CVE-2026-42216
* Tue Apr 28 2026 Josef Ridky <jridky@redhat.com> - 3.1.10-11
- fix rpmspec error