Fix CVE-2017-13735

dcraw-CVE-2017-13735.patch

@@ -0,0 +1,14 @@
+diff -urNp old/dcraw.c new/dcraw.c
+--- old/dcraw.c	2018-07-11 10:33:06.280425391 +0200
++++ new/dcraw.c	2018-07-11 10:45:52.722922118 +0200
+@@ -2250,6 +2250,10 @@ void CLASS kodak_radc_load_raw()
+     ((short *)buf)[i] = 2048;
+   for (row=0; row < height; row+=4) {
+     FORC3 mul[c] = getbits(6);
++#ifdef LIBRAW_LIBRARY_BUILD
++    if(!mul[0] || !mul[1] || !mul[2])
++      throw LIBRAW_EXCEPTION_IO_CORRUPT;
++#endif
+     FORC3 {
+       val = ((0x1000000/last[c] + 0x7ff) >> 12) * mul[c];
+       s = val > 65564 ? 10:12;

dcraw.spec

@@ -1,12 +1,13 @@
 Summary: Tool for decoding raw image data from digital cameras
 Name: dcraw
 Version: 9.28.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2+
 URL: http://cybercom.net/~dcoffin/dcraw
 Source0: http://cybercom.net/~dcoffin/dcraw/archive/dcraw-%{version}.tar.gz
 Patch0: dcraw-9.21-lcms2-error-reporting.patch
 Patch1: dcraw-CVE-2018-5801.patch
+Patch2: dcraw-CVE-2017-13735.patch
 BuildRequires: gcc
 BuildRequires: gettext
 BuildRequires: libjpeg-devel
@@ -65,6 +66,9 @@ done
 %{_mandir}/man1/*
 
 %changelog
+* Wed Jul 11 2018 Josef Ridky <jridky@redhat.com> - 9.28.0-2
+- Fix CVE-2017-13735 (#1488932)
+
 * Thu Jun 14 2018 Josef Ridky <jridky@redhat.com> - 9.28.0-1
 - New upstream release 9.28.0 (#1585348)
 - Fix CVE-2018-5801 (#1557160)