import CS exempi-2.4.5-4.el8
This commit is contained in:
parent
acd026eae6
commit
124176420c
@ -0,0 +1,41 @@
|
|||||||
|
From 4f583ff12989f7cea1f81bd2751c321030f1bdbf Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Hubert=20Figui=C3=A8re?= <hub@figuiere.net>
|
||||||
|
Date: Sun, 28 Jul 2019 10:15:19 -0400
|
||||||
|
Subject: [PATCH] (CVE-2020-18651) Issue #13 - Fix a buffer a overflow in ID3
|
||||||
|
support
|
||||||
|
|
||||||
|
https://gitlab.freedesktop.org/libopenraw/exempi/issues/13
|
||||||
|
(cherry picked from commit fdd4765a699f9700850098b43b9798b933acb32f)
|
||||||
|
---
|
||||||
|
XMPFiles/source/FormatSupport/ID3_Support.cpp | 8 ++++++++
|
||||||
|
1 file changed, 8 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/XMPFiles/source/FormatSupport/ID3_Support.cpp b/XMPFiles/source/FormatSupport/ID3_Support.cpp
|
||||||
|
index dd19c16..4619079 100644
|
||||||
|
--- a/XMPFiles/source/FormatSupport/ID3_Support.cpp
|
||||||
|
+++ b/XMPFiles/source/FormatSupport/ID3_Support.cpp
|
||||||
|
@@ -669,6 +669,10 @@ bool ID3v2Frame::getFrameValue ( XMP_Uns8 majorVersion, XMP_Uns32 logicalID, std
|
||||||
|
std::string tmp ( this->content, this->contentSize );
|
||||||
|
bool bigEndian = true; // assume for now (if no BOM follows)
|
||||||
|
|
||||||
|
+ if (pos + 2 > this->contentSize) {
|
||||||
|
+ // No enough for the string
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
if ( GetUns16BE ( &this->content[pos] ) == 0xFEFF ) {
|
||||||
|
pos += 2;
|
||||||
|
bigEndian = true;
|
||||||
|
@@ -686,6 +690,10 @@ bool ID3v2Frame::getFrameValue ( XMP_Uns8 majorVersion, XMP_Uns32 logicalID, std
|
||||||
|
{
|
||||||
|
if ( commMode && (! advancePastCOMMDescriptor ( pos )) ) return false; // not a frame of interest!
|
||||||
|
|
||||||
|
+ if (pos + 4 > this->contentSize) {
|
||||||
|
+ // No enough for the string
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
if ( (GetUns32BE ( &this->content[pos]) & 0xFFFFFF00 ) == 0xEFBBBF00 ) {
|
||||||
|
pos += 3; // swallow any BOM, just in case
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -0,0 +1,38 @@
|
|||||||
|
From a3b1e52e5a5836fe1fd07013a2a098518b1801de Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Hubert=20Figui=C3=A8re?= <hub@figuiere.net>
|
||||||
|
Date: Sat, 27 Jul 2019 20:42:51 -0400
|
||||||
|
Subject: [PATCH] (CVE-20220-18652) Bug #12 - Invalid WebP cause memory
|
||||||
|
overflow.
|
||||||
|
|
||||||
|
https://gitlab.freedesktop.org/libopenraw/exempi/issues/12
|
||||||
|
(cherry picked from commit acee2894ceb91616543927c2a6e45050c60f98f7)
|
||||||
|
---
|
||||||
|
XMPFiles/source/FormatSupport/WEBP_Support.cpp | 10 ++++++++--
|
||||||
|
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/XMPFiles/source/FormatSupport/WEBP_Support.cpp b/XMPFiles/source/FormatSupport/WEBP_Support.cpp
|
||||||
|
index ffaf220..0d4b81d 100644
|
||||||
|
--- a/XMPFiles/source/FormatSupport/WEBP_Support.cpp
|
||||||
|
+++ b/XMPFiles/source/FormatSupport/WEBP_Support.cpp
|
||||||
|
@@ -120,10 +120,16 @@ VP8XChunk::VP8XChunk(Container* parent)
|
||||||
|
this->data.assign(this->size, 0);
|
||||||
|
XMP_Uns8* bitstream =
|
||||||
|
(XMP_Uns8*)parent->chunks[WEBP_CHUNK_IMAGE][0]->data.data();
|
||||||
|
+ XMP_Uns32 width = 0;
|
||||||
|
+ XMP_Uns32 height = 0;
|
||||||
|
// See bug https://bugs.freedesktop.org/show_bug.cgi?id=105247
|
||||||
|
// bitstream could be NULL.
|
||||||
|
- XMP_Uns32 width = bitstream ? ((bitstream[7] << 8) | bitstream[6]) & 0x3fff : 0;
|
||||||
|
- XMP_Uns32 height = bitstream ? ((bitstream[9] << 8) | bitstream[8]) & 0x3fff : 0;
|
||||||
|
+ // See bug https://gitlab.freedesktop.org/libopenraw/exempi/issues/12
|
||||||
|
+ // image chunk data could be too short (must be 10)
|
||||||
|
+ if (parent->chunks[WEBP_CHUNK_IMAGE][0]->data.size() >= 10 && bitstream) {
|
||||||
|
+ width = ((bitstream[7] << 8) | bitstream[6]) & 0x3fff;
|
||||||
|
+ height = ((bitstream[9] << 8) | bitstream[8]) & 0x3fff;
|
||||||
|
+ }
|
||||||
|
this->width(width);
|
||||||
|
this->height(height);
|
||||||
|
parent->vp8x = this;
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -1,12 +1,14 @@
|
|||||||
Summary: Library for easy parsing of XMP metadata
|
Summary: Library for easy parsing of XMP metadata
|
||||||
Name: exempi
|
Name: exempi
|
||||||
Version: 2.4.5
|
Version: 2.4.5
|
||||||
Release: 2%{?dist}
|
Release: 4%{?dist}
|
||||||
License: BSD
|
License: BSD
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
URL: http://libopenraw.freedesktop.org/wiki/Exempi
|
URL: http://libopenraw.freedesktop.org/wiki/Exempi
|
||||||
Source0: http://libopenraw.freedesktop.org/download/%{name}-%{version}.tar.bz2
|
Source0: http://libopenraw.freedesktop.org/download/%{name}-%{version}.tar.bz2
|
||||||
Patch0: CVE-2018-12648.patch
|
Patch0: CVE-2018-12648.patch
|
||||||
|
Patch0001: 0001-CVE-2020-18651-Issue-13-Fix-a-buffer-a-overflow-in-I.patch
|
||||||
|
Patch0002: 0002-CVE-20220-18652-Bug-12-Invalid-WebP-cause-memory-ove.patch
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
BuildRequires: boost-devel expat-devel zlib-devel pkgconfig
|
BuildRequires: boost-devel expat-devel zlib-devel pkgconfig
|
||||||
# Work around for aarch64 support (https://bugzilla.redhat.com/show_bug.cgi?id=925327)
|
# Work around for aarch64 support (https://bugzilla.redhat.com/show_bug.cgi?id=925327)
|
||||||
@ -31,6 +33,8 @@ developing with exempi.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
libtoolize -vi
|
libtoolize -vi
|
||||||
@ -69,6 +73,14 @@ rm -rf %{buildroot}%{_libdir}/*.a
|
|||||||
%{_libdir}/pkgconfig/*.pc
|
%{_libdir}/pkgconfig/*.pc
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jan 08 2024 Matej Mužila <mmuzila@redhat.com> - 2.4.5-4
|
||||||
|
- Fix CVE-2020-18652
|
||||||
|
- Resolves: RHEL-5416
|
||||||
|
|
||||||
|
* Mon Jan 08 2024 Matej Mužila <mmuzila@redhat.com> - 2.4.5-3
|
||||||
|
- Fix CVE-2020-18651
|
||||||
|
- Resolves: RHEL-5415
|
||||||
|
|
||||||
* Wed Sep 26 2018 Nikola Forró <nforro@redhat.com> - 2.4.5-2
|
* Wed Sep 26 2018 Nikola Forró <nforro@redhat.com> - 2.4.5-2
|
||||||
- Fix CVE-2018-12648
|
- Fix CVE-2018-12648
|
||||||
Resolves #1594644
|
Resolves #1594644
|
||||||
|
Loading…
Reference in New Issue
Block a user