import CS git gegl-0.2.0-40.el8_10
This commit is contained in:
parent
c96d219bd7
commit
faf24ddccb
34
SOURCES/gegl-0.2.0-CVE-2026-2050.patch
Normal file
34
SOURCES/gegl-0.2.0-CVE-2026-2050.patch
Normal file
@ -0,0 +1,34 @@
|
||||
From 3e8d3382937e0c2891478f3a58bd225de3a53ba5 Mon Sep 17 00:00:00 2001
|
||||
From: Gabriele Barbero <barbero.gabriele03@gmail.com>
|
||||
Date: Fri, 5 Dec 2025 00:20:22 +0100
|
||||
Subject: [PATCH] ZDI-CAN-28266: guard against buffer overflow
|
||||
|
||||
In rgbe_read_new_rle we check whether there is still space in the buffer,
|
||||
but we do not verify that the run length fits within the remaining capacity.
|
||||
This can lead to a buffer overflow. This patch adds a check to ensure that
|
||||
the run length does not exceed the available space.
|
||||
---
|
||||
libs/rgbe/rgbe.c | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git a/libs/rgbe/rgbe.c b/libs/rgbe/rgbe.c
|
||||
index 890eb64..8f29778 100644
|
||||
--- a/libs/rgbe/rgbe.c
|
||||
+++ b/libs/rgbe/rgbe.c
|
||||
@@ -650,6 +650,13 @@ rgbe_read_new_rle (const rgbe_file *file,
|
||||
|
||||
data++;
|
||||
|
||||
+ /* Check if there's enought space in the buffer to avoid OOB */
|
||||
+ if (length > (pixels + RGBE_NUM_RGBE * linesize - pixoffset[component]) / RGBE_NUM_RGBE)
|
||||
+ {
|
||||
+ g_warning ("Buffer overflow detected.");
|
||||
+ return FALSE;
|
||||
+ }
|
||||
+
|
||||
/* A compressed run */
|
||||
if (rle)
|
||||
{
|
||||
--
|
||||
2.52.0
|
||||
|
||||
@ -16,7 +16,7 @@
|
||||
Summary: A graph based image processing framework
|
||||
Name: gegl
|
||||
Version: 0.2.0
|
||||
Release: 39%{?dist}
|
||||
Release: 40%{?dist}
|
||||
|
||||
# Compute some version related macros
|
||||
# Ugly hack, you need to get your quoting backslashes/percent signs straight
|
||||
@ -37,6 +37,8 @@ Patch4: gegl-0.2.0-linker-flags.patch
|
||||
Patch5: gegl-0.2.0-libopenraw.patch
|
||||
Patch6: gegl-0.2.0-ppc64-rand-fix.patch
|
||||
Patch7: gegl-build-without-exiv2.patch
|
||||
# https://github.com/GNOME/gegl/commit/d32f1badb4bde1d6e8137f687d9ee1195768d4ed
|
||||
Patch8: gegl-0.2.0-CVE-2026-2050.patch
|
||||
BuildRequires: asciidoc
|
||||
BuildRequires: babl-devel >= 0.1.10
|
||||
BuildRequires: cairo-devel
|
||||
@ -220,6 +222,10 @@ make check
|
||||
%{_libdir}/pkgconfig/%{name}-%{apiver}.pc
|
||||
|
||||
%changelog
|
||||
* Thu Jun 25 2026 RHEL Packaging Agent <redhat-ymir-agent@redhat.com> - 0.2.0-40
|
||||
- Fix buffer overflow in rgbe_read_new_rle() (CVE-2026-2050)
|
||||
Resolves: RHEL-188260
|
||||
|
||||
* Mon Nov 04 2019 Jan Grulich <jgrulich@redhat.com> - 0.2.0-39
|
||||
- Build without exiv2
|
||||
Resolves: bz#1767748
|
||||
|
||||
Loading…
Reference in New Issue
Block a user