Fix CVE-2018-19664 (#1656219)
This commit is contained in:
Nikola Forró
parent
c8f4c0f91a
commit
51a3346969
33
libjpeg-turbo-CVE-2018-19664.patch
Normal file
33
libjpeg-turbo-CVE-2018-19664.patch
Normal file
@ -0,0 +1,33 @@
|
||||
From 4a3f52b4d191d79f500831649037b9b24c730e37 Mon Sep 17 00:00:00 2001
|
||||
From: DRC <information@libjpeg-turbo.org>
|
||||
Date: Tue, 1 Jan 2019 20:32:40 -0600
|
||||
Subject: [PATCH] wrbmp.c: Don't allow quantization w/ non-RGB CS
|
||||
|
||||
If cinfo->quantize_colors == 1, then jpeg_calc_output_dimensions() will
|
||||
set cinfo->output_components to 1, and if cinfo->out_color_space is not
|
||||
RGB (or extended RGB), hilarity will ensue.
|
||||
|
||||
Fixes #305
|
||||
---
|
||||
wrbmp.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/wrbmp.c b/wrbmp.c
|
||||
index 38a64e8..3489f14 100644
|
||||
--- a/wrbmp.c
|
||||
+++ b/wrbmp.c
|
||||
@@ -506,8 +506,9 @@ jinit_write_bmp(j_decompress_ptr cinfo, boolean is_os2,
|
||||
dest->pub.put_pixel_rows = put_gray_rows;
|
||||
else
|
||||
dest->pub.put_pixel_rows = put_pixel_rows;
|
||||
- } else if (cinfo->out_color_space == JCS_RGB565 ||
|
||||
- cinfo->out_color_space == JCS_CMYK) {
|
||||
+ } else if (!cinfo->quantize_colors &&
|
||||
+ (cinfo->out_color_space == JCS_RGB565 ||
|
||||
+ cinfo->out_color_space == JCS_CMYK)) {
|
||||
dest->pub.put_pixel_rows = put_pixel_rows;
|
||||
} else {
|
||||
ERREXIT(cinfo, JERR_BMP_COLORSPACE);
|
||||
--
|
||||
2.17.2
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: libjpeg-turbo
|
||||
Version: 2.0.0
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: A MMX/SSE2/SIMD accelerated library for manipulating JPEG image files
|
||||
License: IJG
|
||||
URL: http://sourceforge.net/projects/libjpeg-turbo
|
||||
@ -8,6 +8,7 @@ URL: http://sourceforge.net/projects/libjpeg-turbo
|
||||
Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
|
||||
Patch0: libjpeg-turbo-cmake.patch
|
||||
Patch1: libjpeg-turbo-CVE-2018-20330.patch
|
||||
Patch2: libjpeg-turbo-CVE-2018-19664.patch
|
||||
|
||||
BuildRequires: gcc
|
||||
BuildRequires: cmake
|
||||
@ -71,6 +72,7 @@ manipulate JPEG files using the TurboJPEG library.
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
|
||||
%build
|
||||
%{cmake} -DCMAKE_SKIP_RPATH:BOOL=YES \
|
||||
@ -170,6 +172,9 @@ LD_LIBRARY_PATH=%{buildroot}%{_libdir} make test %{?_smp_mflags}
|
||||
%{_libdir}/pkgconfig/libturbojpeg.pc
|
||||
|
||||
%changelog
|
||||
* Fri Jan 11 2019 Nikola Forró <nforro@redhat.com> - 2.0.0-3
|
||||
- Fix CVE-2018-19664 (#1656219)
|
||||
|
||||
* Fri Jan 11 2019 Nikola Forró <nforro@redhat.com> - 2.0.0-2
|
||||
- Fix CVE-2018-20330 (#1665224)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user