Resolves: rhbz#1489844 CVE-2017-6362 remove afflicted but unused function
This commit is contained in:
parent
e4948e311a
commit
e17758d24c
32
libwmf-0.2.8.4-CVE-2017-6362.patch
Normal file
32
libwmf-0.2.8.4-CVE-2017-6362.patch
Normal file
@ -0,0 +1,32 @@
|
||||
--- libwmf-0.2.8.4/src/extra/gd/gd_png.c
|
||||
+++ libwmf-0.2.8.4/src/extra/gd/gd_png.c
|
||||
@@ -435,17 +435,6 @@
|
||||
out->free (out);
|
||||
}
|
||||
|
||||
-void *
|
||||
-gdImagePngPtr (gdImagePtr im, int *size)
|
||||
-{
|
||||
- void *rv;
|
||||
- gdIOCtx *out = gdNewDynamicCtx (2048, NULL);
|
||||
- gdImagePngCtx (im, out);
|
||||
- rv = gdDPExtractData (out, size);
|
||||
- out->free (out);
|
||||
- return rv;
|
||||
-}
|
||||
-
|
||||
/* This routine is based in part on code from Dale Lutz (Safe Software Inc.)
|
||||
* and in part on demo code from Chapter 15 of "PNG: The Definitive Guide"
|
||||
* (http://www.cdrom.com/pub/png/pngbook.html).
|
||||
--- libwmf-0.2.8.4/src/extra/gd/gd.h
|
||||
+++ libwmf-0.2.8.4/src/extra/gd/gd.h
|
||||
@@ -373,9 +373,6 @@
|
||||
void gdImageGd2(gdImagePtr im, FILE *out, int cs, int fmt);
|
||||
|
||||
/* Best to free this memory with gdFree(), not free() */
|
||||
-void* gdImagePngPtr(gdImagePtr im, int *size);
|
||||
-
|
||||
-/* Best to free this memory with gdFree(), not free() */
|
||||
void* gdImageGdPtr(gdImagePtr im, int *size);
|
||||
|
||||
/* Best to free this memory with gdFree(), not free() */
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: Windows MetaFile Library
|
||||
Name: libwmf
|
||||
Version: 0.2.8.4
|
||||
Release: 52%{?dist}
|
||||
Release: 53%{?dist}
|
||||
Group: System Environment/Libraries
|
||||
#libwmf is under the LGPLv2+, however...
|
||||
#1. The tarball contains an old version of the urw-fonts under GPL+.
|
||||
@ -71,6 +71,8 @@ Patch22: libwmf-0.2.8.4-CVE-2016-9317.patch
|
||||
Patch23: libwmf-0.2.8.4-CVE-2016-10167.patch
|
||||
# CVE-2016-10168
|
||||
Patch24: libwmf-0.2.8.4-CVE-2016-10168.patch
|
||||
# CVE-2017-6362
|
||||
Patch25: libwmf-0.2.8.4-CVE-2017-6362.patch
|
||||
|
||||
Requires: urw-fonts
|
||||
Requires: %{name}-lite = %{version}-%{release}
|
||||
@ -128,6 +130,7 @@ using libwmf.
|
||||
%patch22 -p1 -b .CVE-2016-9317
|
||||
%patch23 -p1 -b .CVE-2016-10167
|
||||
%patch24 -p1 -b .CVE-2016-10168
|
||||
%patch25 -p1 -b .CVE-2017-6362
|
||||
f=README ; iconv -f iso-8859-2 -t utf-8 $f > $f.utf8 ; mv $f.utf8 $f
|
||||
|
||||
%build
|
||||
@ -189,6 +192,9 @@ sed -i $RPM_BUILD_ROOT%{_datadir}/libwmf/fonts/fontmap -e 's#libwmf/fonts#fonts/
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Sep 12 2017 Caolán McNamara <caolanm@redhat.com> - 0.2.8.4-53
|
||||
- Resolves: rhbz#1489844 CVE-2017-6362 remove afflicted but unused function
|
||||
|
||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.2.8.4-52
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user