diff --git a/openjpeg2-CVE-2022-1122.patch b/openjpeg2-CVE-2022-1122.patch new file mode 100644 index 0000000..28c1835 --- /dev/null +++ b/openjpeg2-CVE-2022-1122.patch @@ -0,0 +1,26 @@ +From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001 +From: xiaoxiaoafeifei +Date: Wed, 14 Jul 2021 09:35:13 +0800 +Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to + uninitialized pointer (fixes #1368) (#1369) + +--- + src/bin/jp2/opj_decompress.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c +index 0e028735..18ead672 100644 +--- a/src/bin/jp2/opj_decompress.c ++++ b/src/bin/jp2/opj_decompress.c +@@ -1356,7 +1356,7 @@ int main(int argc, char **argv) + int it_image; + num_images = get_num_images(img_fol.imgdirpath); + +- dirptr = (dircnt_t*)malloc(sizeof(dircnt_t)); ++ dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t)); + if (!dirptr) { + destroy_parameters(¶meters); + return EXIT_FAILURE; +-- +2.34.1 + diff --git a/openjpeg2.spec b/openjpeg2.spec index 9f51c8e..936b01b 100644 --- a/openjpeg2.spec +++ b/openjpeg2.spec @@ -5,7 +5,7 @@ Name: openjpeg2 Version: 2.4.0 -Release: 4%{?dist} +Release: 5%{?dist} Summary: C-Library for JPEG 2000 # windirent.h is MIT, the rest is BSD @@ -27,6 +27,7 @@ Patch1: openjpeg2_coverity.patch Patch2: openjpeg2-CVE-2021-29338.patch # Fix CVE-2021-3575 Patch3: openjpeg2-CVE-2021-3575.patch +Patch4: openjpeg2-CVE-2022-1122.patch BuildRequires: cmake BuildRequires: gcc @@ -331,6 +332,9 @@ make test -C %{_target_platform} %changelog +* Wed Jun 15 2022 Matej Mužila - 2.4.0-5 +- Fix CVE-2022-1122 + * Fri Jul 02 2021 Nikola Forró - 2.4.0-4 - Fix Covscan defect