Lumir Balhar
parent
fe69c9d81a
commit
83527c74ae
|
|
@ -0,0 +1,38 @@
|
|||
From 2d30e67ec0b77993de62f975aae29266d8d1f784 Mon Sep 17 00:00:00 2001
|
||||
From: Lumir Balhar <lbalhar@redhat.com>
|
||||
Date: Thu, 4 Apr 2024 13:01:56 +0200
|
||||
Subject: [PATCH] CVE-2024-28219
|
||||
|
||||
---
|
||||
src/_imagingcms.c | 8 ++++----
|
||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/_imagingcms.c b/src/_imagingcms.c
|
||||
index 5e4196c..4169e28 100644
|
||||
--- a/src/_imagingcms.c
|
||||
+++ b/src/_imagingcms.c
|
||||
@@ -212,8 +212,8 @@ cms_transform_new(cmsHTRANSFORM transform, char* mode_in, char* mode_out)
|
||||
|
||||
self->transform = transform;
|
||||
|
||||
- strcpy(self->mode_in, mode_in);
|
||||
- strcpy(self->mode_out, mode_out);
|
||||
+ strncpy(self->mode_in, mode_in, 8);
|
||||
+ strncpy(self->mode_out, mode_out, 8);
|
||||
|
||||
return (PyObject*) self;
|
||||
}
|
||||
@@ -286,8 +286,8 @@ findLCMStype(char* PILmode)
|
||||
}
|
||||
|
||||
else {
|
||||
- /* take a wild guess... but you probably should fail instead. */
|
||||
- return TYPE_GRAY_8; /* so there's no buffer overrun... */
|
||||
+ /* take a wild guess... */
|
||||
+ return TYPE_GRAY_8;
|
||||
}
|
||||
}
|
||||
|
||||
--
|
||||
2.44.0
|
||||
|
||||
|
|
@ -8,7 +8,7 @@
|
|||
|
||||
Name: python-%{srcname}
|
||||
Version: 5.1.1
|
||||
Release: 20%{?dist}
|
||||
Release: 21%{?dist}
|
||||
Summary: Python image processing library
|
||||
|
||||
# License: see http://www.pythonware.com/products/pil/license.htm
|
||||
|
|
@ -121,6 +121,10 @@ Patch21: CVE-2023-44271.patch
|
|||
# Upstream fix: https://github.com/python-pillow/Pillow/commit/02c6183d41c68a8dd080f5739f566bd82485822d
|
||||
# Patch rebased and tests converted from pytest to unittests.
|
||||
Patch22: CVE-2023-50447.patch
|
||||
# CVE-2024-28219 python-pillow: buffer overflow in _imagingcms.c
|
||||
# Upstream fix: https://github.com/python-pillow/Pillow/pull/7928
|
||||
# Patch rebased. The test requires a binary file and therefore isn't backported.
|
||||
Patch23: CVE-2024-28219.patch
|
||||
|
||||
BuildRequires: freetype-devel
|
||||
BuildRequires: gcc
|
||||
|
|
@ -265,6 +269,10 @@ popd
|
|||
|
||||
|
||||
%changelog
|
||||
* Thu Apr 04 2024 Lumír Balhar <lbalhar@redhat.com> - 5.1.1-21
|
||||
- Security fix for CVE-2024-28219
|
||||
Resolves: RHEL-31071
|
||||
|
||||
* Thu Jan 25 2024 Lumír Balhar <lbalhar@redhat.com> - 5.1.1-20
|
||||
- Security fix for CVE-2023-50447
|
||||
Resolves: RHEL-22240
|
||||
|
|
|
|||
Loading…
Reference in New Issue