c_cpp/libsixel
SHA256
8
0
Fork 0
forked from pool/libsixel
Code Pull Requests Activity

Compare commits

base: c_cpp:factory
Branches Tags
c_cpp:main c_cpp:factory c_cpp:devel pool:factory pool:devel pool:leap-16.0
..
compare: pool:factory
Branches Tags
pool:factory pool:devel pool:leap-16.0 c_cpp:main c_cpp:factory c_cpp:devel

2 Commits
factory ... factory

Author SHA256 Message Date
Ana Guerrero
a3e59648f5 Accepting request 1302932 from devel:libraries:c_c++ 
- add 0001-Fix-a-heap-buffer-overflow-problem-reported-by-err2z.patch
  (bsc#1248454, CVE-2025-9300)

OBS-URL: https://build.opensuse.org/request/show/1302932
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libsixel?expand=0&rev=3
 2025-09-05 19:44:29 +00:00
Dirk Mueller
6f89793a12 - add 0001-Fix-a-heap-buffer-overflow-problem-reported-by-err2z.patch 
(bsc#1248454, CVE-2025-9300)

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libsixel?expand=0&rev=8
 2025-09-05 12:47:45 +00:00
3 changed files with 27 additions and 1 deletions
Expand all files Collapse all files

18
0001-Fix-a-heap-buffer-overflow-problem-reported-by-err2z.patch Normal file
View File

@@ -0,0 +1,18 @@
From 316c086e79d66b62c0c4bc66229ee894e4fdb7d1 Mon Sep 17 00:00:00 2001
From: Hayaki Saito <saitoha@me.com>
Date: Tue, 12 Aug 2025 21:30:24 +0900
Subject: [PATCH] Fix a heap-buffer-overflow problem reported by @err2zero
--- a/src/encoder.c
+++ b/src/encoder.c
@@ -744,9 +744,9 @@ sixel_debug_print_palette(
fprintf(stderr, "palette:\n");
for (i = 0; i < sixel_dither_get_num_of_palette_colors(dither); ++i) {
fprintf(stderr, "%d: #%02x%02x%02x\n", i,
+ palette[i * 3 + 0],
palette[i * 3 + 1],
- palette[i * 3 + 2],
- palette[i * 3 + 3]);
+ palette[i * 3 + 2]);
}
}

6
libsixel.changes
View File

@@ -1,3 +1,9 @@
-------------------------------------------------------------------
Fri Sep 5 12:46:55 UTC 2025 - Dirk Müller <dmueller@suse.com>
- add 0001-Fix-a-heap-buffer-overflow-problem-reported-by-err2z.patch
(bsc#1248454, CVE-2025-9300)
-------------------------------------------------------------------
Thu Feb 27 20:25:06 UTC 2025 - Enrico Belleri <kilgore.trout@idesmi.eu>

4
libsixel.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package libsixel
#
# Copyright (c) 2022 SUSE LLC
# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,6 +26,8 @@ Group: Development/Libraries/C and C++
URL: https://github.com/libsixel/libsixel
Source: https://github.com/libsixel/libsixel/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
Patch0: meson.patch
# CVE-2025-9300
Patch1: 0001-Fix-a-heap-buffer-overflow-problem-reported-by-err2z.patch
BuildRequires: bash
BuildRequires: meson
BuildRequires: pkgconfig