This commit is contained in:
OBS User unknown
Git OBS Bridge
parent
ee2541b2bd
commit
925f4aee13
37
gimp-psd-overflow.patch
Normal file
37
gimp-psd-overflow.patch
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
Index: gimp-2.2.13/plug-ins/common/psd.c
|
||||||
|
===================================================================
|
||||||
|
--- gimp-2.2.13.orig/plug-ins/common/psd.c
|
||||||
|
+++ gimp-2.2.13/plug-ins/common/psd.c
|
||||||
|
@@ -1771,6 +1771,7 @@ load_image (const gchar *name)
|
||||||
|
gint32 iter;
|
||||||
|
fpos_t tmpfpos;
|
||||||
|
int red_chan, grn_chan, blu_chan, alpha_chan, ichan;
|
||||||
|
+ gint lidx, cidx;
|
||||||
|
|
||||||
|
IFDBG printf("------- %s ---------------------------------\n",name);
|
||||||
|
|
||||||
|
@@ -1789,6 +1790,24 @@ load_image (const gchar *name)
|
||||||
|
|
||||||
|
read_whole_file (fd);
|
||||||
|
|
||||||
|
+ for (lidx = 0; lidx < psd_image.num_layers; ++lidx) {
|
||||||
|
+ PSDlayer tl = psd_image.layer[lidx];
|
||||||
|
+
|
||||||
|
+ for (cidx = 0; cidx < tl.num_channels; ++cidx) {
|
||||||
|
+ PSDchannel tc = tl.channel[cidx];
|
||||||
|
+
|
||||||
|
+ if (tc.width > 30000 || tc.width < 1 ||
|
||||||
|
+ tc.height > 30000 || tc.height < 1) {
|
||||||
|
+ /* No good! */
|
||||||
|
+
|
||||||
|
+ g_message (_("Invalid file: %s"),
|
||||||
|
+ gimp_filename_to_utf8 (name));
|
||||||
|
+ /* Is it necessary to free up anything else? */
|
||||||
|
+ fclose (fd);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
if (psd_image.num_layers > 0) /* PS3-style */
|
||||||
|
{
|
||||||
|
int lnum;
|
||||||
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jul 4 00:22:16 CEST 2007 - maw@suse.de
|
||||||
|
|
||||||
|
- Add gimp-psd-overflow.patch (#284288 and CVE-2007-2949), fixing
|
||||||
|
a buffer overflow.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri May 4 15:32:01 CEST 2007 - sbrabec@suse.cz
|
Fri May 4 15:32:01 CEST 2007 - sbrabec@suse.cz
|
||||||
|
|
||||||
|
|||||||
@ -21,8 +21,8 @@ BuildRequires: python-gtk
|
|||||||
%endif
|
%endif
|
||||||
URL: http://www.gimp.org/
|
URL: http://www.gimp.org/
|
||||||
Version: 2.2.13
|
Version: 2.2.13
|
||||||
Release: 60
|
Release: 87
|
||||||
License: GNU General Public License (GPL)
|
License: GPL v2 or later
|
||||||
Group: Productivity/Graphics/Bitmap Editors
|
Group: Productivity/Graphics/Bitmap Editors
|
||||||
Provides: gimp2 gimp-2.0
|
Provides: gimp2 gimp-2.0
|
||||||
Obsoletes: libgimp gimp2-svg gimp2
|
Obsoletes: libgimp gimp2-svg gimp2
|
||||||
@ -36,6 +36,7 @@ Source1: gimp-logo.png
|
|||||||
Source2: gimp-splash.png
|
Source2: gimp-splash.png
|
||||||
Patch: gimp-default-browser.patch
|
Patch: gimp-default-browser.patch
|
||||||
Patch1: gimp-sunras-overflow.patch
|
Patch1: gimp-sunras-overflow.patch
|
||||||
|
Patch2: gimp-psd-overflow.patch
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -720,6 +721,9 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{_datadir}/gtk-doc/html/*
|
%{_datadir}/gtk-doc/html/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jul 04 2007 - maw@suse.de
|
||||||
|
- Add gimp-psd-overflow.patch (#284288 and CVE-2007-2949), fixing
|
||||||
|
a buffer overflow.
|
||||||
* Fri May 04 2007 - sbrabec@suse.cz
|
* Fri May 04 2007 - sbrabec@suse.cz
|
||||||
- Fixed buffer overflow in sunras plugin (#270506, GNOME#433902,
|
- Fixed buffer overflow in sunras plugin (#270506, GNOME#433902,
|
||||||
CVE-2007-2356).
|
CVE-2007-2356).
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user