pool/htmldoc
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 973830 from home:pgajdos

Browse Source 
- security update
- added patches
  fix CVE-2022-28085 [bsc#1198933], Heap buffer overflow in function pdf_write_names in ps-pdf.cxx
  + htmldoc-CVE-2022-28085.patch

OBS-URL: https://build.opensuse.org/request/show/973830
OBS-URL: https://build.opensuse.org/package/show/Publishing/htmldoc?expand=0&rev=32
This commit is contained in:
Martin Pluskal 2022-04-29 13:46:08 +00:00 committed by Git OBS Bridge
parent e55fe33708
commit 7db71ad13b
3 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
htmldoc-CVE-2022-28085.patch Normal file
View File

@ -0,0 +1,13 @@
Index: htmldoc-1.9.15/htmldoc/ps-pdf.cxx
===================================================================
--- htmldoc-1.9.15.orig/htmldoc/ps-pdf.cxx
+++ htmldoc-1.9.15/htmldoc/ps-pdf.cxx
@@ -3583,6 +3583,8 @@ pdf_write_names(FILE *out) /* I - Outpu
pdf_start_object(out);
float x, y;
+ check_pages(link->page);
+
x = 0.0f;
y = link->top + pages[link->page].bottom;
pspdf_transform_coords(pages + link->page, x, y);

8
htmldoc.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Fri Apr 29 06:02:30 UTC 2022 - pgajdos@suse.com
- security update
- added patches
fix CVE-2022-28085 [bsc#1198933], Heap buffer overflow in function pdf_write_names in ps-pdf.cxx
+ htmldoc-CVE-2022-28085.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Feb 10 11:49:32 UTC 2022 - pgajdos@suse.com Thu Feb 10 11:49:32 UTC 2022 - pgajdos@suse.com

4
htmldoc.spec
View File

@ -24,6 +24,8 @@ License: LGPL-2.1-or-later
Group: Productivity/Publishing/HTML/Tools Group: Productivity/Publishing/HTML/Tools
URL: https://michaelrsweet.github.io/htmldoc/index.html URL: https://michaelrsweet.github.io/htmldoc/index.html
Source: https://github.com/michaelrsweet/htmldoc/releases/download/v%{version}/htmldoc-%{version}-source.tar.gz Source: https://github.com/michaelrsweet/htmldoc/releases/download/v%{version}/htmldoc-%{version}-source.tar.gz
# CVE-2022-28085 [bsc#1198933], Heap buffer overflow in function pdf_write_names in ps-pdf.cxx
Patch0: htmldoc-CVE-2022-28085.patch
BuildRequires: fltk-devel BuildRequires: fltk-devel
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: hicolor-icon-theme BuildRequires: hicolor-icon-theme
@ -40,7 +42,7 @@ HTMLDOC converts HTML source files into indexed HTML, PostScript, or
Portable Document Format (PDF) files that can be viewed online or printed. Portable Document Format (PDF) files that can be viewed online or printed.
%prep %prep
%autosetup %autosetup -p1
%build %build
%configure \ %configure \