- updated to 0.18.4:

* Fix for possible heap overrun in Canon makernotes parser
 * Fix for CVE-2017-13735
 * CVE-2017-14265: Additional check for X-Trans CFA pattern data
- remove libraw-CVE-2017-6887,6886.patch and
         libraw-CVE-2017-6890,6899.patch:
  no need to patch dcraw.c, it is not used

OBS-URL: https://build.opensuse.org/package/show/graphics/libraw?expand=0&rev=96
This commit is contained in:
Petr Gajdos 2017-09-15 09:35:46 +00:00 committed by Git OBS Bridge
parent b99517535d
commit cb174e895e
6 changed files with 15 additions and 75 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ce366bb38c1144130737eb16e919038937b4dc1ab165179a225d5e847af2abc6
size 1281674

3
LibRaw-0.18.4.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:eaf4931b46e65861e88bbe704ccf370381e94d63e9a898b889ded4e0cb3b0c97
size 1281104

View File

@ -1,37 +0,0 @@
From d7c3d2cb460be10a3ea7b32e9443a83c243b2251 Mon Sep 17 00:00:00 2001
From: Alex Tutubalin <lexa@lexa.ru>
Date: Sat, 4 Mar 2017 21:27:39 +0300
Subject: [PATCH] Secunia SA75000 advisory: several buffer overruns
---
dcraw/dcraw.c | 12 ++++++++++--
internal/dcraw_common.cpp | 12 ++++++++++--
2 files changed, 20 insertions(+), 4 deletions(-)
Index: LibRaw-0.18.2/dcraw/dcraw.c
===================================================================
--- LibRaw-0.18.2.orig/dcraw/dcraw.c 2017-05-23 10:30:39.264790336 +0200
+++ LibRaw-0.18.2/dcraw/dcraw.c 2017-05-23 11:15:45.574900958 +0200
@@ -5841,7 +5841,12 @@ int CLASS parse_tiff_ifd (int base)
if (!strcmp(model,"DSLR-A100") && tiff_ifd[ifd].width == 3872) {
load_raw = &CLASS sony_arw_load_raw;
data_offset = get4()+base;
- ifd++; break;
+ ifd++;
+#ifdef LIBRAW_LIBRARY_BUILD
+ if (ifd >= sizeof tiff_ifd / sizeof tiff_ifd[0])
+ throw LIBRAW_EXCEPTION_IO_CORRUPT;
+#endif
+ break;
}
while (len--) {
i = ftell(ifp);
@@ -6005,6 +6010,8 @@ int CLASS parse_tiff_ifd (int base)
break;
case 50454: /* Sinar tag */
case 50455:
+ if (len < 1 || len > 2560000)
+ break;
if (!(cbuf = (char *) malloc(len))) break;
fread (cbuf, 1, len, ifp);
for (cp = cbuf-1; cp && cp < cbuf+len; cp = strchr(cp,'\n'))

View File

@ -1,30 +0,0 @@
--- a/dcraw/dcraw.c
+++ b/dcraw/dcraw.c
@@ -319,7 +319,7 @@ void CLASS foveon_huff (ushort *huff)
void CLASS foveon_dp_load_raw()
{
unsigned c, roff[4], row, col, diff;
- ushort huff[512], vpred[2][2], hpred[2];
+ ushort huff[1024], vpred[2][2], hpred[2];
fseek (ifp, 8, SEEK_CUR);
foveon_huff (huff);
@@ -346,12 +346,16 @@ void CLASS foveon_dp_load_raw()
void CLASS foveon_load_camf()
{
unsigned type, wide, high, i, j, row, col, diff;
- ushort huff[258], vpred[2][2] = {{512,512},{512,512}}, hpred[2];
+ ushort huff[1024], vpred[2][2] = {{512,512},{512,512}}, hpred[2];
fseek (ifp, meta_offset, SEEK_SET);
type = get4(); get4(); get4();
wide = get4();
high = get4();
+#ifdef LIBRAW_LIBRARY_BUILD
+ if(wide>32767 || high > 32767 || wide*high > 20000000)
+ throw LIBRAW_EXCEPTION_IO_CORRUPT;
+#endif
if (type == 2) {
fread (meta_data, 1, meta_length, ifp);
for (i=0; i < meta_length; i++) {

View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Wed Sep 13 10:25:35 UTC 2017 - pgajdos@suse.com
- updated to 0.18.4:
* Fix for possible heap overrun in Canon makernotes parser
* Fix for CVE-2017-13735
* CVE-2017-14265: Additional check for X-Trans CFA pattern data
- remove libraw-CVE-2017-6887,6886.patch and
libraw-CVE-2017-6890,6899.patch:
no need to patch dcraw.c, it is not used
-------------------------------------------------------------------
Tue May 23 06:54:04 UTC 2017 - pgajdos@suse.com

View File

@ -21,7 +21,7 @@
Name: libraw
%define lver 16
%define lname libraw%{lver}
Version: 0.18.2
Version: 0.18.4
Release: 0
Summary: Library for reading RAW files obtained from digital photo cameras
License: CDDL-1.0 or LGPL-2.1
@ -30,8 +30,6 @@ Url: http://www.libraw.org/
#Git-Clone: git://github.com/LibRaw/LibRaw
Source: http://www.libraw.org/data/%tar_name-%version.tar.gz
Patch0: libraw-CVE-2017-6890,6899.patch
Patch1: libraw-CVE-2017-6887,6886.patch
BuildRequires: fdupes
BuildRequires: gcc-c++
BuildRequires: libjasper-devel
@ -100,8 +98,6 @@ against LibRaw. LibRaw does not provide dynamic libraries.
%prep
%setup -qn %tar_name-%version
%patch0 -p1
%patch1 -p1
%build
export CXXFLAGS="%optflags -fPIC -DUSE_ZLIB"