- security update

- added patches
  fix CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function
  + openexr-CVE-2021-3605.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/openexr?expand=0&rev=67

openexr-CVE-2021-3605.patch

@@ -0,0 +1,15 @@
+--- a/OpenEXR/IlmImf/ImfRle.cpp
++++ b/OpenEXR/IlmImf/ImfRle.cpp
+@@ -146,6 +146,11 @@ rleUncompress (int inLength, int maxLength, const signed char in[], char out[])
+ 	    if (0 > (maxLength -= count + 1))
+ 		return 0;
+ 
++        // check the input buffer is big enough to contain
++        // byte to be duplicated
++        if (inLength < 0)
++          return 0;
++
+         memset(out, *(char*)in, count+1);
+         out += count+1;
+ 
+

openexr.changes

@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Wed Jun 16 12:28:02 UTC 2021 - pgajdos@suse.com
+
+- security update
+- added patches
+  fix CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function
+  + openexr-CVE-2021-3605.patch
+
 -------------------------------------------------------------------
 Tue Jun 15 10:05:14 UTC 2021 - pgajdos@suse.com
 

openexr.spec

@@ -1,5 +1,5 @@
 #
-# spec file for package openexr
+# spec file
 #
 # Copyright (c) 2021 SUSE LLC
 #
@@ -46,6 +46,8 @@ Source2:        baselibs.conf
 Patch1:         0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch
 # CVE-2021-3598 [bsc#1187310], Heap buffer overflow in Imf_3_1:CharPtrIO:readChars
 Patch2:         openexr-CVE-2021-3598.patch
+# CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function
+Patch3:         openexr-CVE-2021-3605.patch
 BuildRequires:  cmake
 BuildRequires:  gcc-c++
 BuildRequires:  pkgconfig
@@ -226,6 +228,7 @@ Group:          System/Libraries
 %setup -q -n %{prjname}-%{version}
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 %build
 %if "%{flavor}" == "openexr"