Accepting request 1012108 from graphics

- security update: * CVE-2022-2519 [bsc#1202968] * CVE-2022-2520 [bsc#1202973] * CVE-2022-2521 [bsc#1202971] + tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch OBS-URL: https://build.opensuse.org/request/show/1012108 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tiff?expand=0&rev=86
2022-10-18 10:44:32 +00:00 · 2022-10-18 10:44:32 +00:00 · 6d626a6089
commit 6d626a6089
parent 4666a8ab8e 3c8f3f3c44
3 changed files with 83 additions and 0 deletions
--- a/tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
+++ b/tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
@ -0,0 +1,72 @@
+Index: tiff-4.4.0/tools/tiffcrop.c
+===================================================================
+--- tiff-4.4.0.orig/tools/tiffcrop.c
+++ tiff-4.4.0/tools/tiffcrop.c
+@@ -108,7 +108,7 @@
+  *                lower level, scanline level routines. Debug reports a limited set
+  *                of messages to monitor progress without enabling dump logs.
+  * 
+- * Note:    The (-X|-Y), -Z and -z options are mutually exclusive.
+ * Note:    The (-X|-Y), -Z, -z and -S options are mutually exclusive.
+  *          In no case should the options be applied to a given selection successively.
+  */
+ 
+@@ -173,12 +173,12 @@ static   char tiffcrop_rev_date[] = "02-
+ #define ROTATECW_270 32
+ #define ROTATE_ANY (ROTATECW_90 | ROTATECW_180 | ROTATECW_270)
+ 
+-#define CROP_NONE     0
+-#define CROP_MARGINS  1
+-#define CROP_WIDTH    2
+-#define CROP_LENGTH   4
+-#define CROP_ZONES    8
+-#define CROP_REGIONS 16
+#define CROP_NONE     0     /* "-S" -> Page_MODE_ROWSCOLS and page->rows/->cols != 0 */
+#define CROP_MARGINS  1     /* "-m" */
+#define CROP_WIDTH    2     /* "-X" */
+#define CROP_LENGTH   4     /* "-Y" */
+#define CROP_ZONES    8     /* "-Z" */
+#define CROP_REGIONS 16     /* "-z" */
+ #define CROP_ROTATE  32
+ #define CROP_MIRROR  64
+ #define CROP_INVERT 128
+@@ -316,7 +316,7 @@ struct crop_mask {
+ #define PAGE_MODE_RESOLUTION   1
+ #define PAGE_MODE_PAPERSIZE    2
+ #define PAGE_MODE_MARGINS      4
+-#define PAGE_MODE_ROWSCOLS     8
+#define PAGE_MODE_ROWSCOLS     8    /* for -S option */
+ 
+ #define INVERT_DATA_ONLY      10
+ #define INVERT_DATA_AND_TAG   11
+@@ -781,7 +781,7 @@ static const char usage_info[] =
+ "             The four debug/dump options are independent, though it makes little sense to\n"
+ "             specify a dump file without specifying a detail level.\n"
+ "\n"
+-"Note:        The (-X|-Y), -Z and -z options are mutually exclusive.\n"
+"Note:        The (-X|-Y), -Z, -z and -S options are mutually exclusive.\n"
+ "             In no case should the options be applied to a given selection successively.\n"
+ "\n"
+ ;
+@@ -2131,13 +2131,14 @@ void  process_command_opts (int argc, ch
+ 		/*NOTREACHED*/
+       }
+     }
+-    /*-- Check for not allowed combinations (e.g. -X, -Y and -Z and -z are mutually exclusive) --*/
+-    char XY, Z, R;
+-    XY = ((crop_data->crop_mode & CROP_WIDTH) || (crop_data->crop_mode & CROP_LENGTH));
+-    Z = (crop_data->crop_mode & CROP_ZONES);
+-    R = (crop_data->crop_mode & CROP_REGIONS);
+-    if ((XY && Z) || (XY && R) || (Z && R)) {
+-        TIFFError("tiffcrop input error", "The crop options(-X|-Y), -Z and -z are mutually exclusive.->Exit");
+    /*-- Check for not allowed combinations (e.g. -X, -Y and -Z, -z and -S are mutually exclusive) --*/
+    char XY, Z, R, S;
+    XY = ((crop_data->crop_mode & CROP_WIDTH) || (crop_data->crop_mode & CROP_LENGTH)) ? 1 : 0;
+    Z = (crop_data->crop_mode & CROP_ZONES) ? 1 : 0;
+    R = (crop_data->crop_mode & CROP_REGIONS) ? 1 : 0;
+    S = (page->mode & PAGE_MODE_ROWSCOLS) ? 1 : 0;
+    if (XY + Z + R + S > 1) {
+        TIFFError("tiffcrop input error", "The crop options(-X|-Y), -Z, -z and -S are mutually exclusive.->Exit");
+         exit(EXIT_FAILURE);
+     }
+   }  /* end process_command_opts */
--- a/tiff.changes
+++ b/tiff.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Mon Oct 17 11:40:27 UTC 2022 - Michael Vetter <mvetter@suse.com>
+
+- security update:
+  * CVE-2022-2519 [bsc#1202968]
+  * CVE-2022-2520 [bsc#1202973]
+  * CVE-2022-2521 [bsc#1202971]
+    + tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
+
 -------------------------------------------------------------------
 Mon Aug  1 12:06:01 UTC 2022 - Michael Vetter <mvetter@suse.com>

--- a/tiff.spec
+++ b/tiff.spec
@ -35,6 +35,7 @@ Patch0:         tiff-4.0.3-seek.patch
 Patch1:         tiff-4.0.3-compress-warning.patch
 Patch2:         tiff-CVE-2022-2056,CVE-2022-2057,CVE-2022-2058.patch
 Patch3:         tiff-CVE-2022-34526.patch
+Patch4:         tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
 BuildRequires:  gcc-c++
 BuildRequires:  libjbig-devel
 BuildRequires:  libjpeg-devel
@ -76,6 +77,7 @@ the libtiff library.
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1

 %build
 CFLAGS="%{optflags} -fPIE"