From 6c8b6b0f6f208ecccc1ca4d47d485683008cd6e7d66d446495fc0f104f34acc9 Mon Sep 17 00:00:00 2001
From: Petr Gajdos <pgajdos@suse.com>
Date: Wed, 7 Nov 2018 11:02:53 +0000
Subject: [PATCH] - security update   * CVE-2018-18444 [bsc#1113455]     +
 openexr-CVE-2018-18444.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/openexr?expand=0&rev=17
---
 openexr-CVE-2018-18444.patch | 13 +++++++++++++
 openexr.changes              |  7 +++++++
 openexr.spec                 |  2 ++
 3 files changed, 22 insertions(+)
 create mode 100644 openexr-CVE-2018-18444.patch

diff --git a/openexr-CVE-2018-18444.patch b/openexr-CVE-2018-18444.patch
new file mode 100644
index 0000000..2c10172
--- /dev/null
+++ b/openexr-CVE-2018-18444.patch
@@ -0,0 +1,13 @@
+Index: openexr-2.3.0/exrmultiview/Image.h
+===================================================================
+--- openexr-2.3.0.orig/exrmultiview/Image.h	2018-08-10 03:35:00.000000000 +0200
++++ openexr-2.3.0/exrmultiview/Image.h	2018-11-07 09:07:48.072431858 +0100
+@@ -227,7 +227,7 @@ template <class T>
+ void
+ TypedImageChannel<T>::black ()
+ {
+-    memset(&_pixels[0][0],0,image().width()/_xSampling*image().height()/_ySampling*sizeof(T));
++    memset(&_pixels[0][0],0,image().width()/_xSampling*(image().height()/_ySampling)*sizeof(T));
+ }
+ 
+ 
diff --git a/openexr.changes b/openexr.changes
index fc6353b..53e9697 100644
--- a/openexr.changes
+++ b/openexr.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Nov  7 09:42:59 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
+
+- security update
+  * CVE-2018-18444 [bsc#1113455]
+    + openexr-CVE-2018-18444.patch
+
 -------------------------------------------------------------------
 Tue Nov  6 09:35:55 UTC 2018 - Petr Gajdos <pgajdos@suse.com>
 
diff --git a/openexr.spec b/openexr.spec
index 9d4ad13..5cd450b 100644
--- a/openexr.spec
+++ b/openexr.spec
@@ -35,6 +35,7 @@ Source0:        https://github.com/openexr/openexr/releases/download/v%{version}
 Source1:        https://github.com/openexr/openexr/releases/download/v%{version}/openexr-%{version}.tar.gz.sig
 Source2:        baselibs.conf
 Source3:        openexr.keyring
+Patch0:         openexr-CVE-2018-18444.patch
 BuildRequires:  automake
 BuildRequires:  fltk-devel
 BuildRequires:  freeglut-devel
@@ -133,6 +134,7 @@ This package contains documentation.
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 export PTHREAD_LIBS="-lpthread"