forked from pool/openexr
Accepting request 900381 from graphics
- security update - added patches fix CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function + openexr-CVE-2021-3605.patch - security update - added patches fix CVE-2021-3598 [bsc#1187310], Heap buffer overflow in Imf_3_1:CharPtrIO:readChars + openexr-CVE-2021-3598.patch - version update to 2.5.6 * [#1013](https://github.com/AcademySoftwareFoundation/openexr/pull/1013) Fixed regression in Imath::succf() and Imath::predf() when negative values are given OBS-URL: https://build.opensuse.org/request/show/900381 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openexr?expand=0&rev=44
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
8fccdb0624
17
openexr-CVE-2021-3598.patch
Normal file
17
openexr-CVE-2021-3598.patch
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
diff --git a/OpenEXR/IlmImf/ImfDeepScanLineInputFile.cpp b/OpenEXR/IlmImf/ImfDeepScanLineInputFile.cpp
|
||||||
|
index 5f0f43989..ead43c729 100644
|
||||||
|
--- a/OpenEXR/IlmImf/ImfDeepScanLineInputFile.cpp
|
||||||
|
+++ b/OpenEXR/IlmImf/ImfDeepScanLineInputFile.cpp
|
||||||
|
@@ -647,6 +647,11 @@ LineBufferTask::execute ()
|
||||||
|
|
||||||
|
_lineBuffer->format = Compressor::XDR;
|
||||||
|
_lineBuffer->uncompressedData = _lineBuffer->buffer;
|
||||||
|
+
|
||||||
|
+ if(_lineBuffer->packedDataSize!=maxBytesPerLine)
|
||||||
|
+ {
|
||||||
|
+ THROW (IEX_NAMESPACE::InputExc, "Incorrect size for uncompressed data. Expected " << maxBytesPerLine << " got " << _lineBuffer->packedDataSize << " bytes");
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
15
openexr-CVE-2021-3605.patch
Normal file
15
openexr-CVE-2021-3605.patch
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
--- a/OpenEXR/IlmImf/ImfRle.cpp
|
||||||
|
+++ b/OpenEXR/IlmImf/ImfRle.cpp
|
||||||
|
@@ -146,6 +146,11 @@ rleUncompress (int inLength, int maxLength, const signed char in[], char out[])
|
||||||
|
if (0 > (maxLength -= count + 1))
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
+ // check the input buffer is big enough to contain
|
||||||
|
+ // byte to be duplicated
|
||||||
|
+ if (inLength < 0)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
memset(out, *(char*)in, count+1);
|
||||||
|
out += count+1;
|
||||||
|
|
||||||
|
|
||||||
@ -1,3 +1,26 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jun 16 12:28:02 UTC 2021 - pgajdos@suse.com
|
||||||
|
|
||||||
|
- security update
|
||||||
|
- added patches
|
||||||
|
fix CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function
|
||||||
|
+ openexr-CVE-2021-3605.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Jun 15 10:05:14 UTC 2021 - pgajdos@suse.com
|
||||||
|
|
||||||
|
- security update
|
||||||
|
- added patches
|
||||||
|
fix CVE-2021-3598 [bsc#1187310], Heap buffer overflow in Imf_3_1:CharPtrIO:readChars
|
||||||
|
+ openexr-CVE-2021-3598.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Jun 15 09:28:19 UTC 2021 - pgajdos@suse.com
|
||||||
|
|
||||||
|
- version update to 2.5.6
|
||||||
|
* [#1013](https://github.com/AcademySoftwareFoundation/openexr/pull/1013)
|
||||||
|
Fixed regression in Imath::succf() and Imath::predf() when negative values are given
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Mar 31 12:04:02 UTC 2021 - pgajdos@suse.com
|
Wed Mar 31 12:04:02 UTC 2021 - pgajdos@suse.com
|
||||||
|
|
||||||
|
|||||||
10
openexr.spec
10
openexr.spec
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openexr
|
# spec file
|
||||||
#
|
#
|
||||||
# Copyright (c) 2021 SUSE LLC
|
# Copyright (c) 2021 SUSE LLC
|
||||||
#
|
#
|
||||||
@ -28,7 +28,7 @@
|
|||||||
%define sonum 25
|
%define sonum 25
|
||||||
%global so_suffix -2_5
|
%global so_suffix -2_5
|
||||||
Name: %{flavor}
|
Name: %{flavor}
|
||||||
Version: 2.5.5
|
Version: 2.5.6
|
||||||
Release: 0
|
Release: 0
|
||||||
%if "%{flavor}" == "openexr"
|
%if "%{flavor}" == "openexr"
|
||||||
Summary: Utilities for working with HDR images in OpenEXR format
|
Summary: Utilities for working with HDR images in OpenEXR format
|
||||||
@ -44,6 +44,10 @@ URL: http://www.openexr.com/
|
|||||||
Source0: https://github.com/openexr/openexr/archive/v%{version}.tar.gz
|
Source0: https://github.com/openexr/openexr/archive/v%{version}.tar.gz
|
||||||
Source2: baselibs.conf
|
Source2: baselibs.conf
|
||||||
Patch1: 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch
|
Patch1: 0001-Use-absolute-CMAKE_INSTALL_FULL_LIBDIR-for-libdir-in.patch
|
||||||
|
# CVE-2021-3598 [bsc#1187310], Heap buffer overflow in Imf_3_1:CharPtrIO:readChars
|
||||||
|
Patch2: openexr-CVE-2021-3598.patch
|
||||||
|
# CVE-2021-3605 [bsc#1187395], Heap buffer overflow in the rleUncompress function
|
||||||
|
Patch3: openexr-CVE-2021-3605.patch
|
||||||
BuildRequires: cmake
|
BuildRequires: cmake
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
BuildRequires: pkgconfig
|
BuildRequires: pkgconfig
|
||||||
@ -223,6 +227,8 @@ Group: System/Libraries
|
|||||||
%prep
|
%prep
|
||||||
%setup -q -n %{prjname}-%{version}
|
%setup -q -n %{prjname}-%{version}
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%if "%{flavor}" == "openexr"
|
%if "%{flavor}" == "openexr"
|
||||||
|
|||||||
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:59e98361cb31456a9634378d0f653a2b9554b8900f233450f2396ff495ea76b3
|
|
||||||
size 27536865
|
|
||||||
3
v2.5.6.tar.gz
Normal file
3
v2.5.6.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:c9f4c268d91d3904b7784b7a65d1eba55334bddf391487e9f14c315fa3a362b5
|
||||||
|
size 27540385
|
||||||
Loading…
Reference in New Issue
Block a user