rpms/kdegraphics/FC-6 post-3.5.7-kdegraphics-CVE-2007-3387.diff, NONE, 1.1 kdegraphics.spec, 1.99, 1.100

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Wed Aug 29 13:13:49 UTC 2007 

Author: than

Update of /cvs/dist/rpms/kdegraphics/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv1863

Modified Files:
	kdegraphics.spec 
Added Files:
	post-3.5.7-kdegraphics-CVE-2007-3387.diff 
Log Message:
- resolves bz#251511, CVE-2007-3387 kpdf integer overflow



post-3.5.7-kdegraphics-CVE-2007-3387.diff:
 Stream.cc |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

--- NEW FILE post-3.5.7-kdegraphics-CVE-2007-3387.diff ---
Index: kpdf/xpdf/xpdf/Stream.cc
===================================================================
--- kpdf/xpdf/xpdf/Stream.cc	(revision 689574)
+++ kpdf/xpdf/xpdf/Stream.cc	(working copy)
@@ -411,9 +411,9 @@ StreamPredictor::StreamPredictor(Stream 
 
   nVals = width * nComps;
   if (width <= 0 || nComps <= 0 || nBits <= 0 ||
-      nComps >= INT_MAX / nBits ||
-      width >= INT_MAX / nComps / nBits ||
-      nVals * nBits + 7 < 0) {
+      nComps > gfxColorMaxComps || nBits > 16 ||
+      width >= INT_MAX / nComps ||
+      nVals >= (INT_MAX - 7) / nBits) {
     return;
   }
   pixBytes = (nComps * nBits + 7) >> 3;


Index: kdegraphics.spec
===================================================================
RCS file: /cvs/dist/rpms/kdegraphics/FC-6/kdegraphics.spec,v
retrieving revision 1.99
retrieving revision 1.100
diff -u -r1.99 -r1.100
--- kdegraphics.spec	16 Jun 2007 16:53:56 -0000	1.99
+++ kdegraphics.spec	29 Aug 2007 13:13:47 -0000	1.100
@@ -16,7 +16,7 @@
 %define no_scanner_archs s390 s390x
 
 Version: 3.5.7
-Release: 1%{?dist}
+Release: 1%{?dist}.1
 Name: kdegraphics
 Summary: K Desktop Environment - Graphics Applications
 Epoch: 7
@@ -30,6 +30,10 @@
 Patch2: kdegraphics-3.3.1-xorg.patch
 Patch3: kdegraphics-3.5.1-warning.patch
 
+# security fixes
+# kpdf stack based buffer overflow, CVE-2007-3387
+Patch100: post-3.5.7-kdegraphics-CVE-2007-3387.diff
+
 %ifnarch %{no_scanner_archs}
 BuildRequires: sane-backends-devel >= 1.0.3-10
 BuildRequires: gphoto2-devel
@@ -88,6 +92,9 @@
 %patch2 -p1 -b .xorg
 %patch3 -p1 -b .gcc-warning
 
+# security fixes
+%patch100 -p0 -b .CVE-2007-3387
+
 %if %{rhel}
   echo "DO_NOT_COMPILE=\"\$DO_NOT_COMPILE kfax\"" >kfax/configure.in.in
   echo "DO_NOT_COMPILE=\"\$DO_NOT_COMPILE kfaxview\"" >kfaxview/configure.in.in
@@ -197,6 +204,9 @@
 %exclude %{_libdir}/libkfaximage.so
 
 %changelog
+* Wed Aug 29 2007 Than Ngo <than at redhat.com> - 7:3.5.7-1.fc6.1
+- resolves bz#251511, CVE-2007-3387 kpdf integer overflow
+
 * Sat Jun 16 2007 Than Ngo <than at redhat.com> - 7:3.5.7-1.fc6
 - 3.5.7

More information about the fedora-cvs-commits mailing list