rpms/libexif/FC-5 libexif-cve-2007-4168.patch, 1.1, 1.2 libexif.spec, 1.18, 1.19
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Jun 13 20:25:06 UTC 2007
- Previous message (by thread): rpms/kernel/FC-6 linux-2.6-dm_crypt_fix_avoid_cloned_bio_ref_after_free.patch, NONE, 1.1 linux-2.6-dm_crypt_fix_call_to_clone_init.patch, NONE, 1.1 linux-2.6-dm_crypt_fix_remove_first_clone.patch, NONE, 1.1 linux-2.6-sysfs_fix_condition_in_drop_dentry.patch, NONE, 1.1 linux-2.6-udf-2.6.22-rc2-1-udf_data_corruption.patch, NONE, 1.1 linux-2.6-udf-2.6.22-rc4-1-udf_block_leak.patch, NONE, 1.1 kernel-2.6.spec, 1.2959, 1.2960
- Next message (by thread): rpms/libexif/FC-5 libexif-cve-2007-4168.patch,1.2,1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mclasen
Update of /cvs/dist/rpms/libexif/FC-5
In directory cvs.devel.redhat.com:/tmp/cvs-serv2523
Modified Files:
libexif-cve-2007-4168.patch libexif.spec
Log Message:
Fix another issues
libexif-cve-2007-4168.patch:
exif-data.c | 26 +++++++++++++++++---------
1 files changed, 17 insertions(+), 9 deletions(-)
Index: libexif-cve-2007-4168.patch
===================================================================
RCS file: /cvs/dist/rpms/libexif/FC-5/libexif-cve-2007-4168.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- libexif-cve-2007-4168.patch 13 Jun 2007 14:45:41 -0000 1.1
+++ libexif-cve-2007-4168.patch 13 Jun 2007 20:24:58 -0000 1.2
@@ -1,6 +1,15 @@
---- libexif-0.6.13/libexif/exif-data.c.cve-2007-4168 2005-08-22 16:32:02.000000000 -0400
-+++ libexif-0.6.13/libexif/exif-data.c 2007-06-12 12:14:35.000000000 -0400
-@@ -174,9 +174,15 @@ exif_data_load_data_entry (ExifData *dat
+--- libexif-0.5.12/libexif/exif-data.c.cve-2007-4168 2007-06-13 15:33:05.000000000 -0400
++++ libexif-0.5.12/libexif/exif-data.c 2007-06-13 15:36:47.000000000 -0400
+@@ -83,7 +83,7 @@ exif_data_new_from_data (const unsigned
+ return (edata);
+ }
+
+-static void
++static int
+ exif_data_load_data_entry (ExifData *data, ExifEntry *entry,
+ const unsigned char *d,
+ unsigned int size, unsigned int offset)
+@@ -98,9 +98,15 @@ exif_data_load_data_entry (ExifData *dat
* Size? If bigger than 4 bytes, the actual data is not
* in the entry but somewhere else (offset).
*/
@@ -11,11 +20,42 @@
+ * -> { 0x000000000 .. 0x7fffffff8 } */
+ s = exif_format_get_size(entry->format) * entry->components;
+ if (s < entry->components) {
-+ return;
++ return 0;
+ }
+ if (0 == s)
-+ return;
++ return 0;
+
if (s > 4)
doff = exif_get_long (d + offset + 8, data->priv->order);
else
+@@ -110,13 +116,15 @@ exif_data_load_data_entry (ExifData *dat
+ if ((doff + s < doff) || (doff + s < s))
+ return 0;
+ if (size < doff + s)
+- return;
++ return 0;
+
+ entry->data = malloc (sizeof (char) * s);
+ if (!entry->data)
+- return;
++ return 0;
+ entry->size = s;
+ memcpy (entry->data, d + doff, s);
++
++ return 1;
+ }
+
+ static void
+@@ -244,9 +252,9 @@ exif_data_load_data_content (ExifData *d
+ break;
+ default:
+ entry = exif_entry_new ();
+- exif_content_add_entry (ifd, entry);
+- exif_data_load_data_entry (data, entry, d, ds,
+- offset + 12 * i);
++ if (exif_data_load_data_entry (data, entry, d, ds,
++ offset + 12 * i))
++ exif_content_add_entry (ifd, entry);
+ exif_entry_unref (entry);
+ break;
+ }
Index: libexif.spec
===================================================================
RCS file: /cvs/dist/rpms/libexif/FC-5/libexif.spec,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- libexif.spec 13 Jun 2007 14:45:41 -0000 1.18
+++ libexif.spec 13 Jun 2007 20:24:58 -0000 1.19
@@ -1,7 +1,7 @@
Summary: Library for extracting extra information from image files
Name: libexif
Version: 0.6.12
-Release: 4
+Release: 5
Group: System Environment/Libraries
License: LGPL
URL: http://libexif.sourceforge.net/
@@ -65,7 +65,7 @@
%{_libdir}/pkgconfig/libexif.pc
%changelog
-* Wed Jun 13 2007 Matthias Clasen <mclasen at redhat.com> - 0.6.12-4
+* Wed Jun 13 2007 Matthias Clasen <mclasen at redhat.com> - 0.6.12-5
-- Add patch for CVE-2007-4168. Fix bug #243891
* Fri Feb 10 2006 Jesse Keating <jkeating at redhat.com> - 0.6.12-3.2.1
- Previous message (by thread): rpms/kernel/FC-6 linux-2.6-dm_crypt_fix_avoid_cloned_bio_ref_after_free.patch, NONE, 1.1 linux-2.6-dm_crypt_fix_call_to_clone_init.patch, NONE, 1.1 linux-2.6-dm_crypt_fix_remove_first_clone.patch, NONE, 1.1 linux-2.6-sysfs_fix_condition_in_drop_dentry.patch, NONE, 1.1 linux-2.6-udf-2.6.22-rc2-1-udf_data_corruption.patch, NONE, 1.1 linux-2.6-udf-2.6.22-rc4-1-udf_block_leak.patch, NONE, 1.1 kernel-2.6.spec, 1.2959, 1.2960
- Next message (by thread): rpms/libexif/FC-5 libexif-cve-2007-4168.patch,1.2,1.3
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list