rpms/libexif/devel libexif-cve-2007-4168.patch, NONE, 1.1 libexif.spec, 1.31, 1.32
Matthias Clasen (mclasen)
fedora-extras-commits at redhat.com
Wed Jun 13 16:13:18 UTC 2007
- Previous message (by thread): rpms/k3b/devel k3b.spec,1.42,1.43
- Next message (by thread): rpms/cups/devel cups-1.1.15-initscript.patch, 1.8, 1.9 cups-direct-usb.patch, 1.6, 1.7 cups-eggcups.patch, 1.5, 1.6 cups.spec, 1.333, 1.334 cups-str2323.patch, 1.1, NONE cups-str2348.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mclasen
Update of /cvs/pkgs/rpms/libexif/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4841
Modified Files:
libexif.spec
Added Files:
libexif-cve-2007-4168.patch
Log Message:
Fix CVE-2007-4168
libexif-cve-2007-4168.patch:
--- NEW FILE libexif-cve-2007-4168.patch ---
--- libexif-0.6.13/libexif/exif-data.c.cve-2007-4168 2005-08-22 16:32:02.000000000 -0400
+++ libexif-0.6.13/libexif/exif-data.c 2007-06-12 12:14:35.000000000 -0400
@@ -174,9 +174,15 @@ exif_data_load_data_entry (ExifData *dat
* Size? If bigger than 4 bytes, the actual data is not
* in the entry but somewhere else (offset).
*/
- s = exif_format_get_size (entry->format) * entry->components;
- if (!s)
- return 0;
+ /* {0,1,2,4,8} x { 0x00000000 .. 0xffffffff }
+ * -> { 0x000000000 .. 0x7fffffff8 } */
+ s = exif_format_get_size(entry->format) * entry->components;
+ if (s < entry->components) {
+ return 0;
+ }
+ if (0 == s)
+ return 0;
+
if (s > 4)
doff = exif_get_long (d + offset + 8, data->priv->order);
else
Index: libexif.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libexif/devel/libexif.spec,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- libexif.spec 31 May 2007 01:40:36 -0000 1.31
+++ libexif.spec 13 Jun 2007 16:12:43 -0000 1.32
@@ -1,12 +1,13 @@
Summary: Library for extracting extra information from image files
Name: libexif
Version: 0.6.15
-Release: 1%{?dist}
+Release: 2%{?dist}
Group: System Environment/Libraries
License: LGPL
URL: http://libexif.sourceforge.net/
Source0: libexif-%{version}.tar.bz2
Source1: libexif-docs.tar.gz
+Patch0: libexif-cve-2007-4168.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: doxygen
@@ -27,6 +28,7 @@
%prep
%setup -q
+%patch0 -p1 -b .cve-2007-4168
# to avoid multilib conflicts, we toss in pre-generated docs
# and neuter make all in the docs dir
tar xzf %{SOURCE1}
@@ -65,6 +67,9 @@
%{_libdir}/pkgconfig/libexif.pc
%changelog
+* Wed Jun 13 2007 Matthias Clasen <mclasen at redhat.com> - 0.6.15-2
+- Add patch for CVE-2007-4168. Fix bug #243892
+
* Wed May 30 2007 Matthias Clasen <mclasen at redhat.com> - 0.6.15-1
- Update to 0.6.15
- Drop obsolete patch
- Previous message (by thread): rpms/k3b/devel k3b.spec,1.42,1.43
- Next message (by thread): rpms/cups/devel cups-1.1.15-initscript.patch, 1.8, 1.9 cups-direct-usb.patch, 1.6, 1.7 cups-eggcups.patch, 1.5, 1.6 cups.spec, 1.333, 1.334 cups-str2323.patch, 1.1, NONE cups-str2348.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list