[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

rpms/jasper/FC-5 patch-libjasper-stepsizes-overflow.diff, NONE, 1.1 jasper.spec, 1.17, 1.18



Author: rdieter

Update of /cvs/pkgs/rpms/jasper/FC-5
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15073

Modified Files:
	jasper.spec 
Added Files:
	patch-libjasper-stepsizes-overflow.diff 
Log Message:
* Wed May 23 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 1.900.1-2
- CVE-2007-2721 (#240397)


patch-libjasper-stepsizes-overflow.diff:

--- NEW FILE patch-libjasper-stepsizes-overflow.diff ---
--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c	2007-01-19 22:43:07.000000000 +0100
+++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c	2007-04-06 01:29:02.000000000 +0200
@@ -982,7 +982,10 @@ static int jpc_qcx_getcompparms(jpc_qcxc
 		compparms->numstepsizes = (len - n) / 2;
 		break;
 	}
-	if (compparms->numstepsizes > 0) {
+	if (compparms->numstepsizes > 3 * JPC_MAXRLVLS + 1) {
+		jpc_qcx_destroycompparms(compparms);
+                return -1;
+        } else if (compparms->numstepsizes > 0) {
 		compparms->stepsizes = jas_malloc(compparms->numstepsizes *
 		  sizeof(uint_fast16_t));
 		assert(compparms->stepsizes);


Index: jasper.spec
===================================================================
RCS file: /cvs/pkgs/rpms/jasper/FC-5/jasper.spec,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- jasper.spec	29 Mar 2007 19:26:01 -0000	1.17
+++ jasper.spec	31 May 2007 03:31:56 -0000	1.18
@@ -11,7 +11,7 @@
 Name:    jasper
 Group:   System Environment/Libraries
 Version: 1.900.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 
 License: JasPer License Version 2.0
 %if "%{?geo:1}" == "1"
@@ -28,6 +28,9 @@
 Patch1: jasper-1.701.0-GL.patch
 # autoconf/automake bits of patch1
 Patch2: jasper-1.701.0-GL-ac.patch
+# CVE-2007-2721 (bug #240397)
+# borrowed from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041;msg=88
+Patch3: patch-libjasper-stepsizes-overflow.diff
 
 BuildRequires: automake 
 BuildRequires: libjpeg-devel
@@ -52,6 +55,7 @@
 %setup -q -n %{name}-%{version}%{?geo:.GEO}
 
 %patch1 -p1 -b .GL
+%patch3 -p1 -b .CVE-2007-2721
 
 %if "%{?geo:1}" == "1"
 chmod +x configure configure.ac
@@ -64,6 +68,7 @@
 %endif
 
 
+
 %build
 
 %configure \
@@ -115,6 +120,9 @@
 
 
 %changelog
+* Wed May 23 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 1.900.1-2
+- CVE-2007-2721 (#240397)
+
 * Thu Mar 29 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 1.900.1-1
 - jasper-1.900.1
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]