diff options
author | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-06-16 08:24:59 +0000 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-06-16 08:32:52 +0000 |
commit | b94677ab61788321ca49525a88ae523c9f0a6bca (patch) | |
tree | a8aa57f6fa9ce3db67078113380ae43d78571021 | |
parent | 93fd1a38cd5fd45ff4049e23489bd9f46b5065b3 (diff) | |
download | alpine_aports-b94677ab61788321ca49525a88ae523c9f0a6bca.tar.bz2 alpine_aports-b94677ab61788321ca49525a88ae523c9f0a6bca.tar.xz alpine_aports-b94677ab61788321ca49525a88ae523c9f0a6bca.zip |
main/gdk-pixbuf: security fixes (CVE-2017-6311, CVE-2017-6312, CVE-2017-6314)
Partially fixes #6954
CVE-2017-6313: fix N/A, https://bugzilla.gnome.org/show_bug.cgi?id=779016
-rw-r--r-- | main/gdk-pixbuf/APKBUILD | 16 | ||||
-rw-r--r-- | main/gdk-pixbuf/CVE-2017-6311.patch | 23 | ||||
-rw-r--r-- | main/gdk-pixbuf/CVE-2017-6312.patch | 25 | ||||
-rw-r--r-- | main/gdk-pixbuf/CVE-2017-6314.patch | 16 |
4 files changed, 78 insertions, 2 deletions
diff --git a/main/gdk-pixbuf/APKBUILD b/main/gdk-pixbuf/APKBUILD index e828f3e2f5..335826903d 100644 --- a/main/gdk-pixbuf/APKBUILD +++ b/main/gdk-pixbuf/APKBUILD | |||
@@ -1,7 +1,7 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=gdk-pixbuf | 2 | pkgname=gdk-pixbuf |
3 | pkgver=2.36.6 | 3 | pkgver=2.36.6 |
4 | pkgrel=0 | 4 | pkgrel=1 |
5 | pkgdesc="GDK Pixbuf library" | 5 | pkgdesc="GDK Pixbuf library" |
6 | url="http://www.gtk.org/" | 6 | url="http://www.gtk.org/" |
7 | arch="all" | 7 | arch="all" |
@@ -14,11 +14,20 @@ install="$pkgname.pre-deinstall" | |||
14 | triggers="$pkgname.trigger=/usr/lib/gdk-pixbuf-2.0/*/loaders" | 14 | triggers="$pkgname.trigger=/usr/lib/gdk-pixbuf-2.0/*/loaders" |
15 | subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" | 15 | subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" |
16 | source="http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/${pkgver%.*}/gdk-pixbuf-$pkgver.tar.xz | 16 | source="http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/${pkgver%.*}/gdk-pixbuf-$pkgver.tar.xz |
17 | CVE-2017-6311.patch | ||
18 | CVE-2017-6312.patch | ||
19 | CVE-2017-6314.patch | ||
17 | " | 20 | " |
18 | replaces="gtk+" | 21 | replaces="gtk+" |
19 | 22 | ||
20 | _builddir="$srcdir"/$pkgname-$pkgver | 23 | _builddir="$srcdir"/$pkgname-$pkgver |
21 | 24 | ||
25 | # secfixes: | ||
26 | # 2.36.6-r1: | ||
27 | # - CVE-2017-6311 | ||
28 | # - CVE-2017-6312 | ||
29 | # - CVE-2017-6314 | ||
30 | |||
22 | prepare() { | 31 | prepare() { |
23 | cd "$_builddir" | 32 | cd "$_builddir" |
24 | for i in $source; do | 33 | for i in $source; do |
@@ -57,4 +66,7 @@ dev() { | |||
57 | default_dev | 66 | default_dev |
58 | } | 67 | } |
59 | 68 | ||
60 | sha512sums="b963f01161b58463c83499079545aa946fd824ec5e7167e0898698ac46e0cc3fb3dcb0cac5afabd6b7d957391b9c9bba55f340294076433155fc91052d5403ec gdk-pixbuf-2.36.6.tar.xz" | 69 | sha512sums="b963f01161b58463c83499079545aa946fd824ec5e7167e0898698ac46e0cc3fb3dcb0cac5afabd6b7d957391b9c9bba55f340294076433155fc91052d5403ec gdk-pixbuf-2.36.6.tar.xz |
70 | b1da3b159b20fe9fcfb06ec77970d3f4adc516dbc63a9fe7e81dbaa61db2f18188775668a2bc764128186696adc9ee3dfd4dcf1a04faa302e23957d38071a610 CVE-2017-6311.patch | ||
71 | 3b67e10ae02ecfdb541c427f811541e2cd0cfc3f048b1e4b119767b7f8f3a02de8a9c7302c21d23de1ea886f994d4dcdb687580c970d7d49eba80f17075ff0de CVE-2017-6312.patch | ||
72 | 2ea67f0716234de017f7e8c628d544b40513f23689d70e5e5e2621affabce40ae733d399f64d2641616c114ac7f3fa22396e68142656dbb10993d70181ff5a50 CVE-2017-6314.patch" | ||
diff --git a/main/gdk-pixbuf/CVE-2017-6311.patch b/main/gdk-pixbuf/CVE-2017-6311.patch new file mode 100644 index 0000000000..d3d65789ee --- /dev/null +++ b/main/gdk-pixbuf/CVE-2017-6311.patch | |||
@@ -0,0 +1,23 @@ | |||
1 | @@ -, +, @@ | ||
2 | returned | ||
3 | thumbnailer/gnome-thumbnailer-skeleton.c | 6 +++++- | ||
4 | 1 file changed, 5 insertions(+), 1 deletion(-) | ||
5 | --- a/thumbnailer/gnome-thumbnailer-skeleton.c | ||
6 | +++ a/thumbnailer/gnome-thumbnailer-skeleton.c | ||
7 | @@ -315,11 +315,15 @@ int main (int argc, char **argv) | ||
8 | #endif | ||
9 | g_free (input_filename); | ||
10 | |||
11 | - if (!pixbuf) { | ||
12 | + if (!pixbuf && error) { | ||
13 | g_warning ("Could not thumbnail '%s': %s", filenames[0], error->message); | ||
14 | g_error_free (error); | ||
15 | g_strfreev (filenames); | ||
16 | return 1; | ||
17 | + } else if (!pixbuf) { | ||
18 | + g_warning ("Could not thumbnail '%s'", filenames[0]); | ||
19 | + g_strfreev (filenames); | ||
20 | + return 1; | ||
21 | } | ||
22 | |||
23 | if (gdk_pixbuf_save (pixbuf, output, "png", &error, NULL) == FALSE) { | ||
diff --git a/main/gdk-pixbuf/CVE-2017-6312.patch b/main/gdk-pixbuf/CVE-2017-6312.patch new file mode 100644 index 0000000000..3cd9bbe757 --- /dev/null +++ b/main/gdk-pixbuf/CVE-2017-6312.patch | |||
@@ -0,0 +1,25 @@ | |||
1 | --- a/gdk-pixbuf/io-ico.c | ||
2 | +++ a/gdk-pixbuf/io-ico.c | ||
3 | @@ -330,10 +330,8 @@ static void DecodeHeader(guchar *Data, gint Bytes, | ||
4 | return; | ||
5 | } | ||
6 | |||
7 | - /* We know how many bytes are in the "header" part. */ | ||
8 | - State->HeaderSize = entry->DIBoffset + INFOHEADER_SIZE; | ||
9 | - | ||
10 | - if (State->HeaderSize < 0) { | ||
11 | + /* Avoid invoking undefined behavior in the State->HeaderSize calculation below */ | ||
12 | + if (entry->DIBoffset > G_MAXINT - INFOHEADER_SIZE) { | ||
13 | g_set_error (error, | ||
14 | GDK_PIXBUF_ERROR, | ||
15 | GDK_PIXBUF_ERROR_CORRUPT_IMAGE, | ||
16 | @@ -341,6 +339,9 @@ static void DecodeHeader(guchar *Data, gint Bytes, | ||
17 | return; | ||
18 | } | ||
19 | |||
20 | + /* We know how many bytes are in the "header" part. */ | ||
21 | + State->HeaderSize = entry->DIBoffset + INFOHEADER_SIZE; | ||
22 | + | ||
23 | if (State->HeaderSize>State->BytesInHeaderBuf) { | ||
24 | guchar *tmp=g_try_realloc(State->HeaderBuf,State->HeaderSize); | ||
25 | if (!tmp) { | ||
diff --git a/main/gdk-pixbuf/CVE-2017-6314.patch b/main/gdk-pixbuf/CVE-2017-6314.patch new file mode 100644 index 0000000000..a345fe03fd --- /dev/null +++ b/main/gdk-pixbuf/CVE-2017-6314.patch | |||
@@ -0,0 +1,16 @@ | |||
1 | --- gdk-pixbuf-2.30.8/gdk-pixbuf/io-tiff.c | ||
2 | +++ gdk-pixbuf-2.30.8/gdk-pixbuf/io-tiff.c | ||
3 | @@ -458,9 +458,12 @@ make_available_at_least (TiffContext *co | ||
4 | need_alloc = context->used + needed; | ||
5 | if (need_alloc > context->allocated) { | ||
6 | guint new_size = 1; | ||
7 | - while (new_size < need_alloc) | ||
8 | + while (new_size && (new_size < need_alloc)) | ||
9 | new_size *= 2; | ||
10 | |||
11 | + if(!(new_size)) | ||
12 | + return FALSE; | ||
13 | + | ||
14 | new_buffer = g_try_realloc (context->buffer, new_size); | ||
15 | if (new_buffer) { | ||
16 | context->buffer = new_buffer; | ||