summary refs log tree commit diff
path: root/gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch
diff options
context:
space:
mode:
authorKei Kebreau <kei@openmailbox.org>2017-08-19 11:39:33 -0400
committerKei Kebreau <kei@openmailbox.org>2017-08-20 08:35:45 -0400
commit6d7d9d9507484773eff697a01f422ea984936373 (patch)
treeeb2fa4594f1b14e58805ef899992559648912a34 /gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch
parenta8cd352304807ef60d06c35da07c5456f036688c (diff)
downloadguix-6d7d9d9507484773eff697a01f422ea984936373.tar.gz
gnu: graphicsmagick: Fix CVE-2017-{12935,12936,12937}.
* gnu/packages/patches/graphicsmagick-CVE-2017-12935.patch,
gnu/packages/patches/graphicsmagick-CVE-2017-12936.patch,
gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/imagemagick.scm (graphicsmagick)[source]: Use them.
Diffstat (limited to 'gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch')
-rw-r--r--gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch28
1 files changed, 28 insertions, 0 deletions
diff --git a/gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch b/gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch
new file mode 100644
index 0000000000..71af9ffe59
--- /dev/null
+++ b/gnu/packages/patches/graphicsmagick-CVE-2017-12937.patch
@@ -0,0 +1,28 @@
+This patch comes from http://hg.code.sf.net/p/graphicsmagick/code/rev/95d00d55e978.
+
+diff -ur a/coders/sun.c b/coders/sun.c
+--- a/coders/sun.c	2016-05-30 13:19:54.000000000 -0400
++++ b/coders/sun.c	2017-08-18 18:00:00.191023610 -0400
+@@ -1,5 +1,5 @@
+ /*
+-% Copyright (C) 2003-2015 GraphicsMagick Group
++% Copyright (C) 2003-2017 GraphicsMagick Group
+ % Copyright (C) 2002 ImageMagick Studio
+ % Copyright 1991-1999 E. I. du Pont de Nemours and Company
+ %
+@@ -577,6 +577,7 @@
+           for (bit=7; bit >= 0; bit--)
+             {
+               index=((*p) & (0x01 << bit) ? 0x01 : 0x00);
++              VerifyColormapIndex(image,index);
+               indexes[x+7-bit]=index;
+               q[x+7-bit]=image->colormap[index];
+             }
+@@ -587,6 +588,7 @@
+             for (bit=7; bit >= (long) (8-(image->columns % 8)); bit--)
+               {
+                 index=((*p) & (0x01 << bit) ? 0x01 : 0x00);
++                VerifyColormapIndex(image,index);
+                 indexes[x+7-bit]=index;
+                 q[x+7-bit]=image->colormap[index];
+               }