summary refs log tree commit diff
path: root/gnu/packages
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/patches/poppler-CVE-2017-9776.patch34
-rw-r--r--gnu/packages/pdf.scm13
2 files changed, 38 insertions, 9 deletions
diff --git a/gnu/packages/patches/poppler-CVE-2017-9776.patch b/gnu/packages/patches/poppler-CVE-2017-9776.patch
new file mode 100644
index 0000000000..17a2807171
--- /dev/null
+++ b/gnu/packages/patches/poppler-CVE-2017-9776.patch
@@ -0,0 +1,34 @@
+Fix CVE-2017-9776:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
+https://bugs.freedesktop.org/show_bug.cgi?id=101541
+
+Patch copied from upstream source repository:
+
+https://cgit.freedesktop.org/poppler/poppler/commit/?id=a3a98a6d83dfbf49f565f5aa2d7c07153a7f62fc
+
+From 55db66c69fd56826b8523710046deab1a8d14ba2 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Wed, 21 Jun 2017 00:55:20 +0200
+Subject: [PATCH] Fix crash in malformed documents
+
+---
+ poppler/JBIG2Stream.cc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/poppler/JBIG2Stream.cc b/poppler/JBIG2Stream.cc
+index 48535883..d89108c8 100644
+--- a/poppler/JBIG2Stream.cc
++++ b/poppler/JBIG2Stream.cc
+@@ -896,7 +896,7 @@ void JBIG2Bitmap::combine(JBIG2Bitmap *bitmap, int x, int y,
+   oneByte = x0 == ((x1 - 1) & ~7);
+ 
+   for (yy = y0; yy < y1; ++yy) {
+-    if (unlikely(y + yy) >= h)
++    if (unlikely((y + yy >= h) || (y + yy < 0)))
+       continue;
+ 
+     // one byte per line -- need to mask both left and right side
+-- 
+2.13.2
+
diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm
index dce02a7b57..ffd7634eab 100644
--- a/gnu/packages/pdf.scm
+++ b/gnu/packages/pdf.scm
@@ -76,7 +76,7 @@
 (define-public poppler
   (package
    (name "poppler")
-   (replacement poppler-0.56.0)
+   (replacement poppler/fixed)
    (version "0.52.0")
    (source (origin
             (method url-fetch)
@@ -130,17 +130,12 @@
    (license license:gpl2+)
    (home-page "https://poppler.freedesktop.org/")))
 
-(define poppler-0.56.0
+(define poppler/fixed
   (package (inherit poppler)
-  (version "0.56.0")
   (source
     (origin
-      (method url-fetch)
-      (uri (string-append "https://poppler.freedesktop.org/poppler-"
-                          version ".tar.xz"))
-      (sha256
-       (base32
-        "0wviayidfv2ix2ql0d4nl9r1ia6qi5kc1nybd9vjx27dk7gvm7c6"))))))
+      (inherit (package-source poppler))
+      (patches (search-patches "poppler-CVE-2017-9776.patch"))))))
 
 (define-public poppler-qt4
   (package/inherit poppler