From 90bcecc56886ed8b3b55db01c1f0b015fc2fc9a1 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 30 Jan 2016 16:11:04 -0500 Subject: gnu: jasper: Add fixes for several security flaws. * gnu/packages/patches/jasper-CVE-2007-2721.patch, gnu/packages/patches/jasper-CVE-2008-3520.patch, gnu/packages/patches/jasper-CVE-2011-4516-and-CVE-2011-4517.patch, gnu/packages/patches/jasper-CVE-2014-8137.patch, gnu/packages/patches/jasper-CVE-2014-8138.patch, gnu/packages/patches/jasper-CVE-2014-8157.patch, gnu/packages/patches/jasper-CVE-2014-8158.patch, gnu/packages/patches/jasper-CVE-2014-9029.patch, gnu/packages/patches/jasper-CVE-2016-1867.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/image.scm (jasper)[source]: Add patches. --- gnu/packages/patches/jasper-CVE-2016-1867.patch | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 gnu/packages/patches/jasper-CVE-2016-1867.patch (limited to 'gnu/packages/patches/jasper-CVE-2016-1867.patch') diff --git a/gnu/packages/patches/jasper-CVE-2016-1867.patch b/gnu/packages/patches/jasper-CVE-2016-1867.patch new file mode 100644 index 0000000000..2d2ca6f014 --- /dev/null +++ b/gnu/packages/patches/jasper-CVE-2016-1867.patch @@ -0,0 +1,18 @@ +Fix CVE-2016-1867 (Out-of-bounds read in jpc_pi_nextcprl()). + +Copied from SUSE. + +https://bugzilla.suse.com/show_bug.cgi?id=961886 +https://bugzilla.redhat.com/show_bug.cgi?id=1298135 + +--- jasper-1.900.1/src/libjasper/jpc/jpc_t2cod.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t2cod.c 2016-01-14 14:22:24.569056412 +0100 +@@ -429,7 +429,7 @@ + } + + for (pi->compno = pchg->compnostart, pi->picomp = +- &pi->picomps[pi->compno]; pi->compno < JAS_CAST(int, pchg->compnoend); ++pi->compno, ++ &pi->picomps[pi->compno]; pi->compno < JAS_CAST(int, pchg->compnoend) && pi->compno < pi->numcomps; ++pi->compno, + ++pi->picomp) { + pirlvl = pi->picomp->pirlvls; + pi->xstep = pi->picomp->hsamp * (1 << (pirlvl->prcwidthexpn + -- cgit 1.4.1