main/jasper: security fix for CVE-2014-9029

ref #3779 fixes #3781 (cherry picked from commit a3c611fae92fca14cdae49707d4c798def7df413)
author: Natanael Copa <ncopa@alpinelinux.org> 2015-01-29 12:51:17 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2015-09-21 09:24:58 +0000
commit: a3c4e58af44e7b388f6821cda51ed825b35789cb (patch)
tree: c7a28b6b9b172bebaf6280db41802c5071df46d9
parent: 24bd75c799179686597754fad1d6f4393a9daa02 (diff)
download: aports-a3c4e58af44e7b388f6821cda51ed825b35789cb.tar.bz2
aports-a3c4e58af44e7b388f6821cda51ed825b35789cb.tar.xz
2 files changed, 47 insertions, 2 deletions
diff --git a/main/jasper/APKBUILD b/main/jasper/APKBUILD
index c2b878d8df..863d5d73d3 100644
--- a/main/jasper/APKBUILD
+++ b/main/jasper/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=jasper
 pkgver=1.900.1
-pkgrel=8
+pkgrel=9
 pkgdesc="A software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard"
 url="http://www.ece.uvic.ca/~mdadams/jasper/"
 arch="all"
@@ -15,6 +15,7 @@ source="http://www.ece.uvic.ca/~mdadams/$pkgname/software/$pkgname-$pkgver.zip
 	jasper-1.900.1-CVE-2008-3520.patch
 	jasper-1.900.1-CVE-2008-3522.patch
 	jasper-1.900.1-bnc725758.patch
+	CVE-2014-9029.patch
 	"
 
 _builddir="$srcdir"/$pkgname-$pkgver
@@ -61,4 +62,19 @@ md5sums="a342b2b4495b3e1394e161eb5d85d754  jasper-1.900.1.zip
 24785d8eb3eea19eec7e77d59f3e6a25  libjasper-stepsizes-overflow.patch
 911bb13529483c093d12c15eed4e9243  jasper-1.900.1-CVE-2008-3520.patch
 ed441f30c4231f319d9ff77d86db2ef9  jasper-1.900.1-CVE-2008-3522.patch
-eaf73536f989e629a8c06533e4e6fad5  jasper-1.900.1-bnc725758.patch"
+eaf73536f989e629a8c06533e4e6fad5  jasper-1.900.1-bnc725758.patch
+83fd587d569d6b4c7e49f67caaef9bf9  CVE-2014-9029.patch"
+sha256sums="6b905a9c2aca2e275544212666eefc4eb44d95d0a57e4305457b407fe63f9494  jasper-1.900.1.zip
+fca9c4bddc284d6c59845e5b80adfd670e79c945f166d9624b117c6db0c10492  jpc_dec.c.patch
+e454f0fb1b994535ca02fa2468aa39ff153a78f3688db3808b6e953c44890e41  libjasper-stepsizes-overflow.patch
+02236060cae28be5ac46d90ca17ce2de17e975574dd761d9117994e69bdc38d6  jasper-1.900.1-CVE-2008-3520.patch
+b0272ce179ead3692942246523462db33c0f2a92bd9f9a117ff40e8ec963fbac  jasper-1.900.1-CVE-2008-3522.patch
+be19877bc67d843436288c85c17ab49917b1a3db7954b92f736f6cc3ca704756  jasper-1.900.1-bnc725758.patch
+a43747e7597a2a5108befd4acd31a582101a66096a752e61de853bc860d2a8e1  CVE-2014-9029.patch"
+sha512sums="e3a3c803de848b50482f5bd693b1945197c6999285226c45b671855734d7bb2611fbe6f28cd8ba9c56a4ea59417795eba42d72516c9fec93b8fbaa21b8210cb6  jasper-1.900.1.zip
+c449c0a405f589135b384bc284508bfdd2a29b7bb94b806b960ce72238aa5789cc11fa7d704463ebda9a1384d8d085c603180f7b419e25a91d304b447708b82c  jpc_dec.c.patch
+bafdd22b8214e2993c0a61c06c27b11b4eef68db2e9c6d8786dd54dfae92e685094b66ad6c899d19df9f0f85d3aa4fe35152dd773c5bd9a1e8453ccf8518c799  libjasper-stepsizes-overflow.patch
+d337207260b3ac7e40e92326d95364ef21128431235e6ef9e345a6c781f328fd3aaf0dbfb8c7dde2403ab0cfc89cda664c3f2fec673187589358fe58521e83a1  jasper-1.900.1-CVE-2008-3520.patch
+d686c26f1432b522f41948c7bd188f9b74c455671d5f30ab97144977b22d4e778e475fea6d8128b607218a061c50f2cc767e66413455805e8843c04d901f708d  jasper-1.900.1-CVE-2008-3522.patch
+a83fe196d4305fea6f2265e1bcb64dd4841bf4355ca661c46841de44c9f642f995e13929111833f23f51168282d2da06c0544956edc3a863d13be2b584c1ad73  jasper-1.900.1-bnc725758.patch
+20bac10654ea1b16d741bcc71ca91e484c4238cb285f551a19b1bac4c4cf8ec39bc33f8d3c42dbadd03e85eb667a8e286f208e9b20a5b39429bf8e4454bd9b16  CVE-2014-9029.patch"
diff --git a/main/jasper/CVE-2014-9029.patch b/main/jasper/CVE-2014-9029.patch
new file mode 100644
index 0000000000..98a2035999
--- /dev/null
+++ b/main/jasper/CVE-2014-9029.patch
@@ -0,0 +1,29 @@
+--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c	2014-11-27 12:45:44.000000000 +0100
++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c	2014-11-27 12:44:58.000000000 +0100
+@@ -1281,7 +1281,7 @@ static int jpc_dec_process_coc(jpc_dec_t
+ 	jpc_coc_t *coc = &ms->parms.coc;
+ 	jpc_dec_tile_t *tile;
+ 
+-	if (JAS_CAST(int, coc->compno) > dec->numcomps) {
++	if (JAS_CAST(int, coc->compno) >= dec->numcomps) {
+ 		jas_eprintf("invalid component number in COC marker segment\n");
+ 		return -1;
+ 	}
+@@ -1307,7 +1307,7 @@ static int jpc_dec_process_rgn(jpc_dec_t
+ 	jpc_rgn_t *rgn = &ms->parms.rgn;
+ 	jpc_dec_tile_t *tile;
+ 
+-	if (JAS_CAST(int, rgn->compno) > dec->numcomps) {
++	if (JAS_CAST(int, rgn->compno) >= dec->numcomps) {
+ 		jas_eprintf("invalid component number in RGN marker segment\n");
+ 		return -1;
+ 	}
+@@ -1356,7 +1356,7 @@ static int jpc_dec_process_qcc(jpc_dec_t
+ 	jpc_qcc_t *qcc = &ms->parms.qcc;
+ 	jpc_dec_tile_t *tile;
+ 
+-	if (JAS_CAST(int, qcc->compno) > dec->numcomps) {
++	if (JAS_CAST(int, qcc->compno) >= dec->numcomps) {
+ 		jas_eprintf("invalid component number in QCC marker segment\n");
+ 		return -1;
+ 	}
author	Natanael Copa <ncopa@alpinelinux.org>	2015-01-29 12:51:17 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2015-09-21 09:24:58 +0000
commit	a3c4e58af44e7b388f6821cda51ed825b35789cb (patch)
tree	c7a28b6b9b172bebaf6280db41802c5071df46d9
parent	24bd75c799179686597754fad1d6f4393a9daa02 (diff)
download	aports-a3c4e58af44e7b388f6821cda51ed825b35789cb.tar.bz2 aports-a3c4e58af44e7b388f6821cda51ed825b35789cb.tar.xz