diff options
author | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-06-16 08:24:59 +0000 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2017-06-16 08:57:04 +0000 |
commit | 3fcc32c9ff95c730f11a5370f3db849a273fb08a (patch) | |
tree | 43746dba7df7890ed519eb48ceea3a467f0d525e | |
parent | 40b12cafc8b73a878ba13a8d70990b065f857adc (diff) | |
download | aports-3fcc32c9ff95c730f11a5370f3db849a273fb08a.tar.bz2 aports-3fcc32c9ff95c730f11a5370f3db849a273fb08a.tar.xz |
main/gdk-pixbuf: security fix (CVE-2017-6314)
Partially fixes #6958
CVE-2017-6311-2: patches don't apply
CVE-2017-6313: fix N/A, https://bugzilla.gnome.org/show_bug.cgi?id=779016
-rw-r--r-- | main/gdk-pixbuf/APKBUILD | 16 | ||||
-rw-r--r-- | main/gdk-pixbuf/CVE-2017-6314.patch | 16 |
2 files changed, 28 insertions, 4 deletions
diff --git a/main/gdk-pixbuf/APKBUILD b/main/gdk-pixbuf/APKBUILD index 8227ca0cce..d980eb9231 100644 --- a/main/gdk-pixbuf/APKBUILD +++ b/main/gdk-pixbuf/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=gdk-pixbuf pkgver=2.32.2 -pkgrel=0 +pkgrel=1 pkgdesc="GDK Pixbuf library" url="http://www.gtk.org/" arch="all" @@ -13,11 +13,16 @@ install="$pkgname.pre-deinstall" triggers="$pkgname.trigger=/usr/lib/gdk-pixbuf-2.0/*/loaders" subpackages="$pkgname-dev $pkgname-doc $pkgname-lang" source="http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/${pkgver%.*}/gdk-pixbuf-$pkgver.tar.xz + CVE-2017-6314.patch " replaces="gtk+" _builddir="$srcdir"/$pkgname-$pkgver +# secfixes: +# 2.32.2-r1: +# - CVE-2017-6314 + prepare() { cd "$_builddir" for i in $source; do @@ -58,6 +63,9 @@ dev() { default_dev } -md5sums="bbd9b471c60d11ab8ce133a5f04310af gdk-pixbuf-2.32.2.tar.xz" -sha256sums="d3ab06fc123b13effed4c27c77cebdfad2173ff20628d82c397b7660ae926145 gdk-pixbuf-2.32.2.tar.xz" -sha512sums="146cbddc1b4a68715a827fc53d98f213f5e27f4f4a8b3fe6148b96c866b4ca4ab624613ddf196d4b0a01bbddfc6f8438b96ad436d23dfced02d584ff8c2fdf3d gdk-pixbuf-2.32.2.tar.xz" +md5sums="bbd9b471c60d11ab8ce133a5f04310af gdk-pixbuf-2.32.2.tar.xz +bd0cf481936ebc80e0f2be3411bfe720 CVE-2017-6314.patch" +sha256sums="d3ab06fc123b13effed4c27c77cebdfad2173ff20628d82c397b7660ae926145 gdk-pixbuf-2.32.2.tar.xz +17e3f13cc3b42b442a36ddf1c7d2c588f0e3aa39699d70299690930322ddd019 CVE-2017-6314.patch" +sha512sums="146cbddc1b4a68715a827fc53d98f213f5e27f4f4a8b3fe6148b96c866b4ca4ab624613ddf196d4b0a01bbddfc6f8438b96ad436d23dfced02d584ff8c2fdf3d gdk-pixbuf-2.32.2.tar.xz +2ea67f0716234de017f7e8c628d544b40513f23689d70e5e5e2621affabce40ae733d399f64d2641616c114ac7f3fa22396e68142656dbb10993d70181ff5a50 CVE-2017-6314.patch" diff --git a/main/gdk-pixbuf/CVE-2017-6314.patch b/main/gdk-pixbuf/CVE-2017-6314.patch new file mode 100644 index 0000000000..a345fe03fd --- /dev/null +++ b/main/gdk-pixbuf/CVE-2017-6314.patch @@ -0,0 +1,16 @@ +--- gdk-pixbuf-2.30.8/gdk-pixbuf/io-tiff.c ++++ gdk-pixbuf-2.30.8/gdk-pixbuf/io-tiff.c +@@ -458,9 +458,12 @@ make_available_at_least (TiffContext *co + need_alloc = context->used + needed; + if (need_alloc > context->allocated) { + guint new_size = 1; +- while (new_size < need_alloc) ++ while (new_size && (new_size < need_alloc)) + new_size *= 2; + ++ if(!(new_size)) ++ return FALSE; ++ + new_buffer = g_try_realloc (context->buffer, new_size); + if (new_buffer) { + context->buffer = new_buffer; |