rpms
/
GraphicsMagick
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CVE-2017-11102 (#1473728)

Browse Source 
CVE-2017-11139 (#1473739)
CVE-2017-11140 (#1473750)
CVE-2017-11636 (#1475456)
CVE-2017-11637 (#1475452)
CVE-2017-11638 (#1475708)
CVE-2017-11641 (#1475489)
epel9
Rex Dieter 8 years ago
parent a8779cfcf4
commit 056f22f48a
9 changed files with 646 additions and 1 deletions
Show Stats Download Patch File Download Diff File

30
GraphicsMagick-CVE-2017-11102-1.patch
Unescape View File

@ -0,0 +1,30 @@
# HG changeset patch
# User Glenn Randers-Pehrson <glennrp+bmo@gmail.com>
# Date 1499262082 14400
# Node ID dea93a690fc125f70fb8688a0ff3035b96b0045e
# Parent a42ae8447fe7a457790bf699371a1a6f3c6d4e57
Stop crash due to zero-length color_image while reading a JNG
diff -r a42ae8447fe7 -r dea93a690fc1 coders/png.c
--- a/coders/png.c Tue Jul 04 16:33:37 2017 -0500
+++ b/coders/png.c Wed Jul 05 09:41:22 2017 -0400
@@ -3314,12 +3314,13 @@
if (logging)
(void) LogMagickEvent(CoderEvent,GetMagickModule(),
- " Copying JDAT chunk data"
- " to color_blob.");
- if (color_image != (Image *)NULL)
+ " Copying %lu bytes of JDAT chunk data"
+ " to color_blob.",length);
+ if (length && color_image != (Image *)NULL)
+ {
(void) WriteBlob(color_image,length,(char *) chunk);
- if (length)
MagickFreeMemory(chunk);
+ }
continue;
}

192
GraphicsMagick-CVE-2017-11102-2.patch
Unescape View File

@ -0,0 +1,192 @@
# HG changeset patch
# User Glenn Randers-Pehrson <glennrp+bmo@gmail.com>
# Date 1499352170 14400
# Node ID d445af60a8d50c4c6f063c7e65fea255b6db2b33
# Parent dea93a690fc125f70fb8688a0ff3035b96b0045e
coders/png.c: Consolidate JNG cleanup into a new DestroyJNG() function.
diff -r dea93a690fc1 -r d445af60a8d5 coders/png.c
--- a/coders/png.c Wed Jul 05 09:41:22 2017 -0400
+++ b/coders/png.c Thu Jul 06 10:42:50 2017 -0400
@@ -2924,18 +2924,20 @@
#if defined(JNG_SUPPORTED)
-
void
-DestroyJNGInfo(ImageInfo *color_image_info, ImageInfo *alpha_image_info)
+DestroyJNG(unsigned char *chunk,Image *color_image,ImageInfo *color_image_info,
+ Image *alpha_image,ImageInfo *alpha_image_info)
{
- if (color_image_info != (ImageInfo *)NULL)
- {
- DestroyImageInfo(color_image_info);
- }
- if (alpha_image_info != (ImageInfo *)NULL)
- {
- DestroyImageInfo(alpha_image_info);
- }
+ if (chunk)
+ MagickFreeMemory(chunk);
+ if (color_image_info)
+ DestroyImageInfo(color_image_info);
+ if (alpha_image_info)
+ DestroyImageInfo(alpha_image_info);
+ if (color_image)
+ DestroyImage(color_image);
+ if (alpha_image)
+ DestroyImage(alpha_image);
}
/*
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -3105,7 +3107,8 @@
if (length > PNG_MAX_UINT || count == 0)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyJNG(NULL,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(CorruptImageError,CorruptImage,image);
}
@@ -3116,13 +3119,15 @@
chunk=MagickAllocateMemory(unsigned char *,length);
if (chunk == (unsigned char *) NULL)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,
image);
}
if (ReadBlob(image,length,chunk) < length)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(CorruptImageError,CorruptImage,image);
}
p=chunk;
@@ -3133,8 +3138,8 @@
{
if (length != 16)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
- MagickFreeMemory(chunk);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
(void) ThrowException2(&image->exception,CoderWarning,
"Invalid JHDR chunk length",(char *) NULL);
return (MagickFail);
@@ -3196,8 +3201,8 @@
(void) LogMagickEvent(CoderEvent,GetMagickModule(),
" JNG width or height too large: (%lu x %lu)",
jng_width, jng_height);
- MagickFreeMemory(chunk);
- DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(CorruptImageError,ImproperImageHeader,image);
}
@@ -3224,7 +3229,8 @@
color_image_info=MagickAllocateMemory(ImageInfo *,sizeof(ImageInfo));
if (color_image_info == (ImageInfo *) NULL)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,
image);
}
@@ -3232,7 +3238,8 @@
color_image=AllocateImage(color_image_info);
if (color_image == (Image *) NULL)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,
image);
}
@@ -3244,7 +3251,8 @@
exception);
if (status == MagickFalse)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(CoderError,UnableToOpenBlob,color_image);
}
@@ -3254,7 +3262,8 @@
sizeof(ImageInfo));
if (alpha_image_info == (ImageInfo *) NULL)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(ResourceLimitError,
MemoryAllocationFailed, image);
}
@@ -3262,7 +3271,8 @@
alpha_image=AllocateImage(alpha_image_info);
if (alpha_image == (Image *) NULL)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(ResourceLimitError,
MemoryAllocationFailed,
alpha_image);
@@ -3275,8 +3285,8 @@
exception);
if (status == MagickFalse)
{
- DestroyJNGInfo(color_image_info,alpha_image_info);
- DestroyImage(alpha_image);
+ DestroyJNG(chunk,color_image,color_image_info,
+ alpha_image,alpha_image_info);
ThrowReaderException(CoderError,UnableToOpenBlob,image);
}
if (jng_alpha_compression_method == 0)
@@ -3496,7 +3506,7 @@
}
- /* IEND found */
+ /* IEND found or loop ended */
/*
Finish up reading image data:
@@ -3610,10 +3620,8 @@
break;
}
(void) LiberateUniqueFileResource(alpha_image->filename);
- DestroyImage(alpha_image);
- alpha_image = (Image *)NULL;
- DestroyImageInfo(alpha_image_info);
- alpha_image_info = (ImageInfo *)NULL;
+ DestroyJNG(NULL,color_image,color_image_info,
+ alpha_image,alpha_image_info);
DestroyImage(jng_image);
jng_image = (Image *)NULL;
}
@@ -3636,13 +3644,8 @@
/* Clean up in case we didn't earlier */
- DestroyJNGInfo(color_image_info,alpha_image_info);
-
- if (alpha_image != (Image *)NULL)
- {
- (void) LiberateUniqueFileResource(alpha_image->filename);
- DestroyImage(alpha_image);
- }
+ DestroyJNG(NULL,color_image,color_image_info,
+ alpha_image,alpha_image_info);
if (logging)
(void) LogMagickEvent(CoderEvent,GetMagickModule(),

23
GraphicsMagick-CVE-2017-11139.patch
Unescape View File

@ -0,0 +1,23 @@
# HG changeset patch
# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
# Date 1499536785 18000
# Node ID 4d0baa77245b386754cd65bbdb7b0937088cb3de
# Parent b4139088b49afaad8ac76b74f8a10ad5a63d3f3b
JNG: Fix double frees caused by changeset 15060:d445af60a8d5 commited on 2017-07-06
diff -r b4139088b49a -r 4d0baa77245b coders/png.c
--- a/coders/png.c Sat Jul 08 09:20:58 2017 -0500
+++ b/coders/png.c Sat Jul 08 12:59:45 2017 -0500
@@ -3622,6 +3622,10 @@
(void) LiberateUniqueFileResource(alpha_image->filename);
DestroyJNG(NULL,color_image,color_image_info,
alpha_image,alpha_image_info);
+ color_image = (Image *)NULL;
+ color_image_info = (ImageInfo *) NULL;
+ alpha_image = (Image *)NULL;
+ alpha_image_info = (ImageInfo *) NULL;
DestroyImage(jng_image);
jng_image = (Image *)NULL;
}

80
GraphicsMagick-CVE-2017-11140.patch
Unescape View File

@ -0,0 +1,80 @@
# HG changeset patch
# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
# Date 1499523658 18000
# Node ID b4139088b49afaad8ac76b74f8a10ad5a63d3f3b
# Parent c94d4172aca78ff942c0b6bd5537275873acb408
Defer creating pixel cache until first scanline. Classify some libjpeg warnings as errors.
diff -r c94d4172aca7 -r b4139088b49a coders/jpeg.c
--- a/coders/jpeg.c Thu Jul 06 18:54:30 2017 -0500
+++ b/coders/jpeg.c Sat Jul 08 09:20:58 2017 -0500
@@ -240,10 +240,34 @@
err->msg_parm.i[4], err->msg_parm.i[5],
err->msg_parm.i[6], err->msg_parm.i[7]);
}
- if ((err->num_warnings == 0) ||
- (err->trace_level >= 3))
- ThrowBinaryException2(CorruptImageWarning,(char *) message,
+ /*
+ Treat some "warnings" as errors
+ */
+ switch (err->msg_code)
+ {
+ case JWRN_HIT_MARKER: /* Corrupt JPEG data: premature end of data segment */
+ case JWRN_JPEG_EOF: /* Premature end of JPEG file */
+ {
+ ThrowBinaryException2(CorruptImageError,(char *) message,
+ image->filename);
+ break;
+ }
+ case JWRN_HUFF_BAD_CODE: /* Corrupt JPEG data: bad Huffman code */
+ case JWRN_MUST_RESYNC: /* Corrupt JPEG data: found marker 0x%02x instead of RST%d */
+ case JWRN_NOT_SEQUENTIAL: /* "Invalid SOS parameters for sequential JPEG */
+ {
+ ThrowBinaryException2(CorruptImageError,(char *) message,
image->filename);
+ break;
+ }
+ default:
+ {
+ if ((err->num_warnings == 0) ||
+ (err->trace_level >= 3))
+ ThrowBinaryException2(CorruptImageWarning,(char *) message,
+ image->filename);
+ }
+ }
err->num_warnings++;
}
else
@@ -1350,6 +1374,16 @@
register PixelPacket
*q;
+ /*
+ Read scanlines. Stop at first serious error.
+ */
+ if ((jpeg_read_scanlines(&jpeg_info,scanline,1) != 1) ||
+ (image->exception.severity >= ErrorException))
+ {
+ status=MagickFail;
+ break;
+ }
+
q=SetImagePixels(image,0,y,image->columns,1);
if (q == (PixelPacket *) NULL)
{
@@ -1358,12 +1392,6 @@
}
indexes=AccessMutableIndexes(image);
- if (jpeg_read_scanlines(&jpeg_info,scanline,1) != 1)
- {
- status=MagickFail;
- break;
- }
-
p=jpeg_pixels;
if (jpeg_info.output_components == 1)

155
GraphicsMagick-CVE-2017-11636.patch
Unescape View File

@ -0,0 +1,155 @@
# HG changeset patch
# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
# Date 1500755964 18000
# Node ID 39961adf974c7e284e3f95d2fc1609da4461d3ff
# Parent d00b74315a716a62386de06732afdd2822b9f1fd
RGB: Fixed heap overflow with multiple frames with varying widths.
diff -r d00b74315a71 -r 39961adf974c coders/rgb.c
--- a/coders/rgb.c Sat Jul 22 15:39:14 2017 -0500
+++ b/coders/rgb.c Sat Jul 22 15:39:24 2017 -0500
@@ -1,5 +1,5 @@
/*
-% Copyright (C) 2003 - 2015 GraphicsMagick Group
+% Copyright (C) 2003 - 2017 GraphicsMagick Group
% Copyright (C) 2002 ImageMagick Studio
% Copyright 1991-1999 E. I. du Pont de Nemours and Company
%
@@ -570,19 +570,20 @@
*/
static unsigned int WriteRGBImage(const ImageInfo *image_info,Image *image)
{
- int
+ long
y;
register const PixelPacket
*p;
unsigned char
- *pixels;
+ *pixels = (unsigned char *) NULL;
unsigned int
status;
unsigned int
+ depth,
packet_size,
quantum_size,
scene;
@@ -593,27 +594,11 @@
ExportPixelAreaInfo
export_info;
- /*
- Allocate memory for pixels.
- */
assert(image_info != (const ImageInfo *) NULL);
assert(image_info->signature == MagickSignature);
assert(image != (Image *) NULL);
assert(image->signature == MagickSignature);
- if (image->depth <= 8)
- quantum_size=8;
- else if (image->depth <= 16)
- quantum_size=16;
- else
- quantum_size=32;
-
- packet_size=(quantum_size*3)/8;
- if (LocaleCompare(image_info->magick,"RGBA") == 0)
- packet_size=(quantum_size*4)/8;
- pixels=MagickAllocateArray(unsigned char *,packet_size,image->columns);
- if (pixels == (unsigned char *) NULL)
- ThrowWriterException(ResourceLimitError,MemoryAllocationFailed,image);
if (image_info->interlace != PartitionInterlace)
{
/*
@@ -623,30 +608,70 @@
if (status == False)
ThrowWriterException(FileOpenError,UnableToOpenFile,image);
}
+
+ /*
+ Support depth in multiples of 8 bits.
+ */
+ if (image->depth > 16)
+ depth=32;
+ else if (image->depth > 8)
+ depth=16;
+ else
+ depth=8;
+
+ if (depth <= 8)
+ quantum_size=8;
+ else if (depth <= 16)
+ quantum_size=16;
+ else
+ quantum_size=32;
+
+ packet_size=(quantum_size*3)/8;
+ if (LocaleCompare(image_info->magick,"RGBA") == 0)
+ packet_size=(quantum_size*4)/8;
+
scene=0;
- /*
- Initialize export options.
- */
- ExportPixelAreaOptionsInit(&export_options);
- if (image->endian != UndefinedEndian)
- export_options.endian=image->endian;
- else if (image_info->endian != UndefinedEndian)
- export_options.endian=image_info->endian;
- if (image->logging)
- (void) LogMagickEvent(CoderEvent,GetMagickModule(),
- "Depth %u bits, Endian %s, Interlace %s",
- quantum_size,
- EndianTypeToString(export_options.endian),
- InterlaceTypeToString(image_info->interlace));
do
{
/*
+ Allocate memory for pixels.
+ */
+ MagickReallocMemory(unsigned char *,pixels,
+ MagickArraySize(packet_size,image->columns));
+ if (pixels == (unsigned char *) NULL)
+ ThrowWriterException(ResourceLimitError,MemoryAllocationFailed,image);
+
+ /*
+ Initialize export options.
+ */
+ ExportPixelAreaOptionsInit(&export_options);
+ if (image->endian != UndefinedEndian)
+ export_options.endian=image->endian;
+ else if (image_info->endian != UndefinedEndian)
+ export_options.endian=image_info->endian;
+
+ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
+ "%lu: "
+ "Geometry %lux%lu, "
+ "Depth %u bits, "
+ "Endian %s, "
+ "Packet Size %u, "
+ "Row bytes %" MAGICK_SIZE_T_F "u",
+ image->scene,
+ image->columns,image->rows,
+ quantum_size,
+ EndianTypeToString(export_options.endian),
+ packet_size,
+ (MAGICK_SIZE_T) MagickArraySize(packet_size,image->columns));
+
+ /*
Convert MIFF to RGB raster pixels.
*/
(void) TransformColorspace(image,RGBColorspace);
if (LocaleCompare(image_info->magick,"RGBA") == 0)
if (!image->matte)
SetImageOpacity(image,OpaqueOpacity);
+
switch (image_info->interlace)
{
case NoInterlace:

54
GraphicsMagick-CVE-2017-11637.patch
Unescape View File

@ -0,0 +1,54 @@
# HG changeset patch
# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
# Date 1500771092 18000
# Node ID f3ffc5541257cfbbe1dc93e3f0775cc8d2de96fd
# Parent db732abd9318246cca5b07b56b58a22f39d342e0
PCL: Fix null pointer dereference in writing monochrome images.
diff -r db732abd9318 -r f3ffc5541257 coders/pcl.c
--- a/coders/pcl.c Sat Jul 22 17:56:27 2017 -0500
+++ b/coders/pcl.c Sat Jul 22 19:51:32 2017 -0500
@@ -1010,7 +1010,16 @@
for (x=0; x < (long) image->columns; x++)
{
byte<<=1;
- if (indexes[x] == blk_ind) byte |= 1;
+ if (image->storage_class == PseudoClass)
+ {
+ if (indexes[x] == blk_ind)
+ byte |= 1;
+ }
+ else
+ {
+ if (p[x].red == 0)
+ byte |= 1;
+ }
bit++;
if (bit == 8)
{
@@ -1028,10 +1037,20 @@
/*
8 bit PseudoClass row
*/
- indexes=AccessImmutableIndexes(image);
- for (x=0; x < (long) image->columns; x++)
+ if (image->storage_class == PseudoClass)
{
- *q++=indexes[x];
+ indexes=AccessImmutableIndexes(image);
+ for (x=0; x < (long) image->columns; x++)
+ {
+ *q++=indexes[x];
+ }
+ }
+ else
+ {
+ for (x=0; x < (long) image->columns; x++)
+ {
+ *q++=PixelIntensityRec601(&p[x]);
+ }
}
}
else

43
GraphicsMagick-CVE-2017-11638.patch
Unescape View File

@ -0,0 +1,43 @@
# HG changeset patch
# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
# Date 1500758975 18000
# Node ID 29550606d8b9bf74f9aea0637d11d19fe706871b
# Parent 30cd2b31f7e045de4861b102e3f8d83db579bc7a
MAP: Fix null pointer dereference or SEGV if input is not colormapped.
diff -r 30cd2b31f7e0 -r 29550606d8b9 coders/map.c
--- a/coders/map.c Sat Jul 22 15:40:00 2017 -0500
+++ b/coders/map.c Sat Jul 22 16:29:35 2017 -0500
@@ -18,7 +18,7 @@
% M M A A P %
% %
% %
-% Read/Write Image Colormaps As An Image File %
+% Read/Write Image Colormaps And Image File %
% %
% %
% Software Design %
@@ -349,16 +349,17 @@
/*
Allocate colormap.
*/
- if (!IsPaletteImage(image,&image->exception))
- (void) SetImageType(image,PaletteType);
+ if (SetImageType(image,PaletteType) == MagickFail)
+ ThrowMAPWriterException(ResourceLimitError,MemoryAllocationFailed,image);
packet_size=image->depth > 8 ? 2 : 1;
- pixels=MagickAllocateMemory(unsigned char *,image->columns*packet_size);
+ pixels=MagickAllocateArray(unsigned char *,image->columns,packet_size);
if (pixels == (unsigned char *) NULL)
ThrowMAPWriterException(ResourceLimitError,MemoryAllocationFailed,image);
packet_size=image->colors > 256 ? 6 : 3;
- colormap=MagickAllocateMemory(unsigned char *,packet_size*image->colors);
+ colormap=MagickAllocateArray(unsigned char *,packet_size,image->colors);
if (colormap == (unsigned char *) NULL)
ThrowMAPWriterException(ResourceLimitError,MemoryAllocationFailed,image);
+
/*
Write colormap to file.
*/

42
GraphicsMagick-CVE-2017-11641.patch
Unescape View File

@ -0,0 +1,42 @@
# HG changeset patch
# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
# Date 1500764187 18000
# Node ID db732abd9318246cca5b07b56b58a22f39d342e0
# Parent 29550606d8b9bf74f9aea0637d11d19fe706871b
MPC: Fix memory leak while writing Magick Persistent Cache format.
diff -r 29550606d8b9 -r db732abd9318 magick/pixel_cache.c
--- a/magick/pixel_cache.c Sat Jul 22 16:29:35 2017 -0500
+++ b/magick/pixel_cache.c Sat Jul 22 17:56:27 2017 -0500
@@ -3458,7 +3458,10 @@
cache_info->type=DiskCache;
cache_info->offset=(*offset);
if (!OpenCache(clone_image,IOMode,exception))
- return(MagickFail);
+ {
+ DestroyImage(clone_image);
+ return(MagickFail);
+ }
y=0;
{
ViewInfo
@@ -3495,11 +3498,13 @@
CloseCacheView(image_view);
CloseCacheView(clone_view);
}
- cache_info=(CacheInfo*) ReferenceCache(cache_info);
+ if (y < (long) image->rows)
+ {
+ DestroyImage(clone_image);
+ return(MagickFail);
+ }
+ *offset+=cache_info->length+pagesize-(cache_info->length % pagesize);
DestroyImage(clone_image);
- if (y < (long) image->rows)
- return(MagickFail);
- *offset+=cache_info->length+pagesize-(cache_info->length % pagesize);
(void) LogMagickEvent(CacheEvent,GetMagickModule(),"Clone persistent cache");
return(MagickPass);
}

28
GraphicsMagick.spec
Unescape View File

@ -28,7 +28,7 @@
Summary: An ImageMagick fork, offering faster image generation and better quality
Name: GraphicsMagick
Version: 1.3.26
Release: 5%{?dist}
Release: 6%{?dist}
License: MIT
Source0: http://downloads.sourceforge.net/sourceforge/graphicsmagick/GraphicsMagick-%{version}.tar.xz
@ -43,6 +43,14 @@ Patch50: GraphicsMagick-1.3.14-perl_linkage.patch
## upstream patches
Patch1: GraphicsMagick-CVE-2017-11403.patch
Patch2: GraphicsMagick-CVE-2017-11102-1.patch
Patch3: GraphicsMagick-CVE-2017-11102-2.patch
Patch4: GraphicsMagick-CVE-2017-11139.patch
Patch5: GraphicsMagick-CVE-2017-11140.patch
Patch6: GraphicsMagick-CVE-2017-11636.patch
Patch7: GraphicsMagick-CVE-2017-11637.patch
Patch8: GraphicsMagick-CVE-2017-11638.patch
Patch9: GraphicsMagick-CVE-2017-11641.patch
BuildRequires: bzip2-devel
BuildRequires: freetype-devel
@ -157,6 +165,15 @@ however.
%setup -q
%patch1 -p1 -b .CVE-2017-11403
%patch2 -p1 -b .CVE-2017-11102-1
%patch3 -p1 -b .CVE-2017-11102-2
%patch4 -p1 -b .CVE-2017-11139
%patch5 -p1 -b .CVE-2017-11140
%patch6 -p1 -b .CVE-2017-11636
%patch7 -p1 -b .CVE-2017-11637
%patch8 -p1 -b .CVE-2017-11638
%patch9 -p1 -b .CVE-2017-11641
%patch50 -p1 -b .perl_linkage
%patch100 -p1 -b .multilib
@ -310,6 +327,15 @@ exit 1
%changelog
* Thu Jul 27 2017 Rex Dieter <rdieter@fedoraproject.org> - 1.3.26-6
- CVE-2017-11102 (#1473728)
- CVE-2017-11139 (#1473739)
- CVE-2017-11140 (#1473750)
- CVE-2017-11636 (#1475456)
- CVE-2017-11637 (#1475452)
- CVE-2017-11638 (#1475708)
- CVE-2017-11641 (#1475489)
* Thu Jul 27 2017 Rex Dieter <rdieter@fedoraproject.org> - 1.3.26-5
- .spec cleanup, drop deprecated stuff
- update filtering

Write Preview
Loading…
Cancel
Save