From 3990ac33cc54dad26c2c472f9e46ce7d631f20a7 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Fri, 29 Mar 2024 15:33:06 +0300 Subject: [PATCH] import exempi-2.4.5-4.el8 --- .exempi.metadata | 1 + .gitignore | 1 + ...ssue-13-Fix-a-buffer-a-overflow-in-I.patch | 41 +++ ...Bug-12-Invalid-WebP-cause-memory-ove.patch | 38 +++ SOURCES/CVE-2018-12648.patch | 43 +++ SPECS/exempi.spec | 250 ++++++++++++++++++ 6 files changed, 374 insertions(+) create mode 100644 .exempi.metadata create mode 100644 .gitignore create mode 100644 SOURCES/0001-CVE-2020-18651-Issue-13-Fix-a-buffer-a-overflow-in-I.patch create mode 100644 SOURCES/0002-CVE-20220-18652-Bug-12-Invalid-WebP-cause-memory-ove.patch create mode 100644 SOURCES/CVE-2018-12648.patch create mode 100644 SPECS/exempi.spec diff --git a/.exempi.metadata b/.exempi.metadata new file mode 100644 index 0000000..406c746 --- /dev/null +++ b/.exempi.metadata @@ -0,0 +1 @@ +9e22935ab834f556a3e9e00c3a871a773dc08db9 SOURCES/exempi-2.4.5.tar.bz2 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..27a79a3 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/exempi-2.4.5.tar.bz2 diff --git a/SOURCES/0001-CVE-2020-18651-Issue-13-Fix-a-buffer-a-overflow-in-I.patch b/SOURCES/0001-CVE-2020-18651-Issue-13-Fix-a-buffer-a-overflow-in-I.patch new file mode 100644 index 0000000..9558840 --- /dev/null +++ b/SOURCES/0001-CVE-2020-18651-Issue-13-Fix-a-buffer-a-overflow-in-I.patch @@ -0,0 +1,41 @@ +From 4f583ff12989f7cea1f81bd2751c321030f1bdbf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Hubert=20Figui=C3=A8re?= +Date: Sun, 28 Jul 2019 10:15:19 -0400 +Subject: [PATCH] (CVE-2020-18651) Issue #13 - Fix a buffer a overflow in ID3 + support + +https://gitlab.freedesktop.org/libopenraw/exempi/issues/13 +(cherry picked from commit fdd4765a699f9700850098b43b9798b933acb32f) +--- + XMPFiles/source/FormatSupport/ID3_Support.cpp | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/XMPFiles/source/FormatSupport/ID3_Support.cpp b/XMPFiles/source/FormatSupport/ID3_Support.cpp +index dd19c16..4619079 100644 +--- a/XMPFiles/source/FormatSupport/ID3_Support.cpp ++++ b/XMPFiles/source/FormatSupport/ID3_Support.cpp +@@ -669,6 +669,10 @@ bool ID3v2Frame::getFrameValue ( XMP_Uns8 majorVersion, XMP_Uns32 logicalID, std + std::string tmp ( this->content, this->contentSize ); + bool bigEndian = true; // assume for now (if no BOM follows) + ++ if (pos + 2 > this->contentSize) { ++ // No enough for the string ++ break; ++ } + if ( GetUns16BE ( &this->content[pos] ) == 0xFEFF ) { + pos += 2; + bigEndian = true; +@@ -686,6 +690,10 @@ bool ID3v2Frame::getFrameValue ( XMP_Uns8 majorVersion, XMP_Uns32 logicalID, std + { + if ( commMode && (! advancePastCOMMDescriptor ( pos )) ) return false; // not a frame of interest! + ++ if (pos + 4 > this->contentSize) { ++ // No enough for the string ++ break; ++ } + if ( (GetUns32BE ( &this->content[pos]) & 0xFFFFFF00 ) == 0xEFBBBF00 ) { + pos += 3; // swallow any BOM, just in case + } +-- +2.41.0 + diff --git a/SOURCES/0002-CVE-20220-18652-Bug-12-Invalid-WebP-cause-memory-ove.patch b/SOURCES/0002-CVE-20220-18652-Bug-12-Invalid-WebP-cause-memory-ove.patch new file mode 100644 index 0000000..db6da64 --- /dev/null +++ b/SOURCES/0002-CVE-20220-18652-Bug-12-Invalid-WebP-cause-memory-ove.patch @@ -0,0 +1,38 @@ +From a3b1e52e5a5836fe1fd07013a2a098518b1801de Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Hubert=20Figui=C3=A8re?= +Date: Sat, 27 Jul 2019 20:42:51 -0400 +Subject: [PATCH] (CVE-20220-18652) Bug #12 - Invalid WebP cause memory + overflow. + +https://gitlab.freedesktop.org/libopenraw/exempi/issues/12 +(cherry picked from commit acee2894ceb91616543927c2a6e45050c60f98f7) +--- + XMPFiles/source/FormatSupport/WEBP_Support.cpp | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/XMPFiles/source/FormatSupport/WEBP_Support.cpp b/XMPFiles/source/FormatSupport/WEBP_Support.cpp +index ffaf220..0d4b81d 100644 +--- a/XMPFiles/source/FormatSupport/WEBP_Support.cpp ++++ b/XMPFiles/source/FormatSupport/WEBP_Support.cpp +@@ -120,10 +120,16 @@ VP8XChunk::VP8XChunk(Container* parent) + this->data.assign(this->size, 0); + XMP_Uns8* bitstream = + (XMP_Uns8*)parent->chunks[WEBP_CHUNK_IMAGE][0]->data.data(); ++ XMP_Uns32 width = 0; ++ XMP_Uns32 height = 0; + // See bug https://bugs.freedesktop.org/show_bug.cgi?id=105247 + // bitstream could be NULL. +- XMP_Uns32 width = bitstream ? ((bitstream[7] << 8) | bitstream[6]) & 0x3fff : 0; +- XMP_Uns32 height = bitstream ? ((bitstream[9] << 8) | bitstream[8]) & 0x3fff : 0; ++ // See bug https://gitlab.freedesktop.org/libopenraw/exempi/issues/12 ++ // image chunk data could be too short (must be 10) ++ if (parent->chunks[WEBP_CHUNK_IMAGE][0]->data.size() >= 10 && bitstream) { ++ width = ((bitstream[7] << 8) | bitstream[6]) & 0x3fff; ++ height = ((bitstream[9] << 8) | bitstream[8]) & 0x3fff; ++ } + this->width(width); + this->height(height); + parent->vp8x = this; +-- +2.41.0 + diff --git a/SOURCES/CVE-2018-12648.patch b/SOURCES/CVE-2018-12648.patch new file mode 100644 index 0000000..0e960c0 --- /dev/null +++ b/SOURCES/CVE-2018-12648.patch @@ -0,0 +1,43 @@ +From 487f4136013d9fa3351b863e5f861463a1cbddcf Mon Sep 17 00:00:00 2001 +From: Victor Rodriguez +Date: Sat, 18 Aug 2018 13:54:55 +0000 +Subject: [PATCH] Issue #9 - Fix null-pointer-dereference (CVE-2018-12648) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The WEBP::GetLE32 function in +XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a +NULL pointer dereference. + +https://bugs.freedesktop.org/show_bug.cgi?id=106981 +https://gitlab.freedesktop.org/libopenraw/exempi/issues/9 + +Signed-off-by: Victor Rodriguez +Signed-off-by: Hubert Figuière +--- + XMPFiles/source/FormatSupport/WEBP_Support.cpp | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/XMPFiles/source/FormatSupport/WEBP_Support.cpp b/XMPFiles/source/FormatSupport/WEBP_Support.cpp +index ffaf220..4fe705b 100644 +--- a/XMPFiles/source/FormatSupport/WEBP_Support.cpp ++++ b/XMPFiles/source/FormatSupport/WEBP_Support.cpp +@@ -160,9 +160,11 @@ bool VP8XChunk::xmp() + } + void VP8XChunk::xmp(bool hasXMP) + { +- XMP_Uns32 flags = GetLE32(&this->data[0]); +- flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT); +- PutLE32(&this->data[0], flags); ++ if (&this->data[0] != NULL) { ++ XMP_Uns32 flags = GetLE32(&this->data[0]); ++ flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT); ++ PutLE32(&this->data[0], flags); ++ } + } + + Container::Container(WEBP_MetaHandler* handler) : Chunk(NULL, handler) +-- +2.17.1 + diff --git a/SPECS/exempi.spec b/SPECS/exempi.spec new file mode 100644 index 0000000..988ba54 --- /dev/null +++ b/SPECS/exempi.spec @@ -0,0 +1,250 @@ +Summary: Library for easy parsing of XMP metadata +Name: exempi +Version: 2.4.5 +Release: 4%{?dist} +License: BSD +Group: System Environment/Libraries +URL: http://libopenraw.freedesktop.org/wiki/Exempi +Source0: http://libopenraw.freedesktop.org/download/%{name}-%{version}.tar.bz2 +Patch0: CVE-2018-12648.patch +Patch0001: 0001-CVE-2020-18651-Issue-13-Fix-a-buffer-a-overflow-in-I.patch +Patch0002: 0002-CVE-20220-18652-Bug-12-Invalid-WebP-cause-memory-ove.patch +BuildRequires: gcc-c++ +BuildRequires: boost-devel expat-devel zlib-devel pkgconfig +# Work around for aarch64 support (https://bugzilla.redhat.com/show_bug.cgi?id=925327) +BuildRequires: autoconf automake libtool +Provides: bundled(md5-polstra) + +%description +Exempi provides a library for easy parsing of XMP metadata. It is a port of +Adobe XMP SDK to work on UNIX and to be build with GNU automake. +It includes XMPCore and XMPFiles. + +%package devel +Summary: Headers for developing programs that will use %{name} +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} +Requires: pkgconfig + +%description devel +This package contains the libraries and header files needed for +developing with exempi. + +%prep +%setup -q +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 + +%build +libtoolize -vi +./autogen.sh +# BanEntityUsage needed for #888765 +%configure CPPFLAGS="-I%{_includedir} -fno-strict-aliasing -DBanAllEntityUsage=1" + +# Disable rpath +sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool +sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool + +make %{?_smp_mflags} V=1 + +%check +make check + +%install +make DESTDIR=%{buildroot} install + +rm -rf %{buildroot}%{_libdir}/*.la +rm -rf %{buildroot}%{_libdir}/*.a + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + +%files +%doc AUTHORS ChangeLog COPYING README +%{_bindir}/exempi +%{_libdir}/*.so.* +%{_mandir}/man1/exempi.1* + +%files devel +%{_includedir}/exempi-2.0/ +%{_libdir}/*.so +%{_libdir}/pkgconfig/*.pc + +%changelog +* Mon Jan 08 2024 Matej Mužila - 2.4.5-4 +- Fix CVE-2020-18652 +- Resolves: RHEL-5416 + +* Mon Jan 08 2024 Matej Mužila - 2.4.5-3 +- Fix CVE-2020-18651 +- Resolves: RHEL-5415 + +* Wed Sep 26 2018 Nikola Forró - 2.4.5-2 +- Fix CVE-2018-12648 + Resolves #1594644 + +* Tue Mar 13 2018 Nikola Forró - 2.4.5-1 +- Update to version 2.4.5 + Resolves #1553140 + +* Tue Feb 20 2018 Nikola Forró - 2.4.4-2 +- Add missing gcc-c++ build dependency + +* Tue Feb 06 2018 Nikola Forró - 2.4.4-1 +- Update to version 2.4.4 + Resolves #1541818 + +* Wed Aug 02 2017 Fedora Release Engineering - 2.4.2-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 2.4.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Mon Jul 03 2017 Jonathan Wakely - 2.4.2-5 +- Rebuilt for Boost 1.64 + +* Thu Jun 1 2017 Owen Taylor - 2.4.2-4 +- Make manpage installation agnostic of compression + https://fedoraproject.org/wiki/Packaging:Guidelines#Manpages + +* Mon May 15 2017 Fedora Release Engineering - 2.4.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_27_Mass_Rebuild + +* Mon Feb 06 2017 Kalev Lember - 2.4.2-2 +- Rebuilt for Boost 1.63 + +* Mon Jan 30 2017 Nikola Forró - 2.4.2-1 +- Update to version 2.4.2 + Resolves #1417497 + +* Fri Jan 27 2017 Jonathan Wakely - 2.4.1-3 +- Rebuilt for Boost 1.63 + +* Fri Jan 27 2017 Jonathan Wakely - 2.4.1-2 +- Rebuilt for Boost 1.63 + +* Tue Jan 24 2017 Nikola Forró - 2.4.1-1 +- Update to version 2.4.1 + Resolves #1415672 + +* Mon Jan 09 2017 Nikola Forró - 2.4.0-1 +- Update to version 2.4.0 + Resolves #1411059 + +* Thu Mar 17 2016 Nikola Forró - 2.3.0-1 +- Update to version 2.3.0 + Resolves #1318279 + +* Wed Feb 03 2016 Fedora Release Engineering - 2.2.1-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Jan 15 2016 Jonathan Wakely - 2.2.1-14 +- Rebuilt for Boost 1.60 + +* Thu Aug 27 2015 Jonathan Wakely - 2.2.1-13 +- Rebuilt for Boost 1.59 + +* Wed Jul 29 2015 Fedora Release Engineering - 2.2.1-12 +- Rebuilt for https://fedoraproject.org/wiki/Changes/F23Boost159 + +* Wed Jul 22 2015 David Tardon - 2.2.1-11 +- rebuild for Boost 1.58 + +* Wed Jun 17 2015 Fedora Release Engineering - 2.2.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sat May 02 2015 Kalev Lember - 2.2.1-9 +- Rebuilt for GCC 5 C++11 ABI change + +* Tue Jan 27 2015 Petr Machata - 2.2.1-8 +- Rebuild for boost 1.57.0 + +* Sat Aug 16 2014 Fedora Release Engineering - 2.2.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 2.2.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu May 22 2014 Petr Machata - 2.2.1-5 +- Rebuild for boost 1.55.0 + +* Fri Jan 10 2014 Mikolaj Izdebski - 2.2.1-4 +- Run libtoolize before autogen.sh +- Resolves: rhbz#1051186 + +* Sat Aug 03 2013 Fedora Release Engineering - 2.2.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jul 30 2013 Petr Machata - 2.2.1-2 +- Rebuild for boost 1.54.0 + +* Mon Jul 22 2013 Deji Akingunola - 2.2.1-1 +- Update to version 2.2.1 + +* Wed Jan 30 2013 Stanislav Ochotnicky - 2.2.0-6 +- Get rid of unnecessary LDFLAGS definition overwriting RPM flags + +* Wed Jan 02 2013 Stanislav Ochotnicky - 2.2.0-5 +- Make sure we respect RPM_OPT_FLAGS and simplify configure (#889554) + +* Wed Dec 19 2012 Stanislav Ochotnicky - 2.2.0-4 +- Add BanAllEntityUsage into macro definitions (#888765) + +* Thu Aug 16 2012 Mikolaj Izdebski - 2.2.0-3 +- Add bundled(md5-polstra) provides +- Update to current guidelines + +* Thu Jul 19 2012 Fedora Release Engineering - 2.2.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Wed Feb 22 2012 Deji Akingunola - 2.2.0-1 +- Update to version 2.2.0 + +* Fri Jan 13 2012 Fedora Release Engineering - 2.1.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Feb 08 2011 Fedora Release Engineering - 2.1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon May 3 2010 Stanislav Ochotnicky - 2.1.1-1 +- Update to 2.1.1 +- Add testsuite execution +- Removed build patch for gcc-4.4 (fixed in upstream) + +* Fri Jul 24 2009 Fedora Release Engineering - 2.1.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Tue Feb 24 2009 Fedora Release Engineering - 2.1.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Wed Feb 04 2009 Deji Akingunola - 2.1.0-2 +- Add patch to build with gcc-4.4 + +* Tue Jan 06 2009 Deji Akingunola - 2.1.0-1 +- Update to 2.1.0 + +* Sat May 17 2008 Deji Akingunola - 2.0.1-1 +- Update to 2.0.1 + +* Wed Apr 02 2008 Deji Akingunola - 2.0.0-1 +- Update to 2.0.0 + +* Fri Feb 08 2008 Deji Akingunola - 1.99.9-1 +- Update to 1.99.9 + +* Sun Jan 13 2008 Deji Akingunola - 1.99.7-1 +- Update to 1.99.7 + +* Mon Dec 03 2007 Deji Akingunola - 1.99.5-1 +- Update to 1.99.5 + +* Wed Sep 05 2007 Deji Akingunola - 1.99.4-2 +- Rebuild for expat 2.0 + +* Wed Aug 22 2007 Deji Akingunola - 1.99.4-1 +- Update tp 1.99.4 + +* Tue Jul 10 2007 Deji Akingunola - 1.99.3-1 +- Initial packaging for Fedora