rpms
/
mingw-libpng
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Include fix for CVE-2011-2501 (RHBZ#717510, RHBZ#717511).

Browse Source
epel9
Richard W.M. Jones 14 years ago
parent eec472beb9
commit d3842962c9
2 changed files with 63 additions and 1 deletions
Show Stats Download Patch File Download Diff File

49
libpng-CVE-2011-2501.patch
Unescape View File

@ -0,0 +1,49 @@
Patch from:
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=65e6d5a34f49acdb362a0625a706c6b914e670af
to fix:
https://bugzilla.redhat.com/show_bug.cgi?id=717510
https://bugzilla.redhat.com/show_bug.cgi?id=717511
CVE-2011-2501
I have modified this patch to remove the changes to ANNOUNCE
and CHANGES files, and the hunk in pngerror.c which just updates
a comment.
- RWMJ.
From 65e6d5a34f49acdb362a0625a706c6b914e670af Mon Sep 17 00:00:00 2001
From: Glenn Randers-Pehrson <glennrp at users.sourceforge.net>
Date: Tue, 7 Jun 2011 14:58:07 -0500
Subject: [PATCH] [master] Fixed 1-byte uninitialized memory reference in png_format_buffer()
(Bug report by Frank Busse, related to CVE-2004-0421).
---
ANNOUNCE | 6 ++++--
CHANGES | 4 +++-
pngerror.c | 11 ++++++++---
3 files changed, 15 insertions(+), 6 deletions(-)
--- a/pngerror.c
+++ b/pngerror.c
@@ -186,8 +186,13 @@ png_format_buffer(png_structp png_ptr, png_charp buffer, png_const_charp
{
buffer[iout++] = ':';
buffer[iout++] = ' ';
- png_memcpy(buffer + iout, error_message, PNG_MAX_ERROR_TEXT);
- buffer[iout + PNG_MAX_ERROR_TEXT - 1] = '\0';
+
+ iin = 0;
+ while (iin < PNG_MAX_ERROR_TEXT-1 && error_message[iin] != '\0')
+ buffer[iout++] = error_message[iin++];
+
+ /* iin < PNG_MAX_ERROR_TEXT, so the following is safe: */
+ buffer[iout] = '\0';
}
}
--
1.7.0.1

15
mingw32-libpng.spec
Unescape View File

@ -6,7 +6,7 @@
Name: mingw32-libpng Name: mingw32-libpng
Version: 1.4.3 Version: 1.4.3
Release: 2%{?dist} Release: 3%{?dist}
Summary: MinGW Windows Libpng library Summary: MinGW Windows Libpng library
License: zlib License: zlib
@ -14,6 +14,14 @@ URL: http://www.libpng.org/pub/png/
Source0: ftp://ftp.simplesystems.org/pub/png/src/libpng-%{version}.tar.bz2 Source0: ftp://ftp.simplesystems.org/pub/png/src/libpng-%{version}.tar.bz2
Patch2: mingw32-libpng-fix-invalid-exports.patch Patch2: mingw32-libpng-fix-invalid-exports.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=717510
# https://bugzilla.redhat.com/show_bug.cgi?id=717511
# CVE-2011-2501
#
# *** NOTE *** When updating the package, please ensure the
# new version either contains this fix, or this patch is retained.
Patch3: libpng-CVE-2011-2501.patch
Group: Development/Libraries Group: Development/Libraries
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -41,6 +49,8 @@ MinGW Windows Libpng library.
# issue more to find out the real cause, but this will do for now # issue more to find out the real cause, but this will do for now
%patch2 -p0 %patch2 -p0
%patch3 -p1
%build %build
%{_mingw32_configure} %{_mingw32_configure}
@ -81,6 +91,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog %changelog
* Wed Jun 29 2011 Richard W.M. Jones <rjones@redhat.com> - 1.4.3-3
- Include fix for CVE-2011-2501 (RHBZ#717510, RHBZ#717511).
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.3-2 * Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

Write Preview
Loading…
Cancel
Save