Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rtl_433 for openSUSE:Factory checked in at 2022-04-13 21:05:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rtl_433 (Old) and /work/SRC/openSUSE:Factory/.rtl_433.new.1900 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rtl_433" Wed Apr 13 21:05:20 2022 rev:10 rq:969760 version:21.12 Changes: -------- --- /work/SRC/openSUSE:Factory/rtl_433/rtl_433.changes 2021-12-17 23:55:02.511555993 +0100 +++ /work/SRC/openSUSE:Factory/.rtl_433.new.1900/rtl_433.changes 2022-04-13 21:06:04.948623152 +0200 @@ -1,0 +2,6 @@ +Wed Apr 13 08:32:49 UTC 2022 - Martin Hauke <[email protected]> + +- Add patch to fix security issue: CVE-2022-27419 (bsc#1198434) + * 0001-Fix-overflow-in-Acurite-00275rm-closes-2012.patch + +------------------------------------------------------------------- New: ---- 0001-Fix-overflow-in-Acurite-00275rm-closes-2012.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rtl_433.spec ++++++ --- /var/tmp/diff_new_pack.kcN7t5/_old 2022-04-13 21:06:05.532623741 +0200 +++ /var/tmp/diff_new_pack.kcN7t5/_new 2022-04-13 21:06:05.540623749 +0200 @@ -1,8 +1,8 @@ # # spec file for package rtl_433 # -# Copyright (c) 2021 SUSE LLC -# Copyright (c) 2017-2021, Martin Hauke <[email protected]> +# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2017-2022, Martin Hauke <[email protected]> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,6 +25,7 @@ Group: Productivity/Hamradio/Other URL: https://github.com/merbanan/rtl_433.git Source: https://github.com/merbanan/rtl_433/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz +Patch0: 0001-Fix-overflow-in-Acurite-00275rm-closes-2012.patch BuildRequires: cmake BuildRequires: pkgconfig BuildRequires: pkgconfig(SoapySDR) @@ -48,6 +49,7 @@ %prep %setup -q +%patch0 -p1 %build %cmake \ ++++++ 0001-Fix-overflow-in-Acurite-00275rm-closes-2012.patch ++++++ >From 37455483889bd1c641bdaafc493d1cc236b74904 Mon Sep 17 00:00:00 2001 From: "Christian W. Zuckschwerdt" <[email protected]> Date: Fri, 18 Mar 2022 08:09:15 +0100 Subject: [PATCH] Fix overflow in Acurite-00275rm (closes #2012) --- src/devices/acurite.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/devices/acurite.c b/src/devices/acurite.c index 6879e52d..4f3e83eb 100644 --- a/src/devices/acurite.c +++ b/src/devices/acurite.c @@ -1318,15 +1318,15 @@ static int acurite_00275rm_decode(r_device *decoder, bitbuffer_t *bitbuffer) // Combine signal if exactly three repeats were found if (n_rows == 3) { - uint8_t *b = bitbuffer->bb[bitbuffer->num_rows]; + bitbuffer_add_row(bitbuffer); + uint8_t *b = bitbuffer->bb[bitbuffer->num_rows - 1]; for (int i = 0; i < 11; ++i) { // The majority bit count wins b[i] = (b_rows[0][i] & b_rows[1][i]) | (b_rows[1][i] & b_rows[2][i]) | (b_rows[2][i] & b_rows[0][i]); } - bitbuffer->bits_per_row[bitbuffer->num_rows] = 88; - bitbuffer->num_rows += 1; + bitbuffer->bits_per_row[bitbuffer->num_rows - 1] = 88; } // Output the first valid row -- 2.35.1
