Hello community, here is the log from the commit of package pngcheck for openSUSE:Factory checked in at 2020-12-03 18:43:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pngcheck (Old) and /work/SRC/openSUSE:Factory/.pngcheck.new.5913 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pngcheck" Thu Dec 3 18:43:19 2020 rev:5 rq:852889 version:2.3.0 Changes: -------- --- /work/SRC/openSUSE:Factory/pngcheck/pngcheck.changes 2015-08-03 17:22:05.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.pngcheck.new.5913/pngcheck.changes 2020-12-03 18:44:07.242268011 +0100 @@ -1,0 +2,8 @@ +Thu Dec 3 11:45:40 UTC 2020 - pgaj...@suse.com + +- security update +- added patches + fix CVE-2020-27818 [bsc#1179528], global buffer overflow was discovered in check_chunk_name function via crafted pngfile + + pngcheck-CVE-2020-27818.patch + +------------------------------------------------------------------- New: ---- pngcheck-CVE-2020-27818.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pngcheck.spec ++++++ --- /var/tmp/diff_new_pack.dOyvyP/_old 2020-12-03 18:44:07.734268872 +0100 +++ /var/tmp/diff_new_pack.dOyvyP/_new 2020-12-03 18:44:07.734268872 +0100 @@ -1,7 +1,7 @@ # # spec file for package pngcheck # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -20,12 +20,14 @@ Version: 2.3.0 Release: 0 Summary: PNG file format checker -License: HPND and GPL-2.0+ +License: HPND AND GPL-2.0-or-later Group: Productivity/Graphics/Other -Url: http://www.libpng.org/pub/png/apps/pngcheck.html +URL: http://www.libpng.org/pub/png/apps/pngcheck.html Source: http://prdownloads.sourceforge.net/png-mng/%{name}-%{version}.tar.gz Source2: %{name}.1.gz Patch0: fixbuild.diff +# CVE-2020-27818 [bsc#1179528], global buffer overflow was discovered in check_chunk_name function via crafted pngfile +Patch1: pngcheck-CVE-2020-27818.patch BuildRequires: zlib-devel BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -43,6 +45,7 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 %build make %{?_smp_mflags} -f Makefile.unx ++++++ pngcheck-CVE-2020-27818.patch ++++++ Fix buffer overflow reported in RHBZ #1897485. When char is signed, casting to a (signed) int directly could produce a negative offset into the ASCII lookup table; adding an intermediate cast to uch (a typedef for unsigned char) ensures a nonnegative offset no greater than 255, which always corresponds to a valid table index. diff -Naur pngcheck-2.3.0-original/pngcheck.c pngcheck-2.3.0/pngcheck.c --- pngcheck-2.3.0-original/pngcheck.c 2007-07-08 02:23:31.000000000 -0400 +++ pngcheck-2.3.0/pngcheck.c 2020-11-13 11:24:31.039164410 -0500 @@ -4895,8 +4895,10 @@ /* GRR 20061203: now EBCDIC-safe */ int check_chunk_name(char *chunk_name, char *fname) { - if (isASCIIalpha((int)chunk_name[0]) && isASCIIalpha((int)chunk_name[1]) && - isASCIIalpha((int)chunk_name[2]) && isASCIIalpha((int)chunk_name[3])) + if (isASCIIalpha((int)(uch)chunk_name[0]) && + isASCIIalpha((int)(uch)chunk_name[1]) && + isASCIIalpha((int)(uch)chunk_name[2]) && + isASCIIalpha((int)(uch)chunk_name[3])) return 0; printf("%s%s invalid chunk name \"%.*s\" (%02x %02x %02x %02x)\n", _______________________________________________ openSUSE Commits mailing list -- commit@lists.opensuse.org To unsubscribe, email commit-le...@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/commit@lists.opensuse.org
