commit djvulibre for openSUSE:Factory

Tue, 01 Jun 2021 01:33:04 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package djvulibre for openSUSE:Factory 
checked in at 2021-06-01 10:32:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/djvulibre (Old)
 and      /work/SRC/openSUSE:Factory/.djvulibre.new.1898 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "djvulibre"

Tue Jun  1 10:32:49 2021 rev:42 rq:895143 version:3.5.28

Changes:
--------
--- /work/SRC/openSUSE:Factory/djvulibre/djvulibre.changes      2021-05-15 
23:16:39.432626038 +0200
+++ /work/SRC/openSUSE:Factory/.djvulibre.new.1898/djvulibre.changes    
2021-06-01 10:32:51.292342445 +0200
@@ -1,0 +2,8 @@
+Mon May 24 08:55:21 UTC 2021 - pgaj...@suse.com
+
+- security update
+- added patches
+  fix CVE-2021-3500 [bsc#1186253], Stack overflow in function 
DJVU:DjVuDocument:get_djvu_file() via crafted djvu file
+  + djvulibre-CVE-2021-3500.patch
+
+-------------------------------------------------------------------

New:
----
  djvulibre-CVE-2021-3500.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ djvulibre.spec ++++++
--- /var/tmp/diff_new_pack.n7OQWZ/_old  2021-06-01 10:32:51.820343343 +0200
+++ /var/tmp/diff_new_pack.n7OQWZ/_new  2021-06-01 10:32:51.824343351 +0200
@@ -35,6 +35,8 @@
 Patch2:         djvulibre-CVE-2021-32492.patch
 # CVE-2021-32493 [bsc#1185905], Heap buffer overflow in function 
DJVU:GBitmap:decode() via crafted djvu file
 Patch3:         djvulibre-CVE-2021-32493.patch
+# CVE-2021-3500 [bsc#1186253], Stack overflow in function 
DJVU:DjVuDocument:get_djvu_file() via crafted djvu file
+Patch4:         djvulibre-CVE-2021-3500.patch
 BuildRequires:  fdupes
 BuildRequires:  gcc-c++
 BuildRequires:  hicolor-icon-theme
@@ -91,6 +93,7 @@
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 %build
 # configure script missing; generate using autogen.sh

++++++ djvulibre-CVE-2021-3500.patch ++++++
--- a/libdjvu/DjVuPort.cpp      
+++ a/libdjvu/DjVuPort.cpp      
@@ -507,10 +507,19 @@ GP<DjVuFile>
 DjVuPortcaster::id_to_file(const DjVuPort * source, const GUTF8String &id)
 {
    GPList<DjVuPort> list;
+
+   if (!!opening_id && opening_id == id)
+      G_THROW( ERR_MSG("DjVuPortcaster.recursive_open") );
+   else
+      opening_id = id;
+
    compute_closure(source, list, true);
    GP<DjVuFile> file;
    for(GPosition pos=list;pos;++pos)
       if ((file=list[pos]->id_to_file(source, id))) break;
+
+   opening_id = GUTF8String();
+
    return file;
 }
 
--- a/libdjvu/DjVuPort.h        
+++ a/libdjvu/DjVuPort.h        
@@ -484,6 +484,7 @@ private:
                        const DjVuPort *dst, int distance);
    void compute_closure(const DjVuPort *src, GPList<DjVuPort> &list,
                         bool sorted=false);
+   GUTF8String opening_id;
 };

Reply via email to