Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gdk-pixbuf for openSUSE:Factory checked in at 2022-09-01 22:09:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gdk-pixbuf (Old) and /work/SRC/openSUSE:Factory/.gdk-pixbuf.new.2083 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gdk-pixbuf" Thu Sep 1 22:09:42 2022 rev:91 rq:1000473 version:2.42.9 Changes: -------- --- /work/SRC/openSUSE:Factory/gdk-pixbuf/gdk-pixbuf.changes 2022-08-19 17:54:34.207860387 +0200 +++ /work/SRC/openSUSE:Factory/.gdk-pixbuf.new.2083/gdk-pixbuf.changes 2022-09-01 22:10:32.124139851 +0200 @@ -1,0 +2,6 @@ +Tue Aug 30 16:49:32 UTC 2022 - Michael Gorse <[email protected]> + +- Add 0001-jpeg-Increase-memory-limit-for-loading-image-data.patch: + fix loading of larger images (glgo#GNOME/gdk-pixbuf#216). + +------------------------------------------------------------------- @@ -10 +16,2 @@ - + Fix the check for maximum value of LZW initial code size. + + Fix the check for maximum value of LZW initial code size + (boo#1194633 CVE-2021-44648). New: ---- 0001-jpeg-Increase-memory-limit-for-loading-image-data.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gdk-pixbuf.spec ++++++ --- /var/tmp/diff_new_pack.kmXreY/_old 2022-09-01 22:10:32.736141525 +0200 +++ /var/tmp/diff_new_pack.kmXreY/_new 2022-09-01 22:10:32.740141536 +0200 @@ -36,6 +36,8 @@ Source2: README.SUSE Source3: gdk-pixbuf-rpmlintrc Source99: baselibs.conf +# PATCH-FIX-UPSTREAM 0001-jpeg-Increase-memory-limit-for-loading-image-data.patch [email protected] -- fix loading of larger images. +Patch0: 0001-jpeg-Increase-memory-limit-for-loading-image-data.patch BuildRequires: docbook-xsl-stylesheets BuildRequires: docutils @@ -136,6 +138,7 @@ %if "%{_lib}" == "lib64" cp -a %{SOURCE2} . %endif +%autopatch -p1 %build %meson \ ++++++ 0001-jpeg-Increase-memory-limit-for-loading-image-data.patch ++++++ >From 17a924a2275b3e7721dc05e0670cae638371a98f Mon Sep 17 00:00:00 2001 From: Jake Dane <[email protected]> Date: Fri, 19 Aug 2022 06:12:25 +0000 Subject: [PATCH] jpeg: Increase memory limit for loading image data As fix for security issue #205 when loading image data the memory size was limited to 100 MB. That seemed like a good threshold. For larger images, from around 18 megapixels (MP) and up though not for all such images, this threshold was too low. Increasing the threshold too 300 MB seems to work better and lets larger images load. Fixes #216. --- gdk-pixbuf/io-jpeg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gdk-pixbuf/io-jpeg.c b/gdk-pixbuf/io-jpeg.c index 22f4174fe..6317e20d3 100644 --- a/gdk-pixbuf/io-jpeg.c +++ b/gdk-pixbuf/io-jpeg.c @@ -1091,7 +1091,7 @@ gdk_pixbuf__jpeg_image_load_increment (gpointer data, rc = jpeg_read_header (cinfo, TRUE); context->src_initialized = TRUE; - cinfo->mem->max_memory_to_use = 100 * 1024 * 1024; + cinfo->mem->max_memory_to_use = 300 * 1024 * 1024; if (rc == JPEG_SUSPENDED) continue; -- 2.37.2
