Control: tags 1136952 + patch Control: tags 1136952 + pending
Dear maintainer, I've prepared an NMU for libcaca (versioned as 0.99.beta20-6.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should cancel it. Tested on debusine: https://debusine.debian.net/debian/developers/work-request/798349/ Regards, Salvatore
diffstat for libcaca-0.99.beta20 libcaca-0.99.beta20 changelog | 8 + patches/0005-Prevent-undefined-behaviour-in-overflow-check.patch | 42 ++++++++++ patches/series | 1 3 files changed, 51 insertions(+) diff -Nru libcaca-0.99.beta20/debian/changelog libcaca-0.99.beta20/debian/changelog --- libcaca-0.99.beta20/debian/changelog 2025-09-26 11:39:56.000000000 +0200 +++ libcaca-0.99.beta20/debian/changelog 2026-05-30 09:18:26.000000000 +0200 @@ -1,3 +1,11 @@ +libcaca (0.99.beta20-6.1) unstable; urgency=medium + + * Non-maintainer upload. + * Prevent undefined behaviour in overflow check (CVE-2026-42046) + (Closes: #1136952) + + -- Salvatore Bonaccorso <[email protected]> Sat, 30 May 2026 09:18:26 +0200 + libcaca (0.99.beta20-6) unstable; urgency=medium * debian/control: Bump Standards-Version diff -Nru libcaca-0.99.beta20/debian/patches/0005-Prevent-undefined-behaviour-in-overflow-check.patch libcaca-0.99.beta20/debian/patches/0005-Prevent-undefined-behaviour-in-overflow-check.patch --- libcaca-0.99.beta20/debian/patches/0005-Prevent-undefined-behaviour-in-overflow-check.patch 1970-01-01 01:00:00.000000000 +0100 +++ libcaca-0.99.beta20/debian/patches/0005-Prevent-undefined-behaviour-in-overflow-check.patch 2026-05-30 09:16:59.000000000 +0200 @@ -0,0 +1,42 @@ +From: Pascal Terjan <[email protected]> +Date: Sun, 12 Apr 2026 19:06:08 +0000 +Subject: Prevent undefined behaviour in overflow check +Origin: https://github.com/cacalabs/libcaca/commit/fb77acff9ba6bb01d53940da34fb10f20b156a23 +Bug-Debian: https://bugs.debian.org/1136952 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2026-42046 + +Fixes #86 +--- + caca/canvas.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/caca/canvas.c b/caca/canvas.c +index 7beff5b81d47..62b72b72bb5e 100644 +--- a/caca/canvas.c ++++ b/caca/canvas.c +@@ -26,6 +26,7 @@ + # if defined(HAVE_UNISTD_H) + # include <unistd.h> + # endif ++# include <limits.h> + #endif + + #include "caca.h" +@@ -368,12 +369,12 @@ int caca_resize(caca_canvas_t *cv, int width, int height) + int x, y, f, old_width, old_height, old_size; + + /* Check for overflow */ +- int new_size = width * height; +- if (new_size < 0 || (width > 0 && new_size / width != height)) ++ if (width != 0 && height > INT_MAX / width) + { + seterrno(EOVERFLOW); + return -1; + } ++ int new_size = width * height; + + old_width = cv->width; + old_height = cv->height; +-- +2.53.0 + diff -Nru libcaca-0.99.beta20/debian/patches/series libcaca-0.99.beta20/debian/patches/series --- libcaca-0.99.beta20/debian/patches/series 2025-09-26 11:38:25.000000000 +0200 +++ libcaca-0.99.beta20/debian/patches/series 2026-05-30 09:17:28.000000000 +0200 @@ -2,3 +2,4 @@ 0002-Don-t-generate-PDF-with-latex.patch 0003-Disable-doxygen-timestamps.patch 0004-Do-not-export-PKG_CONFIG_LIBDIR.patch +0005-Prevent-undefined-behaviour-in-overflow-check.patch
