CVE: CVE-2025-6199 Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32.patch]
Backport the fix for CVE-2025-6199 Add below patch to fix 0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch Signed-off-by: Shaik Moin <[email protected]> --- ...d-support-patch-to-fix-CVE-2025-6199.patch | 36 +++++++++++++++++++ .../gdk-pixbuf/gdk-pixbuf_2.42.10.bb | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch new file mode 100644 index 0000000000..aa8bfec8f4 --- /dev/null +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch @@ -0,0 +1,36 @@ +From 140200be0b4d5355aab76a6fd474e17d117045ca Mon Sep 17 00:00:00 2001 +From: lumi <[email protected]> +Date: Sat, 7 Jun 2025 22:27:06 +0200 +Subject: [PATCH] lzw: Fix reporting of bytes written in decoder + +When the LZW decoder encounters an invalid code, it stops +processing the image and returns the whole buffer size. +It should return the amount of bytes written, instead. + +Fixes #257 + +CVE: CVE-2025-6199 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32.patch] + +Signed-off-by: Shaik Moin <[email protected]> +--- + gdk-pixbuf/lzw.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gdk-pixbuf/lzw.c b/gdk-pixbuf/lzw.c +index 15293560b..4f3dd8beb 100644 +--- a/gdk-pixbuf/lzw.c ++++ b/gdk-pixbuf/lzw.c +@@ -208,7 +208,7 @@ lzw_decoder_feed (LZWDecoder *self, + /* Invalid code received - just stop here */ + if (self->code >= self->code_table_size) { + self->last_code = self->eoi_code; +- return output_length; ++ return n_written; + } + + /* Convert codeword into indexes */ +-- +2.34.1 + diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb index 471d72d8dd..c72352f5a4 100644 --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.10.bb @@ -21,6 +21,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://fatal-loader.patch \ file://0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch \ file://CVE-2025-7345.patch \ + file://0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch \ " SRC_URI[sha256sum] = "ee9b6c75d13ba096907a2e3c6b27b61bcd17f5c7ebeab5a5b439d2f2e39fe44b" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#230973): https://lists.openembedded.org/g/openembedded-core/message/230973 Mute This Topic: https://lists.openembedded.org/mt/117753590/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
