CVE: CVE-2025-6199 Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32.patch]
Backport the fix for CVE-2025-6199 Add below patch to fix 0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch Signed-off-by: Shaik Moin <[email protected]> --- ...d-support-patch-to-fix-CVE-2025-6199.patch | 36 +++++++++++++++++++ .../gdk-pixbuf/gdk-pixbuf_2.42.12.bb | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch new file mode 100644 index 0000000000..aa8bfec8f4 --- /dev/null +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch @@ -0,0 +1,36 @@ +From 140200be0b4d5355aab76a6fd474e17d117045ca Mon Sep 17 00:00:00 2001 +From: lumi <[email protected]> +Date: Sat, 7 Jun 2025 22:27:06 +0200 +Subject: [PATCH] lzw: Fix reporting of bytes written in decoder + +When the LZW decoder encounters an invalid code, it stops +processing the image and returns the whole buffer size. +It should return the amount of bytes written, instead. + +Fixes #257 + +CVE: CVE-2025-6199 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32.patch] + +Signed-off-by: Shaik Moin <[email protected]> +--- + gdk-pixbuf/lzw.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gdk-pixbuf/lzw.c b/gdk-pixbuf/lzw.c +index 15293560b..4f3dd8beb 100644 +--- a/gdk-pixbuf/lzw.c ++++ b/gdk-pixbuf/lzw.c +@@ -208,7 +208,7 @@ lzw_decoder_feed (LZWDecoder *self, + /* Invalid code received - just stop here */ + if (self->code >= self->code_table_size) { + self->last_code = self->eoi_code; +- return output_length; ++ return n_written; + } + + /* Convert codeword into indexes */ +-- +2.34.1 + diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb index ff1c7a1fb2..8579614bb1 100644 --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb @@ -21,6 +21,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://fatal-loader.patch \ file://0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch \ file://CVE-2025-7345.patch \ + file://0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch \ " SRC_URI[sha256sum] = "b9505b3445b9a7e48ced34760c3bcb73e966df3ac94c95a148cb669ab748e3c7" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#230974): https://lists.openembedded.org/g/openembedded-core/message/230974 Mute This Topic: https://lists.openembedded.org/mt/117753593/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
