Hello community, here is the log from the commit of package openjpeg for openSUSE:Factory checked in at 2017-02-08 10:50:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openjpeg (Old) and /work/SRC/openSUSE:Factory/.openjpeg.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openjpeg" Changes: -------- --- /work/SRC/openSUSE:Factory/openjpeg/openjpeg.changes 2015-03-03 11:13:59.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.openjpeg.new/openjpeg.changes 2017-02-08 10:50:32.914823876 +0100 @@ -1,0 +2,6 @@ +Fri Feb 3 21:03:32 UTC 2017 - asterios.dra...@gmail.com + +- Add openjpeg-bsc999817-cve2016-7445-null-deref.patch to fix null + pointer dereference in convert.c (bsc#999817, CVE-2016-7445). + +------------------------------------------------------------------- New: ---- openjpeg-bsc999817-cve2016-7445-null-deref.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openjpeg.spec ++++++ --- /var/tmp/diff_new_pack.GeOqP8/_old 2017-02-08 10:50:33.530738039 +0100 +++ /var/tmp/diff_new_pack.GeOqP8/_new 2017-02-08 10:50:33.530738039 +0100 @@ -1,7 +1,7 @@ # # spec file for package openjpeg # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -31,6 +31,8 @@ # PATCH-FIX-OPENSUSE openjpeg-1.5.1-soname.patch asterios.dra...@gmail.com -- Revert soname bump compared to 1.5.0 release (for now, remove patch in 2.0 release) (taken from Fedora) # See "http://code.google.com/p/openjpeg/source/browse/tags/version.1.5.1/CMakeLists.txt";. The change was introduced in 1.5.1 but soname can remain the same between 1.5.0 and 1.5.1 versions. Patch1: openjpeg-1.5.1-soname.patch +# PATCH-FIX-UPSTREAM openjpeg-bsc999817-cve2016-7445-null-deref.patch CVE-2016-7445 bsc#999817 h...@suse.com -- Fix null pointer dereference in convert.c +Patch2: openjpeg-bsc999817-cve2016-7445-null-deref.patch BuildRequires: cmake BuildRequires: doxygen BuildRequires: libtiff-devel @@ -71,6 +73,7 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 # Remove build time references so build-compare can do its work echo "HTML_TIMESTAMP = NO" >> doc/Doxyfile.dox.cmake.in ++++++ openjpeg-bsc999817-cve2016-7445-null-deref.patch ++++++ diff --git a/applications/codec/convert.c b/applications/codec/convert.c index 082aa2c..d4c850c 100644 --- a/applications/codec/convert.c +++ b/applications/codec/convert.c @@ -1652,8 +1652,10 @@ static void read_pnm_header(FILE *reader, struct pnm_header *ph) if( !have_wh) { s = skip_int(s, &ph->width); + if (s == NULL || *s == 0) return; s = skip_int(s, &ph->height); + if (s == NULL || *s == 0) return; have_wh = 1; @@ -1665,6 +1667,7 @@ static void read_pnm_header(FILE *reader, struct pnm_header *ph) { /* P2, P3, P5, P6: */ s = skip_int(s, &ph->maxval); + if (s == NULL || *s == 0) return; if(ph->maxval > 65535) return; }
