Hello community, here is the log from the commit of package jhead for openSUSE:Factory checked in at 2018-02-06 16:50:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/jhead (Old) and /work/SRC/openSUSE:Factory/.jhead.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "jhead" Tue Feb 6 16:50:36 2018 rev:23 rq:573268 version:3.00 Changes: -------- --- /work/SRC/openSUSE:Factory/jhead/jhead.changes 2015-04-28 20:48:09.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.jhead.new/jhead.changes 2018-02-06 16:50:39.167859399 +0100 @@ -1,0 +2,6 @@ +Mon Feb 5 16:46:47 UTC 2018 - kbabi...@suse.com + +- Added CVE-2018-6612.patch: Fix of a heap-based buffer over-read + (boo#1079349 CVE-2018-6612) + +------------------------------------------------------------------- New: ---- CVE-2018-6612.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ jhead.spec ++++++ --- /var/tmp/diff_new_pack.mlF8Bp/_old 2018-02-06 16:50:40.211810511 +0100 +++ /var/tmp/diff_new_pack.mlF8Bp/_new 2018-02-06 16:50:40.215810324 +0100 @@ -1,7 +1,7 @@ # # spec file for package jhead # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,6 +25,7 @@ Url: http://www.sentex.net/~mwandel/jhead/ Source0: http://www.sentex.net/~mwandel/jhead/jhead-%{version}.tar.gz Source1: %{name}.changes +Patch0: CVE-2018-6612.patch Requires: %{_bindir}/jpegtran Requires: %{_bindir}/mogrify BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -39,6 +40,7 @@ %prep %setup -q +%patch0 -p1 modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{SOURCE1}")" DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\"" TIME="\"$(date -d "${modified}" "+%%R")\"" ++++++ CVE-2018-6612.patch ++++++ --- jhead-3.00.orig/exif.c +++ jhead-3.00/exif.c @@ -1019,7 +1019,7 @@ void process_EXIF (unsigned char * ExifS FirstOffset = Get32u(ExifSection+12); if (FirstOffset < 8 || FirstOffset > 16){ - if (FirstOffset < 16 || FirstOffset > length-16){ + if (FirstOffset < 16 || length < 16 || FirstOffset > length-16){ ErrNonfatal("invalid offset for first Exif IFD value",0,0); return; }