Hello community, here is the log from the commit of package openexr for openSUSE:Factory checked in at 2019-06-25 22:20:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openexr (Old) and /work/SRC/openSUSE:Factory/.openexr.new.4615 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openexr" Tue Jun 25 22:20:54 2019 rev:29 rq:711398 version:2.3.0 Changes: -------- --- /work/SRC/openSUSE:Factory/openexr/openexr.changes 2018-11-12 09:51:32.944273293 +0100 +++ /work/SRC/openSUSE:Factory/.openexr.new.4615/openexr.changes 2019-06-25 22:20:56.817029185 +0200 @@ -1,0 +2,8 @@ +Fri Jun 14 19:30:32 UTC 2019 - [email protected] + +- security update +- added patches + CVE-2017-9111 [bsc#1040109], CVE-2017-9113 [bsc#1040113], CVE-2017-9115 [bsc#1040115] + + openexr-CVE-2017-9111,9113,9115.patch + +------------------------------------------------------------------- New: ---- openexr-CVE-2017-9111,9113,9115.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openexr.spec ++++++ --- /var/tmp/diff_new_pack.ihAslY/_old 2019-06-25 22:20:57.421030013 +0200 +++ /var/tmp/diff_new_pack.ihAslY/_new 2019-06-25 22:20:57.421030013 +0200 @@ -1,7 +1,7 @@ # # spec file for package openexr # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -35,7 +35,11 @@ Source1: https://github.com/openexr/openexr/releases/download/v%{version}/openexr-%{version}.tar.gz.sig Source2: baselibs.conf Source3: openexr.keyring +# https://github.com/openexr/openexr/pull/401 Patch0: openexr-CVE-2018-18444.patch +# https://github.com/openexr/openexr/pull/401 +# CVE-2017-9111 [bsc#1040109], CVE-2017-9113 [bsc#1040113], CVE-2017-9115 [bsc#1040115] +Patch1: openexr-CVE-2017-9111,9113,9115.patch BuildRequires: automake BuildRequires: fltk-devel BuildRequires: freeglut-devel @@ -135,6 +139,7 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 %build export PTHREAD_LIBS="-lpthread" ++++++ openexr-CVE-2017-9111,9113,9115.patch ++++++ Index: openexr-2.3.0/exrmakepreview/makePreview.cpp =================================================================== --- openexr-2.3.0.orig/exrmakepreview/makePreview.cpp 2018-08-10 03:35:00.000000000 +0200 +++ openexr-2.3.0/exrmakepreview/makePreview.cpp 2019-06-14 19:18:36.159142127 +0200 @@ -110,6 +110,9 @@ generatePreview (const char inFileName[] int h = dw.max.y - dw.min.y + 1; Array2D <Rgba> pixels (h, w); + if (INT_MAX / abs(w) < abs(dw.min.y) || + INT_MAX - abs(dw.min.x) < abs(dw.min.y * w)) + throw IEX_NAMESPACE::ArgExc ("Invalid data window in image header."); in.setFrameBuffer (&pixels[0][0] - dw.min.y * w - dw.min.x, 1, w); in.readPixels (dw.min.y, dw.max.y); Index: openexr-2.3.0/exrmaketiled/Image.h =================================================================== --- openexr-2.3.0.orig/exrmaketiled/Image.h 2018-08-10 03:35:00.000000000 +0200 +++ openexr-2.3.0/exrmaketiled/Image.h 2019-06-14 19:19:02.451287048 +0200 @@ -192,6 +192,9 @@ TypedImageChannel<T>::slice () const const IMATH_NAMESPACE::Box2i &dw = image().dataWindow(); int w = dw.max.x - dw.min.x + 1; + if (INT_MAX / abs(w) < abs(dw.min.y) || + INT_MAX - abs(dw.min.x) < abs(dw.min.y * w)) + throw IEX_NAMESPACE::ArgExc ("Invalid data window in image header."); return OPENEXR_IMF_INTERNAL_NAMESPACE::Slice (pixelType(), (char *) (&_pixels[0][0] - dw.min.y * w - dw.min.x), sizeof (T),
