commit GraphicsMagick for openSUSE:Factory

Fri, 05 Jun 2020 11:03:13 -0700 

Hello community,

here is the log from the commit of package GraphicsMagick for openSUSE:Factory 
checked in at 2020-06-05 20:02:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/GraphicsMagick (Old)
 and      /work/SRC/openSUSE:Factory/.GraphicsMagick.new.3606 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "GraphicsMagick"

Fri Jun  5 20:02:14 2020 rev:77 rq:810842 version:1.3.35

Changes:
--------
--- /work/SRC/openSUSE:Factory/GraphicsMagick/GraphicsMagick.changes    
2020-03-25 23:45:48.872043023 +0100
+++ /work/SRC/openSUSE:Factory/.GraphicsMagick.new.3606/GraphicsMagick.changes  
2020-06-05 20:02:30.468392014 +0200
@@ -1,0 +2,8 @@
+Tue Jun  2 12:57:34 UTC 2020 - [email protected]
+
+- security update
+- added patches
+  fix CVE-2020-12672 [bsc#1171271], heap-based buffer overflow in ReadMNGImage 
in coders/png.c.
+  + GraphicsMagick-CVE-2020-12672.patch
+
+-------------------------------------------------------------------

New:
----
  GraphicsMagick-CVE-2020-12672.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ GraphicsMagick.spec ++++++
--- /var/tmp/diff_new_pack.rMduRS/_old  2020-06-05 20:02:32.052397209 +0200
+++ /var/tmp/diff_new_pack.rMduRS/_new  2020-06-05 20:02:32.056397223 +0200
@@ -41,6 +41,8 @@
 Patch0:         GraphicsMagick-perl-linkage.patch
 %endif
 Patch1:         GraphicsMagick-disable-insecure-coders.patch
+# CVE-2020-12672 [bsc#1171271], heap-based buffer overflow in ReadMNGImage in 
coders/png.c.
+Patch2:         GraphicsMagick-CVE-2020-12672.patch
 BuildRequires:  cups-client
 BuildRequires:  dcraw
 BuildRequires:  gcc-c++
@@ -210,6 +212,7 @@
 %patch0 -p1
 %endif
 %patch1 -p1
+%patch2 -p1
 
 %build
 # This shouldn't be there yet.

++++++ GraphicsMagick-CVE-2020-12672.patch ++++++
diff -r 4917a4242fc0 -r 50395430a371 coders/png.c
--- a/coders/png.c      Fri May 01 13:49:13 2020 -0500
+++ b/coders/png.c      Sat May 30 10:18:16 2020 -0500
@@ -5689,7 +5691,28 @@
 
               if (logging)
                 (void) LogMagickEvent(CoderEvent,GetMagickModule(),
-                                      "  Processing MNG MAGN chunk");
+                                      "  Processing MNG MAGN chunk: MB=%u, 
ML=%u,"
+                                      " MR=%u, MT=%u, MX=%u, MY=%u,"
+                                      " X_method=%u, Y_method=%u",
+                                      mng_info->magn_mb,mng_info->magn_ml,
+                                      mng_info->magn_mr,mng_info->magn_mt,
+                                      mng_info->magn_mx,mng_info->magn_my,
+                                      mng_info->magn_methx,
+                                      mng_info->magn_methy);
+
+              /*
+                If the image width is 1, then X magnification is done
+                by simple pixel replication.
+              */
+              if (image->columns == 1)
+                  mng_info->magn_methx = 1;
+
+              /*
+                If the image height is 1, then Y magnification is done
+                by simple pixel replication.
+              */
+              if (image->rows == 1)
+                  mng_info->magn_methy = 1;
 
               if (mng_info->magn_methx == 1)
                 {
@@ -5734,12 +5757,10 @@
                   Image
                     *large_image;
 
-                  int
-                    yy;
-
                   long
                     m,
-                    y;
+                    y,
+                    yy;
 
                   register long
                     x;

Reply via email to