Hello community,

here is the log from the commit of package lcms for openSUSE:Factory checked in 
at 2013-10-06 14:26:34
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lcms (Old)
 and      /work/SRC/openSUSE:Factory/.lcms.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "lcms"

Changes:
--------
--- /work/SRC/openSUSE:Factory/lcms/lcms.changes        2013-04-14 
10:16:54.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.lcms.new/lcms.changes   2013-10-06 
14:26:35.000000000 +0200
@@ -1,0 +2,11 @@
+Sat Oct  5 19:37:49 UTC 2013 - crrodrig...@opensuse.org
+
+- add zlib-devel to buildrequires, not implicit anymore. 
+
+-------------------------------------------------------------------
+Fri Oct  4 18:26:21 CEST 2013 - sbra...@suse.cz
+
+- Stack overflow fix
+  (CVE-2013-4276.patch, bnc#843716, CVE-2013-4276).
+
+-------------------------------------------------------------------

New:
----
  CVE-2013-4276.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ lcms.spec ++++++
--- /var/tmp/diff_new_pack.NG0Twg/_old  2013-10-06 14:26:36.000000000 +0200
+++ /var/tmp/diff_new_pack.NG0Twg/_new  2013-10-06 14:26:36.000000000 +0200
@@ -29,6 +29,8 @@
 Patch:          lcms-endian.patch
 Patch1:         lcms-strict-aliasing.patch
 Patch2:         lcms-implicit-declaration.patch
+# PATCH-FIX-SECURITY CVE-2013-4276.patch bnc843716 sbra...@suse.cz -- Stack 
overflow fix.
+Patch3:         CVE-2013-4276.patch
 
 %if 0%{?fedora_version}   
 BuildRequires:  gcc-c++
@@ -44,6 +46,7 @@
 BuildRequires:  libtiff-devel
 BuildRequires:  pkg-config
 BuildRequires:  python-devel
+BuildRequires:  zlib-devel
 %endif 
 
 # bug437293
@@ -97,7 +100,7 @@
 %patch
 %patch1
 %patch2
-#%patch3 -p1
+%patch3 -p1
 cp -a README.1ST README
 chmod -x COPYING AUTHORS NEWS README doc/*.TXT
 

++++++ CVE-2013-4276.patch ++++++
--- lcms-1.19.dfsg/samples/icctrans.c   2009-10-30 15:57:45.000000000 +0000
+++ lcms-1.19.dfsg/samples/icctrans.c   2013-08-06 11:53:14.385266647 +0100
@@ -86,6 +86,8 @@ 
 static LPcmsNAMEDCOLORLIST InputColorant = NULL;
 static LPcmsNAMEDCOLORLIST OutputColorant = NULL;
 
+unsigned int Buffer_size = 4096;
+
 
 // isatty replacement
 
@@ -500,7 +502,7 @@ 
 
     Prefix[0] = 0;
     if (!lTerse)
-        sprintf(Prefix, "%s=", C);
+        snprintf(Prefix, 20, "%s=", C);
 
     if (InHexa)
     {
@@ -648,7 +650,9 @@ 
 static
 void GetLine(char* Buffer)
 {    
-    scanf("%s", Buffer);
+    char User_buffer[Buffer_size];
+    fgets(User_buffer, (Buffer_size - 1), stdin);
+    sscanf(User_buffer,"%s", Buffer);
     
     if (toupper(Buffer[0]) == 'Q') { // Quit?
 
@@ -668,7 +672,7 @@ 
 static
 double GetAnswer(const char* Prompt, double Range)
 {
-    char Buffer[4096];
+    char Buffer[Buffer_size];
     double val = 0.0;
               
     if (Range == 0.0) {              // Range 0 means double value
@@ -738,7 +742,7 @@ 
 static
 WORD GetIndex(void)
 {
-    char Buffer[4096], Name[40], Prefix[40], Suffix[40];
+    char Buffer[Buffer_size], Name[40], Prefix[40], Suffix[40];
     int index, max;
 
     max = cmsNamedColorCount(hTrans)-1;
--- lcms-1.19.dfsg/tifficc/tiffdiff.c   2009-10-30 15:57:46.000000000 +0000
+++ lcms-1.19.dfsg/tifficc/tiffdiff.c   2013-08-06 11:49:06.698951157 +0100
@@ -633,7 +633,7 @@ 
     cmsIT8SetSheetType(hIT8, "TIFFDIFF");
     
    
-    sprintf(Buffer, "Differences between %s and %s", TiffName1, TiffName2);
+    snprintf(Buffer, 256, "Differences between %s and %s", TiffName1, 
TiffName2);
   
     cmsIT8SetComment(hIT8, Buffer);
 
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

Reply via email to