commit jasper for openSUSE:Factory

Sun, 07 Feb 2016 00:22:55 -0800 

Hello community,

here is the log from the commit of package jasper for openSUSE:Factory checked 
in at 2016-02-07 09:22:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/jasper (Old)
 and      /work/SRC/openSUSE:Factory/.jasper.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "jasper"

Changes:
--------
--- /work/SRC/openSUSE:Factory/jasper/jasper.changes    2016-01-23 
01:15:36.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.jasper.new/jasper.changes       2016-02-07 
09:22:36.000000000 +0100
@@ -1,0 +2,18 @@
+Tue Feb  2 07:48:21 UTC 2016 - [email protected]
+
+- Modified patch
+  * jasper-CVE-2016-2089.patch
+    + Use the new version of patch from
+      https://bugzilla.redhat.com/show_bug.cgi?id=1302636
+      with more targetted checks.
+- Version the Obsoletes/Provides so that the package does not
+  obsolete itself
+
+-------------------------------------------------------------------
+Thu Jan 28 14:59:27 UTC 2016 - [email protected]
+
+- Add jasper-CVE-2016-2089.patch
+  * CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip()
+    function (bsc#963983)
+
+-------------------------------------------------------------------

New:
----
  jasper-CVE-2016-2089.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ jasper.spec ++++++
--- /var/tmp/diff_new_pack.qdnWda/_old  2016-02-07 09:22:37.000000000 +0100
+++ /var/tmp/diff_new_pack.qdnWda/_new  2016-02-07 09:22:37.000000000 +0100
@@ -43,6 +43,7 @@
 # PATCH-FIX-UPSTREAM jasper-jpc_dec.patch deb#469786 [email protected] -- 
Fix failure when manipulating images with 4 component color using reversible 
color translation (patch taken from Fedora)
 Patch11:        jasper-jpc_dec.patch
 Patch12:        jasper-CVE-2016-1867.patch
+Patch13:        jasper-CVE-2016-2089.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -58,8 +59,8 @@
 Obsoletes:      libjasper-64bit
 %endif
 # used in <= 11.3
-Obsoletes:      libjasper
-Provides:       libjasper
+Obsoletes:      libjasper < %{version}-%{release}
+Provides:       libjasper = %{version}-%{release}
 #
 
 %description -n libjasper1
@@ -95,6 +96,7 @@
 %patch10 -p1
 %patch11 -p1
 %patch12 -p1
+%patch13 -p1
 
 %build
 autoreconf -i -f


++++++ jasper-CVE-2016-2089.patch ++++++
diff -pru jasper-1.900.1.orig/src/libjasper/base/jas_image.c 
jasper-1.900.1/src/libjasper/base/jas_image.c
--- jasper-1.900.1.orig/src/libjasper/base/jas_image.c  2016-02-01 
14:53:56.000000000 +0100
+++ jasper-1.900.1/src/libjasper/base/jas_image.c       2016-02-01 
21:49:58.746006339 +0100
@@ -433,6 +433,10 @@ int jas_image_readcmpt(jas_image_t *imag
                return -1;
        }
 
+       if (!data->rows_) {
+               return -1;
+       }
+
        if (jas_matrix_numrows(data) != height || jas_matrix_numcols(data) != 
width) {
                if (jas_matrix_resize(data, height, width)) {
                        return -1;
@@ -486,6 +490,10 @@ int jas_image_writecmpt(jas_image_t *ima
                return -1;
        }
 
+       if (!data->rows_) {
+               return -1;
+       }
+
        if (jas_matrix_numrows(data) != height || jas_matrix_numcols(data) != 
width) {
                return -1;
        }
diff -pru jasper-1.900.1.orig/src/libjasper/base/jas_seq.c 
jasper-1.900.1/src/libjasper/base/jas_seq.c
--- jasper-1.900.1.orig/src/libjasper/base/jas_seq.c    2016-02-01 
14:53:56.000000000 +0100
+++ jasper-1.900.1/src/libjasper/base/jas_seq.c 2016-02-01 21:53:45.149193159 
+0100
@@ -266,6 +266,10 @@ void jas_matrix_divpow2(jas_matrix_t *ma
        int rowstep;
        jas_seqent_t *data;
 
+       if (!matrix->rows_) {
+               return;
+       }
+
        rowstep = jas_matrix_rowstep(matrix);
        for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
          rowstart += rowstep) {
@@ -286,6 +290,10 @@ void jas_matrix_clip(jas_matrix_t *matri
        jas_seqent_t *data;
        int rowstep;
 
+       if (!matrix->rows_) {
+               return;
+       }
+
        rowstep = jas_matrix_rowstep(matrix);
        for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
          rowstart += rowstep) {
@@ -310,6 +318,10 @@ void jas_matrix_asr(jas_matrix_t *matrix
        int rowstep;
        jas_seqent_t *data;
 
+       if (!matrix->rows_) {
+               return;
+       }
+
        assert(n >= 0);
        rowstep = jas_matrix_rowstep(matrix);
        for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
@@ -329,6 +341,10 @@ void jas_matrix_asl(jas_matrix_t *matrix
        int rowstep;
        jas_seqent_t *data;
 
+       if (!matrix->rows_) {
+               return;
+       }
+
        rowstep = jas_matrix_rowstep(matrix);
        for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
          rowstart += rowstep) {
@@ -371,6 +387,10 @@ void jas_matrix_setall(jas_matrix_t *mat
        int rowstep;
        jas_seqent_t *data;
 
+       if (!matrix->rows_) {
+               return;
+       }
+
        rowstep = jas_matrix_rowstep(matrix);
        for (i = matrix->numrows_, rowstart = matrix->rows_[0]; i > 0; --i,
          rowstart += rowstep) {

Reply via email to