Author: blues Date: Mon Dec 24 10:05:23 2007 GMT Module: SOURCES Tag: HEAD ---- Log message: - rel.2 - patches from RH: CVE-2007-6351, CVE-2007-6352
---- Files affected: SOURCES: libexif-cve-2007-6351.patch (NONE -> 1.1) (NEW), libexif-cve-2007-6352.patch (NONE -> 1.1) (NEW) ---- Diffs: ================================================================ Index: SOURCES/libexif-cve-2007-6351.patch diff -u /dev/null SOURCES/libexif-cve-2007-6351.patch:1.1 --- /dev/null Mon Dec 24 11:05:23 2007 +++ SOURCES/libexif-cve-2007-6351.patch Mon Dec 24 11:05:18 2007 @@ -0,0 +1,13 @@ +diff -up libexif-0.6.13/libexif/exif-loader.c.cve-2007-6351 libexif-0.6.13/libexif/exif-loader.c +--- libexif-0.6.13/libexif/exif-loader.c.cve-2007-6351 2007-12-15 22:16:06.000000000 -0500 ++++ libexif-0.6.13/libexif/exif-loader.c 2007-12-15 22:16:42.000000000 -0500 +@@ -173,6 +173,9 @@ exif_loader_write (ExifLoader *eld, unsi + break; + } + ++ if (!len) ++ return 1; ++ + exif_log (eld->log, EXIF_LOG_CODE_DEBUG, "ExifLoader", + "Scanning %i byte(s) of data...", len); + ================================================================ Index: SOURCES/libexif-cve-2007-6352.patch diff -u /dev/null SOURCES/libexif-cve-2007-6352.patch:1.1 --- /dev/null Mon Dec 24 11:05:23 2007 +++ SOURCES/libexif-cve-2007-6352.patch Mon Dec 24 11:05:18 2007 @@ -0,0 +1,16 @@ +diff -up libexif-0.6.13/libexif/exif-data.c.cve-2007-6352 libexif-0.6.13/libexif/exif-data.c +--- libexif-0.6.13/libexif/exif-data.c.cve-2007-6352 2007-12-15 22:06:15.000000000 -0500 ++++ libexif-0.6.13/libexif/exif-data.c 2007-12-15 22:07:27.000000000 -0500 +@@ -285,10 +285,9 @@ static void + exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d, + unsigned int ds, ExifLong offset, ExifLong size) + { +- if (ds < offset + size) { ++ if ((ds < offset + size) || (offset < 0) || (size < 0) || (offset + size < offset)) { + exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", +- "Bogus thumbnail offset and size: %i < %i + %i.", +- (int) ds, (int) offset, (int) size); ++ "Bogus thumbnail offset and size"); + return; + } + if (data->data) ================================================================ _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit