diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2019-12-26 14:20:57 +0100 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2019-12-26 14:22:42 +0100 |
| commit | 3c5375cf80f0d9cec96b892955916e5f6f62d8b0 (patch) | |
| tree | 8fef2804a9dd74365f42882f56fd1568a50d275b | |
| parent | 981d44c46ea20fd4e9e399ee666437a7fdf2d574 (diff) | |
| download | aports-3c5375cf80f0d9cec96b892955916e5f6f62d8b0.tar.gz aports-3c5375cf80f0d9cec96b892955916e5f6f62d8b0.tar.bz2 aports-3c5375cf80f0d9cec96b892955916e5f6f62d8b0.tar.xz | |
main/exiv2: backport fix for CVE-2019-17402
fixes #11018
| -rw-r--r-- | main/exiv2/APKBUILD | 10 | ||||
| -rw-r--r-- | main/exiv2/CVE-2019-17402.patch | 32 |
2 files changed, 40 insertions, 2 deletions
diff --git a/main/exiv2/APKBUILD b/main/exiv2/APKBUILD index 1b9add39761..b3593991049 100644 --- a/main/exiv2/APKBUILD +++ b/main/exiv2/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=exiv2 pkgver=0.26 -pkgrel=0 +pkgrel=1 pkgdesc="Exif and Iptc metadata manipulation library and tools." url="http://exiv2.org" arch="all" @@ -14,8 +14,13 @@ subpackages="$pkgname-dev $pkgname-doc" source="http://exiv2.org/releases/exiv2-$pkgver-trunk.tar.gz 0000-pthread-init-fix.patch 0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch + CVE-2019-17402.patch " +# secfixes: +# 0.26-r1: +# - CVE-2019-17402 + builddir="$srcdir"/exiv2-trunk prepare() { default_prepare @@ -38,4 +43,5 @@ package() { sha512sums="d1e9cab886e279b045768dd9ec781f07d2d36d573119403d0b76dc571442173aae6972f86ec55c3ea53fb3ee9ca3571eb8fd63a2a6643a970852813e88634a86 exiv2-0.26-trunk.tar.gz 9721d359708c385be7c86a8f8a63de43b05b2578a29b4339861e82873aa81a98a7ee7252847b6c55529341187d40f552c488589b416fd9d1e27418925929c018 0000-pthread-init-fix.patch -485bd340169f69a3ce356e59e9138250cc14592f4477bb73827c799fe465535954469634fc58a1856f690f0e0b4171cba6fdd3391d43c0efc5e89652b93eb3ce 0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch" +485bd340169f69a3ce356e59e9138250cc14592f4477bb73827c799fe465535954469634fc58a1856f690f0e0b4171cba6fdd3391d43c0efc5e89652b93eb3ce 0001-Amend-fix-for-9-to-apply-to-other-Unix-systems.patch +b408ec85b5aa0fde6e08a277292ebde90f25b31605ba29039464e217c7f249d9ffeebfef9dc187955663d0b02ccafc020c16c4a5342cd38483816a1f9038c2d0 CVE-2019-17402.patch" diff --git a/main/exiv2/CVE-2019-17402.patch b/main/exiv2/CVE-2019-17402.patch new file mode 100644 index 00000000000..c6b5166adb0 --- /dev/null +++ b/main/exiv2/CVE-2019-17402.patch @@ -0,0 +1,32 @@ +From cb2467834d118ae11526f7d24a699799ce5c4912 Mon Sep 17 00:00:00 2001 +From: Jens Georg <mail@jensge.org> +Date: Sun, 6 Oct 2019 15:05:20 +0200 +Subject: [PATCH 1/2] crwimage: Check offset and size against total size + +Corrupted or specially crafted CRW images might exceed the overall +buffersize. + +Fixes #1019 + +(cherry picked from commit 683451567284005cd24e1ccb0a76ca401000968b) +--- + src/crwimage.cpp | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/crwimage.cpp b/src/crwimage.cpp +index 989c0eb8..a0978aaf 100644 +--- a/src/crwimage.cpp ++++ b/src/crwimage.cpp +@@ -448,6 +448,9 @@ namespace Exiv2 { + #ifdef DEBUG + std::cout << "Reading directory 0x" << std::hex << tag() << "\n"; + #endif ++ if (this->offset() + this->size() > size) ++ throw Error(26); ++ + readDirectory(pData + offset(), this->size(), byteOrder); + #ifdef DEBUG + std::cout << "<---- 0x" << std::hex << tag() << "\n"; +-- +2.24.1 + |