aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/openjpeg/APKBUILD8
-rw-r--r--main/openjpeg/CVE-2021-27844.patch30
2 files changed, 2 insertions, 36 deletions
diff --git a/main/openjpeg/APKBUILD b/main/openjpeg/APKBUILD
index ea09b7abf1..deaef8e92f 100644
--- a/main/openjpeg/APKBUILD
+++ b/main/openjpeg/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=openjpeg
pkgver=2.3.1
-pkgrel=6
+pkgrel=5
pkgdesc="Open-source implementation of JPEG2000 image codec"
url="https://www.openjpeg.org/"
arch="all"
@@ -18,7 +18,6 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/uclouvain/openjpeg/archive/v
CVE-2020-27814.patch
CVE-2020-27823.patch
CVE-2020-27824.patch
- CVE-2021-27844.patch
"
build() {
@@ -30,8 +29,6 @@ build() {
}
# secfixes:
-# 2.3.1-r6:
-# - CVE-2021-27844
# 2.3.1-r5:
# - CVE-2020-27814
# - CVE-2020-27823
@@ -82,5 +79,4 @@ c8ffc926d91392b38250fd4e00fff5f93fbf5e17487d0e4a0184c9bd191aa2233c5c5dcf097dd628
f36ea384272b3918d194f7d64bcc321a66fa6ebb2d73ece3d69225f883ec8a2777284f633902cf954f9a847bd758da2c36c74d8ef28c4cd82a3bf076e326c611 CVE-2020-15389.patch
fffaa91a3c67b4edbd313bb9bbd7a9f5abeb65bc0ddda3f676eed86662c0ef844b06a1331bfea785cc6178f31750cb9172a81a7359a618694b740915a9ce494a CVE-2020-27814.patch
a5d5ff618a78ca16a5958c95860652101c59f39bb48ad13c1d802f559dca11d3a9c069e5898a48c5c5e5186ba186afe091653949bca6dfd3bdff236283a50be8 CVE-2020-27823.patch
-796f75d61db2cbb07dd8e3d7e52895a1b22dbf9e01763a1b0caaed413e76ef9b2f4927ceaefd5b07775639a4aaac5c50e641bcff6d646166d8d7160f17026f6f CVE-2020-27824.patch
-f160570b66655bea6a7a56b37bafe8c1856219df31f2e52bdb4788c3abfd716aa2200f05c7d7389a143d9249302c3f96aac4a49ac222af5f5823fa41f8bc2d5f CVE-2021-27844.patch"
+796f75d61db2cbb07dd8e3d7e52895a1b22dbf9e01763a1b0caaed413e76ef9b2f4927ceaefd5b07775639a4aaac5c50e641bcff6d646166d8d7160f17026f6f CVE-2020-27824.patch"
diff --git a/main/openjpeg/CVE-2021-27844.patch b/main/openjpeg/CVE-2021-27844.patch
deleted file mode 100644
index 5791abe1bb..0000000000
--- a/main/openjpeg/CVE-2021-27844.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 73fdf28342e4594019af26eb6a347a34eceb6296 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Wed, 2 Dec 2020 14:10:16 +0100
-Subject: [PATCH] opj_j2k_write_sod(): avoid potential heap buffer overflow
- (fixes #1299) (probably master only)
-
----
- src/lib/openjp2/j2k.c | 9 +++++++--
- 1 file changed, 7 insertions(+), 2 deletions(-)
-
-diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
-index 78d459259..8e343ab2e 100644
---- a/src/lib/openjp2/j2k.c
-+++ b/src/lib/openjp2/j2k.c
-@@ -4806,8 +4806,13 @@ static OPJ_BOOL opj_j2k_write_sod(opj_j2k_t *p_j2k,
- }
- }
-
-- assert(l_remaining_data >
-- p_j2k->m_specific_param.m_encoder.m_reserved_bytes_for_PLT);
-+ if (l_remaining_data <
-+ p_j2k->m_specific_param.m_encoder.m_reserved_bytes_for_PLT) {
-+ opj_event_msg(p_manager, EVT_ERROR,
-+ "Not enough bytes in output buffer to write SOD marker\n");
-+ opj_tcd_marker_info_destroy(marker_info);
-+ return OPJ_FALSE;
-+ }
- l_remaining_data -= p_j2k->m_specific_param.m_encoder.m_reserved_bytes_for_PLT;
-
- if (! opj_tcd_encode_tile(p_tile_coder, p_j2k->m_current_tile_number,