Hello community, here is the log from the commit of package openjpeg for openSUSE:Factory checked in at 2012-06-29 10:21:34 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openjpeg (Old) and /work/SRC/openSUSE:Factory/.openjpeg.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "openjpeg", Maintainer is "" Changes: -------- --- /work/SRC/openSUSE:Factory/openjpeg/openjpeg.changes 2012-02-29 14:09:26.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.openjpeg.new/openjpeg.changes 2012-06-29 10:42:34.000000000 +0200 @@ -1,0 +2,6 @@ +Thu Jun 28 18:42:41 UTC 2012 - asterios.dramis@gmail.com + +- Added a patch (heap_corruption_fix.patch) to fix heap corruption when + processing certain Gray16 TIFF images - (CVE-2009-5030), (bnc#757260). + +------------------------------------------------------------------- New: ---- heap_corruption_fix.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openjpeg.spec ++++++ --- /var/tmp/diff_new_pack.WMYn4C/_old 2012-06-29 10:42:36.000000000 +0200 +++ /var/tmp/diff_new_pack.WMYn4C/_new 2012-06-29 10:42:36.000000000 +0200 @@ -32,6 +32,8 @@ Patch2: openjpeg-1.5.0-cmake_libdir.patch # PATCH-FIX-UPSTREAM openjpeg-1.5.0-pkgconfig_includedir.patch asterios.dramis@gmail.com -- Fix includedir in pkgconfig file (taken from Fedora) Patch3: openjpeg-1.5.0-pkgconfig_includedir.patch +# PATCH-FIX-UPSTREAM heap_corruption_fix.patch CVE-2009-5030 bnc#757260 asterios.dramis@gmail.com -- Fix heap corruption when processing certain Gray16 TIFF images (http://code.google.com/p/openjpeg/source/detail?r=1703) +Patch4: heap_corruption_fix.patch BuildRequires: cmake BuildRequires: doxygen BuildRequires: liblcms2-devel @@ -69,6 +71,7 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 # Remove build time references so build-compare can do its work sed -i "s/HTML_TIMESTAMP = YES/HTML_TIMESTAMP = NO/g" doc/Doxyfile.dox.cmake.in ++++++ heap_corruption_fix.patch ++++++ --- openjpeg-1.5.0/libopenjpeg/tcd.c 2012-02-07 12:49:55.000000000 +0200 +++ openjpeg-1.5.0/libopenjpeg/tcd.c.r1703 2012-06-28 20:34:17.633818590 +0300 @@ -333,7 +333,7 @@ cblk->y0 = int_max(cblkystart, prc->y0); cblk->x1 = int_min(cblkxend, prc->x1); cblk->y1 = int_min(cblkyend, prc->y1); - cblk->data = (unsigned char*) opj_calloc(8192+2, sizeof(unsigned char)); + cblk->data = (unsigned char*) opj_calloc(9728+2, sizeof(unsigned char)); /* FIXME: mqc_init_enc and mqc_byteout underrun the buffer if we don't do this. Why? */ cblk->data += 2; cblk->layers = (opj_tcd_layer_t*) opj_calloc(100, sizeof(opj_tcd_layer_t)); -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org