data:image/s3,"s3://crabby-images/bd9cb/bd9cb548da338185f338dee27e76df32659bbc6d" alt=""
Hello community, here is the log from the commit of package gimp checked in at Fri May 4 17:19:02 CEST 2007. -------- --- GNOME/gimp/gimp.changes 2007-02-27 22:39:13.000000000 +0100 +++ /mounts/work_src_done/STABLE/gimp/gimp.changes 2007-05-04 15:32:01.000000000 +0200 @@ -1,0 +2,6 @@ +Fri May 4 15:32:01 CEST 2007 - sbrabec@suse.cz + +- Fixed buffer overflow in sunras plugin (#270506, GNOME#433902, + CVE-2007-2356). + +------------------------------------------------------------------- New: ---- gimp-sunras-overflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gimp.spec ++++++ --- /var/tmp/diff_new_pack.O16841/_old 2007-05-04 17:18:16.000000000 +0200 +++ /var/tmp/diff_new_pack.O16841/_new 2007-05-04 17:18:16.000000000 +0200 @@ -21,7 +21,7 @@ %endif URL: http://www.gimp.org/ Version: 2.2.13 -Release: 46 +Release: 60 License: GNU General Public License (GPL) Group: Productivity/Graphics/Bitmap Editors Provides: gimp2 gimp-2.0 @@ -35,6 +35,7 @@ Source1: gimp-logo.png Source2: gimp-splash.png Patch: gimp-default-browser.patch +Patch1: gimp-sunras-overflow.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -419,7 +420,7 @@ Shirasaki Yasuhiro %package doc -Summary: Additional Package Documentation. +Summary: Additional Package Documentation for GIMP. Provides: gimp2-doc gimp-2.0-doc Requires: %{name} = %{version} Obsoletes: gimpdev libgimpd gimp2-devel @@ -631,6 +632,7 @@ # gimpbilinear.c: 179, 132 # fit.c: 1302 %patch +%patch1 rm po*/no.* sed -i "/ALL_LINGUAS=/s/ no / /" configure.in @@ -718,6 +720,9 @@ %{_datadir}/gtk-doc/html/* %changelog +* Fri May 04 2007 - sbrabec@suse.cz +- Fixed buffer overflow in sunras plugin (#270506, GNOME#433902, + CVE-2007-2356). * Tue Feb 27 2007 - dmueller@suse.de - adjust BuildRequires: libexif->libexif-devel * Wed Jan 03 2007 - sbrabec@suse.cz ++++++ gimp-sunras-overflow.patch ++++++ ------------------------------------------------------------------------ r22356 | neo | 2007-04-27 13:50:58 +0200 (Pá, 27 dub 2007) | 8 lines 2007-04-27 Sven Neumann <sven@gimp.org> Merged from trunk: * plug-ins/common/sunras.c (set_color_table): guard against a possible stack overflow. ------------------------------------------------------------------------ Index: sunras.c =================================================================== --- plug-ins/common/sunras.c (revision 22355) +++ plug-ins/common/sunras.c (revision 22356) @@ -102,8 +102,7 @@ gint32 image_ID, gint32 drawable_ID); -static void set_color_table (gint32, L_SUNFILEHEADER *, unsigned char *); - +static void set_color_table (gint32, L_SUNFILEHEADER *, const guchar *); static gint32 create_new_image (const gchar *filename, guint width, guint height, @@ -865,19 +864,20 @@ static void set_color_table (gint32 image_ID, L_SUNFILEHEADER *sunhdr, - guchar *suncolmap) + const guchar *suncolmap) { - int ncols, j; - guchar ColorMap[256*3]; + guchar ColorMap[256 * 3]; + gint ncols, j; ncols = sunhdr->l_ras_maplength / 3; - if (ncols <= 0) return; + if (ncols <= 0) + return; - for (j = 0; j < ncols; j++) + for (j = 0; j < MIN (ncols, 256); j++) { - ColorMap[j*3] = suncolmap[j]; - ColorMap[j*3+1] = suncolmap[j+ncols]; - ColorMap[j*3+2] = suncolmap[j+2*ncols]; + ColorMap[j * 3 + 0] = suncolmap[j]; + ColorMap[j * 3 + 1] = suncolmap[j + ncols]; + ColorMap[j * 3 + 2] = suncolmap[j + 2 * ncols]; } #ifdef DEBUG @@ -886,6 +886,7 @@ printf ("%3d: 0x%02x 0x%02x 0x%02x\n", j, ColorMap[j*3], ColorMap[j*3+1], ColorMap[j*3+2]); #endif + gimp_image_set_colormap (image_ID, ColorMap, ncols); } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de