Script 'mail_helper' called by obssrc Hello community,
here is the log from the commit of package djvulibre for openSUSE:Factory checked in at 2021-06-01 10:32:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/djvulibre (Old) and /work/SRC/openSUSE:Factory/.djvulibre.new.1898 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "djvulibre"
Tue Jun 1 10:32:49 2021 rev:42 rq:895143 version:3.5.28
Changes: -------- --- /work/SRC/openSUSE:Factory/djvulibre/djvulibre.changes 2021-05-15 23:16:39.432626038 +0200 +++ /work/SRC/openSUSE:Factory/.djvulibre.new.1898/djvulibre.changes 2021-06-01 10:32:51.292342445 +0200 @@ -1,0 +2,8 @@ +Mon May 24 08:55:21 UTC 2021 - pgajdos@suse.com + +- security update +- added patches + fix CVE-2021-3500 [bsc#1186253], Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file + + djvulibre-CVE-2021-3500.patch + +-------------------------------------------------------------------
New: ---- djvulibre-CVE-2021-3500.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences: ------------------ ++++++ djvulibre.spec ++++++ --- /var/tmp/diff_new_pack.n7OQWZ/_old 2021-06-01 10:32:51.820343343 +0200 +++ /var/tmp/diff_new_pack.n7OQWZ/_new 2021-06-01 10:32:51.824343351 +0200 @@ -35,6 +35,8 @@ Patch2: djvulibre-CVE-2021-32492.patch # CVE-2021-32493 [bsc#1185905], Heap buffer overflow in function DJVU:GBitmap:decode() via crafted djvu file Patch3: djvulibre-CVE-2021-32493.patch +# CVE-2021-3500 [bsc#1186253], Stack overflow in function DJVU:DjVuDocument:get_djvu_file() via crafted djvu file +Patch4: djvulibre-CVE-2021-3500.patch BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: hicolor-icon-theme @@ -91,6 +93,7 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1
%build # configure script missing; generate using autogen.sh
++++++ djvulibre-CVE-2021-3500.patch ++++++ --- a/libdjvu/DjVuPort.cpp +++ a/libdjvu/DjVuPort.cpp @@ -507,10 +507,19 @@ GP<DjVuFile> DjVuPortcaster::id_to_file(const DjVuPort * source, const GUTF8String &id) { GPList<DjVuPort> list; + + if (!!opening_id && opening_id == id) + G_THROW( ERR_MSG("DjVuPortcaster.recursive_open") ); + else + opening_id = id; + compute_closure(source, list, true); GP<DjVuFile> file; for(GPosition pos=list;pos;++pos) if ((file=list[pos]->id_to_file(source, id))) break; + + opening_id = GUTF8String(); + return file; }
--- a/libdjvu/DjVuPort.h +++ a/libdjvu/DjVuPort.h @@ -484,6 +484,7 @@ private: const DjVuPort *dst, int distance); void compute_closure(const DjVuPort *src, GPList<DjVuPort> &list, bool sorted=false); + GUTF8String opening_id; };
-
Source-Sync