Hello community, here is the log from the commit of package libquicktime for openSUSE:Factory checked in at 2017-07-11 08:33:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libquicktime (Old) and /work/SRC/openSUSE:Factory/.libquicktime.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libquicktime" Tue Jul 11 08:33:54 2017 rev:54 rq:508087 version:1.2.4cvs20150223 Changes: -------- --- /work/SRC/openSUSE:Factory/libquicktime/libquicktime.changes 2017-07-02 13:37:09.631672171 +0200 +++ /work/SRC/openSUSE:Factory/.libquicktime.new/libquicktime.changes 2017-07-11 08:33:56.210962988 +0200 @@ -1,0 +2,7 @@ +Tue Jul 4 10:28:44 UTC 2017 - kstreitova@suse.com + +- adjust libquicktime-1.2.4-integer_overflow.patch to prevent + endless loop when there are less than 256 bytes to read + [bsc#1022805] CVE-2016-2399 + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libquicktime-1.2.4-integer_overflow.patch ++++++ --- /var/tmp/diff_new_pack.NI5U8O/_old 2017-07-11 08:33:56.998851833 +0200 +++ /var/tmp/diff_new_pack.NI5U8O/_new 2017-07-11 08:33:57.002851268 +0200 @@ -1,13 +1,22 @@ -Index: libquicktime-1.2.4/src/util.c +Index: libquicktime/src/util.c =================================================================== ---- libquicktime-1.2.4.orig/src/util.c -+++ libquicktime-1.2.4/src/util.c -@@ -340,7 +340,7 @@ int64_t quicktime_byte_position(quicktim +--- libquicktime.orig/src/util.c ++++ libquicktime/src/util.c +@@ -376,9 +376,14 @@ int64_t quicktime_byte_position(quicktim void quicktime_read_pascal(quicktime_t *file, char *data) { - char len = quicktime_read_char(file); -+ unsigned char len = quicktime_read_char(file); - quicktime_read_data(file, (uint8_t*)data, len); - data[(int)len] = 0; +- quicktime_read_data(file, (uint8_t*)data, len); +- data[(int)len] = 0; ++ int len = quicktime_read_char(file); ++ if ((len > 0) && (len < 256)) { ++ /* data[] is expected to be 256 bytes long */ ++ quicktime_read_data(file, (uint8_t*)data, len); ++ data[len] = 0; ++ } else { ++ data[0] = 0; ++ } } + + void quicktime_write_pascal(quicktime_t *file, char *data)