diff options
| author | Efraim Flashner <efraim@flashner.co.il> | 2023-12-18 12:51:56 +0200 |
|---|---|---|
| committer | Efraim Flashner <efraim@flashner.co.il> | 2023-12-18 13:03:36 +0200 |
| commit | 29c94dd522833b2603a651c14a5b06120bcf1829 (patch) | |
| tree | 9883dabf6660104de35833747703ae39960231ef /gnu/packages/patches/freeimage-CVE-2020-21428.patch | |
| parent | f410d49eb24db4eecae054dfe136464bc92ba8a3 (diff) | |
gnu: freeimage: Patch 2 CVEs.
* gnu/packages/image.scm (freeimage)[source]: Add patches.
* gnu/packages/patches/freeimage-CVE-2020-21428.patch,
gnu/packages/patches/freeimage-CVE-2020-22524.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
Change-Id: Iec114f2295cafbc8b55e81c0d8e4a361fd653152
Diffstat (limited to 'gnu/packages/patches/freeimage-CVE-2020-21428.patch')
| -rw-r--r-- | gnu/packages/patches/freeimage-CVE-2020-21428.patch | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/gnu/packages/patches/freeimage-CVE-2020-21428.patch b/gnu/packages/patches/freeimage-CVE-2020-21428.patch new file mode 100644 index 0000000000..49f427360b --- /dev/null +++ b/gnu/packages/patches/freeimage-CVE-2020-21428.patch @@ -0,0 +1,17 @@ +https://sources.debian.org/data/main/f/freeimage/3.18.0%2Bds2-10/debian/patches/r1877-improved-DDS-plugin-against-malicious-images.patch + +Origin: upstream, r1877 +Index: Source/FreeImage/PluginDDS.cpp +=================================================================== +diff --git a/Source/FreeImage/PluginDDS.cpp b/Source/FreeImage/PluginDDS.cpp +--- a/Source/FreeImage/PluginDDS.cpp (revision 1876) ++++ b/Source/FreeImage/PluginDDS.cpp (revision 1877) +@@ -617,7 +617,7 @@ + // read the file
+ // -------------------------------------------------------------------------
+
+- const int line = CalculateLine(width, bpp);
++ const int line = CalculateLine(width, FreeImage_GetBPP(dib));
+ const int filePitch = ((desc->dwFlags & DDSD_PITCH) == DDSD_PITCH) ? (int)desc->dwPitchOrLinearSize : line;
+ const long delta = (long)filePitch - (long)line;
+
|