wok-current rev 25708
Downgrade gdk-pixbuf to 2.42.6 (mtpaint segfault thank ceel), backport patch for CVE-2022-48622
| author | Stanislas Leduc <shann@slitaz.org> |
|---|---|
| date | Sun Jun 02 13:33:59 2024 +0000 (5 months ago) |
| parents | 4ec2d061d601 |
| children | 9cfcf18b0d6c |
| files | gdk-pixbuf-dev/receipt gdk-pixbuf/receipt gdk-pixbuf/stuff/CVE-2022-48622.patch |
line diff
1.1 --- a/gdk-pixbuf-dev/receipt Thu May 30 20:14:23 2024 +0000 1.2 +++ b/gdk-pixbuf-dev/receipt Sun Jun 02 13:33:59 2024 +0000 1.3 @@ -1,7 +1,7 @@ 1.4 # SliTaz package receipt. 1.5 1.6 PACKAGE="gdk-pixbuf-dev" 1.7 -VERSION="2.42.12" 1.8 +VERSION="2.42.6" 1.9 CATEGORY="development" 1.10 SHORT_DESC="Development files for gdk-pixbuf." 1.11 MAINTAINER="slaxemulator@gmail.com"
2.1 --- a/gdk-pixbuf/receipt Thu May 30 20:14:23 2024 +0000 2.2 +++ b/gdk-pixbuf/receipt Sun Jun 02 13:33:59 2024 +0000 2.3 @@ -1,7 +1,7 @@ 2.4 # SliTaz package receipt. 2.5 2.6 PACKAGE="gdk-pixbuf" 2.7 -VERSION="2.42.12" 2.8 +VERSION="2.42.6" 2.9 CATEGORY="x-window" 2.10 SHORT_DESC="An image loading library for gtk2." 2.11 MAINTAINER="slaxemulator@gmail.com" 2.12 @@ -41,6 +41,11 @@ 2.13 (arm) echo "gio_can_sniff=yes" > arm.cache ;; 2.14 esac 2.15 2.16 + # Backport patch for CVE-2022-48622 2.17 + # see https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/4d7c94ca 2.18 + # mtpaint segfault with 2.42.12 (thank Ceel for report) 2.19 + patch -p1 < $stuff/CVE-2022-48622.patch 2.20 + 2.21 meson build \ 2.22 --prefix=/usr \ 2.23 --libdir=lib \
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 3.2 +++ b/gdk-pixbuf/stuff/CVE-2022-48622.patch Sun Jun 02 13:33:59 2024 +0000 3.3 @@ -0,0 +1,50 @@ 3.4 +diff --git a/gdk-pixbuf/io-ani.c b/gdk-pixbuf/io-ani.c 3.5 +index c6c4642cf4490aaaa7ef78a2f20a6ec2ad169a61..cfafd7b1961b5cfad08475dc3cb5f5916277f33b 100644 3.6 +--- a/gdk-pixbuf/io-ani.c 3.7 ++++ b/gdk-pixbuf/io-ani.c 3.8 +@@ -295,6 +295,23 @@ ani_load_chunk (AniLoaderContext *context, GError **error) 3.9 + 3.10 + if (context->chunk_id == TAG_anih) 3.11 + { 3.12 ++ if (context->chunk_size < 36) 3.13 ++ { 3.14 ++ g_set_error_literal (error, 3.15 ++ GDK_PIXBUF_ERROR, 3.16 ++ GDK_PIXBUF_ERROR_CORRUPT_IMAGE, 3.17 ++ _("Malformed chunk in animation")); 3.18 ++ return FALSE; 3.19 ++ } 3.20 ++ if (context->animation) 3.21 ++ { 3.22 ++ g_set_error_literal (error, 3.23 ++ GDK_PIXBUF_ERROR, 3.24 ++ GDK_PIXBUF_ERROR_CORRUPT_IMAGE, 3.25 ++ _("Invalid header in animation")); 3.26 ++ return FALSE; 3.27 ++ } 3.28 ++ 3.29 + context->HeaderSize = read_int32 (context); 3.30 + context->NumFrames = read_int32 (context); 3.31 + context->NumSteps = read_int32 (context); 3.32 +@@ -436,7 +453,7 @@ ani_load_chunk (AniLoaderContext *context, GError **error) 3.33 + } 3.34 + else if (context->chunk_id == TAG_INAM) 3.35 + { 3.36 +- if (!context->animation) 3.37 ++ if (!context->animation || context->title) 3.38 + { 3.39 + g_set_error_literal (error, 3.40 + GDK_PIXBUF_ERROR, 3.41 +@@ -463,7 +480,7 @@ ani_load_chunk (AniLoaderContext *context, GError **error) 3.42 + } 3.43 + else if (context->chunk_id == TAG_IART) 3.44 + { 3.45 +- if (!context->animation) 3.46 ++ if (!context->animation || context->author) 3.47 + { 3.48 + g_set_error_literal (error, 3.49 + GDK_PIXBUF_ERROR, 3.50 +diff --git a/tests/test-images/fail/CVE-2022-48622.ani b/tests/test-images/fail/CVE-2022-48622.ani 3.51 +new file mode 100644 3.52 +index 0000000000000000000000000000000000000000..276b5b989f1e9ec9185e49eb45f710ee38278eb2 3.53 +Binary files /dev/null and b/tests/test-images/fail/CVE-2022-48622.ani differ