wok-current rev 25708

Downgrade gdk-pixbuf to 2.42.6 (mtpaint segfault thank ceel), backport patch for CVE-2022-48622
author Stanislas Leduc <shann@slitaz.org>
date Sun Jun 02 13:33:59 2024 +0000 (6 months ago)
parents 4ec2d061d601
children 9cfcf18b0d6c
files gdk-pixbuf-dev/receipt gdk-pixbuf/receipt gdk-pixbuf/stuff/CVE-2022-48622.patch
line diff
     1.1 --- a/gdk-pixbuf-dev/receipt	Thu May 30 20:14:23 2024 +0000
     1.2 +++ b/gdk-pixbuf-dev/receipt	Sun Jun 02 13:33:59 2024 +0000
     1.3 @@ -1,7 +1,7 @@
     1.4  # SliTaz package receipt.
     1.5  
     1.6  PACKAGE="gdk-pixbuf-dev"
     1.7 -VERSION="2.42.12"
     1.8 +VERSION="2.42.6"
     1.9  CATEGORY="development"
    1.10  SHORT_DESC="Development files for gdk-pixbuf."
    1.11  MAINTAINER="slaxemulator@gmail.com"
     2.1 --- a/gdk-pixbuf/receipt	Thu May 30 20:14:23 2024 +0000
     2.2 +++ b/gdk-pixbuf/receipt	Sun Jun 02 13:33:59 2024 +0000
     2.3 @@ -1,7 +1,7 @@
     2.4  # SliTaz package receipt.
     2.5  
     2.6  PACKAGE="gdk-pixbuf"
     2.7 -VERSION="2.42.12"
     2.8 +VERSION="2.42.6"
     2.9  CATEGORY="x-window"
    2.10  SHORT_DESC="An image loading library for gtk2."
    2.11  MAINTAINER="slaxemulator@gmail.com"
    2.12 @@ -41,6 +41,11 @@
    2.13  		(arm) echo "gio_can_sniff=yes" > arm.cache ;;
    2.14  	esac
    2.15  
    2.16 +	# Backport patch for CVE-2022-48622
    2.17 +	# see https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/4d7c94ca
    2.18 +	# mtpaint segfault with 2.42.12 (thank Ceel for report)
    2.19 +	patch -p1 < $stuff/CVE-2022-48622.patch
    2.20 +
    2.21          meson build \
    2.22              --prefix=/usr \
    2.23              --libdir=lib \
     3.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     3.2 +++ b/gdk-pixbuf/stuff/CVE-2022-48622.patch	Sun Jun 02 13:33:59 2024 +0000
     3.3 @@ -0,0 +1,50 @@
     3.4 +diff --git a/gdk-pixbuf/io-ani.c b/gdk-pixbuf/io-ani.c
     3.5 +index c6c4642cf4490aaaa7ef78a2f20a6ec2ad169a61..cfafd7b1961b5cfad08475dc3cb5f5916277f33b 100644
     3.6 +--- a/gdk-pixbuf/io-ani.c
     3.7 ++++ b/gdk-pixbuf/io-ani.c
     3.8 +@@ -295,6 +295,23 @@ ani_load_chunk (AniLoaderContext *context, GError **error)
     3.9 +         
    3.10 +         if (context->chunk_id == TAG_anih) 
    3.11 + 	{
    3.12 ++		if (context->chunk_size < 36)
    3.13 ++		{
    3.14 ++			g_set_error_literal (error,
    3.15 ++                                             GDK_PIXBUF_ERROR,
    3.16 ++                                             GDK_PIXBUF_ERROR_CORRUPT_IMAGE,
    3.17 ++                                             _("Malformed chunk in animation"));
    3.18 ++			return FALSE;
    3.19 ++		}
    3.20 ++		if (context->animation)
    3.21 ++		{
    3.22 ++			g_set_error_literal (error,
    3.23 ++                                             GDK_PIXBUF_ERROR,
    3.24 ++                                             GDK_PIXBUF_ERROR_CORRUPT_IMAGE,
    3.25 ++                                             _("Invalid header in animation"));
    3.26 ++			return FALSE;
    3.27 ++		}
    3.28 ++
    3.29 + 		context->HeaderSize = read_int32 (context);
    3.30 + 		context->NumFrames = read_int32 (context);
    3.31 + 		context->NumSteps = read_int32 (context);
    3.32 +@@ -436,7 +453,7 @@ ani_load_chunk (AniLoaderContext *context, GError **error)
    3.33 + 	}
    3.34 +         else if (context->chunk_id == TAG_INAM) 
    3.35 + 	{
    3.36 +-		if (!context->animation) 
    3.37 ++		if (!context->animation || context->title)
    3.38 + 		{
    3.39 + 			g_set_error_literal (error,
    3.40 +                                              GDK_PIXBUF_ERROR,
    3.41 +@@ -463,7 +480,7 @@ ani_load_chunk (AniLoaderContext *context, GError **error)
    3.42 + 	}
    3.43 +         else if (context->chunk_id == TAG_IART) 
    3.44 + 	{
    3.45 +-		if (!context->animation) 
    3.46 ++		if (!context->animation || context->author)
    3.47 + 		{
    3.48 + 			g_set_error_literal (error,
    3.49 +                                              GDK_PIXBUF_ERROR,
    3.50 +diff --git a/tests/test-images/fail/CVE-2022-48622.ani b/tests/test-images/fail/CVE-2022-48622.ani
    3.51 +new file mode 100644
    3.52 +index 0000000000000000000000000000000000000000..276b5b989f1e9ec9185e49eb45f710ee38278eb2
    3.53 +Binary files /dev/null and b/tests/test-images/fail/CVE-2022-48622.ani differ