[kdegraphics/f13/master] - Security fix, Okular PDB Processing Memory Corruption Vulnerability cve-2010-2575
Than Ngo
than at fedoraproject.org
Wed Aug 25 22:05:39 UTC 2010
commit 11cff3a60e419b70569bf46d4c3c5f699a846cd0
Author: Than Ngo <than at redhat.com>
Date: Thu Aug 26 00:15:32 2010 +0200
- Security fix, Okular PDB Processing Memory Corruption Vulnerability
cve-2010-2575
kdegraphics-okular-cve-2010-2575.patch | 29 +++++++++++++++++++++++++++++
kdegraphics.spec | 10 +++++++++-
2 files changed, 38 insertions(+), 1 deletions(-)
---
diff --git a/kdegraphics-okular-cve-2010-2575.patch b/kdegraphics-okular-cve-2010-2575.patch
new file mode 100644
index 0000000..ca0d498
--- /dev/null
+++ b/kdegraphics-okular-cve-2010-2575.patch
@@ -0,0 +1,29 @@
+diff -Nur kdegraphics-4.5.0/okular/generators/plucker/unpluck/image.cpp kdegraphics-4.5.0.me/okular/generators/plucker/unpluck/image.cpp
+--- kdegraphics-4.5.0/okular/generators/plucker/unpluck/image.cpp 2008-02-21 10:27:47.000000000 +0100
++++ kdegraphics-4.5.0.me/okular/generators/plucker/unpluck/image.cpp 2010-08-25 22:03:11.000000000 +0200
+@@ -289,8 +289,23 @@
+ for (j = 0; j < bytes_per_row;) {
+ incount = *palm_ptr++;
+ inval = *palm_ptr++;
+- memset (rowbuf + j, inval, incount);
+- j += incount;
++ if (incount + j <= bytes_per_row * width)
++ {
++ memset (rowbuf + j, inval, incount);
++ j += incount;
++ }
++ else
++ {
++ free (rowbuf);
++ free (lastrow);
++ free (jpeg_row);
++
++ jpeg_destroy_compress (&cinfo);
++
++ fclose( outfile );
++
++ return false;
++ }
+ }
+ }
+ else if ((flags & PALM_IS_COMPRESSED_FLAG)
diff --git a/kdegraphics.spec b/kdegraphics.spec
index ccae00c..c258140 100644
--- a/kdegraphics.spec
+++ b/kdegraphics.spec
@@ -8,7 +8,7 @@
Summary: KDE Graphics Applications
Epoch: 7
Version: 4.4.5
-Release: 2%{?dist}
+Release: 3%{?dist}
Name: kdegraphics
#Obsoletes: kdegraphics4 < %{version}-%{release}
@@ -21,6 +21,8 @@ Source0: ftp://ftp.kde.org/pub/kde/stable/%{version}/src/kdegraphics-%{ve
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
## upstream patches
+# CVE-2010-2575, Okular PDB Processing Memory Corruption Vulnerability
+Patch100: kdegraphics-okular-cve-2010-2575.patch
%if 0%{?fedora}
BuildRequires: chmlib-devel
@@ -101,6 +103,8 @@ Summary: A kioslave for displaying WinHelp files
%prep
%setup -q -n kdegraphics-%{version}%{?alphatag}
+%patch100 -p1 -b .cve-2010-2575
+
%build
mkdir -p %{_target_platform}
@@ -236,6 +240,10 @@ fi
%changelog
+* Thu Aug 26 2010 Than Ngo <than at redhat.com> - 7:4.4.5-3
+- Security fix, Okular PDB Processing Memory Corruption Vulnerability
+ cve-2010-2575
+
* Sun Jul 04 2010 Rex Dieter <rdieter at fedoraproject.org> - 7:4.4.5-2
- Missing kdebase-runtime dependency for Okular (kdegraphics) (#611118)
More information about the scm-commits
mailing list