[libpng12/f19] Adding patch CVE-2013-6954 (#1056856)

Petr Hracek phracek at fedoraproject.org
Wed Jan 29 06:50:26 UTC 2014


commit 48f6d80820251f9246fbc3e34b0284c86488d17a
Author: Petr Hracek <phracek at redhat.com>
Date:   Wed Jan 29 07:50:24 2014 +0100

    Adding patch CVE-2013-6954 (#1056856)

 libpng12-CVE-2013-6954.patch |   35 +++++++++++++++++++++++++++++++++++
 libpng12.spec                |    7 ++++++-
 2 files changed, 41 insertions(+), 1 deletions(-)
---
diff --git a/libpng12-CVE-2013-6954.patch b/libpng12-CVE-2013-6954.patch
new file mode 100644
index 0000000..afd80ef
--- /dev/null
+++ b/libpng12-CVE-2013-6954.patch
@@ -0,0 +1,35 @@
+diff --git a/pngrtran.c b/pngrtran.c
+index 7f0ff92..b57ce81 100644
+--- a/pngrtran.c
++++ b/pngrtran.c
+@@ -1216,6 +1216,9 @@ png_read_transform_info(png_structp png_ptr, png_infop info_ptr)
+             info_ptr->color_type = PNG_COLOR_TYPE_RGB;
+          info_ptr->bit_depth = 8;
+          info_ptr->num_trans = 0;
++
++         if (png_ptr->palette == NULL)
++            png_error (png_ptr, "Palette is NULL in indexed image");
+       }
+       else
+       {
+diff --git a/pngset.c b/pngset.c
+index 72d89fc..b1ce91d 100644
+--- a/pngset.c
++++ b/pngset.c
+@@ -461,6 +461,16 @@ png_set_PLTE(png_structp png_ptr, png_infop info_ptr,
+          return;
+       }
+    }
++   if ((num_palette > 0 && palette == NULL) ||
++      (num_palette == 0
++ #       ifdef PNG_MNG_FEATURES_SUPPORTED
++            && (png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE) == 0
++ #       endif
++      ))
++   {
++      png_error(png_ptr, "Invalid palette");
++      return;
++   }
+ 
+    /* It may not actually be necessary to set png_ptr->palette here;
+     * we do it for backward compatibility with the way the png_handle_tRNS
diff --git a/libpng12.spec b/libpng12.spec
index 9921d2c..0674716 100644
--- a/libpng12.spec
+++ b/libpng12.spec
@@ -1,7 +1,7 @@
 Summary: Old version of libpng, needed to run old binaries
 Name: libpng12
 Version: 1.2.50
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: zlib
 Group: System Environment/Libraries
 URL: http://www.libpng.org/pub/png/
@@ -15,6 +15,7 @@ Source: ftp://ftp.simplesystems.org/pub/png/src/libpng-%{version}.tar.bz2
 
 Patch0: libpng12-multilib.patch
 Patch1: libpng12-pngconf.patch
+Patch2: libpng12-CVE-2013-6954.patch
 
 BuildRequires: zlib-devel, pkgconfig
 
@@ -40,6 +41,7 @@ for developing programs using libpng12.
 
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %build
 %configure
@@ -73,6 +75,9 @@ rm -rf $RPM_BUILD_ROOT%{_mandir}/man5/*
 %{_mandir}/man3/*
 
 %changelog
+* Wed Jan 29 2014 Petr Hracek <phracek at redhat.com> - 1.2.50-4
+- Adding patch CVE-2013-6954 (#1056856)
+
 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.2.50-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
 


More information about the scm-commits mailing list