PR#4: F36: Security fix for CVE-2022-1507 - rpms/chafa

Miro Hrončok • a year ago

30e0c93

Miro Hrončok • a year ago

e13f155

chafa.spec

file modified

+15 -2

		`@@ -1,12 +1,17 @@`
		`Name: chafa`
		`Version: 1.8.0`
		`- Release: 3%{?dist}`
		`+ Release: 4%{?dist}`
		`%global sum Image-to-text converter for terminal`
		`Summary: %{sum}`
		`License: LGPLv3+`
		`URL: https://hpjansson.org/chafa/`
		`Source0: https://github.com/hpjansson/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz`

		`+ # libnsgif: Fix null pointer deref on frameless GIF input`
		`+ # Security fix for CVE-2022-1507`
		`+ # Included in 1.10.2`
		`+ Patch: https://github.com/hpjansson/chafa/commit/e4b777c7b7.patch`
		`+`
		`BuildRequires: gcc`
		`BuildRequires: glib2-devel`
		`BuildRequires: gtk-doc`
		`@@ -31,6 +36,9 @@`
		`%package libs`
		`Summary: %{sum} (library)`

		`+ # Version in https://github.com/hpjansson/chafa/blob/1.8.0/libnsgif/README-chafa`
		`+ Provides: bundled(libnsgif) = 0.2.1^chafa`
		`+`
		`%description libs`
		`Shared library for %{name}.`

		`@@ -59,7 +67,7 @@`


		`%prep`
		`- %autosetup`
		`+ %autosetup -p1`


		`%build`
		`@@ -105,6 +113,11 @@`


		`%changelog`
		`+ * Fri May 06 2022 Miro Hrončok <mhroncok@redhat.com> - 1.8.0-4`
		`+ - Security fix for CVE-2022-1507`
		`+ - Fixes: rhbz#2080294`
		`+ - Provide bundled libnsgif`
		`+`
		`* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.0-3`
		`- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild`

e4b777c7b7.patch

file added

+29

		`@@ -0,0 +1,29 @@`
		`+ From e4b777c7b7c144cd16a0ea96108267b1004fe6c9 Mon Sep 17 00:00:00 2001`
		`+ From: Hans Petter Jansson <hpj@hpjansson.org>`
		`+ Date: Sun, 24 Apr 2022 23:56:53 +0200`
		`+ Subject: [PATCH] libnsgif: Fix null pointer deref on frameless GIF input`
		`+`
		`+ A crafted GIF file with no frame data could cause a null pointer`
		`+ dereference leading to denial of service (crash). Reported by`
		`+ @JieyongMa via huntr.dev.`
		`+ ---`
		`+ libnsgif/libnsgif.c \| 6 ++++++`
		`+ 1 file changed, 6 insertions(+)`
		`+`
		`+ diff --git a/libnsgif/libnsgif.c b/libnsgif/libnsgif.c`
		`+ index fc4bda2..fa55d7b 100644`
		`+ --- a/libnsgif/libnsgif.c`
		`+ +++ b/libnsgif/libnsgif.c`
		`+ @@ -595,6 +595,12 @@ gif_internal_decode_frame(gif_animation *gif,`
		`+ unsigned int x, y, decode_y, burst_bytes;`
		`+ register unsigned char colour;`
		`+`
		`+ + /* If the GIF has no frame data, frame holders will not be allocated in`
		`+ + * gif_initialise() */`
		`+ + if (gif->frames == NULL) {`
		`+ + return GIF_INSUFFICIENT_DATA;`
		`+ + }`
		`+ +`
		`+ /* Ensure this frame is supposed to be decoded */`
		`+ if (gif->frames[frame].display == false) {`
		`+ return GIF_OK;`