From aa3cad9000d51a3aae7dd04933776c7efd7f3b87 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Thu, 10 Dec 2020 14:36:36 +0100 Subject: sync with Fedora Backport patches for CVE-2020-27824 and CVE-2020-27823 --- openjpeg2_CVE-2020-6851.patch | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) (limited to 'openjpeg2_CVE-2020-6851.patch') diff --git a/openjpeg2_CVE-2020-6851.patch b/openjpeg2_CVE-2020-6851.patch index 9a70291..5e2cfd7 100644 --- a/openjpeg2_CVE-2020-6851.patch +++ b/openjpeg2_CVE-2020-6851.patch @@ -1,18 +1,7 @@ -From 024b8407392cb0b82b04b58ed256094ed5799e04 Mon Sep 17 00:00:00 2001 -From: Even Rouault -Date: Sat, 11 Jan 2020 01:51:19 +0100 -Subject: [PATCH] opj_j2k_update_image_dimensions(): reject images whose - coordinates are beyond INT_MAX (fixes #1228) - ---- - src/lib/openjp2/j2k.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c -index 14f6ff41a..922550eb1 100644 ---- a/src/lib/openjp2/j2k.c -+++ b/src/lib/openjp2/j2k.c -@@ -9221,6 +9221,14 @@ static OPJ_BOOL opj_j2k_update_image_dimensions(opj_image_t* p_image, +diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/j2k.c openjpeg-2.3.1-new/src/lib/openjp2/j2k.c +--- openjpeg-2.3.1/src/lib/openjp2/j2k.c 2019-04-02 14:45:15.000000000 +0200 ++++ openjpeg-2.3.1-new/src/lib/openjp2/j2k.c 2020-11-28 23:29:38.618863089 +0100 +@@ -9236,6 +9236,14 @@ static OPJ_BOOL opj_j2k_update_image_dim l_img_comp = p_image->comps; for (it_comp = 0; it_comp < p_image->numcomps; ++it_comp) { OPJ_INT32 l_h, l_w; -- cgit