diff --git a/.exiv2.metadata b/.exiv2.metadata index 5f6d5eb..d0ed7be 100644 --- a/.exiv2.metadata +++ b/.exiv2.metadata @@ -1 +1 @@ -4e740e21f2e0d1fc4c81241ddc3a939f39b326c7 SOURCES/exiv2-0.27.2.tar.gz +5f1b460b10171c3b12cd540d699e9b815f6f3058 SOURCES/exiv2-0.27.3.tar.gz diff --git a/.gitignore b/.gitignore index bc6db92..1648354 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/exiv2-0.27.2.tar.gz +SOURCES/exiv2-0.27.3.tar.gz diff --git a/SOURCES/exiv2-0.27.3-fcf-protection.patch b/SOURCES/exiv2-0.27.3-fcf-protection.patch new file mode 100644 index 0000000..94a2c84 --- /dev/null +++ b/SOURCES/exiv2-0.27.3-fcf-protection.patch @@ -0,0 +1,12 @@ +diff -up exiv2-0.27.3-Source/cmake/compilerFlags.cmake.fcf-protection exiv2-0.27.3-Source/cmake/compilerFlags.cmake +--- exiv2-0.27.3-Source/cmake/compilerFlags.cmake.fcf-protection 2020-06-30 08:33:22.000000000 -0500 ++++ exiv2-0.27.3-Source/cmake/compilerFlags.cmake 2020-06-30 18:03:38.197967648 -0500 +@@ -26,7 +26,7 @@ if ( MINGW OR UNIX OR MSYS ) # MINGW, Li + # This fails under Fedora, MinGW GCC 8.3.0 and CYGWIN/MSYS 9.3.0 + if (NOT (MINGW OR CMAKE_HOST_SOLARIS OR CYGWIN OR MSYS) ) + if (COMPILER_IS_GCC AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 8.0) +- add_compile_options(-fstack-clash-protection -fcf-protection) ++ add_compile_options(-fstack-clash-protection) + endif() + + if( (COMPILER_IS_GCC AND CMAKE_CXX_COMPILER_VERSION VERSION_GREATER_EQUAL 5.0) # Not in GCC 4.8 diff --git a/SOURCES/exiv2-CVE-2019-20421.patch b/SOURCES/exiv2-CVE-2019-20421.patch deleted file mode 100644 index ea8356a..0000000 --- a/SOURCES/exiv2-CVE-2019-20421.patch +++ /dev/null @@ -1,97 +0,0 @@ -From 1b917c3f7dd86336a9f6fda4456422c419dfe88c Mon Sep 17 00:00:00 2001 -From: clanmills -Date: Tue, 1 Oct 2019 17:39:44 +0100 -Subject: [PATCH] Fix #1011 fix_1011_jp2_readmetadata_loop - ---- - src/jp2image.cpp | 25 +++++++++++++++---- - test/data/Jp2Image_readMetadata_loop.poc | Bin 0 -> 738 bytes - tests/bugfixes/github/test_CVE_2017_17725.py | 4 +-- - tests/bugfixes/github/test_issue_1011.py | 13 ++++++++++ - 4 files changed, 35 insertions(+), 7 deletions(-) - create mode 100755 test/data/Jp2Image_readMetadata_loop.poc - create mode 100644 tests/bugfixes/github/test_issue_1011.py - -diff --git a/src/jp2image.cpp b/src/jp2image.cpp -index d5cd1340a..0de088d62 100644 ---- a/src/jp2image.cpp -+++ b/src/jp2image.cpp -@@ -18,10 +18,6 @@ - * Foundation, Inc., 51 Franklin Street, 5th Floor, Boston, MA 02110-1301 USA. - */ - --/* -- File: jp2image.cpp --*/ -- - // ***************************************************************************** - - // included header files -@@ -197,6 +193,16 @@ namespace Exiv2 - return result; - } - -+static void boxes_check(size_t b,size_t m) -+{ -+ if ( b > m ) { -+#ifdef EXIV2_DEBUG_MESSAGES -+ std::cout << "Exiv2::Jp2Image::readMetadata box maximum exceeded" << std::endl; -+#endif -+ throw Error(kerCorruptedMetadata); -+ } -+} -+ - void Jp2Image::readMetadata() - { - #ifdef EXIV2_DEBUG_MESSAGES -@@ -219,9 +225,12 @@ namespace Exiv2 - Jp2BoxHeader subBox = {0,0}; - Jp2ImageHeaderBox ihdr = {0,0,0,0,0,0,0,0}; - Jp2UuidBox uuid = {{0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}; -+ size_t boxes = 0 ; -+ size_t boxem = 1000 ; // boxes max - - while (io_->read((byte*)&box, sizeof(box)) == sizeof(box)) - { -+ boxes_check(boxes++,boxem ); - position = io_->tell(); - box.length = getLong((byte*)&box.length, bigEndian); - box.type = getLong((byte*)&box.type, bigEndian); -@@ -251,8 +260,12 @@ namespace Exiv2 - - while (io_->read((byte*)&subBox, sizeof(subBox)) == sizeof(subBox) && subBox.length ) - { -+ boxes_check(boxes++, boxem) ; - subBox.length = getLong((byte*)&subBox.length, bigEndian); - subBox.type = getLong((byte*)&subBox.type, bigEndian); -+ if (subBox.length > io_->size() ) { -+ throw Error(kerCorruptedMetadata); -+ } - #ifdef EXIV2_DEBUG_MESSAGES - std::cout << "Exiv2::Jp2Image::readMetadata: " - << "subBox = " << toAscii(subBox.type) << " length = " << subBox.length << std::endl; -@@ -308,7 +321,9 @@ namespace Exiv2 - } - - io_->seek(restore,BasicIo::beg); -- io_->seek(subBox.length, Exiv2::BasicIo::cur); -+ if ( io_->seek(subBox.length, Exiv2::BasicIo::cur) != 0 ) { -+ throw Error(kerCorruptedMetadata); -+ } - restore = io_->tell(); - } - break; -diff --git a/tests/bugfixes/github/test_CVE_2017_17725.py b/tests/bugfixes/github/test_CVE_2017_17725.py -index 1127b9806..670a75d8d 100644 ---- a/tests/bugfixes/github/test_CVE_2017_17725.py -+++ b/tests/bugfixes/github/test_CVE_2017_17725.py -@@ -11,7 +11,7 @@ class TestCvePoC(metaclass=system_tests.CaseMeta): - filename = "$data_path/poc_2017-12-12_issue188" - commands = ["$exiv2 " + filename] - stdout = [""] -- stderr = ["""$exiv2_overflow_exception_message """ + filename + """: --$addition_overflow_message -+ stderr = ["""$exiv2_exception_message """ + filename + """: -+$kerCorruptedMetadata - """] - retval = [1] diff --git a/SPECS/exiv2.spec b/SPECS/exiv2.spec index d163b60..149f029 100644 --- a/SPECS/exiv2.spec +++ b/SPECS/exiv2.spec @@ -1,17 +1,20 @@ Summary: Exif and Iptc metadata manipulation library Name: exiv2 -Version: 0.27.2 -Release: 5%{?dist} +Version: 0.27.3 +Release: 2%{?dist} License: GPLv2+ URL: http://www.exiv2.org/ Source0: https://github.com/Exiv2/%{name}/archive/exiv2-%{version}.tar.gz ## upstream patches (lookaside cache) -Patch0: exiv2-CVE-2019-20421.patch ## upstreamable patches +# don't unconditionally use -fcf-protection flag, not supported on all archs +# fedora already includes this on archs that do support it +Patch100: exiv2-0.27.3-fcf-protection.patch + BuildRequires: cmake BuildRequires: expat-devel @@ -88,7 +91,7 @@ rm -fv %{buildroot}%{_libdir}/libexiv2.la %check export PKG_CONFIG_PATH="%{buildroot}%{_libdir}/pkgconfig${PKG_CONFIG_PATH:+:}${PKG_CONFIG_PATH}" -test "$(pkg-config --modversion exiv2)" = "0.27.2" +test "$(pkg-config --modversion exiv2)" = "0.27.3" test "$(pkg-config --variable=libdir exiv2)" = "%{_libdir}" test -x %{buildroot}%{_libdir}/libexiv2.so @@ -105,7 +108,7 @@ test -x %{buildroot}%{_libdir}/libexiv2.so %files libs %{_libdir}/libexiv2.so.27* -%{_libdir}/libexiv2.so.0.27.2 +%{_libdir}/libexiv2.so.0.27.3 %files devel %{_includedir}/exiv2/ @@ -116,10 +119,18 @@ test -x %{buildroot}%{_libdir}/libexiv2.so %files doc %{_pkgdocdir}/ - +%exclude %{_pkgdocdir}/ChangeLog %changelog +* Wed Oct 7 2020 Jan Grulich - 0.27.3-2 +- Avoid duplicating Changelog file + Resolves: bz#1880984 + +* Wed Oct 7 2020 Jan Grulich - 0.27.3-1 +- Update to 0.27.3 + Resolves: bz#1880984 + * Wed Mar 04 2020 Jan Grulich - 0.27.2-5 - Fix failing test Resolves: bz#1800472