diff --git a/SOURCES/libjpeg-turbo12-CVE-2013-6629.patch b/SOURCES/libjpeg-turbo12-CVE-2013-6629.patch new file mode 100644 index 0000000..4a880b0 --- /dev/null +++ b/SOURCES/libjpeg-turbo12-CVE-2013-6629.patch @@ -0,0 +1,17 @@ +diff --git a/jdmarker.c b/jdmarker.c +index 737a17c..381835b 100644 +--- a/jdmarker.c ++++ b/jdmarker.c +@@ -348,6 +348,12 @@ get_sos (j_decompress_ptr cinfo) + + TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc, + compptr->dc_tbl_no, compptr->ac_tbl_no); ++ ++ /* This CSi (cc) should differ from the previous CSi */ ++ for (ci = 0; ci < i; ci++) { ++ if (cinfo->cur_comp_info[ci] == compptr) ++ ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc); ++ } + } + + /* Collect the additional scan parameters Ss, Se, Ah/Al. */ diff --git a/SOURCES/libjpeg-turbo12-CVE-2013-6630.patch b/SOURCES/libjpeg-turbo12-CVE-2013-6630.patch new file mode 100644 index 0000000..ca304a9 --- /dev/null +++ b/SOURCES/libjpeg-turbo12-CVE-2013-6630.patch @@ -0,0 +1,12 @@ +diff --git a/jdmarker.c b/jdmarker.c +index 77f7274..737a17c 100644 +--- a/jdmarker.c ++++ b/jdmarker.c +@@ -465,6 +465,7 @@ get_dht (j_decompress_ptr cinfo) + for (i = 0; i < count; i++) + INPUT_BYTE(cinfo, huffval[i], return FALSE); + ++ MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8)); + length -= count; + + if (index & 0x10) { /* AC table definition */ diff --git a/SPECS/libjpeg-turbo.spec b/SPECS/libjpeg-turbo.spec index 5ce6c38..0f1284d 100644 --- a/SPECS/libjpeg-turbo.spec +++ b/SPECS/libjpeg-turbo.spec @@ -1,6 +1,6 @@ Name: libjpeg-turbo Version: 1.2.90 -Release: 2%{?dist} +Release: 5%{?dist} Summary: A MMX/SSE2 accelerated library for manipulating JPEG image files Group: System Environment/Libraries @@ -25,6 +25,8 @@ Provides: libjpeg%{_isa} = 6b-47%{?dist} %endif Patch0: libjpeg-turbo12-noinst.patch +Patch1: libjpeg-turbo12-CVE-2013-6630.patch +Patch2: libjpeg-turbo12-CVE-2013-6629.patch %description The libjpeg-turbo package contains a library of functions for manipulating @@ -92,6 +94,8 @@ will manipulate JPEG files using the TurboJPEG library. %setup -q %patch0 -p1 -b .noinst +%patch1 -p1 -b .CVE-2013-6630 +%patch2 -p1 -b .CVE-2013-6629 %build autoreconf -fiv @@ -165,6 +169,15 @@ make test %{_libdir}/libturbojpeg.so %changelog +* Fri Jan 24 2014 Daniel Mach - 1.2.90-5 +- Mass rebuild 2014-01-24 + +* Fri Dec 27 2013 Daniel Mach - 1.2.90-4 +- Mass rebuild 2013-12-27 + +* Tue Nov 26 2013 Petr Hracek - 1.2.90-3 +- Resolves: #1031739 app patches CVE-2013-6629 and CVE-2013-6630 + * Tue Mar 26 2013 Adam Tkac - 1.2.90-2 - rebuild for ARM64 support