diff --git a/SOURCES/lzo-2.06-CVE-2014-4607.patch b/SOURCES/lzo-2.06-CVE-2014-4607.patch
new file mode 100644
index 0000000..d22c406
--- /dev/null
+++ b/SOURCES/lzo-2.06-CVE-2014-4607.patch
@@ -0,0 +1,245 @@
+diff --git a/minilzo/minilzo.c b/minilzo/minilzo.c
+index 34ce0f0..ecfdf66 100644
+--- a/minilzo/minilzo.c
++++ b/minilzo/minilzo.c
+@@ -3547,6 +3547,8 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
+ #undef TEST_LBO
+ #undef NEED_IP
+ #undef NEED_OP
++#undef TEST_IV
++#undef TEST_OV
+ #undef HAVE_TEST_IP
+ #undef HAVE_TEST_OP
+ #undef HAVE_NEED_IP
+@@ -3561,6 +3563,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
+ # if (LZO_TEST_OVERRUN_INPUT >= 2)
+ # define NEED_IP(x) \
+ if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
++# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun
+ # endif
+ #endif
+
+@@ -3572,6 +3575,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
+ # undef TEST_OP
+ # define NEED_OP(x) \
+ if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
++# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun
+ # endif
+ #endif
+
+@@ -3602,11 +3606,13 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
+ # define HAVE_NEED_IP 1
+ #else
+ # define NEED_IP(x) ((void) 0)
++# define TEST_IV(x) ((void) 0)
+ #endif
+ #if defined(NEED_OP)
+ # define HAVE_NEED_OP 1
+ #else
+ # define NEED_OP(x) ((void) 0)
++# define TEST_OV(x) ((void) 0)
+ #endif
+
+ #if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP)
+@@ -3687,6 +3693,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
+ {
+ t += 255;
+ ip++;
++ TEST_IV(t);
+ NEED_IP(1);
+ }
+ t += 15 + *ip++;
+@@ -3835,6 +3842,7 @@ match:
+ {
+ t += 255;
+ ip++;
++ TEST_OV(t);
+ NEED_IP(1);
+ }
+ t += 31 + *ip++;
+@@ -3879,6 +3887,7 @@ match:
+ {
+ t += 255;
+ ip++;
++ TEST_OV(t);
+ NEED_IP(1);
+ }
+ t += 7 + *ip++;
+@@ -4073,6 +4082,8 @@ lookbehind_overrun:
+ #undef TEST_LBO
+ #undef NEED_IP
+ #undef NEED_OP
++#undef TEST_IV
++#undef TEST_OV
+ #undef HAVE_TEST_IP
+ #undef HAVE_TEST_OP
+ #undef HAVE_NEED_IP
+@@ -4087,6 +4098,7 @@ lookbehind_overrun:
+ # if (LZO_TEST_OVERRUN_INPUT >= 2)
+ # define NEED_IP(x) \
+ if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
++# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun
+ # endif
+ #endif
+
+@@ -4098,6 +4110,7 @@ lookbehind_overrun:
+ # undef TEST_OP
+ # define NEED_OP(x) \
+ if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
++# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun
+ # endif
+ #endif
+
+@@ -4128,11 +4141,13 @@ lookbehind_overrun:
+ # define HAVE_NEED_IP 1
+ #else
+ # define NEED_IP(x) ((void) 0)
++# define TEST_IV(x) ((void) 0)
+ #endif
+ #if defined(NEED_OP)
+ # define HAVE_NEED_OP 1
+ #else
+ # define NEED_OP(x) ((void) 0)
++# define TEST_OV(x) ((void) 0)
+ #endif
+
+ #if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP)
+@@ -4213,6 +4228,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
+ {
+ t += 255;
+ ip++;
++ TEST_IV(t);
+ NEED_IP(1);
+ }
+ t += 15 + *ip++;
+@@ -4361,6 +4377,7 @@ match:
+ {
+ t += 255;
+ ip++;
++ TEST_OV(t);
+ NEED_IP(1);
+ }
+ t += 31 + *ip++;
+@@ -4405,6 +4422,7 @@ match:
+ {
+ t += 255;
+ ip++;
++ TEST_OV(t);
+ NEED_IP(1);
+ }
+ t += 7 + *ip++;
+diff --git a/src/lzo1_d.ch b/src/lzo1_d.ch
+index 40a5bfd..c442d9c 100644
+--- a/src/lzo1_d.ch
++++ b/src/lzo1_d.ch
+@@ -76,6 +76,8 @@
+ #undef TEST_LBO
+ #undef NEED_IP
+ #undef NEED_OP
++#undef TEST_IV
++#undef TEST_OV
+ #undef HAVE_TEST_IP
+ #undef HAVE_TEST_OP
+ #undef HAVE_NEED_IP
+@@ -91,6 +93,7 @@
+ # if (LZO_TEST_OVERRUN_INPUT >= 2)
+ # define NEED_IP(x) \
+ if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
++# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun
+ # endif
+ #endif
+
+@@ -102,6 +105,7 @@
+ # undef TEST_OP /* don't need both of the tests here */
+ # define NEED_OP(x) \
+ if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
++# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun
+ # endif
+ #endif
+
+@@ -135,11 +139,13 @@
+ # define HAVE_NEED_IP 1
+ #else
+ # define NEED_IP(x) ((void) 0)
++# define TEST_IV(x) ((void) 0)
+ #endif
+ #if defined(NEED_OP)
+ # define HAVE_NEED_OP 1
+ #else
+ # define NEED_OP(x) ((void) 0)
++# define TEST_OV(x) ((void) 0)
+ #endif
+
+
+diff --git a/src/lzo1b_d.ch b/src/lzo1b_d.ch
+index fe5f361..36b4b6b 100644
+--- a/src/lzo1b_d.ch
++++ b/src/lzo1b_d.ch
+@@ -187,6 +187,7 @@ match:
+ {
+ t += 255;
+ ip++;
++ TEST_OV(t);
+ NEED_IP(1);
+ }
+ t += (M4_MIN_LEN - M3_MIN_LEN) + *ip++;
+diff --git a/src/lzo1f_d.ch b/src/lzo1f_d.ch
+index 9e942f5..0c2199e 100644
+--- a/src/lzo1f_d.ch
++++ b/src/lzo1f_d.ch
+@@ -84,6 +84,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
+ {
+ t += 255;
+ ip++;
++ TEST_IV(t);
+ NEED_IP(1);
+ }
+ t += 31 + *ip++;
+@@ -138,6 +139,7 @@ match:
+ {
+ t += 255;
+ ip++;
++ TEST_OV(t);
+ NEED_IP(1);
+ }
+ t += 31 + *ip++;
+diff --git a/src/lzo1x_d.ch b/src/lzo1x_d.ch
+index 49cf326..c804cc7 100644
+--- a/src/lzo1x_d.ch
++++ b/src/lzo1x_d.ch
+@@ -120,6 +120,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
+ {
+ t += 255;
+ ip++;
++ TEST_IV(t);
+ NEED_IP(1);
+ }
+ t += 15 + *ip++;
+@@ -273,6 +274,7 @@ match:
+ {
+ t += 255;
+ ip++;
++ TEST_OV(t);
+ NEED_IP(1);
+ }
+ t += 31 + *ip++;
+@@ -317,6 +319,7 @@ match:
+ {
+ t += 255;
+ ip++;
++ TEST_OV(t);
+ NEED_IP(1);
+ }
+ t += 7 + *ip++;
+diff --git a/src/lzo2a_d.ch b/src/lzo2a_d.ch
+index 48e51ca..954f07e 100644
+--- a/src/lzo2a_d.ch
++++ b/src/lzo2a_d.ch
+@@ -131,6 +131,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
+ {
+ t += 255;
+ ip++;
++ TEST_OV(t);
+ NEED_IP(1);
+ }
+ t += *ip++;
diff --git a/SPECS/lzo.spec b/SPECS/lzo.spec
index bba31d3..66fbf5d 100644
--- a/SPECS/lzo.spec
+++ b/SPECS/lzo.spec
@@ -1,12 +1,13 @@
Name: lzo
Version: 2.06
-Release: 6%{?dist}
+Release: 6%{?dist}.2
Summary: Data compression library with very fast (de)compression
Group: System Environment/Libraries
License: GPLv2+
URL: http://www.oberhumer.com/opensource/lzo/
Source0: http://www.oberhumer.com/opensource/lzo/download/%{name}-%{version}.tar.gz
Patch0: lzo-2.06-configure.patch
+Patch1: lzo-2.06-CVE-2014-4607.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: zlib-devel
@@ -43,6 +44,7 @@ This package contains development files needed for lzo.
%prep
%setup -q
%patch0 -p1 -z .configure
+%patch1 -p1 -b .CVE-2014-4607
# mark asm files as NOT needing execstack
for i in asm/i386/src_gas/*.S; do
echo '.section .note.GNU-stack,"",@progbits' >> $i
@@ -51,9 +53,9 @@ done
%build
%configure --disable-dependency-tracking --disable-static --enable-shared
-make %{?_smp_mflags}
+make %{?_smp_mflags} CFLAGS="%{optflags} -fno-strict-aliasing"
# build minilzo too (bz 439979)
-gcc %{optflags} -fpic -Iinclude/lzo -o minilzo/minilzo.o -c minilzo/minilzo.c
+gcc %{optflags} -fno-strict-aliasing -fpic -Iinclude/lzo -o minilzo/minilzo.o -c minilzo/minilzo.c
gcc -g -shared -o libminilzo.so.0 -Wl,-soname,libminilzo.so.0 minilzo/minilzo.o
@@ -103,6 +105,14 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Wed Jul 2 2014 Jaroslav Škarvada <jskarvad@redhat.com> - 2.06-6.2
+- Built with -fno-strict-aliasing (rpmdiff)
+ Related: CVE-2014-4607
+
+* Wed Jul 2 2014 Jaroslav Škarvada <jskarvad@redhat.com> - 2.06-6.1
+- Fixed integer overflow in decompressor
+ Resolves: CVE-2014-4607
+
* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 2.06-6
- Mass rebuild 2014-01-24