libexif: fix CVE-2017-7544
This commit is contained in:
maxice8
maxice8
parent
98c0e514b9
commit
24c297c1f4
2 changed files with 19 additions and 4 deletions
15
srcpkgs/libexif/patches/CVE-2017-7544.patch
Normal file
15
srcpkgs/libexif/patches/CVE-2017-7544.patch
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
--- libexif/exif-data.c 12 Jul 2012 17:28:26 -0000 1.131
|
||||
+++ libexif/exif-data.c 25 Jul 2017 21:34:06 -0000
|
||||
@@ -255,6 +255,12 @@
|
||||
exif_mnote_data_set_offset (data->priv->md, *ds - 6);
|
||||
exif_mnote_data_save (data->priv->md, &e->data, &e->size);
|
||||
e->components = e->size;
|
||||
+ if (exif_format_get_size (e->format) != 1) {
|
||||
+ /* e->format is taken from input code,
|
||||
+ * but we need to make sure it is a 1 byte
|
||||
+ * entity due to the multiplication below. */
|
||||
+ e->format = EXIF_FORMAT_UNDEFINED;
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1,14 +1,14 @@
|
|||
# Template build file for 'libexif'.
|
||||
# Template file for 'libexif'
|
||||
pkgname=libexif
|
||||
version=0.6.21
|
||||
revision=4
|
||||
revision=5
|
||||
build_style=gnu-configure
|
||||
configure_args="ac_cv_path_DOXYGEN=false"
|
||||
short_desc="EXIF file library"
|
||||
maintainer="Juan RP <xtraeme@voidlinux.eu>"
|
||||
license="LGPL-2.1-or-later"
|
||||
homepage="http://sourceforge.net/projects/libexif"
|
||||
license="LGPL-2.1"
|
||||
distfiles="${SOURCEFORGE_SITE}/$pkgname/$pkgname-$version.tar.bz2"
|
||||
distfiles="${SOURCEFORGE_SITE}/${pkgname}/${pkgname}-${version}.tar.bz2"
|
||||
checksum=16cdaeb62eb3e6dfab2435f7d7bccd2f37438d21c5218ec4e58efa9157d4d41a
|
||||
|
||||
libexif-devel_package() {
|
||||
|
|
|
|||
Loading…
Reference in a new issue