jhead: update to 3.0.4

2021-01-17 16:43:49 +01:00 · 2021-01-17 16:43:49 +01:00 · 88287e9036
commit 88287e9036
parent 53d8496aef
3 changed files with 2 additions and 49 deletions
--- a/srcpkgs/jhead/patches/CVE-2018-16554.patch
+++ b/srcpkgs/jhead/patches/CVE-2018-16554.patch
@ -1,20 +0,0 @@
-From: Ludovic Rousseau <rousseau@debian.org>
-Date: Sat Sep  8 16:19:07 CEST 2018
-Subject: fix heap buffer overflow
-
-Bug-Debian: https://bugs.debian.org/908176
-Description: Fix CVE-2018-16554
-
--- gpsinfo.c
-+++ gpsinfo.c
-@@ -162,7 +162,8 @@
-                 break;
- 
-             case TAG_GPS_ALT:
-                sprintf(ImageInfo.GpsAlt + 1, "%.2fm", 
-+                snprintf(ImageInfo.GpsAlt + 1, sizeof(ImageInfo.GpsAlt) -1,
-+                    "%.2fm",
-                     ConvertAnyFormat(ValuePtr, Format));
-                 break;
-         }
-
--- a/srcpkgs/jhead/patches/CVE-2018-17088.patch
+++ b/srcpkgs/jhead/patches/CVE-2018-17088.patch
@ -1,27 +0,0 @@
-From: Ludovic Rousseau <rousseau@debian.org>
-Date: Wed Sep  5 15:32:00 CEST 2018
-Subject: Fix heap buffer overflow
-
-Bug-Debian: http://bugs.debian.org/907925
-Description: Fix CVE-2018-17088
-
--- gpsinfo.c
-+++ gpsinfo.c
-@@ -4,6 +4,7 @@
- // Matthias Wandel,  Dec 1999 - Dec 2002 
- //--------------------------------------------------------------------------
- #include "jhead.h"
-+#include <stdint.h>
- 
- #define MAX_GPS_TAG 0x1e
- 
-@@ -101,7 +102,7 @@
-             unsigned OffsetVal;
-             OffsetVal = Get32u(DirEntry+8);
-             // If its bigger than 4 bytes, the dir entry contains an offset.
-            if (OffsetVal+ByteCount > ExifLength){
-+            if (OffsetVal > UINT32_MAX - ByteCount || OffsetVal+ByteCount > ExifLength){
-                 // Bogus pointer offset and / or bytecount value
-                 ErrNonfatal("Illegal value pointer for Exif gps tag %04x", Tag,0);
-                 continue;
-
--- a/srcpkgs/jhead/template
+++ b/srcpkgs/jhead/template
@ -1,6 +1,6 @@
 # Template file for 'jhead'
 pkgname=jhead
-version=3.03
+version=3.04
 revision=1
 build_style=gnu-makefile
 short_desc="Display and manipulate EXIF header of JPEG images"
@ -8,7 +8,7 @@ maintainer="Oliver Kiddle <okiddle@yahoo.co.uk>"
 license="Public Domain"
 homepage="http://www.sentex.net/~mwandel/jhead/"
 distfiles="${homepage}/jhead-${version}.tar.gz"
-checksum=82194e0128d9141038f82fadcb5845391ca3021d61bc00815078601619f6c0c2
+checksum=ef89bbcf4f6c25ed88088cf242a47a6aedfff4f08cc7dc205bf3e2c0f10a03c9

 post_extract() {
 	sed -i -e 's,/local,,' -e '/CC.*-o/s/$/ $(LDFLAGS)/' makefile