Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
aports
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Dominika Liberda
aports
Commits
2a812850
Commit
2a812850
authored
4 years ago
by
J0WI
Committed by
Leo
4 years ago
Browse files
Options
Downloads
Patches
Plain Diff
main/gd: patch CVE-2018-14553 and CVE-2019-11038
parent
7ebd9628
No related branches found
No related tags found
No related merge requests found
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
main/gd/APKBUILD
+12
-5
12 additions, 5 deletions
main/gd/APKBUILD
main/gd/CVE-2018-14553.patch
+32
-0
32 additions, 0 deletions
main/gd/CVE-2018-14553.patch
main/gd/CVE-2019-11038.patch
+36
-0
36 additions, 0 deletions
main/gd/CVE-2019-11038.patch
with
80 additions
and
5 deletions
main/gd/APKBUILD
+
12
−
5
View file @
2a812850
...
@@ -2,7 +2,7 @@
...
@@ -2,7 +2,7 @@
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname
=
gd
pkgname
=
gd
pkgver
=
2.2.5
pkgver
=
2.2.5
pkgrel
=
2
pkgrel
=
3
_pkgreal
=
lib
$pkgname
_pkgreal
=
lib
$pkgname
pkgdesc
=
"Library for the dynamic creation of images by programmers"
pkgdesc
=
"Library for the dynamic creation of images by programmers"
url
=
"https://libgd.github.io/"
url
=
"https://libgd.github.io/"
...
@@ -13,7 +13,9 @@ makedepends="bash libpng-dev libjpeg-turbo-dev libwebp-dev freetype-dev zlib-dev
...
@@ -13,7 +13,9 @@ makedepends="bash libpng-dev libjpeg-turbo-dev libwebp-dev freetype-dev zlib-dev
subpackages
=
"
$pkgname
-dev
$_pkgreal
:libs"
subpackages
=
"
$pkgname
-dev
$_pkgreal
:libs"
source
=
"https://github.com/
$_pkgreal
/
$_pkgreal
/releases/download/
$pkgname
-
$pkgver
/
$_pkgreal
-
$pkgver
.tar.xz
source
=
"https://github.com/
$_pkgreal
/
$_pkgreal
/releases/download/
$pkgname
-
$pkgver
/
$_pkgreal
-
$pkgver
.tar.xz
CVE-2018-1000222.patch
CVE-2018-1000222.patch
CVE-2018-14553.patch
CVE-2018-5711.patch
CVE-2018-5711.patch
CVE-2019-11038.patch
CVE-2019-6977.patch
CVE-2019-6977.patch
CVE-2019-6978.patch
CVE-2019-6978.patch
"
"
...
@@ -23,12 +25,15 @@ case "$CARCH" in
...
@@ -23,12 +25,15 @@ case "$CARCH" in
esac
esac
# secfixes:
# secfixes:
# 2.2.5-r3:
# - CVE-2018-14553
# - CVE-2019-11038
# 2.2.5-r2:
# 2.2.5-r2:
# - CVE-2018-5711
#
- CVE-2018-5711
# - CVE-2019-6977
#
- CVE-2019-6977
# - CVE-2019-6978
#
- CVE-2019-6978
# 2.2.5-r1:
# 2.2.5-r1:
# - CVE-2018-1000222
#
- CVE-2018-1000222
build
()
{
build
()
{
cd
"
$builddir
"
cd
"
$builddir
"
...
@@ -62,6 +67,8 @@ dev() {
...
@@ -62,6 +67,8 @@ dev() {
sha512sums
=
"e4598e17a277a75e02255402182cab139cb3f2cffcd68ec05cc10bbeaf6bc7aa39162c3445cd4a7efc1a26b72b9152bbedb187351e3ed099ea51767319997a6b libgd-2.2.5.tar.xz
sha512sums
=
"e4598e17a277a75e02255402182cab139cb3f2cffcd68ec05cc10bbeaf6bc7aa39162c3445cd4a7efc1a26b72b9152bbedb187351e3ed099ea51767319997a6b libgd-2.2.5.tar.xz
d12462f1b159d50b9032435e9767a5d76e1797a88be950ed33dda7aa17005b7cb60560d04b9520e46d8111e1669d42ce28cb2c508f9c8825d545ac0335d2a10b CVE-2018-1000222.patch
d12462f1b159d50b9032435e9767a5d76e1797a88be950ed33dda7aa17005b7cb60560d04b9520e46d8111e1669d42ce28cb2c508f9c8825d545ac0335d2a10b CVE-2018-1000222.patch
9bf1677d69d04f41eba48b48e853ad706f3097edb1a96c3b681b516708be0ba199c463e7b3e44f52921e14028a7c4d74977d66e7f456b9f96d935ce9db342c0e CVE-2018-14553.patch
b23929f10ad75fa97d2ff797ef44d185cfe6de4f26b649e8e507b6fc41ebdb527ab4633d10df955c92d677428d9ed1707d9997954a1bcfb0070995191211d886 CVE-2018-5711.patch
b23929f10ad75fa97d2ff797ef44d185cfe6de4f26b649e8e507b6fc41ebdb527ab4633d10df955c92d677428d9ed1707d9997954a1bcfb0070995191211d886 CVE-2018-5711.patch
a56397fb310c94d4dc9c565dcec17ffd7411e1957ba45f1093e9fffad74192c244b1ef4f9d954c052f589fd5b4d1cc37ca5d53d8db569cee09a7bdc38bfc4eaf CVE-2019-11038.patch
5214ac4148c618f3fef3bb3b6675e41a76e31465cd8dac326ee99dc1ae4cfe760749997d2941743efa48e79b8dbdb536d6b6d79d9bc4e5363f2c50da52ab5cac CVE-2019-6977.patch
5214ac4148c618f3fef3bb3b6675e41a76e31465cd8dac326ee99dc1ae4cfe760749997d2941743efa48e79b8dbdb536d6b6d79d9bc4e5363f2c50da52ab5cac CVE-2019-6977.patch
2f70f041b531a23d0bac5c5370a3fb135ca8facaa7baf1554baf35135cc9c6e21de9c09400d939e133ad090b9aa23fa901ea7b5cd9ea20d11edc38257601eb97 CVE-2019-6978.patch"
2f70f041b531a23d0bac5c5370a3fb135ca8facaa7baf1554baf35135cc9c6e21de9c09400d939e133ad090b9aa23fa901ea7b5cd9ea20d11edc38257601eb97 CVE-2019-6978.patch"
This diff is collapsed.
Click to expand it.
main/gd/CVE-2018-14553.patch
0 → 100644
+
32
−
0
View file @
2a812850
From a93eac0e843148dc2d631c3ba80af17e9c8c860f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A1bio=20Cabral=20Pacheco?= <fcabralpacheco@gmail.com>
Date: Fri, 20 Dec 2019 12:03:33 -0300
Subject: [PATCH] Fix potential NULL pointer dereference in gdImageClone()
diff --git a/src/gd.c b/src/gd.c
index 592a0286..d564d1f9 100644
--- a/src/gd.c
+++ b/src/gd.c
@@ -2865,14 +2865,6 @@
BGD_DECLARE(gdImagePtr) gdImageClone (gdImagePtr src) {
}
}
- if (src->styleLength > 0) {
- dst->styleLength = src->styleLength;
- dst->stylePos = src->stylePos;
- for (i = 0; i < src->styleLength; i++) {
- dst->style[i] = src->style[i];
- }
- }
-
dst->interlace = src->interlace;
dst->alphaBlendingFlag = src->alphaBlendingFlag;
@@ -2907,6 +2899,7 @@
BGD_DECLARE(gdImagePtr) gdImageClone (gdImagePtr src) {
if (src->style) {
gdImageSetStyle(dst, src->style, src->styleLength);
+ dst->stylePos = src->stylePos;
}
for (i = 0; i < gdMaxColors; i++) {
This diff is collapsed.
Click to expand it.
main/gd/CVE-2019-11038.patch
0 → 100644
+
36
−
0
View file @
2a812850
From e13a342c079aeb73e31dfa19eaca119761bac3f3 Mon Sep 17 00:00:00 2001
From: Jonas Meurer <jonas@freesources.org>
Date: Tue, 11 Jun 2019 12:16:46 +0200
Subject: [PATCH] Fix #501: Uninitialized read in gdImageCreateFromXbm
(CVE-2019-11038)
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-11038
Bug-Debian: https://bugs.debian.org/929821
Bug: https://github.com/libgd/libgd/issues/501
We have to ensure that `sscanf()` does indeed read a hex value here,
and bail out otherwise.
Original patch by Christoph M. Becker <cmbecker69@gmx.de> for PHP libgd ext.
https://git.php.net/?p=php-src.git;a=commit;h=ed6dee9a198c904ad5e03113e58a2d2c200f5184
---
src/gd_xbm.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/gd_xbm.c b/src/gd_xbm.c
index 4ca41acf..cf0545ef 100644
--- a/src/gd_xbm.c
+++ b/src/gd_xbm.c
@@ -169,7 +169,11 @@
BGD_DECLARE(gdImagePtr) gdImageCreateFromXbm(FILE * fd)
}
h[3] = ch;
}
- sscanf(h, "%x", &b);
+ if (sscanf(h, "%x", &b) != 1) {
+ gd_error("invalid XBM");
+ gdImageDestroy(im);
+ return 0;
+ }
for (bit = 1; bit <= max_bit; bit = bit << 1) {
gdImageSetPixel(im, x++, y, (b & bit) ? 1 : 0);
if (x == im->sx) {
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
