Projects
Mega:24.03
OpenEXR
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 5
View file
_service:tar_scm:OpenEXR.spec
Changed
@@ -1,12 +1,13 @@ Name: OpenEXR Summary: A high dynamic-range (HDR) image file format for use in computer imaging applications Version: 3.1.11 -Release: 2 +Release: 3 License: BSD-3-Clause URL: http://www.openexr.com/ Source0: https://github.com/AcademySoftwareFoundation/openexr/archive/v%{version}/openexr-%{version}.tar.gz # https://github.com/AcademySoftwareFoundation/openexr/commit/df4d77471f2722025011da2e699d581d1e757f6b Patch0: CVE-2023-5841.patch +Patch1: CVE-2024-31047.patch BuildRequires: gcc-c++ zlib-devel pkgconfig python3-devel BuildRequires: cmake gcc boost-devel pkgconfig(Imath) @@ -74,6 +75,9 @@ %{_libdir}/pkgconfig/OpenEXR.pc %changelog +* Wed Apr 17 2024 wangkai <13474090681@163.com> - 3.1.11-3 +- Fix CVE-2024-31047 + * Mon Feb 26 2024 yaoxin <yao_xin001@hoperun.com> - 3.1.11-2 - Fix CVE-2023-5841
View file
_service:tar_scm:CVE-2024-31047.patch
Added
@@ -0,0 +1,42 @@ +From 7aa89e1d09b09d9f5dbb96976ee083a331ab9d71 Mon Sep 17 00:00:00 2001 +From: xiaoxiaoafeifei <zhailiangliang@loongson.cn> +Date: Wed, 20 Mar 2024 00:09:05 +0800 +Subject: PATCH prevent integer overflows in file exrmultipart.cpp (#1681) + +Signed-off-by: ZhaiLiangliang <zhailiangliang@loongson.cn> + +Origin: https://github.com/AcademySoftwareFoundation/openexr/pull/1681 + +--- + src/bin/exrmultipart/exrmultipart.cpp | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +diff --git a/src/bin/exrmultipart/exrmultipart.cpp b/src/bin/exrmultipart/exrmultipart.cpp +index 931cebc..1c624b8 100644 +--- a/src/bin/exrmultipart/exrmultipart.cpp ++++ b/src/bin/exrmultipart/exrmultipart.cpp +@@ -326,12 +326,17 @@ convert(vector <const char*> in, + } + + Box2i dataWindow = infile.header(0).dataWindow(); +- int pixel_count = (dataWindow.size().y+1)*(dataWindow.size().x+1); +- int pixel_width = dataWindow.size().x+1; +- ++ // ++ // use int64_t for dimensions, since possible overflow int storage ++ // ++ int64_t pixel_count = (static_cast<int64_t>(dataWindow.size ().y) + 1) * (static_cast<int64_t>(dataWindow.size ().x) + 1); ++ int64_t pixel_width = static_cast<int64_t>(dataWindow.size ().x) + 1; + ++ // + // offset in pixels between base of array and 0,0 +- int pixel_base = dataWindow.min.y*pixel_width+dataWindow.min.x; ++ // use int64_t for dimensions, since dataWindow.min.y * pixel_width could overflow int storage ++ // ++ int64_t pixel_base = static_cast<int64_t>(dataWindow.min.y) * pixel_width + static_cast<int64_t>(dataWindow.min.x); + + vector< vector<char> > channelstore(channel_count); + +-- +2.43.0 +
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2