MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-12-15 06:45:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

python-imaging: Fix CVE-2016-2533

Browse Source 
* PCD decoder overruns the shuffle buffer, Fixes #568
the patch comes from:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2533
ae453aa18b (diff-8ff6909c159597e22288ad818938fd6b)

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
This commit is contained in:
mingli.yu@windriver.com 2016-07-20 14:00:07 +08:00 committed by Martin Jansa
parent 6398643373
commit b142ab5a0b
2 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
meta-python/recipes-devtools/python/python-imaging/python-imaging-CVE-2016-2533.patch Normal file
View File

@ -0,0 +1,38 @@
python-imaging: CVE-2016-2533
the patch comes from:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2533
https://github.com/python-pillow/Pillow/commit/ae453aa18b66af54e7ff716f4ccb33adca60afd4#diff-8ff6909c159597e22288ad818938fd6b
PCD decoder overruns the shuffle buffer, Fixes #568
Signed-off-by: Li Wang <li.wang@windriver.com>
---
libImaging/PcdDecode.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libImaging/PcdDecode.c b/libImaging/PcdDecode.c
index b6898e3..c02d005 100644
--- a/libImaging/PcdDecode.c
+++ b/libImaging/PcdDecode.c
@@ -47,7 +47,7 @@ ImagingPcdDecode(Imaging im, ImagingCodecState state, UINT8* buf, int bytes)
out[0] = ptr[x];
out[1] = ptr[(x+4*state->xsize)/2];
out[2] = ptr[(x+5*state->xsize)/2];
- out += 4;
+ out += 3;
}
state->shuffle((UINT8*) im->image[state->y],
@@ -62,7 +62,7 @@ ImagingPcdDecode(Imaging im, ImagingCodecState state, UINT8* buf, int bytes)
out[0] = ptr[x+state->xsize];
out[1] = ptr[(x+4*state->xsize)/2];
out[2] = ptr[(x+5*state->xsize)/2];
- out += 4;
+ out += 3;
}
state->shuffle((UINT8*) im->image[state->y],
--
1.7.9.5

4
meta-python/recipes-devtools/python/python-imaging_1.1.7.bb
View File

@ -10,7 +10,9 @@ SRC_URI = "http://effbot.org/downloads/Imaging-${PV}.tar.gz \
file://0001-python-imaging-setup.py-force-paths-for-zlib-freetyp.patch \
file://allow.to.disable.some.features.patch \
file://fix-freetype-includes.patch \
file://remove-host-libdir.patch"
file://remove-host-libdir.patch \
file://python-imaging-CVE-2016-2533.patch \
"
SRC_URI[md5sum] = "fc14a54e1ce02a0225be8854bfba478e"
SRC_URI[sha256sum] = "895bc7c2498c8e1f9b99938f1a40dc86b3f149741f105cf7c7bd2e0725405211"