Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openexr for openSUSE:Factory checked in at 2022-01-07 12:44:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openexr (Old) and /work/SRC/openSUSE:Factory/.openexr.new.1896 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openexr" Fri Jan 7 12:44:58 2022 rev:49 rq:944051 version:3.1.3 Changes: -------- --- /work/SRC/openSUSE:Factory/openexr/openexr.changes 2021-11-15 00:06:16.515598647 +0100 +++ /work/SRC/openSUSE:Factory/.openexr.new.1896/openexr.changes 2022-01-07 12:45:35.259812394 +0100 @@ -1,0 +2,8 @@ +Wed Jan 5 12:55:27 UTC 2022 - [email protected] + +- security update +- added patches + fix CVE-2021-45942 [bsc#1194333], heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute + + openexr-CVE-2021-45942.patch + +------------------------------------------------------------------- New: ---- openexr-CVE-2021-45942.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openexr.spec ++++++ --- /var/tmp/diff_new_pack.ilLwhA/_old 2022-01-07 12:45:36.111812985 +0100 +++ /var/tmp/diff_new_pack.ilLwhA/_new 2022-01-07 12:45:36.115812988 +0100 @@ -1,7 +1,7 @@ # # spec file for package openexr # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -30,6 +30,8 @@ URL: https://www.openexr.com/ Source0: https://github.com/openexr/openexr/archive/v%{version}.tar.gz Source2: baselibs.conf +# CVE-2021-45942 [bsc#1194333], heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute +Patch0: openexr-CVE-2021-45942.patch BuildRequires: cmake >= 3.12 BuildRequires: fltk-devel BuildRequires: freeglut-devel ++++++ openexr-CVE-2021-45942.patch ++++++ diff --git a/src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp b/src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp index 0acbed04b..364a1f04b 100644 --- a/src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp +++ b/src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp @@ -1961,14 +1961,20 @@ readSampleCountForLineBlock(InputStreamMutex* streamData, // @TODO refactor the compressor code to ensure full 64-bit support. // - int compressorMaxDataSize = std::numeric_limits<int>::max(); - if (sampleCountTableDataSize > uint64_t(compressorMaxDataSize)) + uint64_t compressorMaxDataSize = static_cast<uint64_t>(std::numeric_limits<int>::max()); + if (packedDataSize > compressorMaxDataSize || + unpackedDataSize > compressorMaxDataSize || + sampleCountTableDataSize > compressorMaxDataSize) { - THROW (IEX_NAMESPACE::ArgExc, "This version of the library does not " - << "support the allocation of data with size > " - << compressorMaxDataSize - << " file table size :" << sampleCountTableDataSize << ".\n"); + THROW (IEX_NAMESPACE::ArgExc, "This version of the library does not" + << "support the allocation of data with size > " + << compressorMaxDataSize + << " file table size :" << sampleCountTableDataSize + << " file unpacked size :" << unpackedDataSize + << " file packed size :" << packedDataSize << ".\n"); } + + streamData->is->read(data->sampleCountTableBuffer, static_cast<int>(sampleCountTableDataSize)); const char* readPtr;
