commit htmldoc for openSUSE:Factory

Sun, 01 May 2022 09:54:04 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package htmldoc for openSUSE:Factory checked 
in at 2022-05-01 18:53:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/htmldoc (Old)
 and      /work/SRC/openSUSE:Factory/.htmldoc.new.1538 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "htmldoc"

Sun May  1 18:53:42 2022 rev:30 rq:973947 version:1.9.15

Changes:
--------
--- /work/SRC/openSUSE:Factory/htmldoc/htmldoc.changes  2022-02-11 
23:08:27.842781897 +0100
+++ /work/SRC/openSUSE:Factory/.htmldoc.new.1538/htmldoc.changes        
2022-05-01 18:53:52.399178812 +0200
@@ -1,0 +2,8 @@
+Fri Apr 29 06:02:30 UTC 2022 - pgaj...@suse.com
+
+- security update
+- added patches
+  fix CVE-2022-28085 [bsc#1198933], Heap buffer overflow in function 
pdf_write_names in ps-pdf.cxx
+  + htmldoc-CVE-2022-28085.patch
+
+-------------------------------------------------------------------

New:
----
  htmldoc-CVE-2022-28085.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ htmldoc.spec ++++++
--- /var/tmp/diff_new_pack.3nuDWx/_old  2022-05-01 18:53:52.907179282 +0200
+++ /var/tmp/diff_new_pack.3nuDWx/_new  2022-05-01 18:53:52.915179290 +0200
@@ -24,6 +24,8 @@
 Group:          Productivity/Publishing/HTML/Tools
 URL:            https://michaelrsweet.github.io/htmldoc/index.html
 Source:         
https://github.com/michaelrsweet/htmldoc/releases/download/v%{version}/htmldoc-%{version}-source.tar.gz
+# CVE-2022-28085 [bsc#1198933], Heap buffer overflow in function 
pdf_write_names in ps-pdf.cxx
+Patch0:         htmldoc-CVE-2022-28085.patch
 BuildRequires:  fltk-devel
 BuildRequires:  gcc-c++
 BuildRequires:  hicolor-icon-theme
@@ -40,7 +42,7 @@
 Portable Document Format (PDF) files that can be viewed online or printed.
 
 %prep
-%autosetup
+%autosetup -p1
 
 %build
 %configure \

++++++ htmldoc-CVE-2022-28085.patch ++++++
Index: htmldoc-1.9.15/htmldoc/ps-pdf.cxx
===================================================================
--- htmldoc-1.9.15.orig/htmldoc/ps-pdf.cxx
+++ htmldoc-1.9.15/htmldoc/ps-pdf.cxx
@@ -3583,6 +3583,8 @@ pdf_write_names(FILE *out)                /* I - Outpu
     pdf_start_object(out);
     float x, y;
 
+    check_pages(link->page);
+
     x = 0.0f;
     y = link->top + pages[link->page].bottom;
     pspdf_transform_coords(pages + link->page, x, y);

Reply via email to