Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package godot for openSUSE:Factory checked in at 2022-09-17 20:10:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/godot (Old) and /work/SRC/openSUSE:Factory/.godot.new.2083 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "godot" Sat Sep 17 20:10:40 2022 rev:21 rq:1004169 version:3.5 Changes: -------- --- /work/SRC/openSUSE:Factory/godot/godot.changes 2022-08-15 20:00:30.509442933 +0200 +++ /work/SRC/openSUSE:Factory/.godot.new.2083/godot.changes 2022-09-17 20:10:53.257251652 +0200 @@ -0,0 +1,5 @@ +Mon Sep 12 12:00:00 UTC 2022 - cu...@mail.de + +- Heap-buffer-overflow in bundled thirdparty tool tinyexr + * added tinyexr_thirdparty_upstream.patch from upstream tinyexr (boo#1203278) + New: ---- tinyexr_thirdparty_upstream.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ godot.spec ++++++ --- /var/tmp/diff_new_pack.lxBM0M/_old 2022-09-17 20:10:53.889253475 +0200 +++ /var/tmp/diff_new_pack.lxBM0M/_new 2022-09-17 20:10:53.893253486 +0200 @@ -36,6 +36,8 @@ Patch0: linker_pie_flag.patch # Use system certificates as fallback for certificates Patch1: certs_fallback.patch +# Heap-buffer-overflow in bundled tinyexr +Patch2: tinyexr_thirdparty_upstream.patch BuildRequires: Mesa-devel BuildRequires: desktop-file-utils BuildRequires: fdupes @@ -243,6 +245,7 @@ %setup -q -n %{name}-%{version}-stable %patch0 -p1 %patch1 -p1 +%patch2 -p1 cp thirdparty/README.md thirdparty_README.md ++++++ tinyexr_thirdparty_upstream.patch ++++++ >From cc1b199dd17b700c3130a53866ea462ab88e7f82 Mon Sep 17 00:00:00 2001 From: 0xdd96 <1011085...@qq.com> Date: Wed, 6 Jul 2022 12:14:50 +0800 Subject: [PATCH] Add bounds check to address #169 References: https://bugzilla.opensuse.org/show_bug.cgi?id=1203278 https://github.com/syoyo/tinyexr/issues/169 https://github.com/syoyo/tinyexr/pull/170/commits/cc1b199dd17b700c3130a53866ea462ab88e7f82 Rebased: 20220912 by cunix diff -r -U 5 a/thirdparty/tinyexr/tinyexr.h b/thirdparty/tinyexr/tinyexr.h --- a/thirdparty/tinyexr/tinyexr.h +++ b/thirdparty/tinyexr/tinyexr.h @@ -1454,11 +1454,11 @@ in += count; } else { int count = *in++; inLength -= 2; - if (0 > (maxLength -= count + 1)) return 0; + if (0 > (maxLength -= count + 1) || inLength < 0) return 0; memset(out, *reinterpret_cast<const char *>(in), count + 1); out += count + 1; in++;