Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: [email protected], [email protected], Sebastian Ramacher <[email protected]>, [email protected] Control: affects -1 + src:libcaca User: [email protected] Usertags: pu
Hi libcaca in bookworm is prone to CVE-2026-42046, #1136952 but does not seem severe enough to warrant a DSA. This update provide the patch used in unstable already to address the issue. Regards, Salvatore
diff -Nru libcaca-0.99.beta20/debian/changelog libcaca-0.99.beta20/debian/changelog --- libcaca-0.99.beta20/debian/changelog 2022-07-12 10:50:07.000000000 +0200 +++ libcaca-0.99.beta20/debian/changelog 2026-05-31 15:42:49.000000000 +0200 @@ -1,3 +1,11 @@ +libcaca (0.99.beta20-3+deb12u1) bookworm; urgency=medium + + * Non-maintainer upload. + * Prevent undefined behaviour in overflow check (CVE-2026-42046) + (Closes: #1136952) + + -- Salvatore Bonaccorso <[email protected]> Sun, 31 May 2026 15:42:49 +0200 + libcaca (0.99.beta20-3) unstable; urgency=medium [ Sebastian Ramacher ] diff -Nru libcaca-0.99.beta20/debian/patches/0001-Prevent-undefined-behaviour-in-overflow-check.patch libcaca-0.99.beta20/debian/patches/0001-Prevent-undefined-behaviour-in-overflow-check.patch --- libcaca-0.99.beta20/debian/patches/0001-Prevent-undefined-behaviour-in-overflow-check.patch 1970-01-01 01:00:00.000000000 +0100 +++ libcaca-0.99.beta20/debian/patches/0001-Prevent-undefined-behaviour-in-overflow-check.patch 2026-05-31 15:41:57.000000000 +0200 @@ -0,0 +1,42 @@ +From: Pascal Terjan <[email protected]> +Date: Sun, 12 Apr 2026 19:06:08 +0000 +Subject: Prevent undefined behaviour in overflow check +Origin: https://github.com/cacalabs/libcaca/commit/fb77acff9ba6bb01d53940da34fb10f20b156a23 +Bug-Debian: https://bugs.debian.org/1136952 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2026-42046 + +Fixes #86 +--- + caca/canvas.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/caca/canvas.c b/caca/canvas.c +index 7beff5b81d47..62b72b72bb5e 100644 +--- a/caca/canvas.c ++++ b/caca/canvas.c +@@ -26,6 +26,7 @@ + # if defined(HAVE_UNISTD_H) + # include <unistd.h> + # endif ++# include <limits.h> + #endif + + #include "caca.h" +@@ -368,12 +369,12 @@ int caca_resize(caca_canvas_t *cv, int width, int height) + int x, y, f, old_width, old_height, old_size; + + /* Check for overflow */ +- int new_size = width * height; +- if (new_size < 0 || (width > 0 && new_size / width != height)) ++ if (width != 0 && height > INT_MAX / width) + { + seterrno(EOVERFLOW); + return -1; + } ++ int new_size = width * height; + + old_width = cv->width; + old_height = cv->height; +-- +2.53.0 + diff -Nru libcaca-0.99.beta20/debian/patches/series libcaca-0.99.beta20/debian/patches/series --- libcaca-0.99.beta20/debian/patches/series 2022-07-12 10:48:41.000000000 +0200 +++ libcaca-0.99.beta20/debian/patches/series 2026-05-31 15:42:31.000000000 +0200 @@ -1 +1,2 @@ caca-config.in-Avoid-mentioning-libdir.patch +0001-Prevent-undefined-behaviour-in-overflow-check.patch
