commit gimp for openSUSE:11.4:Update
Hello community, here is the log from the commit of package gimp for openSUSE:11.4:Update checked in at 2012-09-03 10:27:26 Comparing /work/SRC/openSUSE:11.4:Update/gimp (Old) and /work/SRC/openSUSE:11.4:Update/.gimp.new (New) Package is "gimp", Maintainer is "gnome-maintain...@suse.de" Changes: New Changes file: NO CHANGES FILE!!! Other differences: -- ++ _link ++ --- /var/tmp/diff_new_pack.NVQR8R/_old 2012-09-03 10:27:27.0 +0200 +++ /var/tmp/diff_new_pack.NVQR8R/_new 2012-09-03 10:27:27.0 +0200 @@ -1,8 +1 @@ - - - - - - - - + -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gimp for openSUSE:11.4
Hello community, here is the log from the commit of package gimp for openSUSE:11.4 checked in at Fri Sep 16 19:04:07 CEST 2011. --- old-versions/11.4/UPDATES/all/gimp/gimp.changes 2011-07-13 00:36:50.0 +0200 +++ 11.4/gimp/gimp.changes 2011-09-09 15:05:36.0 +0200 @@ -1,0 +2,6 @@ +Fri Sep 9 13:03:51 UTC 2011 - vu...@opensuse.org + +- Add gimp-CVE-2011-2896.patch: Fix heap corruption and buffer + overflow in LZW code. Fix bnc#711491, CVE-2011-2896. + +--- calling whatdependson for 11.4-i586 New: gimp-CVE-2011-2896.patch Other differences: -- ++ gimp.spec ++ --- /var/tmp/diff_new_pack.f9exLd/_old 2011-09-16 19:03:01.0 +0200 +++ /var/tmp/diff_new_pack.f9exLd/_new 2011-09-16 19:03:01.0 +0200 @@ -49,7 +49,7 @@ BuildRequires: xorg-x11-libXfixes-devel Url:http://www.gimp.org/ Version:2.6.11 -Release:13. +Release:13. License:GPLv2+ Group: Productivity/Graphics/Bitmap Editors Suggests: AdobeICCProfiles @@ -69,6 +69,8 @@ Patch1: gimp-CVE-2010-4543.patch # PATCH-FIX-UPSTREAM gimp-pyslice-cellspacing-fix.patch bgo#641259 bnc#698769 fi...@opensuse.org -- py-slice cellspacing fix Patch2: gimp-pyslice-cellspacing-fix.patch +# PATCH-FIX-UPSTREAM gimp-CVE-2011-2896.patch CVE-2011-2896 bnc#711491 vu...@opensuse.org -- Fix heap corruption and buffer overflow +Patch5: gimp-CVE-2011-2896.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: %{name}-branding >= 2.4 Recommends: %{name}-plugins-python = %{version} gimp-2.0-scanner-plugin %{name}-help-browser @@ -247,6 +249,7 @@ %patch0 -p1 %patch1 -p1 %patch2 -p1 +%patch5 -p1 # Safety check for ABI version change. vabi=`printf "%d" $(sed -n '/#define GIMP_MODULE_ABI_VERSION/{s/.* //;p}' libgimpmodule/gimpmodule.h)` if test "x${vabi}" != "x%{abiver}"; then ++ gimp-CVE-2011-2896.patch ++ >From 0eae221c7c6eb84591d718587a17ea90c8852d5b Mon Sep 17 00:00:00 2001 From: Nils Philippsen Date: Thu, 04 Aug 2011 10:47:44 + Subject: file-gif-load: ensure return value of LZWReadByte() is <= 255 (cherry picked from commit b1a3de761362db982c0ddfaff60ab4a3c4267f32) --- diff --git a/plug-ins/common/file-gif-load.c b/plug-ins/common/file-gif-load.c index 9a0720b..a4d98fc 100644 --- a/plug-ins/common/file-gif-load.c +++ b/plug-ins/common/file-gif-load.c @@ -743,11 +743,11 @@ LZWReadByte (FILE *fd, } while (firstcode == clear_code); - return firstcode; + return firstcode & 255; } if (sp > stack) -return *--sp; +return (*--sp) & 255; while ((code = GetCode (fd, code_size, FALSE)) >= 0) { @@ -770,7 +770,7 @@ LZWReadByte (FILE *fd, sp= stack; firstcode = oldcode = GetCode (fd, code_size, FALSE); - return firstcode; + return firstcode & 255; } else if (code == end_code) { @@ -826,10 +826,10 @@ LZWReadByte (FILE *fd, oldcode = incode; if (sp > stack) -return *--sp; +return (*--sp) & 255; } - return code; + return code & 255; } static gint32 -- cgit v0.9.0.2 >From 62718f821b7c79a6860b8b25f0a21a91daa6e22d Mon Sep 17 00:00:00 2001 From: Nils Philippsen Date: Thu, 04 Aug 2011 10:51:42 + Subject: file-gif-load: fix heap corruption and buffer overflow (CVE-2011-2896) (cherry picked from commit 376ad788c1a1c31d40f18494889c383f6909ebfc) --- diff --git a/plug-ins/common/file-gif-load.c b/plug-ins/common/file-gif-load.c index a4d98fc..8460ec0 100644 --- a/plug-ins/common/file-gif-load.c +++ b/plug-ins/common/file-gif-load.c @@ -697,7 +697,8 @@ LZWReadByte (FILE *fd, static gint firstcode, oldcode; static gint clear_code, end_code; static gint table[2][(1 << MAX_LZW_BITS)]; - static gint stack[(1 << (MAX_LZW_BITS)) * 2], *sp; +#define STACK_SIZE ((1 << (MAX_LZW_BITS)) * 2) + static gint stack[STACK_SIZE], *sp; ginti; if (just_reset_LZW) @@ -772,7 +773,7 @@ LZWReadByte (FILE *fd, return firstcode & 255; } - else if (code == end_code) + else if (code == end_code || code > max_code) { gint count; guchar buf[260]; @@ -791,13 +792,14 @@ LZWReadByte (FILE *fd, incode = code; - if (code >= max_code) + if (code == max_code) { - *sp++ = firstcode; + if (sp < &(stack[STACK_SIZE])) +*sp++ = firstcode; code = oldcode; } - while (code >= clear_code) + while (code >= clear_code && sp < &(stack[STACK_SIZE])) { *sp++ = table[1][code]; if (code == table[0][code]) @@ -808,7 +810,8 @@ LZWReadByte (FILE *fd, code = table[0][code]; } - *sp++ =
commit gimp for openSUSE:11.4
Hello community, here is the log from the commit of package gimp for openSUSE:11.4 checked in at Tue Jul 26 17:23:51 CEST 2011. --- old-versions/11.4/UPDATES/all/gimp/gimp.changes 2011-05-27 23:16:24.0 +0200 +++ 11.4/gimp/gimp.changes 2011-07-13 00:36:50.0 +0200 @@ -1,0 +2,6 @@ +Tue Jul 12 22:35:35 UTC 2011 - fi...@opensuse.org + +- Add gimp-pyslice-cellspacing-fix.patch to fix cellspacing in + pyslice plugin. Fix bnc#698769. + +--- calling whatdependson for 11.4-i586 New: gimp-pyslice-cellspacing-fix.patch Other differences: -- ++ gimp.spec ++ --- /var/tmp/diff_new_pack.60mBHu/_old 2011-07-26 17:23:27.0 +0200 +++ /var/tmp/diff_new_pack.60mBHu/_new 2011-07-26 17:23:27.0 +0200 @@ -49,7 +49,7 @@ BuildRequires: xorg-x11-libXfixes-devel Url:http://www.gimp.org/ Version:2.6.11 -Release:13. +Release:13. License:GPLv2+ Group: Productivity/Graphics/Bitmap Editors Suggests: AdobeICCProfiles @@ -67,6 +67,8 @@ Patch0: gimp-CVE-2010-4540-and-more.patch # PATCH-FIX-UPSTREAM gimp-CVE-2010-4543.patch CVE-2010-4543 bgo#639203 bnc#662043 vu...@opensuse.org -- Fix a buffer overflow when reading a psp file Patch1: gimp-CVE-2010-4543.patch +# PATCH-FIX-UPSTREAM gimp-pyslice-cellspacing-fix.patch bgo#641259 bnc#698769 fi...@opensuse.org -- py-slice cellspacing fix +Patch2: gimp-pyslice-cellspacing-fix.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: %{name}-branding >= 2.4 Recommends: %{name}-plugins-python = %{version} gimp-2.0-scanner-plugin %{name}-help-browser @@ -244,6 +246,7 @@ translation-update-upstream po-tips gimp20-tips %patch0 -p1 %patch1 -p1 +%patch2 -p1 # Safety check for ABI version change. vabi=`printf "%d" $(sed -n '/#define GIMP_MODULE_ABI_VERSION/{s/.* //;p}' libgimpmodule/gimpmodule.h)` if test "x${vabi}" != "x%{abiver}"; then ++ gimp-pyslice-cellspacing-fix.patch ++ diff --git a/plug-ins/pygimp/plug-ins/py-slice.py b/plug-ins/pygimp/plug-ins/py-slice.py index f5b80bd..13ae267 100755 --- a/plug-ins/pygimp/plug-ins/py-slice.py +++ b/plug-ins/pygimp/plug-ins/py-slice.py @@ -35,6 +35,9 @@ gettext.install("gimp20-python", gimp.locale_directory, unicode=True) def pyslice(image, drawable, save_path, html_filename, image_basename, image_extension, separate, image_path, cellspacing, animate, skip_caps): + +cellspacing = int (cellspacing) + if animate: count = 0 drw = [] Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gimp for openSUSE:11.4
Hello community, here is the log from the commit of package gimp for openSUSE:11.4 checked in at Tue May 31 15:44:39 CEST 2011. --- old-versions/11.4/all/gimp/gimp.changes 2011-02-15 10:17:26.0 +0100 +++ 11.4/gimp/gimp.changes 2011-05-27 23:16:24.0 +0200 @@ -1,0 +2,6 @@ +Fri May 27 20:58:33 UTC 2011 - sree...@novell.com + +- Modify gimp-CVE-2010-4543.patch to include fix for the second + part of bnc#692877. (CVE-2011-1782) + +--- Package does not exist at destination yet. Using Fallback old-versions/11.4/all/gimp Destination is old-versions/11.4/UPDATES/all/gimp calling whatdependson for 11.4-i586 Other differences: -- ++ gimp.spec ++ --- /var/tmp/diff_new_pack.GccyZ4/_old 2011-05-31 15:44:18.0 +0200 +++ /var/tmp/diff_new_pack.GccyZ4/_new 2011-05-31 15:44:18.0 +0200 @@ -49,7 +49,7 @@ BuildRequires: xorg-x11-libXfixes-devel Url:http://www.gimp.org/ Version:2.6.11 -Release:6 +Release:13. License:GPLv2+ Group: Productivity/Graphics/Bitmap Editors Suggests: AdobeICCProfiles ++ gimp-CVE-2010-4543.patch ++ --- /var/tmp/diff_new_pack.GccyZ4/_old 2011-05-31 15:44:19.0 +0200 +++ /var/tmp/diff_new_pack.GccyZ4/_new 2011-05-31 15:44:19.0 +0200 @@ -14,7 +14,7 @@ fread (buf, runcount, 1, f); + + /* prevent buffer overflow for bogus data */ -+ runcount = MIN (runcount, endq - q); ++ runcount = MIN (runcount, (endq - q) / bytespp); + if (bytespp == 1) { Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org