Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2020Q1]: pkgsrc/graphics/libexif Pullup ticket #6205 - request...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/1d022e7af9b9
branches:  pkgsrc-2020Q1
changeset: 432290:1d022e7af9b9
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Wed May 20 19:15:26 2020 +0000

description:
Pullup ticket #6205 - requested by nia
graphics/libexif: security fix

Revisions pulled up:
- graphics/libexif/Makefile                                     1.48
- graphics/libexif/PLIST                                        1.22
- graphics/libexif/distinfo                                     1.32
- graphics/libexif/patches/patch-libexif_exif-data.c            deleted

---
   Module Name: pkgsrc
   Committed By:        nia
   Date:                Tue May 19 11:20:01 UTC 2020

   Modified Files:
        pkgsrc/graphics/libexif: Makefile PLIST distinfo
   Removed Files:
        pkgsrc/graphics/libexif/patches: patch-libexif_exif-data.c

   Log Message:
   libexif: Update to 0.6.22

   libexif-0.6.22 (2020-05-18):
     * New translations: ms
     * Updated translations for most languages
     * Fixed C89 compatibility
     * Fixed warnings on recent versions of autoconf
     * Some useful EXIF 2.3 tag added:
       * EXIF_TAG_GAMMA
       * EXIF_TAG_COMPOSITE_IMAGE
       * EXIF_TAG_SOURCE_IMAGE_NUMBER_OF_COMPOSITE_IMAGE
       * EXIF_TAG_SOURCE_EXPOSURE_TIMES_OF_COMPOSITE_IMAGE
       * EXIF_TAG_GPS_H_POSITIONING_ERROR
       * EXIF_TAG_CAMERA_OWNER_NAME
       * EXIF_TAG_BODY_SERIAL_NUMBER
       * EXIF_TAG_LENS_SPECIFICATION
       * EXIF_TAG_LENS_MAKE
       * EXIF_TAG_LENS_MODEL
       * EXIF_TAG_LENS_SERIAL_NUMBER
     * Lots of fixes exposed by fuzzers like AFL, ClusterFuzz, OSSFuzz and others.
       * CVE-2018-20030: Fix for recursion DoS
       * CVE-2020-13114: Time consumption DoS when parsing canon array markers
       * CVE-2020-13113: Potential use of uninitialized memory
       * CVE-2020-13112: Various buffer overread fixes due to integer overflows in maker notes
       * CVE-2020-0093: read overflow
       * CVE-2019-9278: replaced integer overflow checks the compiler could optimize away by safer constructs
       * CVE-2020-12767: fixed division by zero
       * CVE-2016-6328: fixed integer overflow when parsing maker notes
       * CVE-2017-7544: fixed buffer overread

diffstat:

 graphics/libexif/Makefile                          |  13 +-
 graphics/libexif/PLIST                             |   4 +-
 graphics/libexif/distinfo                          |  11 +-
 graphics/libexif/patches/patch-libexif_exif-data.c |  89 ----------------------
 4 files changed, 15 insertions(+), 102 deletions(-)

diffs (163 lines):

diff -r b3c0097c78af -r 1d022e7af9b9 graphics/libexif/Makefile
--- a/graphics/libexif/Makefile Wed May 20 19:15:21 2020 +0000
+++ b/graphics/libexif/Makefile Wed May 20 19:15:26 2020 +0000
@@ -1,10 +1,11 @@
-# $NetBSD: Makefile,v 1.47 2020/03/25 11:47:23 nia Exp $
+# $NetBSD: Makefile,v 1.47.2.1 2020/05/20 19:15:26 bsiegert Exp $
 
-DISTNAME=      libexif-0.6.21
-PKGREVISION=   2
+DISTNAME=      libexif-0.6.22
 CATEGORIES=    graphics
-MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=libexif/}
-EXTRACT_SUFX=  .tar.bz2
+MASTER_SITES=  ${MASTER_SITE_GITHUB:=libexif/}
+GITHUB_PROJECT=        libexif
+GITHUB_RELEASE=        ${DISTNAME:S/./_/g}-release
+EXTRACT_SUFX=  .tar.xz
 
 MAINTAINER=    adam%NetBSD.org@localhost
 HOMEPAGE=      https://libexif.github.io/
@@ -13,7 +14,7 @@
 
 USE_LIBTOOL=           yes
 USE_PKGLOCALEDIR=      yes
-USE_TOOLS+=            gmake
+USE_TOOLS+=            gmake msgfmt msgmerge xgettext
 GNU_CONFIGURE=         yes
 CONFIGURE_ENV+=                ac_cv_path_DOXYGEN=false
 PKGCONFIG_OVERRIDE=    libexif.pc.in
diff -r b3c0097c78af -r 1d022e7af9b9 graphics/libexif/PLIST
--- a/graphics/libexif/PLIST    Wed May 20 19:15:21 2020 +0000
+++ b/graphics/libexif/PLIST    Wed May 20 19:15:26 2020 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.21 2012/07/13 16:35:25 adam Exp $
+@comment $NetBSD: PLIST,v 1.21.42.1 2020/05/20 19:15:26 bsiegert Exp $
 include/libexif/_stdint.h
 include/libexif/exif-byte-order.h
 include/libexif/exif-content.h
@@ -21,6 +21,7 @@
 share/doc/libexif/ChangeLog
 share/doc/libexif/NEWS
 share/doc/libexif/README
+share/doc/libexif/SECURITY.md
 share/locale/be/LC_MESSAGES/libexif-12.mo
 share/locale/bs/LC_MESSAGES/libexif-12.mo
 share/locale/cs/LC_MESSAGES/libexif-12.mo
@@ -33,6 +34,7 @@
 share/locale/fr/LC_MESSAGES/libexif-12.mo
 share/locale/it/LC_MESSAGES/libexif-12.mo
 share/locale/ja/LC_MESSAGES/libexif-12.mo
+share/locale/ms/LC_MESSAGES/libexif-12.mo
 share/locale/nl/LC_MESSAGES/libexif-12.mo
 share/locale/pl/LC_MESSAGES/libexif-12.mo
 share/locale/pt/LC_MESSAGES/libexif-12.mo
diff -r b3c0097c78af -r 1d022e7af9b9 graphics/libexif/distinfo
--- a/graphics/libexif/distinfo Wed May 20 19:15:21 2020 +0000
+++ b/graphics/libexif/distinfo Wed May 20 19:15:26 2020 +0000
@@ -1,7 +1,6 @@
-$NetBSD: distinfo,v 1.31 2020/03/25 11:47:23 nia Exp $
+$NetBSD: distinfo,v 1.31.2.1 2020/05/20 19:15:26 bsiegert Exp $
 
-SHA1 (libexif-0.6.21.tar.bz2) = a52219b12dbc8d33fc096468591170fda71316c0
-RMD160 (libexif-0.6.21.tar.bz2) = 979f06096b7271d8713c1766e0ad5dfabb06c531
-SHA512 (libexif-0.6.21.tar.bz2) = 4e0fe2abe85d1c95b41cb3abe1f6333dc3a9eb69dba106a674a78d74a4d5b9c5a19647118fa1cc2d72b98a29853394f1519eda9e2889eb28d3be26b21c7cfc35
-Size (libexif-0.6.21.tar.bz2) = 1368435 bytes
-SHA1 (patch-libexif_exif-data.c) = 3518902f95665b53a62ba4e7fdc0b146fb4480dc
+SHA1 (libexif-0.6.22.tar.xz) = b396c562dbf44567ef796f324e7760b15e657523
+RMD160 (libexif-0.6.22.tar.xz) = e34ce907a658d4883894655bd11c6dff2b06cf9d
+SHA512 (libexif-0.6.22.tar.xz) = 0a9e7bf0258ed98a794b667d45e8fc65299101a2a2d2e39c358715b20b003beff258782f0736cd5b53978428a2f878a989f303bee249a978850a065f33c534af
+Size (libexif-0.6.22.tar.xz) = 1347040 bytes
diff -r b3c0097c78af -r 1d022e7af9b9 graphics/libexif/patches/patch-libexif_exif-data.c
--- a/graphics/libexif/patches/patch-libexif_exif-data.c        Wed May 20 19:15:21 2020 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,89 +0,0 @@
-$NetBSD: patch-libexif_exif-data.c,v 1.2 2020/03/25 11:47:23 nia Exp $
-
-Fix for CVE-2017-7544:
-https://github.com/libexif/libexif/commit/c39acd1692023b26290778a02a9232c873f9d71a.patch
-
-Fix for CVE-2019-9278:
-https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566.patch
-
---- libexif/exif-data.c.orig   2012-07-12 18:31:56.000000000 +0000
-+++ libexif/exif-data.c
-@@ -191,9 +191,15 @@ exif_data_load_data_entry (ExifData *dat
-               doff = offset + 8;
- 
-       /* Sanity checks */
--      if ((doff + s < doff) || (doff + s < s) || (doff + s > size)) {
-+      if (doff >= size) {
-               exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
--                                "Tag data past end of buffer (%u > %u)", doff+s, size);       
-+                                "Tag starts past end of buffer (%u > %u)", doff, size);
-+              return 0;
-+      }
-+
-+      if (s > size - doff) {
-+              exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
-+                                "Tag data goes past end of buffer (%u > %u)", doff+s, size);
-               return 0;
-       }
- 
-@@ -255,6 +261,12 @@ exif_data_save_data_entry (ExifData *dat
-                       exif_mnote_data_set_offset (data->priv->md, *ds - 6);
-                       exif_mnote_data_save (data->priv->md, &e->data, &e->size);
-                       e->components = e->size;
-+                      if (exif_format_get_size (e->format) != 1) {
-+                              /* e->format is taken from input code,
-+                               * but we need to make sure it is a 1 byte
-+                               * entity due to the multiplication below. */
-+                              e->format = EXIF_FORMAT_UNDEFINED;
-+                      }
-               }
-       }
- 
-@@ -308,13 +320,14 @@ exif_data_load_data_thumbnail (ExifData 
-                              unsigned int ds, ExifLong o, ExifLong s)
- {
-       /* Sanity checks */
--      if ((o + s < o) || (o + s < s) || (o + s > ds) || (o > ds)) {
--              exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
--                        "Bogus thumbnail offset (%u) or size (%u).",
--                        o, s);
-+      if (o >= ds) {
-+              exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail offset (%u).", o);
-+              return;
-+      }
-+      if (s > ds - o) {
-+              exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", "Bogus thumbnail size (%u), max would be %u.", s, ds-o);
-               return;
-       }
--
-       if (data->data) 
-               exif_mem_free (data->priv->mem, data->data);
-       if (!(data->data = exif_data_alloc (data, s))) {
-@@ -903,7 +916,7 @@ exif_data_load_data (ExifData *data, con
-       exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", 
-                 "IFD 0 at %i.", (int) offset);
- 
--      /* Sanity check the offset, being careful about overflow */
-+      /* ds is restricted to 16 bit above, so offset is restricted too, and offset+8 should not overflow. */
-       if (offset > ds || offset + 6 + 2 > ds)
-               return;
- 
-@@ -912,6 +925,7 @@ exif_data_load_data (ExifData *data, con
- 
-       /* IFD 1 offset */
-       n = exif_get_short (d + 6 + offset, data->priv->order);
-+      /* offset < 2<<16, n is 16 bit at most, so this op will not overflow */
-       if (offset + 6 + 2 + 12 * n + 4 > ds)
-               return;
- 
-@@ -920,8 +934,8 @@ exif_data_load_data (ExifData *data, con
-               exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData",
-                         "IFD 1 at %i.", (int) offset);
- 
--              /* Sanity check. */
--              if (offset > ds || offset + 6 > ds) {
-+              /* Sanity check. ds is ensured to be above 6 above, offset is 16bit */
-+              if (offset > ds - 6) {
-                       exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA,
-                                 "ExifData", "Bogus offset of IFD1.");
-               } else {



Home | Main Index | Thread Index | Old Index