mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-23 21:17:11 -05:00
gnu: pixman: Add fix for CVE-2016-5296.
* gnu/packages/patches/pixman-CVE-2016-5296.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/xdisorg.scm (pixman)[replacement]: New field. (pixman/fixed): New variable.
This commit is contained in:
parent
05ceb8dcaf
commit
56ac2bf442
3 changed files with 29 additions and 1 deletions
|
@ -785,6 +785,7 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/pinball-src-deps.patch \
|
||||
%D%/packages/patches/pinball-system-ltdl.patch \
|
||||
%D%/packages/patches/pingus-sdl-libs-config.patch \
|
||||
%D%/packages/patches/pixman-CVE-2016-5296.patch \
|
||||
%D%/packages/patches/plink-1.07-unclobber-i.patch \
|
||||
%D%/packages/patches/plink-endian-detection.patch \
|
||||
%D%/packages/patches/plotutils-libpng-jmpbuf.patch \
|
||||
|
|
19
gnu/packages/patches/pixman-CVE-2016-5296.patch
Normal file
19
gnu/packages/patches/pixman-CVE-2016-5296.patch
Normal file
|
@ -0,0 +1,19 @@
|
|||
Fix CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1
|
||||
Adapted for upstream pixman based on:
|
||||
|
||||
https://hg.mozilla.org/releases/mozilla-esr45/rev/5e39c1c2fded
|
||||
|
||||
--- pixman-0.34.0/pixman/pixman-edge-imp.h.orig 2015-06-30 05:48:31.000000000 -0400
|
||||
+++ pixman-0.34.0/pixman/pixman-edge-imp.h 2016-11-16 01:09:34.046335106 -0500
|
||||
@@ -55,8 +55,9 @@
|
||||
*
|
||||
* (The AA case does a similar adjustment in RENDER_SAMPLES_X)
|
||||
*/
|
||||
- lx += X_FRAC_FIRST(1) - pixman_fixed_e;
|
||||
- rx += X_FRAC_FIRST(1) - pixman_fixed_e;
|
||||
+ /* we cast to unsigned to get defined behaviour for overflow */
|
||||
+ lx = (unsigned)lx + X_FRAC_FIRST(1) - pixman_fixed_e;
|
||||
+ rx = (unsigned)rx + X_FRAC_FIRST(1) - pixman_fixed_e;
|
||||
#endif
|
||||
/* clip X */
|
||||
if (lx < 0)
|
|
@ -1,6 +1,6 @@
|
|||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2013, 2014 Andreas Enge <andreas@enge.fr>
|
||||
;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
|
||||
;;; Copyright © 2014, 2015, 2016 Alex Kost <alezost@gmail.com>
|
||||
;;; Copyright © 2013, 2015 Ludovic Courtès <ludo@gnu.org>
|
||||
|
@ -241,6 +241,7 @@ (define-public pixman
|
|||
(package
|
||||
(name "pixman")
|
||||
(version "0.34.0")
|
||||
(replacement pixman/fixed)
|
||||
(source (origin
|
||||
(method url-fetch)
|
||||
(uri (string-append
|
||||
|
@ -262,6 +263,13 @@ (define-public pixman
|
|||
rasterisation.")
|
||||
(license license:x11)))
|
||||
|
||||
(define pixman/fixed
|
||||
(package
|
||||
(inherit pixman)
|
||||
(source (origin
|
||||
(inherit (package-source pixman))
|
||||
(patches (search-patches "pixman-CVE-2016-5296.patch"))))))
|
||||
|
||||
|
||||
(define-public libdrm
|
||||
(package
|
||||
|
|
Loading…
Reference in a new issue