[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Git][xorg-team/lib/pixman][debian-unstable] Import 0.40.0-1.1 NMU

Title: GitLab

Emilio Pozuelo Monfort pushed to branch debian-unstable at X Strike Force / lib / pixman

Commits:

  • e71a54d0
    by Emilio Pozuelo Monfort at 2022-11-08T13:03:18+01:00 
    Import 0.40.0-1.1 NMU

* Avoid integer overflow leading to out-of-bounds write (CVE-2022-44638)
  (Closes: #1023427)

3 changed files:

Changes:

  • debian/changelog
    1 
    +pixman (0.40.0-1.1) unstable; urgency=medium
    2 
    +
    3 
    +  * Non-maintainer upload.
    4 
    +  * Avoid integer overflow leading to out-of-bounds write (CVE-2022-44638)
    5 
    +    (Closes: #1023427)
    6 
    +
    7 
    + -- Salvatore Bonaccorso <carnil@debian.org>  Thu, 03 Nov 2022 23:07:46 +0100
    8 
    +
    1 9 
     pixman (0.40.0-1) unstable; urgency=medium
    2 10
    3 11 
       * New upstream release. (Closes: #958298, #832579, #838650)

  • debian/patches/Avoid-integer-overflow-leading-to-out-of-bounds-writ.diff
    1 
    +From: Matt Turner <mattst88@gmail.com>
    2 
    +Date: Wed, 2 Nov 2022 12:07:32 -0400
    3 
    +Subject: Avoid integer overflow leading to out-of-bounds write
    4 
    +Origin: https://gitlab.freedesktop.org/pixman/pixman/-/commit/a1f88e842e0216a5b4df1ab023caebe33c101395
    5 
    +Bug: https://gitlab.freedesktop.org/pixman/pixman/-/issues/63
    6 
    +Bug-Debian: https://bugs.debian.org/1023427
    7 
    +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-44638
    8 
    +
    9 
    +Thanks to Maddie Stone and Google's Project Zero for discovering this
    10 
    +issue, providing a proof-of-concept, and a great analysis.
    11 
    +
    12 
    +Closes: https://gitlab.freedesktop.org/pixman/pixman/-/issues/63
    13 
    +---
    14 
    + pixman/pixman-trap.c | 2 +-
    15 
    + 1 file changed, 1 insertion(+), 1 deletion(-)
    16 
    +
    17 
    +diff --git a/pixman/pixman-trap.c b/pixman/pixman-trap.c
    18 
    +index 91766fdbfca0..7560405ee2e4 100644
    19 
    +--- a/pixman/pixman-trap.c
    20 
    ++++ b/pixman/pixman-trap.c
    21 
    +@@ -74,7 +74,7 @@ pixman_sample_floor_y (pixman_fixed_t y,
    22 
    +
    23 
    +     if (f < Y_FRAC_FIRST (n))
    24 
    +     {
    25 
    +-	if (pixman_fixed_to_int (i) == 0x8000)
    26 
    ++	if (pixman_fixed_to_int (i) == 0xffff8000)
    27 
    + 	{
    28 
    + 	    f = 0; /* saturate */
    29 
    + 	}
    30 
    +--
    31 
    +2.37.2
    32 
    +

  • debian/patches/series
    1 1 
     test-increase-timeout.diff
    2 
    +Avoid-integer-overflow-leading-to-out-of-bounds-writ.diff


    • View it on GitLab.
    You're receiving this email because of your account on salsa.debian.org. Manage all notifications · Help

    Reply to: