[Git][debian-mate-team/atril][master] 3 commits: prepare new upstream release (v1.22.3)

Mike Gabriel pushed to branch master at Debian and Ubuntu MATE Packaging Team / atril

Commits:

d06292b7
by Mike Gabriel at 2019-12-16T08:31:37Z
```
prepare new upstream release (v1.22.3)
```

ec37e661

by Mike Gabriel at 2019-12-16T09:09:22Z

debian/patches: Add CVE-2019-11459.patch. tiff: Handle failure from TIFFReadRGBAImageOriented. (Closes: #927821).

ef6d5ddc
by Mike Gabriel at 2019-12-16T09:27:26Z
```
upload to unstable (debian/1.22.3-1)
```

Changes:

debian/changelog

 +atril (1.22.3-1) unstable; urgency=medium
++
 +  * New upstream release.
 +  * debian/changelog: Document security issue closure for 1.22.1-1.
 +  * debian/patches:
 +    + Add CVE-2019-11459.patch. tiff: Handle failure from
 +      TIFFReadRGBAImageOriented. (Closes: #927821, CVE-2019-11459).
 +  * debian/control:
 +    + Add Rules-Requires-Root: field and set it to 'no'.
 +    + Bump Standards-Version: to 4.4.1. No changes needed.
++
 + -- Mike Gabriel <mike.gabriel@das-netzwerkteam.de>  Mon, 16 Dec 2019 10:23:05 +0100
++
  atril (1.22.2-1) unstable; urgency=medium
    [ Martin Wimpress ]
@@ -12,6 +25,11 @@ atril (1.22.1-1) unstable; urgency=medium
    [ Martin Wimpress ]
    * New upstream release.
 +  * debian/patches:
 +    + Add 0002_CVE-2019-1010006.patch. Fix buffer overflow.
 +      (CVE-2019-1010006)
 +    + Add 0001_prevent_no_doc_segfault.patch. Prevent segfaults when no
 +      document is loaded.
    * debian/copyright:
      + Update copyright attributions.
    * debian/rules:

debian/patches/CVE-2019-11459.patch

 +From 5ecffe6a75542fc4d82264c9b263fee5d25a84b1 Mon Sep 17 00:00:00 2001
 +From: Victor Kareh <vkareh@redhat.com>
 +Date: Sun, 11 Aug 2019 05:20:09 +0300
 +Subject: [PATCH] tiff: Handle failure from TIFFReadRGBAImageOriented
++
 +The TIFFReadRGBAImageOriented function returns zero if it was unable to
 +read the image. Return NULL in this case instead of displaying
 +uninitialized memory.
++
 +This addresses CVE-2019-11459
++
 +upstream commit:
 +https://gitlab.gnome.org/GNOME/evince/commit/234f034a4
 +---
 + backend/tiff/tiff-document.c | 26 +++++++++++++++++---------
 + 1 file changed, 17 insertions(+), 9 deletions(-)
++
 +--- a/backend/tiff/tiff-document.c
 ++++ b/backend/tiff/tiff-document.c
 +@@ -281,6 +281,15 @@
 + 		g_warning("Failed to allocate memory for rendering.");
 + 		return NULL;
 + 	}
 ++
 ++	if (!TIFFReadRGBAImageOriented (tiff_document->tiff,
 ++	                               width, height,
 ++	                               (uint32 *)pixels,
 ++	                                orientation, 0)) {
 ++		g_warning ("Failed to read TIFF image.");
 ++		g_free (pixels);
 ++		return NULL;
 ++	}
++
 + 	surface = cairo_image_surface_create_for_data (pixels,
 + 						       CAIRO_FORMAT_RGB24,
 +@@ -288,11 +297,6 @@
 + 						       rowstride);
 + 	cairo_surface_set_user_data (surface, &key,
 + 				     pixels, (cairo_destroy_func_t)g_free);
 +-
 +-	TIFFReadRGBAImageOriented (tiff_document->tiff,
 +-				   width, height,
 +-				   (uint32 *)pixels,
 +-				   orientation, 0);
 + 	pop_handlers ();
++
 + 	/* Convert the format returned by libtiff to
 +@@ -372,14 +376,18 @@
 + 	pixels = g_try_malloc (bytes);
 + 	if (!pixels)
 + 		return NULL;
 ++
 ++	if (!TIFFReadRGBAImageOriented (tiff_document->tiff,
 ++					width, height,
 ++					(uint32 *)pixels,
 ++					ORIENTATION_TOPLEFT, 0)) {
 ++		g_free (pixels);
 ++		return NULL;
 ++	}
++
 + 	pixbuf = gdk_pixbuf_new_from_data (pixels, GDK_COLORSPACE_RGB, TRUE, 8,
 + 					   width, height, rowstride,
 + 					   (GdkPixbufDestroyNotify) g_free, NULL);
 +-	TIFFReadRGBAImageOriented (tiff_document->tiff,
 +-				   width, height,
 +-				   (uint32 *)pixels,
 +-				   ORIENTATION_TOPLEFT, 0);
 + 	pop_handlers ();
++
 + 	scaled_pixbuf = gdk_pixbuf_scale_simple (pixbuf,

debian/patches/series

+CVE-2019-11459.patch