Bug#839927: jessie-pu: package rawtherapee/4.2-1+deb8u1

To: 839927@bugs.debian.org
Subject: Bug#839927: jessie-pu: package rawtherapee/4.2-1+deb8u1
From: Philip Rinn <rinni@inventati.org>
Date: Fri, 7 Oct 2016 00:26:30 +0200
Message-id: <[🔎] adb0f5bc-3064-0788-6326-e5ade58c23ee@inventati.org>
Reply-to: Philip Rinn <rinni@inventati.org>, 839927@bugs.debian.org
In-reply-to: <[🔎] 147575435661.13036.1258652843770753511.reportbug@debian.samsung.router>
References: <[🔎] 147575435661.13036.1258652843770753511.reportbug@debian.samsung.router>

Sorry, I didn't attach the debdiff, it was only a 'git diff ...' Now I attached
the real debdiff.

Best,
Philip

diff -Nru rawtherapee-4.2/debian/changelog rawtherapee-4.2/debian/changelog
--- rawtherapee-4.2/debian/changelog	2015-06-09 20:45:39.000000000 +0200
+++ rawtherapee-4.2/debian/changelog	2016-10-06 12:36:00.000000000 +0200
@@ -1,3 +1,10 @@
+rawtherapee (4.2-1+deb8u2) jessie; urgency=high
+
+  * Add patch debian/patches/03-fix-overflow-in-dcraw.patch:
+    - Fix buffer overflow in dcraw (CVE-2015-8366)
+
+ -- Philip Rinn <rinni@inventati.org>  Thu, 06 Oct 2016 12:36:00 +0200
+
 rawtherapee (4.2-1+deb8u1) jessie; urgency=high
 
   * Add patch debian/patches/02-fix_CVE-2015-3885.patch:
diff -Nru rawtherapee-4.2/debian/patches/03-fix-overflow-in-dcraw.patch rawtherapee-4.2/debian/patches/03-fix-overflow-in-dcraw.patch
--- rawtherapee-4.2/debian/patches/03-fix-overflow-in-dcraw.patch	1970-01-01 01:00:00.000000000 +0100
+++ rawtherapee-4.2/debian/patches/03-fix-overflow-in-dcraw.patch	2016-10-06 12:35:26.000000000 +0200
@@ -0,0 +1,18 @@
+Author: Hubert Chathi <uhoreg@debian.org>
+Description: Fix buffer overflow in dcraw (CVE-2015-8366)
+Origin: https://vcs.uhoreg.ca/git/cgit/debpkg-ufraw/commit/?id=54688b5896b39003becdfee3c803c58c94f14df3
+Last-update: 2016-10-06
+--- a/rtengine/dcraw.cc
++++ b/rtengine/dcraw.cc
+@@ -3221,7 +3221,10 @@
+       diff = diff ? -diff : 0x80;
+     if (ftell(ifp) + 12 >= seg[1][1])
+       diff = 0;
+-    raw_image[pix] = pred[pix & 1] += diff;
++    if(pix>=raw_width*raw_height)
++      derror();
++    else
++      raw_image[pix] = pred[pix & 1] += diff;
+     if (!(pix & 1) && HOLE(pix / raw_width)) pix += 2;
+   }
+   maximum = 0xff;
diff -Nru rawtherapee-4.2/debian/patches/series rawtherapee-4.2/debian/patches/series
--- rawtherapee-4.2/debian/patches/series	2015-05-14 17:30:07.000000000 +0200
+++ rawtherapee-4.2/debian/patches/series	2016-10-06 12:35:47.000000000 +0200
@@ -1,2 +1,3 @@
 01-fix_build_race-condition.patch
 02-fix_CVE-2015-3885.patch
+03-fix-overflow-in-dcraw.patch

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Bug#839927: jessie-pu: package rawtherapee/4.2-1+deb8u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#839927: jessie-pu: package rawtherapee/4.2-1+deb8u1
  - From: Philip Rinn <rinni@inventati.org>

Prev by Date: Bug#839927: jessie-pu: package rawtherapee/4.2-1+deb8u1
Next by Date: Re: Uncoordinated firebird transition (closes: Re: Accepted firebird3.0 3.0.1.32609.ds4-3 (source) into unstable)
Previous by thread: Bug#839927: jessie-pu: package rawtherapee/4.2-1+deb8u1
Next by thread: Bug#839927: jessie-pu: package rawtherapee/4.2-1+deb8u1
Index(es):
- Date
- Thread