Bug#1089299: bookworm-pu: package gsl/2.7.1+dfsg-5+deb12u1
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: security@debian.org, Dirk Eddelbuettel <edd@debian.org>
* CVE-2020-35357: buffer overflow when calculating the quantile value
(Closes: #1052655)
diffstat for gsl-2.7.1+dfsg gsl-2.7.1+dfsg
changelog | 8 +++
patches/0001-fix-for-bug-59624.patch | 72 +++++++++++++++++++++++++++++++++++
patches/series | 1
3 files changed, 81 insertions(+)
diff -Nru gsl-2.7.1+dfsg/debian/changelog gsl-2.7.1+dfsg/debian/changelog
--- gsl-2.7.1+dfsg/debian/changelog 2023-06-02 23:21:26.000000000 +0300
+++ gsl-2.7.1+dfsg/debian/changelog 2024-12-07 18:20:21.000000000 +0200
@@ -1,3 +1,11 @@
+gsl (2.7.1+dfsg-5+deb12u1) bookworm; urgency=medium
+
+ * Non-maintainer upload.
+ * CVE-2020-35357: buffer overflow when calculating the quantile value
+ (Closes: #1052655)
+
+ -- Adrian Bunk <bunk@debian.org> Sat, 07 Dec 2024 18:20:21 +0200
+
gsl (2.7.1+dfsg-5) unstable; urgency=medium
* debian/control: Actually add the 'Breaks' that was supposed to be in
diff -Nru gsl-2.7.1+dfsg/debian/patches/0001-fix-for-bug-59624.patch gsl-2.7.1+dfsg/debian/patches/0001-fix-for-bug-59624.patch
--- gsl-2.7.1+dfsg/debian/patches/0001-fix-for-bug-59624.patch 1970-01-01 02:00:00.000000000 +0200
+++ gsl-2.7.1+dfsg/debian/patches/0001-fix-for-bug-59624.patch 2024-12-07 18:20:10.000000000 +0200
@@ -0,0 +1,72 @@
+From fa31ba5ff30986094aa144bf9eda97bcaa264440 Mon Sep 17 00:00:00 2001
+From: Patrick Alken <alken@colorado.edu>
+Date: Sat, 16 Apr 2022 11:56:10 -0600
+Subject: fix for bug #59624
+
+---
+ statistics/quantiles.c | 1 +
+ statistics/quantiles_source.c | 35 +++++++++++++++++++++--------------
+ 2 files changed, 22 insertions(+), 14 deletions(-)
+
+diff --git a/statistics/quantiles.c b/statistics/quantiles.c
+index 96a3a25c..50898d9b 100644
+--- a/statistics/quantiles.c
++++ b/statistics/quantiles.c
+@@ -1,5 +1,6 @@
+ #include <config.h>
+ #include <gsl/gsl_statistics.h>
++#include <gsl/gsl_errno.h>
+
+ #define BASE_LONG_DOUBLE
+ #include "templates_on.h"
+diff --git a/statistics/quantiles_source.c b/statistics/quantiles_source.c
+index e2956d9d..b2feba4c 100644
+--- a/statistics/quantiles_source.c
++++ b/statistics/quantiles_source.c
+@@ -24,22 +24,29 @@ FUNCTION(gsl_stats,quantile_from_sorted_data) (const BASE sorted_data[],
+ const size_t n,
+ const double f)
+ {
+- const double index = f * (n - 1) ;
+- const size_t lhs = (int)index ;
+- const double delta = index - lhs ;
+- double result;
+-
+- if (n == 0)
+- return 0.0 ;
+-
+- if (lhs == n - 1)
++ if ((f < 0.0) || (f > 1.0))
+ {
+- result = sorted_data[lhs * stride] ;
++ GSL_ERROR_VAL ("invalid quantile fraction", GSL_EDOM, 0.0);
+ }
+- else
++ else
+ {
+- result = (1 - delta) * sorted_data[lhs * stride] + delta * sorted_data[(lhs + 1) * stride] ;
+- }
++ const double index = f * (n - 1) ;
++ const size_t lhs = (int)index ;
++ const double delta = index - lhs ;
++ double result;
+
+- return result ;
++ if (n == 0)
++ return 0.0 ;
++
++ if (lhs == n - 1)
++ {
++ result = sorted_data[lhs * stride] ;
++ }
++ else
++ {
++ result = (1 - delta) * sorted_data[lhs * stride] + delta * sorted_data[(lhs + 1) * stride] ;
++ }
++
++ return result ;
++ }
+ }
+--
+2.30.2
+
diff -Nru gsl-2.7.1+dfsg/debian/patches/series gsl-2.7.1+dfsg/debian/patches/series
--- gsl-2.7.1+dfsg/debian/patches/series 2021-12-02 03:10:24.000000000 +0200
+++ gsl-2.7.1+dfsg/debian/patches/series 2024-12-07 18:20:21.000000000 +0200
@@ -5,3 +5,4 @@
manual-page-correction
## renamed-delete
## correct-libtool-age-setting
+0001-fix-for-bug-59624.patch
Reply to: