aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/image.scm3
-rw-r--r--gnu/packages/patches/jasper-CVE-2008-3522.patch14
2 files changed, 16 insertions, 1 deletions
diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm
index 8a4a42a295..f3f89f6be6 100644
--- a/gnu/packages/image.scm
+++ b/gnu/packages/image.scm
@@ -714,7 +714,8 @@ convert, manipulate, filter and display a wide variety of image formats.")
"/software/jasper-" version ".zip"))
(sha256
(base32
- "154l7zk7yh3v8l2l6zm5s2alvd2fzkp6c9i18iajfbna5af5m43b"))))
+ "154l7zk7yh3v8l2l6zm5s2alvd2fzkp6c9i18iajfbna5af5m43b"))
+ (patches (list (search-patch "jasper-CVE-2008-3522.patch")))))
(build-system gnu-build-system)
(native-inputs
`(("unzip" ,unzip)))
diff --git a/gnu/packages/patches/jasper-CVE-2008-3522.patch b/gnu/packages/patches/jasper-CVE-2008-3522.patch
new file mode 100644
index 0000000000..10cfec99a5
--- /dev/null
+++ b/gnu/packages/patches/jasper-CVE-2008-3522.patch
@@ -0,0 +1,14 @@
+Fix CVE-2008-3522 (buffer overflow in 'jas_stream_printf').
+Patch from <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3522>.
+
+--- jasper-1.900.1/src/libjasper/base/jas_stream.c 2008-09-08 14:56:01.000000000 +0200
++++ jasper-1.900.1/src/libjasper/base/jas_stream.c 2008-09-08 14:58:16.000000000 +0200
+@@ -553,7 +553,7 @@ int jas_stream_printf(jas_stream_t *stre
+ int ret;
+
+ va_start(ap, fmt);
+- ret = vsprintf(buf, fmt, ap);
++ ret = vsnprintf(buf, sizeof buf, fmt, ap);
+ jas_stream_puts(stream, buf);
+ va_end(ap);
+ return ret;
generated by cgit v1.2.3 (git 2.25.4) at 2024-11-07 18:54:14 +0000