rpms
/
libjpeg-turbo
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2021-37972 (#2007307)

This commit is contained in:
Nikola Forró 2021-09-25 07:03:00 +02:00
parent f68197f2d1
commit 29438f1b13
2 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
libjpeg-turbo-CVE-2021-37972.patch Normal file
View File

@ -0,0 +1,41 @@
From 4004cfb5822d2c986b5a2c7c14122a1b429be649 Mon Sep 17 00:00:00 2001
From: DRC <information@libjpeg-turbo.org>
Date: Fri, 6 Aug 2021 13:41:15 -0500
Subject: [PATCH] SSE2/64-bit: Fix trans. segfault w/ malformed JPEG
Attempting to losslessly transform certain malformed JPEG images can
cause the nbits table index in the Huffman encoder to exceed 32768, so
we need to pad the SSE2 implementation of that table to 65536 entries as
we do with the C implementation.
Regression introduced by 087c29e07f7533ec82fd7eb1dafc84c29e7870ec
Fixes #543
---
simd/x86_64/jchuff-sse2.asm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/simd/x86_64/jchuff-sse2.asm b/simd/x86_64/jchuff-sse2.asm
index 1770a84..7e5ca30 100644
--- a/simd/x86_64/jchuff-sse2.asm
+++ b/simd/x86_64/jchuff-sse2.asm
@@ -1,7 +1,7 @@
;
; jchuff-sse2.asm - Huffman entropy encoding (64-bit SSE2)
;
-; Copyright (C) 2009-2011, 2014-2016, 2019, D. R. Commander.
+; Copyright (C) 2009-2011, 2014-2016, 2019, 2021, D. R. Commander.
; Copyright (C) 2015, Matthieu Darbois.
; Copyright (C) 2018, Matthias Räncker.
;
@@ -83,6 +83,7 @@ times 1 << 11 db 12
times 1 << 12 db 13
times 1 << 13 db 14
times 1 << 14 db 15
+times 1 << 15 db 16
alignz 32
--
2.32.0

6
libjpeg-turbo.spec
View File

@ -1,6 +1,6 @@
Name: libjpeg-turbo
Version: 2.1.0
Release: 2%{?dist}
Release: 3%{?dist}
Summary: A MMX/SSE2/SIMD accelerated library for manipulating JPEG image files
License: IJG
URL: http://sourceforge.net/projects/libjpeg-turbo
@ -8,6 +8,7 @@ URL: http://sourceforge.net/projects/libjpeg-turbo
Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
Patch0: libjpeg-turbo-cmake.patch
Patch1: libjpeg-turbo-CET.patch
Patch2: libjpeg-turbo-CVE-2021-37972.patch
BuildRequires: gcc
BuildRequires: cmake
@ -179,6 +180,9 @@ export LD_LIBRARY_PATH=%{buildroot}%{_libdir}
%{_libdir}/pkgconfig/libturbojpeg.pc
%changelog
* Sat Sep 25 2021 Nikola Forró <nforro@redhat.com> - 2.1.0-3
- Fix CVE-2021-37972 (#2007307)
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild