From 84e8dd5e80754f49ef24e67b053a68a0866faefb Mon Sep 17 00:00:00 2001 From: Josef Ridky Date: Tue, 10 Apr 2018 12:54:17 +0200 Subject: [PATCH] CVE-2017-1000450 --- opencv-CVE-2017-1000450.patch | 13 +++++++++++++ opencv.spec | 4 ++++ 2 files changed, 17 insertions(+) create mode 100644 opencv-CVE-2017-1000450.patch diff --git a/opencv-CVE-2017-1000450.patch b/opencv-CVE-2017-1000450.patch new file mode 100644 index 0000000..9f052f4 --- /dev/null +++ b/opencv-CVE-2017-1000450.patch @@ -0,0 +1,13 @@ +diff -urNp old/modules/imgcodecs/src/grfmt_bmp.cpp new/modules/imgcodecs/src/grfmt_bmp.cpp +--- old/modules/imgcodecs/src/grfmt_bmp.cpp 2018-04-10 12:43:48.636921073 +0200 ++++ new/modules/imgcodecs/src/grfmt_bmp.cpp 2018-04-10 12:49:30.394233343 +0200 +@@ -368,6 +368,9 @@ decode_rle4_bad: ; + gray_palette[code] ); + + line_end_flag = y - prev_y; ++ ++ if( y >= m_height ) ++ break; + } + else if( code > 2 ) // absolute mode + { diff --git a/opencv.spec b/opencv.spec index 2af6192..7e7c4b5 100644 --- a/opencv.spec +++ b/opencv.spec @@ -66,6 +66,7 @@ Patch1: opencv-3.2.0-cmake_paths.patch Patch2: opencv-3.1-pillow.patch Patch3: opencv-3.2.0-test-file-fix.patch Patch4: opencv-CVE-2017-17760.patch +Patch5: opencv-CVE-2017-1000450.patch BuildRequires: libtool BuildRequires: cmake >= 2.6.3 @@ -224,6 +225,8 @@ rm -rf modules/dnn/ popd %patch4 -p1 -b .CVE-2017-17760 +%patch5 -p1 -b .CVE-2017-1000450 + # fix dos end of lines #sed -i 's|\r||g' samples/c/adaptiveskindetector.cpp @@ -397,6 +400,7 @@ popd %changelog * Tue Apr 10 2018 Josef Ridky - 3.2.0-15 - Fix for CVE-2017-17760 (#1530748) +- Fix for CVE-2017-1000450 (#1531611) * Sun Jan 28 2018 Sérgio Basto - 3.2.0-14 - Rebuilt (#1533660)