summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGyorgy Sarvari <skandigraun@gmail.com>2025-11-18 11:31:27 +0100
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2025-11-19 08:46:56 +0530
commit41d4d6c0226c83552758b29a37f114bc02589ae4 (patch)
treecb24760d5e35879a5fb7b70968154eb93c8098b6
parentee90f2d75e59ff96632475496e492b7402f374ef (diff)
downloadmeta-openembedded-41d4d6c0226c83552758b29a37f114bc02589ae4.tar.gz
libwmf: patch CVE-2015-4696
Details: https://nvd.nist.gov/vuln/detail/CVE-2015-4696 Pick the patch that mentions the vulnerability ID explicitly. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat
-rw-r--r--meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4696.patch37
-rw-r--r--meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb1
2 files changed, 38 insertions, 0 deletions
diff --git a/meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4696.patch b/meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4696.patch
new file mode 100644
index 0000000000..bd5fc4d85f
--- /dev/null
+++ b/meta-oe/recipes-extended/libwmf/libwmf/CVE-2015-4696.patch
@@ -0,0 +1,37 @@
1From f743ef455dfb1faade0ca5290994087ef8b12a98 Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
3Date: Wed, 8 Aug 2018 14:00:49 +0100
4Subject: [PATCH] CVE-2015-4696
5
6CVE: CVE-2015-4696
7Upstream-Status: Backport [https://github.com/caolanm/libwmf/commit/f47cbdf96838c2daa7b8e489f59e62371d33352a]
8Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
9---
10 src/player/meta.h | 5 ++++-
11 1 file changed, 4 insertions(+), 1 deletion(-)
12
13diff --git a/src/player/meta.h b/src/player/meta.h
14index 3e13688..f86c5f9 100644
15--- a/src/player/meta.h
16+++ b/src/player/meta.h
17@@ -2585,6 +2585,8 @@ static int meta_dc_restore (wmfAPI* API,wmfRecord* Record,wmfAttributes* attrlis
18 polyrect.BR[i] = clip->rects[i].BR;
19 }
20
21+ if (FR->region_clip) FR->region_clip (API,&polyrect);
22+
23 wmf_free (API,polyrect.TL);
24 wmf_free (API,polyrect.BR);
25 }
26@@ -2593,9 +2595,10 @@ static int meta_dc_restore (wmfAPI* API,wmfRecord* Record,wmfAttributes* attrlis
27 polyrect.BR = 0;
28
29 polyrect.count = 0;
30+
31+ if (FR->region_clip) FR->region_clip (API,&polyrect);
32 }
33
34- if (FR->region_clip) FR->region_clip (API,&polyrect);
35
36 return (changed);
37 }
diff --git a/meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb b/meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb
index 364bf4b022..e1f94172ae 100644
--- a/meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb
+++ b/meta-oe/recipes-extended/libwmf/libwmf_0.2.8.4.bb
@@ -21,6 +21,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/wvware/${BPN}/${PV}/${BPN}-${PV}.tar.gz;name=ta
21 file://0001-configure-use-pkg-config-for-freetype.patch \ 21 file://0001-configure-use-pkg-config-for-freetype.patch \
22 file://CVE-2015-0848-CVE-2015-4588.patch \ 22 file://CVE-2015-0848-CVE-2015-4588.patch \
23 file://CVE-2015-4695.patch \ 23 file://CVE-2015-4695.patch \
24 file://CVE-2015-4696.patch \
24 " 25 "
25 26
26SRC_URI[tarball.md5sum] = "d1177739bf1ceb07f57421f0cee191e0" 27SRC_URI[tarball.md5sum] = "d1177739bf1ceb07f57421f0cee191e0"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-06-28 21:44:13 +0000