diff options
| -rw-r--r-- | meta-oe/recipes-support/libraw/libraw/CVE-2023-1729.patch | 25 | ||||
| -rw-r--r-- | meta-oe/recipes-support/libraw/libraw_0.20.2.bb | 4 |
2 files changed, 28 insertions, 1 deletions
diff --git a/meta-oe/recipes-support/libraw/libraw/CVE-2023-1729.patch b/meta-oe/recipes-support/libraw/libraw/CVE-2023-1729.patch new file mode 100644 index 0000000000..db6f2a2d9a --- /dev/null +++ b/meta-oe/recipes-support/libraw/libraw/CVE-2023-1729.patch | |||
| @@ -0,0 +1,25 @@ | |||
| 1 | From f7a1082a65b444d606d82ae71e1279789601f78d Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Alex Tutubalin <lexa@lexa.ru> | ||
| 3 | Date: Sat, 14 Jan 2023 18:32:59 +0300 | ||
| 4 | Subject: [PATCH] do not set shrink flag for 3/4 component images | ||
| 5 | |||
| 6 | CVE: CVE-2023-1729 | ||
| 7 | Upstream-Status: Backport [https://github.com/LibRaw/LibRaw/commit/9ab70f6dca19229cb5caad7cc31af4e7501bac93] | ||
| 8 | Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> | ||
| 9 | --- | ||
| 10 | src/preprocessing/raw2image.cpp | 2 ++ | ||
| 11 | 1 file changed, 2 insertions(+) | ||
| 12 | |||
| 13 | diff --git a/src/preprocessing/raw2image.cpp b/src/preprocessing/raw2image.cpp | ||
| 14 | index 18f897eb..64722efd 100644 | ||
| 15 | --- a/src/preprocessing/raw2image.cpp | ||
| 16 | +++ b/src/preprocessing/raw2image.cpp | ||
| 17 | @@ -43,6 +43,8 @@ void LibRaw::raw2image_start() | ||
| 18 | |||
| 19 | // adjust for half mode! | ||
| 20 | IO.shrink = | ||
| 21 | + !imgdata.rawdata.color4_image && !imgdata.rawdata.color3_image && | ||
| 22 | + !imgdata.rawdata.float4_image && !imgdata.rawdata.float3_image && | ||
| 23 | P1.filters && | ||
| 24 | (O.half_size || ((O.threshold || O.aber[0] != 1 || O.aber[2] != 1))); | ||
| 25 | |||
diff --git a/meta-oe/recipes-support/libraw/libraw_0.20.2.bb b/meta-oe/recipes-support/libraw/libraw_0.20.2.bb index 51057f97b7..b331d77e8d 100644 --- a/meta-oe/recipes-support/libraw/libraw_0.20.2.bb +++ b/meta-oe/recipes-support/libraw/libraw_0.20.2.bb | |||
| @@ -2,7 +2,9 @@ SUMMARY = "raw image decoder" | |||
| 2 | LICENSE = "LGPL-2.1-only | CDDL-1.0" | 2 | LICENSE = "LGPL-2.1-only | CDDL-1.0" |
| 3 | LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=74c9dffdc42805f9c0de2f97df6031fc" | 3 | LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=74c9dffdc42805f9c0de2f97df6031fc" |
| 4 | 4 | ||
| 5 | SRC_URI = "git://github.com/LibRaw/LibRaw.git;branch=master;protocol=https" | 5 | SRC_URI = "git://github.com/LibRaw/LibRaw.git;branch=master;protocol=https \ |
| 6 | file://CVE-2023-1729.patch \ | ||
| 7 | " | ||
| 6 | SRCREV = "0209b6a2caec189e6d1a9b21c10e9e49f46e5a92" | 8 | SRCREV = "0209b6a2caec189e6d1a9b21c10e9e49f46e5a92" |
| 7 | S = "${WORKDIR}/git" | 9 | S = "${WORKDIR}/git" |
| 8 | 10 | ||
