rpms/kdelibs4/F-7 kdelibs-4.0.3-khtml-security.patch, NONE, 1.1 kdelibs4.spec, 1.14, 1.15

Rex Dieter (rdieter) fedora-extras-commits at redhat.com
Tue Apr 22 18:30:27 UTC 2008 

Author: rdieter

Update of /cvs/pkgs/rpms/kdelibs4/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9638/F-7

Modified Files:
	kdelibs4.spec 
Added Files:
	kdelibs-4.0.3-khtml-security.patch 
Log Message:
* Tue Apr 22 2008 Lukáš Tinkl <ltinkl at redhat.com>
- fix buffer overflow in KHTML's image loader (KDE advisory 20080426-1)


kdelibs-4.0.3-khtml-security.patch:

--- NEW FILE kdelibs-4.0.3-khtml-security.patch ---
--- khtml/imload/decoders/pngloader.cpp
+++ khtml/imload/decoders/pngloader.cpp
@@ -109,6 +109,8 @@ private:
             
             if (colorType == PNG_COLOR_TYPE_RGB)
                 colorType =  PNG_COLOR_TYPE_RGB_ALPHA; //Paranoia..
+            else if (colorType == PNG_COLOR_TYPE_GRAY)
+                colorType = PNG_COLOR_TYPE_GRAY_ALPHA;
         }    
             
         ImageFormat imFrm;    
@@ -192,6 +194,7 @@ private:
     {
         if (interlaced)
         {
+            Q_ASSERT(pngReadStruct->row_info.pixel_depth <= depth * 8);
             requestScanline(rowNum, scanlineBuf);
             png_progressive_combine_row(pngReadStruct, scanlineBuf, data);
             notifyScanline(pass + 1, scanlineBuf);


Index: kdelibs4.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kdelibs4/F-7/kdelibs4.spec,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- kdelibs4.spec	17 Apr 2008 15:06:30 -0000	1.14
+++ kdelibs4.spec	22 Apr 2008 18:29:46 -0000	1.15
@@ -1,7 +1,7 @@
 
 Summary: K Desktop Environment 4 - Libraries
 Version: 4.0.3
-Release: 6%{?dist}
+Release: 7%{?dist}
 
 %if 0%{?fedora} > 8
 Name: kdelibs
@@ -79,6 +79,8 @@
 Patch13: kdelibs-4.0.3-fedora-buildtype.patch
 # patch KStandardDirs to use %{_libexecdir}/kde4 instead of %{_libdir}/kde4/libexec
 Patch14: kdelibs-4.0.3-libexecdir.patch
+# Buffer overflow in KHTML's image loader
+Patch15: kdelibs-4.0.3-khtml-security.patch
 
 ## upstream patches
 # based on SVN commit 793504 by dfaure
@@ -202,6 +204,7 @@
 %patch12 -p1 -b .Administration-menu
 %patch13 -p1 -b .fedora-buildtype
 %patch14 -p1 -b .libexecdir
+%patch15 -p0 -b .khtml-security
 
 %patch100 -p1 -b .kconfig_sync_crash
 %patch101 -p1 -b .klauncher-crash
@@ -364,6 +367,9 @@
 
 
 %changelog
+* Tue Apr 22 2008 Lukáš Tinkl <ltinkl at redhat.com>
+- fix buffer overflow in KHTML's image loader (KDE advisory 20080426-1)
+
 * Fri Apr 04 2008 Than Ngo <than at redhat.com> -  4.0.3-6
 - apply upstream patch to fix klauncher crash
 - fix kconfig_sync_crash patch

More information about the fedora-extras-commits mailing list