summary refs log tree commit diff
path: root/pkgs/development/libraries/openjpeg
diff options
context:
space:
mode:
authorGraham Christensen <graham@grahamc.com>2017-01-07 06:50:02 -0500
committerGraham Christensen <graham@grahamc.com>2017-01-07 06:51:31 -0500
commit428927ffa6e5c255ef97f62435b0777f8f9481df (patch)
tree84ec0d2da57a0fe7e5203cc8f4d50e14b64ef775 /pkgs/development/libraries/openjpeg
parentc5f8c7fe36be6b1c587dcd1ce5886d90f9aa5d69 (diff)
downloadnixpkgs-428927ffa6e5c255ef97f62435b0777f8f9481df.tar
nixpkgs-428927ffa6e5c255ef97f62435b0777f8f9481df.tar.gz
nixpkgs-428927ffa6e5c255ef97f62435b0777f8f9481df.tar.bz2
nixpkgs-428927ffa6e5c255ef97f62435b0777f8f9481df.tar.lz
nixpkgs-428927ffa6e5c255ef97f62435b0777f8f9481df.tar.xz
nixpkgs-428927ffa6e5c255ef97f62435b0777f8f9481df.tar.zst
nixpkgs-428927ffa6e5c255ef97f62435b0777f8f9481df.zip
openjpeg2: patch for multiple CVEs
 -  Floating Point Exception (aka FPE or divide by zero) in
    opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG
    2.1.2. (CVE-2016-9112)

 -  There is a NULL Pointer Access in function imagetopnm of
    convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is
    not assigned a value after initialization(NULL). Impact is Denial of
    Service. (CVE-2016-9114)

 -  NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in
    OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a
    crafted j2k file. (CVE-2016-9116)

 -  Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of
    convert.c:1719 in OpenJPEG 2.1.2. (CVE-2016-9118)
Diffstat (limited to 'pkgs/development/libraries/openjpeg')
-rw-r--r--pkgs/development/libraries/openjpeg/2.1.nix23
1 files changed, 22 insertions, 1 deletions
diff --git a/pkgs/development/libraries/openjpeg/2.1.nix b/pkgs/development/libraries/openjpeg/2.1.nix
index 9e3c4473b31..ae8710e58a2 100644
--- a/pkgs/development/libraries/openjpeg/2.1.nix
+++ b/pkgs/development/libraries/openjpeg/2.1.nix
@@ -1,4 +1,4 @@
-{ callPackage, ... } @ args:
+{ callPackage, fetchpatch, ... } @ args:
 
 callPackage ./generic.nix (args // rec {
   version = "2.1.2";
@@ -12,5 +12,26 @@ callPackage ./generic.nix (args // rec {
     # Put in our source code to make sure we don't lose it, since that
     # referenced commit is someone else's fork, and not actually up-stream.
     ./CVE-2016-9580-and-CVE-2016-9581.patch
+
+    (fetchpatch {
+      url = "https://bugzilla.suse.com/attachment.cgi?id=707359&action=diff&context=patch&collapsed=&headers=1&format=raw";
+      name = "CVE-2016-9112.patch";
+      sha256 = "18hqx73wdzfybr5n5k6pzhbhdlmawiqbjci8n82zykxiyfgp18pd";
+    })
+    (fetchpatch {
+      url = "https://bugzilla.suse.com/attachment.cgi?id=707354&action=diff&context=patch&collapsed=&headers=1&format=raw";
+      name = "CVE-2016-9114.patch";
+      sha256 = "0qam3arw9kdbh4501xim2pyldl708dnpyjwvjmwc9gc7hcq4gfi3";
+    })
+    (fetchpatch {
+      url = "https://bugzilla.suse.com/attachment.cgi?id=707356&action=diff&context=patch&collapsed=&headers=1&format=raw";
+      name = "CVE-2016-9116.patch";
+      sha256 = "0yyb3pxqi5sr44a48bacngzp206j4z49lzkg6hbkz1nra9na61a3";
+    })
+    (fetchpatch {
+      url = "https://bugzilla.suse.com/attachment.cgi?id=707358&action=diff&context=patch&collapsed=&headers=1&format=raw";
+      name = "CVE-2016-9118.patch";
+      sha256 = "125n8bmh07y7697s0y82ypb39rxgj0bdn8rcywbvamscagwg2wy9";
+    })
   ];
 })
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-08 19:40:50 +0000